CompTIA PenTest+ is for cybersecurity professionals tasked with penetration testing and vulnerability management. PenTest+ assesses the most up-to-date penetration testing, and vulnerability assessment and management skills necessary to determine the resiliency of the network against attacks. The CompTIA PenTest+ certification exam will verify successful candidates have the knowledge and skills required to:
PenTest+ is compliant with ISO 17024 standards and approved by the US DoD to meet directive 8140/8570.01-M requirements. Regulators and government rely on ANSI accreditation, because it provides confidence and trust in the outputs of an accredited program. Over 2.3 million CompTIA ISO/ANSI-accredited exams have been delivered since January 1, 2011.
Global cybercrime costs are expected to grow 15% over the next five years. Now more than ever, it is imperative that organizations prevent sensitive data from falling into the wrong hands. Updates to PenTest+ reflect newer pen testing techniques for the latest attack surfaces, including the cloud, hybrid environments, and web applications, as well as more ethical hacking concepts, vulnerability scanning and code analysis.
Why is it different?
PenTest+ is the most current penetration testing exam covering the latest techniques against expanded attack surfaces. It is a unique exam that requires a candidate to demonstrate the most relevant pen testing skills for the cloud, hybrid environments, web applications, Internet of Things (IoT), and traditional on-premises.
Planning and Scoping
Includes updated techniques emphasizing governance, risk, and compliance concepts, scoping and organizational/customer requirements, and demonstrating an ethical hacking mindset.
Information Gathering and Vulnerability Scanning
Includes updated skills on performing vulnerability scanning and passive/active reconnaissance, vulnerability management, as well as analyzing the results of the reconnaissance exercise.
Attacks and Exploits
Includes updated approaches to expanded attack surfaces, researching social engineering techniques, performing network attacks, wireless attacks, application-based attacks and attacks on cloud technologies, and performing post-exploitation techniques.
Reporting and Communication
Expanded to focus on the importance of reporting and communication in an increased regulatory environment during the pen testing process through analyzing findings and recommending appropriate remediation within a report.
Tools and Code Analysis
Includes updated concepts of identifying scripts in various software deployments, analyzing a script or code sample, and explaining use cases of various tools used during the phases of a penetration test. It is important to note that no scripting and coding is required.
|
Penetration Tester |
|
Security Consultant |
|
Cloud Penetration Tester |
|
Web App Penetration Tester |
|
Cloud Security Specialist |
|
Network & Security Specialist |
|
Exam Code |
PT0-002 |
|
|
The CompTIA PenTest+ will certify the successful candidate has the knowledge and skills required to plan and scope a penetration testing engagement including vulnerability scanning, understand legal and compliance requirements, analyze results, and produce a written report with remediation techniques. |
||
|
Number of Questions |
Maximum of 85 questions |
|
|
Type of Questions |
Performance-based and multiple choice |
|
|
Length of Test |
165 minutes |
|
|
Passing Score |
750 (on a scale of 100-900) |
|
|
Recommended Experience |
Network+, Security+ or equivalent knowledge. Minimum of 3-4 years of hands-on information security or related experience. While there is no required prerequisite, PenTest+ is intended to follow CompTIA Security+ or equivalent experience and has a technical, hands-on focus. |
|
|
Languages |
English, Japanese to follow |
|
Other similar Courses that might interest you
