CompTIA

CompTIA PenTest+ (PT0-002)

Buy our CompTIA Pentest+ training course to develop strong penetration testing skills and pass the PT0-002 exam to become a certified ethical hacker.

(PT0-002.AE1) / ISBN : 978-1-64459-375-2
Lessons
Lab
TestPrep
AI Tutor (Añadir)
Instructor-Led (Añadir)
Obtenga una prueba gratuita

Acerca de este curso

Our CompTIA Pentest+ PT0-002 study guide provides the foundational knowledge and practical insights every penetration tester needs to pass the exam, impress employers, and create a personalized portfolio. Learn how to perform vulnerability scans per the legal and regulatory requirements and produce written reports listing remediation strategies against cyber threats.

Habilidades que obtendrás

  • Define the engagement's goals and limitations.
  • Understand legal and ethical considerations for penetration testing.
  • Conduct passive and active reconnaissance techniques to gather information about a target system.
  • Utilize tools like dig, nslookup, Maltego, and Recon-ng for information gathering.
  • Perform network enumeration using tools like Nmap and Zenmap.
  • Configure and execute vulnerability scans using tools like Nessus and OpenVAS.
  • Analyze and interpret vulnerability scan results to prioritize targets.
  • Develop a workflow for vulnerability remediation.
  • Conduct network attacks like ARP spoofing, XSS attacks, and DDoS attacks.
  • Exploit vulnerabilities in Windows services like RDP, SMB, and SMTP.
  • Perform social engineering attacks.
  • Exploit vulnerabilities in web applications like SQL injection and Cross-Site Request Forgery (CSRF).
  • Attack cloud technologies, mobile devices, IoT systems, and specialized systems.
  • Understand the role of scripting in penetration testing.
  • Learn basic scripting principles using Python and Bash shells.
  • Automate tasks and enhance penetration testing workflows using scripts.
  • Maintain persistence on compromised systems to conduct further exploration.
  • Communicate technical information to both technical and non-technical audiences.

Obtenga el apoyo que necesita. Inscríbase en nuestro curso dirigido por un instructor.

Descargar el esquema del curso

1

Introduction

  • CompTIA
  • The PenTest+ Exam
  • What Does This Course Cover?
  • CompTIA PenTest+ Certification Exam Objectives
2

Penetration Testing

  • What Is Penetration Testing?
  • Reasons for Penetration Testing
  • Who Performs Penetration Tests?
  • The CompTIA Penetration Testing Process
  • The Cyber Kill Chain
  • Tools of the Trade
  • Summary
  • Exam Essentials
  • Lab Exercises
3

Planning and Scoping Penetration Tests

  • Scoping and Planning Engagements
  • Penetration Testing Standards and Methodologies
  • Key Legal Concepts for Penetration Tests
  • Regulatory Compliance Considerations
  • Summary
  • Exam Essentials
  • Lab Exercises
4

Information Gathering

  • Footprinting and Enumeration
  • Active Reconnaissance and Enumeration
  • Information Gathering and Defenses
  • Summary
  • Exam Essentials
  • Lab Exercises
5

Vulnerability Scanning

  • Identifying Vulnerability Management Requirements
  • Configuring and Executing Vulnerability Scans
  • Software Security Testing
  • Developing a Remediation Workflow
  • Overcoming Barriers to Vulnerability Scanning
  • Summary
  • Exam Essentials
  • Lab Exercises
6

Analyzing Vulnerability Scans

  • Reviewing and Interpreting Scan Reports
  • Validating Scan Results
  • Common Vulnerabilities
  • Summary
  • Exam Essentials
  • Lab Exercises
7

Exploiting and Pivoting

  • Exploits and Attacks
  • Exploitation Toolkits
  • Exploit Specifics
  • Leveraging Exploits
  • Persistence and Evasion
  • Pivoting
  • Covering Your Tracks
  • Summary
  • Exam Essentials
  • Lab Exercises
8

Exploiting Network Vulnerabilities

  • Identifying Exploits
  • Conducting Network Exploits
  • Exploiting Windows Services
  • Identifying and Exploiting Common Services
  • Wireless Exploits
  • Summary
  • Exam Essentials
  • Lab Exercises
9

Exploiting Physical and Social Vulnerabilities

  • Physical Facility Penetration Testing
  • Social Engineering
  • Summary
  • Exam Essentials
  • Lab Exercises
10

Exploiting Application Vulnerabilities

  • Exploiting Injection Vulnerabilities
  • Exploiting Authentication Vulnerabilities
  • Exploiting Authorization Vulnerabilities
  • Exploiting Web Application Vulnerabilities
  • Unsecure Coding Practices
  • Steganography
  • Application Testing Tools
  • Summary
  • Exam Essentials
  • Lab Exercises
11

