What is CompTIA PenTest+
is a certification for cybersecurity professionals tasked with penetration testing and vulnerability assessment and management.
CompTIA PenTest+ is an intermediate-skills level cybersecurity certification that focuses on offensive skills through pen testing and vulnerability assessment. Cybersecurity professionals with CompTIA PenTest+ know how plan, scope, and manage weaknesses, not just exploit them.
What Skills Will You Learn?
Planning and Scoping
Includes updated techniques emphasizing governance, risk and compliance concepts, scoping and organizational/customer requirements, and demonstrating an ethical hacking mindset
Information Gathering and Vulnerability Scanning
Includes updated skills on performing vulnerability scanning and passive/active reconnaissance, vulnerability management, as well as analyzing the results of the reconnaissance exercise
Attacks and Exploits
Includes updated approaches to expanded attack surfaces, researching social engineering techniques, performing network attacks, wireless attacks, application-based attacks and attacks on cloud technologies, and performing post-exploitation techniques
Reporting and Communication
Expanded to focus on the importance of reporting and communication in an increased regulatory environment during the pen testing process through analyzing findings and recommending appropriate remediation within a report
Tools and Code Analysis
Includes updated concepts of identifying scripts in various software deployments, analyzing a script or code sample, and explaining use cases of various tools used during the phases of a penetration test–scripting or coding is not required
What Job Roles Should Take the Exam?
CompTIA PenTest+ is for IT cybersecurity professionals with three to four years of hands-on information security or related experience, or equivalent training, looking to start or advance a career in pen testing. CompTIA PenTest+ prepares candidates for the following job roles:
- Penetration tester
- Vulnerability tester
- Security analyst (II)
- Vulnerability assessment analyst
- Network security operations
- Application security vulnerability