Tag Archives: CompTIA PenTest+ Certification

comptia a+ certification

CompTIA PenTest+ PT0-001 vs. PT0-002: What’s the Difference?

IT certifications show employers that candidates have the knowledge and skills they need to do the job, and they help IT pros advance in their careers. As cybersecurity has become a critical function, cybersecurity certifications are among the most popular IT certifications globally.

The CompTIA PenTest+ certification is a vendor-neutral, internationally targeted validation of intermediate-level penetration testing (or pen testing) knowledge and skills. It focuses on the latest pen testing techniques, attack surfaces, vulnerability management, post-delivery and compliance tasks.

The skills covered by CompTIA PenTest+ help companies comply with regulations, such as PCI-DSS and NIST 800-53 Risk Management Framework (RMF), which require pen tests, vulnerability assessments and reports. CompTIA PenTest+ is approved under the Department of Defense (DoD) Directive 8140/8570.01-M and under ANSI/ISO standard 17024.

IT Jobs Related to CompTIA PenTest+
The next version of CompTIA PenTest+ (PT0-002) is slated to launch in October 2021. CompTIA updates its certifications every three years to keep up with evolving technology, so your skills are relevant and you stay up to date on the latest technologies.

When CompTIA updates exams, Subject Matter Experts (SMEs) from the industry participate in workshops to write and review the content, ensuring that the exam domains, objectives and questions validate the skills needed on the job today.

Cybersecurity experts from the following companies contributed to the update of CompTIA PenTest+:
RxSense
John Hopkins University Applied Physics Laboratory
U.S. Army
Target Corp.
General Dynamics IT (GDIT)
Ricoh

CompTIA PenTest+ PT0-001 vs PT0-002
CompTIA PenTest+ addresses the latest trends, techniques and attack surfaces – covering the core and intermediate skills in penetration testing and vulnerability management, ensuring high performance on the job. Let’s break down some of the highlights.

CompTIA PenTest+ Exam Domains
The exam domains covered in CompTIA PenTest+ PT0-001 and PT0-002 are not vastly different, as they are still relevant to the job roles, but you will see some slight changes.

We changed the name of exam domain 2.0 from Information Gathering and Vulnerability Identification to Information Gathering and Vulnerability Scanning.
We also swapped the order of two domains – what was formerly 5.0 Reporting and Communication is now 4.0, (with the same name), and what was formerly 4.0 Penetration Testing Tools is now 5.0 Tools and Code Analysis.

CompTIA PenTest+ PT0-002 Exam Domains
1. Planning and Scoping (14%)
2. Information Gathering and Vulnerability Scanning (22%)
3. Attacks and Exploits (30%)
4. Reporting and Communication (18%)
5. Tools and Code Analysis (16%)

CompTIA PenTest+ PT0-001 Equivalency Exam Domain

How It Applies to the Job

1.0 Planning and Scoping
Includes updated techniques emphasizing governance, risk and compliance concepts, scoping and organizational/customer requirements and demonstrating an ethical hacking mindset
Pen testers can be held criminally liable when operating without ethics or proper approvals. Pen testing is required for compliance to regulations such as PCI-DSS and the NIST 800-53 RMF.

2.0 Information Gathering and Vulnerability Scanning
Includes updated skills on performing vulnerability scanning and passive/active reconnaissance, vulnerability management as well as analyzing the results of the reconnaissance exercise
Automation is required for modern vulnerability management to counteract automated attacks. Organizations must efficiently mitigate vulnerabilities, avoiding unnecessary dangers to operations.

3.0 Attacks and Exploits
Includes updated approaches to expanded attack surfaces; researching social engineering techniques; performing network, wireless, cloud and application-based attacks; and post-exploitation techniques

Updated skills are needed to secure multiple attack surfaces; 87% of CompTIA-certified IT pros already work in expansive hybrid environments (both on-premises and in the cloud), and 93% work in multi-cloud environments.

4.0 Reporting and Communication
Expanded to focus on the importance of reporting and communication in an increased regulatory environment during the pen testing process through analysis and appropriate remediation recommendations
Communication is critical for the penetration testing lifecycle because collaboration is essential for identifying and managing vulnerabilities. Reporting is especially important for complying with regulations.

5.0 Tools and Code Analysis
Includes updated concepts of identifying scripts in software deployments, analyzing a script or code sample and explaining use cases of pen test tools (Note: Scripting and coding is not required)
Exposure to different scripts and code samples provides an expanded toolbox to help pen testers progress through their career. Pen testers work with scripting more as they advance in their careers.

How to Train for CompTIA PenTest+
It may seem like CompTIA PenTest+ covers a lot of ground, but don’t worry, we’ve got your back. CompTIA offers training solutions, including study guides, online self-study tools and instructor-led courses that are designed to cover what you need to know for your CompTIA exam. No other content library covers all the exam objectives for all certifications.

CompTIA training solutions help you prepare for your CompTIA certification exam with confidence. Whether you are just starting to prepare and need comprehensive training with CompTIA CertMaster Learn, want to apply your knowledge hands-on with CompTIA Labs or need a final review with CompTIA CertMaster Practice, CompTIA’s online training tools have you covered.

QUESTION 1
Which of the following commands will allow a penetration tester to permit a shell script to be executed by the file owner?

A. chmod u+x script.sh
B. chmod u+e script.sh
C. chmod o+e script.sh
D. chmod o+x script.sh

Answer: A

QUESTION 2
A penetration tester gains access to a system and establishes persistence, and then run the following commands:
Which of the following actions is the tester MOST likely performing?

A. Redirecting Bash history to /dev/null
B. Making a copy of the user’s Bash history to further enumeration
C. Covering tracks by clearing the Bash history
D. Making decoy files on the system to confuse incident responders

Answer: C

QUESTION 3
A compliance-based penetration test is primarily concerned with:

A. obtaining PII from the protected network.
B. bypassing protection on edge devices.
C. determining the efficacy of a specific set of security standards.
D. obtaining specific information from the protected network.

Answer: C

QUESTION 4
A penetration tester is explaining the MITRE ATT&CK framework to a company’s chief legal counsel.
Which of the following would the tester MOST likely describe as a benefit of the framework?

A. Understanding the tactics of a security intrusion can help disrupt them.
B. Scripts that are part of the framework can be imported directly into SIEM tools.
C. The methodology can be used to estimate the cost of an incident better.
D. The framework is static and ensures stability of a security program over time.

Answer: A

Examkingdom CompTIA PT0-002 Exam pdf, Certkingdom CompTIA PT0-002 PDF

MCTS Training, MCITP Trainnig

Best CompTIA PT0-002 Certification, CompTIA PT0-002 Training at certkingdom.com

Tech

PT1-002 CompTIA PenTest+ Certification Exam

CompTIA PenTest+ is for cybersecurity professionals tasked with penetration testing and vulnerability management.

Why is it different?
CompTIA PenTest+ is the only penetration testing exam taken at a Pearson VUE testing center with both hands-on, performance-based questions and multiple-choice, to ensure each candidate possesses the skills, knowledge, and ability to perform tasks on systems. PenTest+ exam also includes management skills used to plan, scope, and manage weaknesses, not just exploit them.

PenTest+ is unique because our certification requires a candidate to demonstrate the hands-on ability and knowledge to test devices in new environments such as the cloud and mobile, in addition to traditional desktops and servers.

About the exam
The new PenTest+ (PT0-002) exam will launch October, 2021!

Beta exam registration available on April 13, 2021. Interested in taking the beta exam? Registration on the Pearson VUE site.

CompTIA PenTest+ assesses the most up-to-date penetration testing, and vulnerability assessment and management skills necessary to determine the resiliency of the network against attacks.
Successful candidates will have the intermediate skills required to customize assessment frameworks to effectively collaborate on and report findings.
Candidates will also have the best practices to communicate recommended strategies to improve the overall state of IT security.

CompTIA PenTest+ is compliant with ISO 17024 standards and approved by the US DoD to meet directive 8140/8570.01-M requirements. Regulators and government rely on ANSI accreditation, because it provides confidence and trust in the outputs of an accredited program. Over 2.3 million CompTIA ISO/ANSI-accredited exams have been delivered since January 1, 2011.

