CompTIA

CompTIA PenTest+ (PT0-002)

Buy our CompTIA Pentest+ training course to develop strong penetration testing skills and pass the PT0-002 exam to become a certified ethical hacker.

(PT0-002.AE1) / ISBN : 978-1-64459-375-2
Lessons
Lab
TestPrep
AI Tutor (Hinzufügen Auf)
Instructor Led (Hinzufügen Auf)
Holen Sie sich eine kostenlose Testversion

Über diesen Kurs

Our CompTIA Pentest+ PT0-002 study guide provides the foundational knowledge and practical insights every penetration tester needs to pass the exam, impress employers, and create a personalized portfolio. Learn how to perform vulnerability scans per the legal and regulatory requirements and produce written reports listing remediation strategies against cyber threats.

Fähigkeiten, die Sie erwerben werden

  • Define the engagement's goals and limitations.
  • Understand legal and ethical considerations for penetration testing.
  • Conduct passive and active reconnaissance techniques to gather information about a target system.
  • Utilize tools like dig, nslookup, Maltego, and Recon-ng for information gathering.
  • Perform network enumeration using tools like Nmap and Zenmap.
  • Configure and execute vulnerability scans using tools like Nessus and OpenVAS.
  • Analyze and interpret vulnerability scan results to prioritize targets.
  • Develop a workflow for vulnerability remediation.
  • Conduct network attacks like ARP spoofing, XSS attacks, and DDoS attacks.
  • Exploit vulnerabilities in Windows services like RDP, SMB, and SMTP.
  • Perform social engineering attacks.
  • Exploit vulnerabilities in web applications like SQL injection and Cross-Site Request Forgery (CSRF).
  • Attack cloud technologies, mobile devices, IoT systems, and specialized systems.
  • Understand the role of scripting in penetration testing.
  • Learn basic scripting principles using Python and Bash shells.
  • Automate tasks and enhance penetration testing workflows using scripts.
  • Maintain persistence on compromised systems to conduct further exploration.
  • Communicate technical information to both technical and non-technical audiences.

Holen Sie sich die Unterstützung, die Sie brauchen. Melden Sie sich für unseren Kurs mit Lehrer an.

Kursübersicht herunterladen

1

Introduction

  • CompTIA
  • The PenTest+ Exam
  • What Does This Course Cover?
  • CompTIA PenTest+ Certification Exam Objectives
2

Penetration Testing

  • What Is Penetration Testing?
  • Reasons for Penetration Testing
  • Who Performs Penetration Tests?
  • The CompTIA Penetration Testing Process
  • The Cyber Kill Chain
  • Tools of the Trade
  • Summary
  • Exam Essentials
  • Lab Exercises
3

Planning and Scoping Penetration Tests

  • Scoping and Planning Engagements
  • Penetration Testing Standards and Methodologies
  • Key Legal Concepts for Penetration Tests
  • Regulatory Compliance Considerations
  • Summary
  • Exam Essentials
  • Lab Exercises
4

Information Gathering

  • Footprinting and Enumeration
  • Active Reconnaissance and Enumeration
  • Information Gathering and Defenses
  • Summary
  • Exam Essentials
  • Lab Exercises
5

Vulnerability Scanning

  • Identifying Vulnerability Management Requirements
  • Configuring and Executing Vulnerability Scans
  • Software Security Testing
  • Developing a Remediation Workflow
  • Overcoming Barriers to Vulnerability Scanning
  • Summary
  • Exam Essentials
  • Lab Exercises
6

Analyzing Vulnerability Scans

  • Reviewing and Interpreting Scan Reports
  • Validating Scan Results
  • Common Vulnerabilities
  • Summary
  • Exam Essentials
  • Lab Exercises
7

Exploiting and Pivoting

  • Exploits and Attacks
  • Exploitation Toolkits
  • Exploit Specifics
  • Leveraging Exploits
  • Persistence and Evasion
  • Pivoting
  • Covering Your Tracks
  • Summary
  • Exam Essentials
  • Lab Exercises
8

Exploiting Network Vulnerabilities

  • Identifying Exploits
  • Conducting Network Exploits
  • Exploiting Windows Services
  • Identifying and Exploiting Common Services
  • Wireless Exploits
  • Summary
  • Exam Essentials
  • Lab Exercises
9

Exploiting Physical and Social Vulnerabilities

  • Physical Facility Penetration Testing
  • Social Engineering
  • Summary
  • Exam Essentials
  • Lab Exercises
10

Exploiting Application Vulnerabilities

  • Exploiting Injection Vulnerabilities
  • Exploiting Authentication Vulnerabilities
  • Exploiting Authorization Vulnerabilities
  • Exploiting Web Application Vulnerabilities
  • Unsecure Coding Practices
  • Steganography
  • Application Testing Tools
  • Summary
  • Exam Essentials
  • Lab Exercises
11

Attacking Hosts, Cloud Technologies, and Specialized Systems

  • Attacking Hosts
  • Credential Attacks and Testing Tools
  • Remote Access
  • Attacking Virtual Machines and Containers
  • Attacking Cloud Technologies
  • Attacking Mobile Devices
  • Attacking IoT, ICS, Embedded Systems, and SCADA Devices
  • Attacking Data Storage
  • Summary
  • Exam Essentials
  • Lab Exercises
12

Reporting and Communication

  • The Importance of Communication
  • Recommending Mitigation Strategies
  • Writing a Penetration Testing Report
  • Wrapping Up the Engagement
  • Summary
  • Exam Essentials
  • Lab Exercises
13

Scripting for Penetration Testing

  • Scripting and Penetration Testing
  • Variables, Arrays, and Substitutions
  • Comparison Operations
  • String Operations
  • Flow Control
  • Input and Output (I/O)
  • Error Handling
  • Advanced Data Structures
  • Reusing Code
  • The Role of Coding in Penetration Testing
  • Summary
  • Exam Essentials
  • Lab Exercises

1

Information Gathering

  • Verwenden der Befehle dig und nslookup
  • Durchführen einer Zonenübertragung mit dig
  • Mit Maltego Informationen sammeln
  • Verwendung von Recon-ng zum Sammeln von Informationen
  • Verwenden von Nmap für die Netzwerkaufzählung
  • Aufklärung in einem Netzwerk durchführen
  • Durchführen eines intensiven Scans in Zenmap
  • Verwenden von Nmap für die Benutzeraufzählung
  • Durchführen eines Nmap-UDP-Scans
  • Durchführen eines Nmap-SYN-Scans
2

Vulnerability Scanning

  • Durchführen von Schwachstellenscans mit Nessus
3

Analyzing Vulnerability Scans

  • Grundlegendes zur Eskalation lokaler Berechtigungen
4

Exploiting and Pivoting

  • Durchführen von Schwachstellenscans mit OpenVAS
  • Suche nach Exploits mithilfe von searchsploit
  • Verwendung von Meterpreter
  • Verwenden des Taskplaners
  • Den Pass-the-Hash-Angriff verstehen
  • Verwendung des Metasploit RDP Post-Exploitation-Moduls
5

Exploiting Network Vulnerabilities

  • Durchführen von ARP-Spoofing
  • Conducting a Cross Site Scripting (XXS) attack
  • Capturing Network Packets Using tcpdump
  • Simulation des DDoS-Angriffs
  • Verwendung des EternalBlue-Exploits in Metasploit
  • SMB ausnutzen
  • SMTP ausnutzen
  • SNMP ausnutzen
6

Exploiting Physical and Social Vulnerabilities

  • Verwenden des SET-Tools zum Planen eines Angriffs
  • Verwendung von BeEF
7

Exploiting Application Vulnerabilities

  • Exploiting Command Injection Vulnerabilities
  • Ausnutzen einer Website mithilfe von SQL-Injection
  • Durchführung eines Cross-Site-Request-Forgery-Angriffs
  • Text mithilfe der Steganographie verbergen
  • Mit OWASP ZAP
  • Durchführen von Session Hijacking mit Burp Suite
8

Attacking Hosts, Cloud Technologies, and Specialized Systems

  • Passwörter knacken
  • Mit John the Ripper ein Linux-Passwort knacken
  • Erstellen von Reverse- und Bind-Shells mit Netcat
9

Scripting for Penetration Testing

  • Whitelisting einer IP-Adresse in der Windows-Firewall
  • In Perl geschriebene Exploits anzeigen
  • Anzeigen der Auswirkungen von feindlichem JavaScript im Browser
  • Finden von Live-Hosts mithilfe des Ping-Sweeps in Python
  • Schreiben eines Bash-Shell-Skripts

Haben Sie Fragen? Schauen Sie sich die FAQs an

Sie haben noch unbeantwortete Fragen und möchten Kontakt aufnehmen?

Kontaktiere uns jetzt

PenTest+ refers to the certification itself, offered by CompTIA, a trusted provider of IT certifications. Earning this certification demonstrates your competence in the ethical hacking methodology and the skills to effectively pen-test an environment.

PT0-002 is the current version of the PenTest+ exam. Exam versions are identified by codes, and PT0-002 signifies the latest iteration of the PenTest+ certification program. It focuses on the most up-to-date practices and tools used in penetration testing.

The CompTIA PenTest+ PT0-002 exam is the successor to the PT0-001 exam. While both assess an individual's skills in penetration testing, the PT0-002 focuses on the most up-to-date methodologies and techniques. PT0-002 is considered to be more challenging than PT0-001 due to the inclusion of more advanced topics and performance-based questions.

The cost of CompTIA Pentest+ varies, depending on the country & region. In the US, you can register for USD 404.

Access Our CompTIA Pentest+ PT0-002 Study Guide To Prepare for The Certification! 

Our course is designed to meet CompTIA Pentest+ PT0-002 objectives and standards, preparing you for high-paying ethical hacker roles.

$ 279.99

Kaufe jetzt

Ähnliche Kurse

Alle Kurse
Scrolle nach oben