Attacking Hosts, Cloud Technologies, and Specialized Systems

  • Attacking Hosts
  • Credential Attacks and Testing Tools
  • Remote Access
  • Attacking Virtual Machines and Containers
  • Attacking Cloud Technologies
  • Attacking Mobile Devices
  • Attacking IoT, ICS, Embedded Systems, and SCADA Devices
  • Attacking Data Storage
  • Summary
  • Exam Essentials
  • Lab Exercises
12

Reporting and Communication

  • The Importance of Communication
  • Recommending Mitigation Strategies
  • Writing a Penetration Testing Report
  • Wrapping Up the Engagement
  • Summary
  • Exam Essentials
  • Lab Exercises
13

Scripting for Penetration Testing

  • Scripting and Penetration Testing
  • Variables, Arrays, and Substitutions
  • Comparison Operations
  • String Operations
  • Flow Control
  • Input and Output (I/O)
  • Error Handling
  • Advanced Data Structures
  • Reusing Code
  • The Role of Coding in Penetration Testing
  • Summary
  • Exam Essentials
  • Lab Exercises

1

Information Gathering

  • Uso de los comandos dig y nslookup
  • Ejecución de transferencia de zona usando dig
  • Usando Maltego
  • Usando Recon-ng
  • Uso de Nmap para la enumeración de redes
  • Realización de reconocimiento en una red
  • Realizar un escaneo intenso en Zenmap
  • Uso de Nmap para la enumeración de usuarios
  • Realización de escaneo UDP de Nmap
  • Realización de Nmap SYN Scan
2

Vulnerability Scanning

  • Realización de análisis de vulnerabilidades con Nessus
3

Analyzing Vulnerability Scans

  • Comprensión de la escalada de privilegios locales
4

Exploiting and Pivoting

  • Realización de análisis de vulnerabilidades con OpenVAS
  • Usando searchploit
  • Usando Meterpreter
  • Uso del Programador de tareas
  • Comprender el ataque Pass-the-hash
  • Uso del módulo posterior a la explotación de Metasploit RDP
5

Exploiting Network Vulnerabilities

  • Realización de suplantación de identidad ARP
  • Conducting a Cross Site Scripting (XXS) attack
  • Capturing Network Packets Using tcpdump
  • Simulando el ataque DDoS
  • Uso del exploit EternalBlue en Metasploit
  • Explotación de SMB
  • Explotando SMTP
  • Explotación de SNMP
6

Exploiting Physical and Social Vulnerabilities

  • Uso de la herramienta ESTABLECER
  • Usando carne de res
7

Exploiting Application Vulnerabilities

  • Exploiting Command Injection Vulnerabilities
  • Explotación de un sitio web mediante inyección SQL
  • Realización de un ataque de falsificación de solicitud entre sitios
  • Ocultar texto usando esteganografía
  • Usando OWASP ZAP
  • Realización de secuestro de sesión con Burp Suite
8

Attacking Hosts, Cloud Technologies, and Specialized Systems

  • Descifrar contraseñas
  • Descifrar una contraseña de Linux usando John the Ripper
  • Creación de capas inversas y vinculantes con Netcat
9

Scripting for Penetration Testing

  • Lista blanca de una dirección IP en el Firewall de Windows
  • Visualización de exploits escritos en Perl
  • Visualización de los efectos de JavaScript hostil en el navegador
  • Encontrar hosts en vivo usando el barrido de ping en Python
  • Escritura de secuencias de comandos de Bash Shell

¿Alguna pregunta? Consulta las preguntas frecuentes

¿Aún tienes preguntas sin respuesta y necesitas ponerte en contacto?

Contáctanos ahora

PenTest+ refers to the certification itself, offered by CompTIA, a trusted provider of IT certifications. Earning this certification demonstrates your competence in the ethical hacking methodology and the skills to effectively pen-test an environment.

PT0-002 is the current version of the PenTest+ exam. Exam versions are identified by codes, and PT0-002 signifies the latest iteration of the PenTest+ certification program. It focuses on the most up-to-date practices and tools used in penetration testing.

The CompTIA PenTest+ PT0-002 exam is the successor to the PT0-001 exam. While both assess an individual's skills in penetration testing, the PT0-002 focuses on the most up-to-date methodologies and techniques. PT0-002 is considered to be more challenging than PT0-001 due to the inclusion of more advanced topics and performance-based questions.

The cost of CompTIA Pentest+ varies, depending on the country & region. In the US, you can register for USD 404.

Access Our CompTIA Pentest+ PT0-002 Study Guide To Prepare for The Certification! 

Our course is designed to meet CompTIA Pentest+ PT0-002 objectives and standards, preparing you for high-paying ethical hacker roles.

$279.99

Comprar ahora

Cursos relacionados

Todo el curso