CompTIA PenTest

CompTIA PenTest+ is an intermediate-skills level cybersecurity certification that focuses on offensive skills through pen testing and vulnerability assessment. Cybersecurity professionals with CompTIA PenTest+ know how plan, scope, and manage weaknesses, not just exploit them.

The CompTIA PenTest+ certification exam will verify the successful candidate has the knowledge and skills required to:

• Plan and scope a penetration testing engagement
• Understand legal and compliance requirements
• Perform vulnerability scanning and penetration testing using appropriate tools and techniques, and then analyze the results
• Produce a written report containing proposed remediation techniques, effectively communicate results to the management team, and provide practical recommendations

• Planning and Scoping; Includes updated techniques emphasizing governance, risk and compliance concepts, scoping and organizational/customer requirements, and demonstrating an ethical hacking mindset
• Information Gathering and Vulnerability Scanning: Includes updated skills on performing vulnerability scanning and passive/active reconnaissance, vulnerability management, as well as analyzing the results of the reconnaissance exercise
• Attacks and Exploits: Includes updated approaches to expanded attack surfaces, researching social engineering techniques, performing network attacks, wireless attacks, application-based attacks and attacks on cloud technologies, and performing post-exploitation techniques
• Reporting and Communication: Expanded to focus on the importance of reporting and communication in an increased regulatory environment during the pen testing process through analyzing findings and recommending appropriate remediation within a report
• Tools and Code Analysis: Includes updated concepts of identifying scripts in various software deployments, analyzing a script or code sample, and explaining use cases of various tools used during the phases of a penetration test–scripting or coding is not required

The outcomes and professional benefits of taking a CompTIA Pentest+ course include the following:

• learn the techniques and methodologies used in penetration testing to identify and exploit network and system infrastructure vulnerabilities.
• learn to plan and scope a penetration testing engagement, including legal and ethical considerations.
• Students will learn to use various tools and techniques to conduct surveillance, vulnerability scanning, and exploit development.
• Students will learn to conduct post-exploitation activities, such as data exfiltration and maintaining access to a compromised system.
• Students will gain the knowledge and skills necessary to report on their findings and make recommendations for remediation.
• Professionally, earning a CompTIA Pentest+ certification can help increase job opportunities and salary potential in the field of cybersecurity, as well as demonstrate a high level of expertise in penetration testing to potential employers.

The CompTIA PenTest+ certification is aimed at:

• Penetration Testers and Ethical Hackers conducting security assessments.
• Security Analysts and Network Security Engineers working to protect systems and networks.
• IT Managers and Security Consultants overseeing and advising on security measures.
• Cybersecurity Students and enthusiasts looking to build practical penetration testing skills.

• While there is no required prerequisite, PenTest+ is intended to follow CompTIA Security+ or equivalent experience and has a technical, hands-on focus.
• Network+, Security+ or equivalent knowledge
• Minimum of 3-4 years of hands-on information security or related experience 

CompTIA PenTest+ is important for many reasons. For starters, it is the most comprehensive exam covering all penetration testing stages. Unlike other penetration testing exams that only cover a portion of stages, PenTest+ uses both performance-based and knowledge-based questions to ensure all stages are addressed.

Additionally, CompTIA PenTest+ proves to potential employers that you have the most relevant pen testing skills for the cloud, hybrid environments, web applications, internet of things (IoT) devices, embedded systems and traditional on-premises.

• Penetration Tester
• Security Consultant
• Cloud Penetration Tester
• Web App Penetration Tester
• Cloud Security Specialist
• Network & Security Specialist

• Exam Code: PT0-002
• Number of Questions: Maximum of 85 questions
• Type of Questions: Performance-based and multiple-choice
• Length of Test: 165 minutes
• Passing Score: 750 (on a scale of 100-900)
• Languages: English, Japanese, Portuguese, and Thai
• Retirement: Usually, three years after launch

Testing Provider: Pearson VUE

• Testing Centers
• Online Testing