Introduction

CompTIA PenTest+ is a security penetration testing certification that focuses on performance-based and multiple-choice questions, as well as simulations that require a candidate to demonstrate the hands-on ability to complete a penetration testing engagement. PenTest+ candidates must demonstrate their skills in planning and scoping a penetration testing engagement. Candidates are also required to know how to mitigate security weaknesses and vulnerabilities, as well as how to exploit them.

CompTIA PenTest+ is an intermediate-level cybersecurity career certification. Historically, the only intermediate-level cybersecurity certification was the CompTIA Cybersecurity Analyst (CySA+). Today, PenTest+ provides an alternate path from those who want to specialize in security penetration testing (ethical hacking).

CompTIA PenTest+ and CySA+ can be taken in any order. Either exam typically follows the skills learned in Security+. The main difference between CySA+ and PenTest+ is that CySA+ focuses on defensive security (including incident detection and response), whereas PenTest+ focuses on offensive security (ethical hacking or penetration testing).

The Goals of the CompTIA PenTest+ Certification

The CompTIA PenTest+ certification was created and is managed by one of the most prestigious organizations in the world and has a number of stated goals. Although not critical for passing the exam, having knowledge of the organization and of these goals is helpful in understanding the motivation behind the creation of the exam.

Sponsoring Bodies

The Computing Technology Industry Association (CompTIA) is a vendor-neutral IT certification body that is recognized worldwide. CompTIA has been in existence for more than 20 years. It develops certificate programs for IT support, networking, security, Linux, cloud, and mobility. CompTIA is a nonprofit trade association.

PenTest+ is one of a number of security-related certifications offered by CompTIA. Other certifications offered by this organization include the following:

• CompTIA Security+

• CompTIA Cybersecurity Analyst (CySA+)

• CompTIA Advanced Security Practitioner (CASP)

CompTIA offers certifications in other focus areas, including the following:

• CompTIA IT Fundamentals

• CompTIA A+

• CompTIA Network+

• CompTIA Cloud Essentials

• CompTIA Cloud+

• CompTIA Linux+

• CompTIA Server+

• CompTIA Project+

• CompTIA CTT+

Stated Goals

The goal of CompTIA in its administration of the PenTest+ certification is to provide a reliable instrument to measure an individual’s knowledge of cybersecurity penetration testing (ethical hacking). This knowledge is not limited to technical skills alone but extends to all aspects of a successful penetration testing engagement.

The Exam Objectives (Domains)

The CompTIA PenTest+ exam is broken down into five major domains. This book covers all the domains and the subtopics included in them. The following table lists the breakdown of the domains represented in the exam:

1.0 Planning and Scoping

The Planning and Scoping domain, which is covered in Chapter 2, discusses the importance of good planning and scoping in a penetration testing or ethical hacking engagement. Comprising 15% of the exam, it covers several key legal concepts and the different aspects of compliance-based assessment. It Covers topics including the following:

• Explain the importance of planning for an engagement.

• Explain key legal concepts.

• Explain the importance of scoping an engagement properly.

• Explain the key aspects of compliance-based assessments.

2.0 Information Gathering and Vulnerability Identification

The Information Gathering and Vulnerability Identification domain, which is covered in Chapter 3, starts out by discussing in general what reconnaissance is and the difference between passive and active reconnaissance methods. It touches on some of the common tools and techniques used. From there it covers the process of vulnerability scanning and how vulnerability scanning tools work, including how to analyze vulnerability scanning results to provide useful deliverables and the process of leveraging the gathered information in the exploitation phase. Finally, it discusses some of the common challenges to consider when performing vulnerability scans. This domain accounts for 22% of the exam. Topics include the following:

• Given a scenario, conduct information gathering using appropriate techniques.

• Given a scenario, perform a vulnerability scan.

• Given a scenario, analyze vulnerability scan results.

• Explain the process of leveraging information to prepare for exploitation.

• Explain weaknesses related to specialized systems.

3.0 Attacks and Exploits

The Attacks and Exploits domain is covered throughout Chapters 4 through 8. These chapters include topics such as social engineering attacks, exploitation of wired and wireless networks, application-based vulnerabilities, local host and physical security vulnerabilities, and post-exploitation techniques. It encompasses 30% of the exam. Topics include the following:

• Compare and contrast social engineering attacks.

• Given a scenario, exploit network-based vulnerabilities.

• Given a scenario, exploit wireless and RF-based vulnerabilities.

• Given a scenario, exploit application-based vulnerabilities.

• Given a scenario, exploit local host vulnerabilities.

• Summarize physical security attacks related to facilities.

• Given a scenario, perform post-exploitation techniques.

4.0 Penetration Testing Tools

The Penetration Testing Tools domain is covered in Chapter 9. In this chapter, you will learn different use cases for penetration testing tools. You will also learn how to analyze the output of some of the most popular penetration testing tools to make informed assessments. At the end of the chapter, you will learn how to leverage the bash shell, Python, Ruby, and PowerShell to perform basic scripting. This domain accounts for 17% of the exam. The topics include the following:

• Given a scenario, use Nmap to conduct information gathering exercises.

