What is new with CompTIA PenTest+- PT0 002 - NetCom Learning.pdf

© 1998-2021 NetCom Learning www.netcomlearning.com info@netcomlearning.com 1-888-563-8266
|
|
|
|
What is New with
CompTIA Pentest+
PT0 002
NetCom Learning
Sheikh Raashid Javid
© Interested in training? Contact us! | www.netcomlearning.com | (888) 563-8266 | info@netcomlearning.com
1998-2022 NetCom Learning

|
|
|
|
Course Objectives
Scope organizational/customer requirements.
Define the rules of engagement.
Footprint and gather intelligence.
Evaluate human and physical vulnerabilities.
Prepare the vulnerability scan.
Scan logical vulnerabilities.
Analyze scan results.
Avoid detection and cover tracks.
Exploit the LAN and cloud.
Test wireless networks.
Target mobile devices.
Attack specialized systems.
Perform web application-based attacks.
Perform system hacking.
Script and software development.
Leverage the attack: pivot and penetrate.
Communicate during the Pentesting process
Summarize report components.
Recommend remediation.
Perform post-report delivery activities.

|
|
|
|
Table of Contents
Lesson 1: Scoping Organizational/Customer Requirements
Lesson 2: Defining the Rules of Engagement
Lesson 3: Footprinting and Gathering Intelligence
Lesson 4: Evaluating Human and Physical Vulnerabilities
Lesson 5: Preparing the Vulnerability Scan
Lesson 6: Scanning Logical Vulnerabilities
Lesson 7: Analyzing Scanning Results
Lesson 8: Avoiding Detection and Covering Tracks
Lesson 9: Exploiting the LAN and Cloud
Lesson 10: Testing Wireless Networks
Exam PT0-002
Lesson 11: Targeting Mobile Devices
Lesson 12: Attacking Specialized Systems
Lesson 13: Web Application-Based Attacks
Lesson 14: Performing System Hacking
Lesson 15: Scripting and Software Development
Lesson 16: Leveraging the Attack: Pivot and Penetrate
Lesson 17: Communicating During the Pentesting Process
Lesson 18: Summarizing Report Components
Lesson 19: Recommending Remediation
Lesson 20: Performing Post-Report Delivery Activities

|
|
|
|
Exam Details
Exam Code PT0-002
Launch Date October 28, 2021
Exam Description
The CompTIA PenTest+ will certify the successful candidate has the knowledge and skills required
to plan and scope a penetration testing engagement including vulnerability scanning, understand
legal and compliance requirements, analyze results, and produce a written report with
remediation techniques.
Number of Questions Maximum of 85 questions
Type of Questions Performance-based and multiple choice
Length of Test 165 minutes
Passing Score 750 (on a scale of 100-900)
Recommended
Experience
Network+, Security+ or equivalent knowledge. Minimum of 3-4 years of hands-on information
security or related experience. While there is no required prerequisite, PenTest+ is intended to
follow CompTIA Security+ or equivalent experience and has a technical, hands-on focus.

|
|
Labs
1. Exploring the Lab Environment
2. Exploring the Domain Tools: Nslookup, Dig and Whois
3. Navigating Open-Source Intelligence Tools
4. Understanding Social Engineering Toolkit (SET)
5. Understanding Spear Phishing and Credentials Attack
6. Exploring OpenVAS
7. Using Web Scanners
8. Understanding Nmap Common Usage
9. Scanning a Vulnerable System
10. Understanding Scan Output
11. Navigating Steganography Tools
12. Demonstrating Enumeration Techniques
13. Exploring the Basics of Metasploit
14. Using VSFTP Manual and Metasploit
15. Monitoring with Aircrack-ng
16. Discovering IoT devices with Shodan
17. Using SQL Injection
18. Using Reverse and Bind Shells
19. Analyzing Exploit Code
20. Exploring Programming Shells
21. Applying PenTest Automation
22. Exploring Password Attacks with John the Ripper and
Hydra

|
|
|
|
Lesson 1
Scoping Organizational/Customer Requirements
Controls
• Administrative controls are security measures
implemented to monitor the adherence to
organizational policies and procedures
• Physical controls restrict, detect and monitor
access to specific physical areas or assets
• Technical or logical controls automate
protection to prevent unauthorized access or
misuse, and include Access Control Lists (ACL),
IDS, IPS
• All controls should use the Principle of Least
Privilege
Reducing Overall Risk Comparing steps taken during PenTesting
Meeting Compliance
Requirements
PCI DSS, HIPAA, GDPR
Understanding PenTesting
Frameworks
▪ Open Web Application Security Project
▪ Evaluating Resources at NIST
▪ Open-source Security Testing Methodology
Manual (OSSTMM).
▪ Information Systems Security Assessment
Framework (ISSAF),
▪ Penetration Testing Execution Standard
(PTES)
▪ Utilizing MITRE ATT&CK
Describe Ways to Maintain Professionalism
• Background Checks of the Team
• Identify and Report Criminal Activity
• Maintaining Confidentiality

|
|
|
|
Lesson 2
Defining the Rules of Engagement
• Assess Environmental Considerations
• Definingthe Project Scope
• Assessing the Network
• Evaluating Web and/or Mobile Applications
• Testing Cloud Resources
• