Use this quick start guide to collect all the information about CompTIA PenTest+ (PT0-001) Certification exam. This study guide provides a list of objectives and resources that will help you prepare for items on the PT0-001 CompTIA PenTest+ exam. The Sample Questions will help you identify the type and difficulty level of the questions and the Practice Exams will make you familiar with the format and environment of an exam. You should refer this guide carefully before attempting your actual CompTIA PenTest Plus certification exam.
The CompTIA PenTest+ certification is mainly targeted to those candidates who want to build their career in Cybersecurity domain. The CompTIA PenTest+ exam verifies that the candidate possesses the fundamental knowledge and proven skills in the area of CompTIA PenTest Plus.
CompTIA PenTest+ Exam Summary:
Exam Name | CompTIA PenTest+ |
Exam Code | PT0-001 |
Exam Price | $381 (USD) |
Duration | 165 mins |
Number of Questions | 85 |
Passing Score | 750 / 900 |
Books / Training | CompTIA PenTest+ Certification Training |
Schedule Exam | Pearson VUE |
Sample Questions | CompTIA PenTest+ Sample Questions |
Practice Exam | CompTIA PT0-001 Certification Practice Exam |
CompTIA PT0-001 Exam Syllabus Topics:
Topic | Details |
---|---|
Planning and Scoping - 15% |
|
Explain the importance of planning for an engagement. |
1. Understanding the target audience 2. Rules of engagement 3. Communication escalation path 4. Resources and requirements
5. Budget
8. Technical constraints
9. Support resources
|
Explain key legal concepts. |
1. Contracts
2. Environmental differences
3. Written authorization
|
Explain the importance of scoping an engagement properly. |
1. Types of assessment
2. Special scoping considerations
3. Target selection
4. Strategy
5. Risk acceptance
6. Tolerance to impact 7. Scheduling 8. Scope creep 9. Threat actors
|
Explain the key aspects of compliance-based assessments.
|
1. Compliance-based assessments, limitations and caveats
2. Clearly defined objectives based on regulations
|
Information Gathering and Vulnerability Identification - 22% |
|
Given a scenario, conduct information gathering using appropriate techniques.
|
1. Scanning 2. Enumeration
3. Packet crafting
4. Packet inspection 5. Fingerprinting 6. Cryptography
7. Eavesdropping
8. Decompilation
|
Given a scenario, perform a vulnerability scan.
|
1. Credentialed vs. non-credentialed 2. Types of scans
3. Container securit
4. Application scan
5. Considerations of vulnerability scanning
|
Given a scenario, analyze vulnerability scan results. |
1. Asset categorization 2. Adjudication
3. Prioritization of vulnerabilities
4. Common themes
|
Explain the process of leveraging information to prepare for exploitation.
|
1. Map vulnerabilities to potential exploits 2. Prioritize activities in preparation for penetration test 3. Describe common techniques to complete attack
|
Explain weaknesses related to specialized systems.
|
1. ICS 2. SCADA 3. Mobile 4. IoT 5. Embedded 6. Point-of-sale system 7. Biometrics 8. Application containers 9. RTOS |
Attacks and Exploits - 30% |
|
Compare and contrast social engineering attacks. |
1. Phishing
2. Elicitation
3. Interrogation
4. Impersonation
5. Shoulder surfing
6. USB key drop 7. Motivation techniques
|
Given a scenario, exploit network-based vulnerabilities. |
1. Name resolution exploits
2. SMB exploits
9. DoS/stress test |
Given a scenario, exploit wireless and RF-based vulnerabilities. |
1. Evil twin
2. Deauthentication attacks |
Given a scenario, exploit application-based vulnerabilities. |
1. Injections
2. Authentication
3. Authorization
4. Cross-site scripting (XSS)
5. Cross-site request forgery (CSRF/XSRF)
8. File inclusion
9. Unsecure code practices
|
Given a scenario, exploit local host vulnerabilities. |
1. OS vulnerabilities
2. Unsecure service and protocol configurations
3. Privilege escalation
4. Default account settings
6. Physical device security
|
Summarize physical security attacks related to facilities.
|
1. Piggybacking/tailgating 2. Fence jumping 3. Dumpster diving 4. Lock picking 5. Lock bypass 6. Egress sensor 7. Badge cloning |
Given a scenario, perform post-exploitation techniques. |
1. Lateral movement
2. Persistence
3. Covering your tracks
|
Penetration Testing Tools - 17% |
|
Given a scenario, use Nmap to conduct information gathering exercises. |
1. SYN scan (-sS) vs. full connect scan (-sT) 2. Port selection (-p) 3. Service identification (-sV) 4. OS fingerprinting (-O) 5. Disabling ping (-Pn) 6. Target input file (-iL) 7. Timing (-T) 8. Output parameters
|
Compare and contrast various use cases of tools. |
1. Use cases
2. Tools
|
Given a scenario, analyze tool output or data related to a penetration test.
|
1. Password cracking 2. Pass the hash 3. Setting up a bind shell 4. Getting a reverse shell 5. Proxying a connection 6. Uploading a web shell 7. Injections |
Given a scenario, analyze a basic script (limited to Bash, Python, Ruby, and PowerShell).
|
1. Logic
2. I/O
3. Substitutions
4. Variables 5. Common operations
6. Error handling
7. Arrays 8. Encoding/decoding |
Reporting and Communication - 16% |
|
Given a scenario, use report writing and handling best practices.
|
1. Normalization of data 2. Written report of findings and remediation
3. Risk appetite |
Explain post-report delivery activities. |
1. Post-engagement cleanup
2. Client acceptance
3. Lessons learned 4. Follow-up actions/retest 5. Attestation of findings |
Given a scenario, recommend mitigation strategies for discovered vulnerabilities.
|
1. Solutions
2. Findings
3. Remediation
|
Explain the importance of communication during the penetration testing process.
|
1. Communication path 2. Communication triggers
3. Reasons for communication
4. Goal reprioritization
|
To ensure success in CompTIA PenTest Plus certification exam, we recommend authorized training course, practice test and hands-on experience to prepare for CompTIA PenTest+ (PT0-001) exam.