CompTIA Pentest+

Course Code: CO-PEN+

As organisations scramble to protect themselves and their customers against privacy or security breaches, the ability to conduct penetration testing is an emerging skill set that is becoming ever more valuable to the organisations seeking protection, and ever more lucrative for those who possess these skills. In this course, you will be introduced to general concepts and methodologies related to pen testing, and you will work your way through a simulated pen test for a fictitious company. The CompTIA PenTest+ certification requires a candidate to demonstrate the hands-on ability and knowledge to test devices in new environments such as the cloud and mobile, in addition to traditional desktops and servers. CompTIA PenTest+ joins CompTIA Cybersecurity Analyst (CySA+) at the intermediate-skills level of the cybersecurity career pathway as shown below. Depending on your course of study, PenTest+ and CySA+ can be taken in any order but typically follows the skills learned in Security+. While CySA+ focuses on defense through incident detection and response, PenTest+ focuses on offense through penetration testing and vulnerability assessment. Although the two exams teach opposing skills, they are dependent on one another. The most qualified cybersecurity professionals have both offensive and defensive skills. Earn the PenTest+ certification to grow your career within the CompTIA recommended cybersecurity career pathway.

  • Duration: 5 Days
  • Level: Intermediate
  • Technology: Cybersecurity
  • Delivery Method: Instructor Led
  • Training Credits: NA

Cybersecurity professionals involved in hands-on penetration testing to identify, exploit, report, and manage vulnerabilities on a network.

Before attending this course, delegates must have achieved the following requirements:

- Intermediate knowledge of information security concepts, including but not limited to identity and access management (IAM), cryptographic concepts and implementations, computer networking concepts and implementations, and common security technologies.

- Practical experience in securing various computing environments, including small to medium businesses, as well as enterprise environments.

You can obtain this level of skills and knowledge by attending the CompTIA Security+ Certification Training. Individuals seeking the CompTIA PenTest+ certification should also have three to four years of hands-on experience performing penetration tests, vulnerability assessments, and vulnerability management.

After completing the CompTIA PenTest+ course, delegates will have the skills and knowledge to:

- Plan and scope penetration tests

- Conduct passive reconnaissance

- Perform non-technical tests to gather information

- Conduct active reconnaissance

- Analyze vulnerabilities

- Penetrate networks

- Exploit host-based vulnerabilities

- Test applications

This course is designed to prepare students to take the CompTIA PenTest+ PT0-002 Exam. Successfully passing this exam will result in the achievement of the CompTIA PenTest+ Certification.

Download our course content

Click Here


- Define Organizational PenTesting

- Acknowledge Compliance Requirements

- Compare Standards and Methodologies

- Describe Ways to Maintain Professionalism

- Assess Environmental Considerations

- Outline the Rules of Engagement

- Prepare Legal Documents

- Discover the Target

- Gather Essential Data

- Compile Website Information

- Discover Open-Source Intelligence Tools

- Exploit the Human Psyche

- Summarize Physical Attacks

- Use Tools to Launch a Social Engineering Attack

- Plan the Vulnerability Scan

- Detect Defences

- Utilize Scanning Tools

- Scan Identified Targets

- Evaluate Network Traffic

- Uncover Wireless Assets

- Discover Nmap and NSE

- Enumerate Network Hosts

- Evade Detection

- Use Steganography to Hide and Conceal

- Establish a Covert Channel

- Enumerating Hosts

- Attack LAN Protocols

- Compare Exploit Tools

- Explore Cloud-Based Attacks

- Discover Wireless Attacks

- Explore Wireless Tools

- Write and Handle Reports

- Recognize Mobile Device Vulnerabilities

- Launch Attacks on Mobile Devices

- Outline Assessment Tools for Mobile Devices

- Identify Attacks on the IoT

- Recognize Other Vulnerable Systems

- Explain Virtual Machine Vulnerabilities

- Recognize Web Vulnerabilities

- Launch Session Attacks

- Plan Injection Attacks

- Identify Tools

- System Hacking

- Use Remote Access Tools

- Analyze Exploit Code

- Analyzing Scripts and Code Samples

- Create Logic Constructs

- Automate Penetration Testing

- Test Credentials

- Move Throughout the System

- Maintain Persistence

- Define the Communication Path

- Communication Triggers

- Use Built-In Tools for Reporting

- Identify Report Audience

- List Report Contents

- Define Best Practices for Reports

- Employ Technical Controls

- Administrative and Operational Controls

- Physical Controls

- Post-Engagement Cleanup

- Follow-Up Actions