What Skills Will You Learn?
HARDWARE
PLANNING & SCOPING

Explain the importance of planning and key aspects of compliance-based assessments
WINDOWS OPERATING SYSTEMS
INFORMATION GATHERING &
VULNERABILITY IDENTIFICATION

Gather information to prepare for exploitation then perform a vulnerability scan and analyze results.
SOFTWARE TROUBLESHOOTING
ATTACKS & EXPLOITS

Exploit network, wireless, application, and RF-based vulnerabilities, summarize physical security attacks, and perform post-exploitation techniques
NETWORKING
PENETRATION TESTING TOOLS

Conduct information gathering exercises with various tools and analyze output and basic scripts (limited to: Bash, Python, Ruby, PowerShell)
HARDWARE & NETWORK TROUBLESHOOTING
REPORTING & COMMUNICATION

Utilize report writing and handling best practices explaining recommended mitigation strategies for discovered vulnerabilities
obs that use CompTIA PenTest+
Penetration Tester
Vulnerability Tester
Security Analyst (II)
Vulnerability Assessment Analyst
Network Security Operations
Application Security Vulnerability

Renewal
Keep your certification up to date with CompTIA’s Continuing Education (CE) program. It’s designed to be a continued validation of your expertise and a tool to expand your skillset. It’s also the ace up your sleeve when you’re ready to take the next step in your career.

Get the most out of your certification
Information technology is an incredibly dynamic field, creating new opportunities and challenges every day. Participating in our Continuing Education program will enable you to stay current with new and evolving technologies and remain a sought-after IT and security expert.

The CompTIA Continuing Education program
Your CompTIA PenTest+ certification is good for three years from the date of your exam. The CE program allows you to extend your certification in three-year intervals through activities and training that relate to the content of your certification.

It’s easy to renew
You can participate in a number of activities and training programs, including higher certifications, to renew your CompTIA PenTest+ certification. Collect at least 60 Continuing Education Units (CEUs) in three years and upload them to your certification account, and your CompTIA PenTest+ certification will automatically renew.

QUESTION 1
Which of the following should a penetration tester consider FIRST when engaging in a penetration test in a cloud environment?

A. Whether the cloud service provider allows the penetration tester to test the environment
B. Whether the specific cloud services are being used by the application
C. The geographical location where the cloud services are running
D. Whether the country where the cloud service is based has any impeding laws

Correct Answer: C

QUESTION 2
A penetration tester who is conducting a web-application test discovers a clickjacking vulnerability associated
with a login page to financial data. Which of the following should the tester do with this information to make this a successful exploit?

A. Perform XSS.
B. Conduct a watering-hole attack.
C. Use BeEF.
D. Use browser autopwn.

Correct Answer: A

QUESTION 3
A company that requires minimal disruption to its daily activities needs a penetration tester to perform
information gathering around the company’s web presence. Which of the following would the tester find MOST
helpful in the initial information-gathering steps? (Choose two.)

A. IP addresses and subdomains
B. Zone transfers
C. DNS forward and reverse lookups
D. Internet search engines
E. Externally facing open ports
F. Shodan results

Correct Answer: AB

QUESTION 4
A penetration tester discovers that a web server within the scope of the engagement has already been
compromised with a backdoor. Which of the following should the penetration tester do NEXT?

A. Forensically acquire the backdoor Trojan and perform attribution
B. Utilize the backdoor in support of the engagement
C. Continue the engagement and include the backdoor finding in the final report
D. Inform the customer immediately about the backdoor

Correct Answer: C

QUESTION 5
Which of the following are the MOST important items to include in the final report for a penetration test? (Choose two.)

A. The CVSS score of the finding
B. The network location of the vulnerable device
C. The vulnerability identifier
D. The client acceptance form
E. The name of the person who found the flaw
F. The tool used to find the issue

Correct Answer: CF

QUESTION 6
A penetration tester who is performing a physical assessment of a company’s security practices notices the
company does not have any shredders inside the office building. Which of the following techniques would be
BEST to use to gain confidential information?

A. Badge cloning
B. Dumpster diving
C. Tailgating
D. Shoulder surfing

Correct Answer: B

QUESTION 7
A penetration tester conducted an assessment on a web server. The logs from this session show the
following:
https:://www.thecompanydomain.com/servicestatus.php?serviceID=892&serviceID=892 ‘ ;
DROP TABLE SERVICES; —
Which of the following attacks is being attempted?

A. Clickjacking
B. Session hijacking
C. Parameter pollution
D. Cookie hijacking
E. Cross-site scripting

Correct Answer: C

Actualkey CompTIA PT1-002 Exam pdf, Certkingdom CompTIA PT1-002 PDF

MCTS Training, MCITP Trainnig

Best CompTIA PT1-002 Certification, CompTIA PT1-002 Training at certkingdom.com