Login Or Sign up

CompTIA PenTest+ (PT0-002)

CompTIA PenTest+ (PT0-002) exam objectives. This certification focuses on penetration testing and vulnerability assessment, designed for cybersecurity professionals who identify, exploit, report, and manage vulnerabilities on a network.

Description

📅 CompTIA Security+ (SY0-701)

🗓️ Duration: 3 Months

📚 Schedule: 3 Days Per Week

🕒 Session Length: 90 Minutes

💡 Total Sessions: 36

Study Hours: 55

💼Widely recognized by employers, especially for Intermediate Level roles


Course content

Compare and contrast governance, risk, and compliance concepts.

Rules of engagement

Legal concepts (e.g., authorization, data handling, etc.)

Impact analysis and risk mitigation

Explain the importance of scoping and organizational/customer requirements.

Scope elements (e.g., targets, exclusions)

Timing and scheduling

Resources and budget

Explain the key aspects of compliance-based assessments.

PCI-DSS, HIPAA, NIST, ISO, SOC reports

Perform passive reconnaissance. WHOIS, DNS, OSINT

Social engineering pretexts

Perform active reconnaissance.

Scanning, enumeration

Service discovery (Nmap, Nessus, etc.)

Analyze the results of reconnaissance.

Identifying services and vulnerabilities Version detection

Perform vulnerability scanning and analysis.

Scanner types and tools

Prioritizing vulnerabilities (CVSS, exploitability)

Research attack vectors and perform network attacks.

Man-in-the-middle, spoofing, replay attacks

Exploit application-based vulnerabilities.

SQL injection, XSS, CSRF, file inclusion

Exploit local host vulnerabilities.

Privilege escalation, DLL injection

Perform post-exploitation techniques.

Persistence, pivoting, lateral movement

Data exfiltration

Exploit vulnerabilities in cloud and hybrid environments.

Misconfigurations, APIs, containers

Summarize physical security attacks.

Badge cloning, tailgating, physical access exploits

Compare and contrast reporting components.

Executive vs technical reports

Remediation steps and findings

Report and communicate during the penetration testing process.

Stakeholder communication

Status updates and handover

Explain post-report delivery activities.

Cleanup and data disposal

Retesting, follow-up

Use Nmap, Metasploit, and other tools effectively.

Port scanning, exploitation, vulnerability detection

Analyze scripts or code samples for potential vulnerabilities.

Bash, PowerShell, Python snippets

Explain use cases of diverse tools.

Credential testing, OSINT tools, wireless tools

1. Ethical hacking

2. Vulnerability assessment

3. Post-exploitation techniques

4. Technical report writing

5. Working with exploits and payloads

Download PDF

course-img

Preview this course

We are on

Team

Courses

Our Location

© 2025 Tawana. All Rights Reserved. by Tawana Technology