CompTIA® PenTest+® (Exam PT0-001) is the only penetration testing exam taken at a Pearson VUE testing center with both hands-on, performance-based questions and multiple-choice, to ensure each candidate possesses the skills, knowledge, and ability to perform tasks on systems. PenTest+ also includes management skills used to plan, scope, and manage weaknesses, not just exploit them.
PenTest+ is unique because it requires a candidate to demonstrate the hands-on ability and knowledge to test devices in new environments such as the cloud and mobile, in addition to traditional desktops and servers. The course provides the most up-to-date penetration testing, and vulnerability assessment and management skills necessary to determine the resiliency of the network against attacks.
Successful candidates will have the intermediate skills required to customize assessment frameworks to effectively collaborate on and report findings. They will also have the best practices to communicate recommended strategies to improve the overall state of IT security.
This course is targeted toward the information technology (IT) professional who has networking and administrative skills in Windows®-based Transmission Control Protocol/Internet Protocol (TCP/IP) networks and familiarity with other operating systems, such as Mac OS® X, Unix, or Linux, and who wants to further a career in IT by acquiring a foundational knowledge of security topics; prepare for the CompTIA Security+ Certification examination; or use Security+ as the foundation for advanced security certifications or career roles.
Students should have CompTIA Network+ and Security+ certifications, or have equivalent knowledge / experience. Recommend minimum of 3-4 years of hands-on information security or related experience. PenTest+ has a technical, hands-on focus and is intended to follow CompTIA Security+ or equivalent experience.
Upon completion of this course, the student will be able to:
- Explain the importance of planning and key aspects of compliance-based assessments
- Gather information to prepare for exploitation
- Perform a vulnerability scan and analyze results
- Exploit network, wireless, application, and RF-based vulnerabilities
- Summarize physical security attacks
- Perform post-exploitation techniques
- Conduct information gathering with various tools and perform analysis on their output
- Analyze basic scripts in Bash, Python, Ruby, and PowerShell
- Utilize report writing and handling best practices
- Explain recommended mitigation strategies for discovered vulnerabilities
Register 21 days before class start date and save 10%! Enter discount code EARLY10 during registration.
Register 21 days before class start date and save $250! Enter discount code EARLY250 during registration.
Day 1: Planning and Scoping
- Penetration testing methodology
- Planning a penetration test
- Rules of engagement
- Legal concepts
- Testing strategies
- White box support resources
- Types of assessments
- Threat actors
- Target selection
- Other scoping considerations
Day 2: Information Gathering and Vulnerability Identification
- Information gathering
- Reconnaissance with CentralOps
- Scanning and enumeration
- Cryptographic inspection
- Decompiling and debugging
- Open source research
- Vulnerability scanning
- Scanning considerations
- Application and container scans
- Analyzing vulnerability scans
- Leverage information for exploit
- Common attack vectors
- Weaknesses in specialized systems
Day 3: Attacks and Exploits
- Social engineering
- Motivation factors
- Physical security attacks
- Lock picking
- Network-based vulnerabilities
- Wireless-based vulnerabilities
- Wireless network attack
- Application-based vulnerabilities
- Local host vulnerabilities
- Privilege escalation (Linux)
- Privilege escalation (Windows)
- Lateral movement
- Covering your tracks
- Persistence and covering tracks
Day 4: Penetration Testing Tools
- Nmap Usage
- Use Cases for Tools
- Credential Testing Tools
- Password Cracking
- Software Assurance
- Web Proxies
- Social Engineering Tools
- Remote Access Tools
- Networking Tools
- Mobile Tools
- Miscellaneous Tools
- Intro to Programming
- Programming Concepts
- BASH Script Example
- Python Script Example
- PowerShell Script Example
- Ruby Script Example
Day 5: Reporting and Communication
- Pentest Communications
- Report Writing
- Mitigation Strategies
- Post-Report Activities
- Pentest Report Example
Is there a discount available for current students?
UMBC students and alumni, as well as students who have previously taken a public training course with UMBC Training Centers are eligible for a 10% discount, capped at $250. Please provide a copy of your UMBC student ID or an unofficial transcript or the name of the UMBC Training Centers course you have completed. Online courses are excluded from this offer.
What is the cancellation and refund policy?
Student will receive a refund of paid registration fees only if UMBC Training Centers receives a notice of cancellation at least 10 business days prior to the class start date for classes or the exam date for exams.