• Compare and contrast various use cases of tools.

• Given a scenario, analyze tool output or data related to a penetration test.

• Given a scenario, analyze a basic script (limited to bash, Python, Ruby, and PowerShell).

5.0 Reporting and Communication

The Reporting and Communication domain is covered in Chapter 10, which starts out by discussing post-engagement activities, such as cleanup of any tools or shells left on systems that were part of the test. From there it covers report writing best practices, including the common report elements as well as findings and recommendations. Finally, it touches on report handling and proper communication best practices. This domain makes up 16% of the exam. Topics include the following:

• Given a scenario, use report writing and handling best practices.

• Explain post-report delivery activities.

• Given a scenario, recommend mitigation strategies for discovered vulnerabilities.

• Explain the importance of communication during the penetration testing process.

Steps to Earning the PenTest+ Certification

To earn the PenTest+ certification, a test candidate must meet certain prerequisites and follow specific procedures. Test candidates must qualify for and sign up for the exam.

Recommended Experience

There are no prerequisites for the PenTest+ certification. However, CompTIA recommends that candidates possess Network+, Security+, or equivalent knowledge.

CompTIA also recommends a minimum of three to four years of hands-on information security or related experience.

Signing Up for the Exam

The steps required to sign up for the PenTest+ exam are as follows:

1. Create a Pearson Vue account at pearsonvue.com and schedule your exam.

2. Complete the examination agreement, attesting to the truth of your assertions regarding professional experience and legally committing to the adherence to the testing policies.

3. Review the candidate background questions.

4. Submit the examination fee.

The following website presents the CompTIA certification exam policies: https://certification.comptia.org/testing/test-policies.

Facts About the PenTest+ Exam

The PenTest+ exam is a computer-based test that focuses on performance-based and multiple-choice questions. There are no formal breaks, but you are allowed to bring a snack and eat it at the back of the test room; however, any time used for breaks counts toward 165 minutes allowed for the test. You must bring a governmentissued identification card. No other forms of ID will be accepted. You may be required to submit to a palm vein scan.

About the CompTIA^® PenTest+ Cert Guide

This book maps to the topic areas of the CompTIA^® PenTest+ exam and uses a number of features to help you understand the topics and prepare for the exam.

Objectives and Methods

This book uses several key methodologies to help you discover the exam topics on which you need more review, to help you fully understand and remember those details, and to help you prove to yourself that you have retained your knowledge of those topics. This book does not try to help you pass the exam only by memorization; it seeks to help you truly learn and understand the topics. This book is designed to help you pass the PenTest+ exam by using the following methods:

• Helping you discover which exam topics you have not mastered

• Providing explanations and information to fill in your knowledge gaps

• Supplying exercises that enhance your ability to recall and deduce the answers to test questions

• Providing practice exercises on the topics and the testing process via test questions on the companion website

Book Features

To help you customize your study time using this book, the core chapters have several features that help you make the best use of your time:

• Foundation Topics: These are the core sections of each chapter. They explain the concepts for the topics in each chapter.

• Exam Preparation Tasks: After the “Foundation Topics” section of each chapter, the “Exam Preparation Tasks” section lists a series of study activities that you should do at the end of the chapter:

  • Review All Key Topics: The Key Topic icon appears next to the most important items in the “Foundation Topics” section of the chapter. The Review All Key Topics activity lists the key topics from the chapter, along with the page numbers on which they are covered. Although the contents of the entire chapter could be on the exam, you should definitely know the information listed in each key topic, so you should especially review them.

  • Define Key Terms: Although the PenTest+ exam may be unlikely to ask a question such as “Define this term,” the exam does require that you learn and know a lot of penetration testing–related terminology. This section lists the most important terms from the chapter and asks you to write a short definition for each and compare your answers to the glossary at the end of the book.

  • Review Questions: You can confirm that you understand the content that you just covered by answering these questions and reading the answer explanations.

• Web-based practice exam: The companion website includes the Pearson Cert Practice Test engine, which allows you to take practice exams. Use it to prepare with a sample exam and to pinpoint topics where you need more study.

How This Book Is Organized

This book contains 10 core chapters—Chapters 1 through 10. Chapter 11 includes preparation tips and suggestions for how to approach the exam. Each core chapter covers a subset of the topics on the PenTest+ exam. The core chapters map to the PenTest+ exam topic areas and cover the concepts and technologies that you will encounter on the exam.

Companion Website

Register this book to get access to the Pearson IT Certification test engine and other study materials, as well as additional bonus content. Check this site regularly for new and updated postings written by the authors that provide further insight into the most troublesome topics on the exam. Be sure to check the box indicating that you would like to hear from us to receive updates and exclusive discounts on future editions of this product or related products.

To access this companion website, follow these steps:

1. Go to www.pearsonitcertification.com/register and log in or create a new account.

2. Enter the ISBN 9780789760357.

3. Answer the challenge question as proof of purchase.

4. Click the Access Bonus Content link in the Registered Products section of your account page to be taken to the page where your downloadable content is available.

