CompTIA PenTest+ is for cybersecurity professionals tasked with penetration testing and vulnerability management.
Take Your Penetration Testing Knowledge To the Next Level
CompTIA PenTest+ is the
most comprehensive exam covering all penetration testing stages.
Demonstrate Competency of Current Trends.
Unlike other penetration testing exams that only cover a portion of stages with essay questions and hands-on, CompTIA PenTest+ uses both performance-based and knowledge-based questions to ensure all stages are addressed.
Become an Expert in Vulnerability Management. CompTIA PenTest+ is the only exam on the market
covering hands-on vulnerability assessment, scanning and analysis,
as well as planning, scoping, and managing weaknesses.
Prove You Know the Latest Techniques. CompTIA PenTest+ requires a candidate to demonstrate the most relevant pen testing skills for the
cloud, hybrid environments, web applications, Internet of Things (IoT)
and traditional on-premises.
CompTIA PenTest+ proves certified professionals have the most up to date penetration testing and vulnerability assessment skills.
Duration
40 hours - 2 classes per week
Eligibility
Network+, Security+ or equivalent knowledge. Minimum of 3-4 years of hands-on information security or related experience. While there is no required prerequisite, PenTest+ is intended to follow CompTIA Security+ or equivalent experience and has a technical, hands-on focus.
Course Fees
Class Room Training
Rs.37,500/-
+ 18% GST
Online Training
Rs.47,500/-Rs.37,500/-
+ 18% GST
What You Will Get?
40 Hours
in-depth training by best faculties in pentesting
Study Materials
and examination voucher
CompTIA PenTest+ Certificate
of completion after examination and alumni status
Course Benefits:
What Skills Will You Learn?
Planning and Scoping
Includes updated techniques emphasizing governance, risk and compliance concepts, scoping and organizational/customer requirements, and demonstrating an ethical hacking mindset.
Information Gathering and Vulnerability Scanning
Includes updated skills on performing vulnerability scanning and passive/active reconnaissance, vulnerability management, as well as analyzing the results of the reconnaissance exercise.
Attacks and Exploits
Includes updated approaches to expanded attack surfaces, researching social engineering techniques, performing network attacks, wireless attacks, application-based attacks and attacks on cloud technologies, and performing post-exploitation techniques.
Reporting and Communication
Expanded to focus on the importance of reporting and communication in an increased regulatory environment during the pen testing process through analyzing findings and recommending appropriate remediation within a report.
Tools and Code Analysis
Includes updated concepts of identifying scripts in various software deployments, analyzing a script or code sample, and explaining use cases of various tools used during the phases of a penetration test–scripting or coding is not required.
Your Course Path
Course Details
- Exam Code: PT0-002
- Launch Date: October 28, 2021
- Exam Description: The CompTIA PenTest+ will certify the successful candidate has the knowledge and skills required to plan and scope a penetration testing engagement including vulnerability scanning, understand legal and compliance requirements, analyze results, and produce a written report with remediation techniques.
- Number of Questions: Maximum of 85 questions
- Type of Questions: Multiple choice and performance-based.
- Length of Test: 165 minutes
- Passing Score: 750 (on a scale of 100-900)
- Recommended Experience: Network+, Security+ or equivalent knowledge. Minimum of 3-4 years of hands-on information security or related experience. While there is no required prerequisite, PenTest+ is intended to follow CompTIA Security+ or equivalent experience and has a technical, hands-on focus.
- Retirement:
Usually three years after launch - Testing Provider: Pearson VUE
- Topic 1A: Define Organizational PenTesting (Day 1)
- Topic 1B: Acknowledge Compliance Requirements (Day 1)
- Topic 1C: Compare Standards and Methodologies (Day 1)
- Topic 1D: Describe Ways to Maintain Professionalism (Day 1)
- Topic 2A: Assess Environmental Considerations (Day 2)
- Topic 2B: Outline the Rules of Engagement (Day 2)
- Topic 2C: Prepare Legal Documents (Day 2)
- Topic 3A: Discover the Target (Day 3)
- Topic 3B: Gather Essential Data (Day 3)
- Topic 3C: Compile Website Information (Day 3)
- Topic 3D: Discover Open-Source Intelligence Tools (Day 3)
- Topic 4A: Exploit the Human Psyche (Day 4)
- Topic 4B: Summarize Physical Attacks (Day 4)
- Topic 4C: Use Tools to Launch a Social Engineering Attack (Day 4)
- Topic 5A: Plan the Vulnerability Scan (Day 5)
- Topic 5B: Detect Defenses (Day 5)
- Topic 5C: Utilize Scanning Tools (Day 5)
- Topic 6A: Scan Identified Targets (Day 6)
- Topic 6B: Evaluate Network Traffic (Day 6)
- Topic 6C: Uncover Wireless Assets (Day 6)
- Topic 7A: Discover Nmap and NSE (Day 7)
- Topic 7B: Enumerate Network Hosts (Day 7)
- Topic 7C: Analyze Output from Scans (Day 7)
- Topic 8A: Evade Detection (Day 8)
- Topic 8B: Use Steganography to Hide and Conceal (Day 8)
- Topic 8C: Establish a Covert Channel (Day 8)
- Topic 9A: Enumerating Hosts (Day 9)
- Topic 9B: Attack LAN Protocols (Day 9)
- Topic 9D: Discover Cloud Vulnerabilities (Day 9)
- Topic 9E: Explore Cloud-Based Attacks (Day 9)
- Topic 10A: Discover Wireless Attacks (Day 10)
- Topic 10B: Explore Wireless Tools (Day 10)
- Topic 11A: Recognize Mobile Device Vulnerabilities (Day 11)
- Topic 11B: Launch Attacks on Mobile Devices (Day 11)
- Topic 11C: Outline Assessment Tools for Mobile Devices (Day 11)
- Topic 12A: Identify Attacks on the IoT (Day 12)
- Topic 12B: Recognize Other Vulnerable Systems (Day 12)
- Topic 12C: Explain Virtual Machine Vulnerabilities (Day 12)
- Topic 13A: Recognize Web Vulnerabilities (Day 13)
- Topic 13B: Launch Session Attacks (Day 13)
- Topic 13C: Plan Injection Attacks (Day 13)
- Topic 13D: Identify Tools (Day 13)
- Topic 14A: System Hacking (Day 14)
- Topic 14B: Use Remote Access Tools (Day 14)
- Topic 14C: Analyze Exploit Code (Day 14)
- Topic 15A: Analyzing Scripts and Code Samples (Day 15)
- Topic 15B: Create Logic Constructs (Day 15)
- Topic 15C: Automate Penetration Testing (Day 15)
- Topic 16A: Test Credentials (Day 16)
- Topic 16B: Move Throughout the System (Day 16)
- Topic 16C: Maintain Persistence (Day 16)
- Topic 17A: Define the Communication Path (Day 17)
- Topic 17B: Communication Triggers (Day 17)
- Topic 17C: Use Built-In Tools for Reporting (Day 17)
- Topic 18A: Identify Report Audience (Day 18)
- Topic 18B: List Report Contents (Day 18)
- Topic 18C: Define Best Practices for Reports (Day 18)
- Topic 19A: Employ Technical Controls (Day 19)
- Topic 19B: Administrative and Operational Controls (Day 19)
- Topic 19C: Physical Controls (Day 19)
- Topic 20A: Post-Engagement Cleanup (Day 20)
- Topic 20B: Follow-Up Actions (Day 20)
Hacking Tutorials
Read All Tutorials »
Building a career in Digital Forensic - How promising is the future? A thorough career guide
Read Details »Hacking Videos
Explore All Videos »How to Hiding Your Secret File using Steganography?
View On Youtube »Enroll Now
Fields marked with * are mandatory.
With over 27 years of experience in Information Technology and Cyber Security, Mr. Sandeep Sengupta has made significant contributions to the field, providing solutions across India and internationally, including Singapore (2009-2010) and New Zealand (2002-2003). He is a certified lead auditor for standards such as ISO 27001 (Information Security), ISO 22301 (Business Continuity), ISO 9001 (Quality Management), and ISO 27701 (Data Protection & Privacy/GDPR). Additionally, he holds certifications as a Certified Ethical Hacker (CEH) and a Certified Information Systems Auditor (CISA).
Mr. Sengupta has conducted audits for organizations such as PwC, KPMG, Tata Steel, SAIL, Capgemini, Genpact, ITC, Airtel, Vodafone, ONGC, National Power Grid, Bandhan Bank, PayU, Vedanta, and Accenture, among others. He collaborates with law enforcement agencies, including the CID and Lal Bazar Police Cyber Cell, on cybercrime investigations.