Note that many of our companion content files can be very large, especially image and video files.

If you are unable to locate the files for this title by following these steps, please visit www.pearsonITcertification.com/contact and select the Site Problems/Comments option. Our customer service representatives will assist you.

Pearson Test Prep Practice Test Software

As noted previously, this book comes complete with the Pearson Test Prep practice test software, including two full exams. These practice tests are available to you either online or as an offline Windows application. To access the practice exams that were developed with this book, please see the instructions in the card inserted in the sleeve in the back of the book. This card includes a unique access code that enables you to activate your exams in the Pearson Test Prep software.

Accessing the Pearson Test Prep Software Online

The online version of this software can be used on any device with a browser and connectivity to the Internet, including desktop machines, tablets, and smartphones. To start using your practice exams online, simply follow these steps:

Step 1. Go to https://www.PearsonTestPrep.com.

Step 2. Select Pearson IT Certification as your product group.

Step 3. Enter the email and password for your account. If you don’t have an account on PearsonITCertification.com or CiscoPress.com, you need to establish one by going to PearsonITCertification.com/join.

Step 4. In the My Products tab, click the Activate New Product button.

Step 5. Enter the access code printed on the insert card in the back of your book to activate your product. The product will now be listed in your My Products page.

Step 6. Click the Exams button to launch the exam settings screen and start your exam.

Accessing the Pearson Test Prep Software Offline

If you wish to study offline, you can download and install the Windows version of the Pearson Test Prep software. There is a download link for this software on the book’s companion website, or you can just enter this link in your browser: http://www.pearsonitcertification.com/content/downloads/pcpt/engine.zip.

To access the book’s companion website and the software, simply follow these steps:

Step 1. Register your book by going to PearsonITCertification.com/register and entering the ISBN 9780789760357.

Step 2. Answer the challenge questions.

Step 3. Go to your account page and click the Registered Products tab.

Step 4. Click the Access Bonus Content link under the product listing.

Step 5. Click the Install Pearson Test Prep Desktop Version link in the Practice Exams section of the page to download the software.

Step 6. After the software finishes downloading, unzip all the files on your computer.

Step 7. Double-click the application file to start the installation and follow the onscreen instructions to complete the registration.

Step 8. When the installation is complete, launch the application and click the Activate Exam button on the My Products tab.

Step 9. Click the Activate a Product button in the Activate Product Wizard.

Step 10. Enter the unique access code found on the card in the back of your book and click the Activate button.

Step 11. Click Next and then click Finish to download the exam data to your application.

Step 12. Start using the practice exams by selecting the product and clicking the Open Exam button to open the exam settings screen.

Note that the offline and online versions will sync together, so saved exams and grade results recorded on one version will be available to you on the other as well.

Customizing Your Exams

In the exam settings screen, you can choose to take exams in one of three modes:

• Study mode: Allows you to fully customize your exams and review answers as you are taking the exam. This is typically the mode you would use first to assess your knowledge and identify information gaps.

• Practice Exam mode: Locks certain customization options, as it is presenting a realistic exam experience. Use this mode when you are preparing to test your exam readiness.

• Flash Card mode: Strips out the answers and presents you with only the question stem. This mode is great for late-stage preparation, when you really want to challenge yourself to provide answers without the benefit of seeing multiple-choice options. This mode does not provide the detailed score reports that the other two modes do, so it will not be as helpful as the other modes at helping you identify knowledge gaps.

In addition to choosing among these three modes, you will be able to select the source of your questions. You can choose to take exams that cover all the chapters, or you can narrow your selection to just a single chapter or the chapters that make up specific parts in the book. All chapters are selected by default. If you want to narrow your focus to individual chapters, simply deselect all the chapters and then select only those on which you wish to focus in the Objectives area.

You can also select the exam banks on which to focus. Each exam bank comes complete with a full exam of questions that cover topics in every chapter. The two exams printed in the book are available to you, as are two additional exams of unique questions. You can have the test engine serve up exams from all four banks or just from one individual bank by selecting the desired banks in the exam bank area.

There are several other customizations you can make to your exam from the exam settings screen, such as the time of the exam, the number of questions served up, whether to randomize questions and answers, whether to show the number of correct answers for multiple-answer questions, and whether to serve up only specific types of questions. You can also create custom test banks by selecting only questions that you have marked or questions on which you have added notes.

Updating Your Exams

If you are using the online version of the Pearson Test Prep software, you should always have access to the latest version of the software as well as the exam data. If you are using the Windows desktop version, every time you launch the software while connected to the Internet, it checks whether there are any updates to your exam data and automatically downloads any changes made since the last time you used the software.

Sometimes, due to many factors, the exam data may not fully download when you activate your exam. If you find that figures or exhibits are missing, you may need to manually update your exams. To update a particular exam you have already activated and downloaded, simply click the Tools tab and click the Update Products button. Again, this is only an issue with the desktop Windows application.

If you wish to check for updates to the Pearson Test Prep exam engine software, Windows desktop version, simply click the Tools tab and click the Update Application button. By doing so, you ensure that you are running the latest version of the software engine.