A Penetration Tester with 6 years of experience, Kirit has the expertise in Mobile Application Pentesting Network, IoT Penetration Testing, Source-code review, Fuzzing, Red teaming, Social Engineering, Digital Forensic and Incident Response, Dev(Sec)Ops, Malware Analysis as well as SOC analysis. He has been acknowledged for reporting critical vulnerabilities to Uber, Apple, Flipkart, and MIT. Mr. Kirit Sankar Gupta is the member of Data Security Council of India (Kolkata).
Mr. Saumitra Biswas is M.Tech in computer science from Netaji Subhash Engineering College, GATE qualified in computer science and a MSC in statistics from Kalyani University. He has 20 years of experience. His technical interests include Machine Learning, Neural Networks, Genetic Algorithms and Object Oriented Programming. He is skilled in C, C++, C#, Dotnet, Java, Python, Matlab, Unix, MS Windows XP, Windows 7, My SQL, Oracle, MS Access, HTML, XML, CSS and PHP. He take classes on AI & ML in ISOAH, as well as act as mentors to interns & project trainees.
After completion of her Master degree, she has worked with ISOAH as an intern for few years before joining full time as security analyst. She has been involved in internal audit, policy design, ISMS consultancy for more than 2 years. She is well versed in Kali Linux, Nmap, Metasploit, ITGC, ISO 27001 & COBIT framework. ISOAH clients she has provided active consultancy are CESC, Diadem, Lexplosion, Diamond Beverages, etc. As part of her hobby, she has been a professional model in her free time.
Pankaj Kuamr Roy is a CCNA (Switch/Router) certified whose expertise in Cisco switch and router. He is also CCNA Global Certified Number 415114188268BKYF. Previously he worked as a Linux Administrator on ISP Dreamlink Technologies Pvt. Ltd and also 7 years’ experience in Windows, Linux, and Network areas. He has experience in DevOps tools and AWS cloud Architecture. He is working as an Information Security Analyst in the Indian School of Ethical Hacking.
He is an information security analyst at ISOAH whose expertise lies in CHFI, CSA, EH, Linux & Bug Bounty. He has received several Hall of fame and acknowledgements from the Government of India for finding valid bugs.
Job Prospects & Job Sources
Jobs You Can Land With CompTIA PenTest+:
| Vulnerability Analyst | Security Consultant | Cloud Penetration Tester |
| Web App Penetration Tester | Cloud Security Specialist | Network Security Specialist |
| Network Security Operations | Threat Intelligence Analyst | Penetration Tester |
The average salary of CompTIA PenTest+ in India is Rs 7 lakhs per annually.
FAQs
- Lesson 1: Scoping Organizational/Customer Requirements
- Lesson 2: Defining the Rules of Engagement
- Lesson 3: Footprinting and Gathering Intelligence
- Lesson 4: Evaluating Human and Physical Vulnerabilities
- Lesson 5: Preparing the Vulnerability Scan
- Lesson 6: Scanning Logical Vulnerabilities
- Lesson 7: Analyzing Scanning Results
- Lesson 8: Avoiding Detection and Covering Tracks
- Lesson 9: Exploiting the LAN and Cloud
- Lesson 10: Testing Wireless Networks
- Lesson 11: Targeting Mobile Devices
- Lesson 12: Attacking Specialized Systems
- Lesson 13: Web Application-Based Attacks
- Lesson 14: Performing System Hacking
- Lesson 15: Scripting and Software Development
- Lesson 16: Leveraging the Attack: Pivot and Penetrate
- Lesson 17: Communicating During the PenTesting Process
- Lesson 18: Summarizing Report Components
- Lesson 19: Recommending Remediation
- Lesson 20: Performing Post-Report Delivery Activities
40 hours
Network+, Security+ or equivalent knowledge. Minimum of 3-4 years of hands-on information security or related experience. While there is no required prerequisite, PenTest+ is intended to follow CompTIA Security+ or equivalent experience and has a technical, hands-on focus.
CompTIA PenTest+ is an intermediate-level certification that validates the skills and knowledge required to perform penetration testing and vulnerability assessment. It gives you an in-depth understanding of offensive security concepts. After this certification, you can work as a globally recognized penetration tester, security analyst and vulnerability analyst.
After PenTest+, you can upgrade yourself by OSCP or you can go for CySA+ which will land you in an incident response or threat intelligence analyst job.
Member of:
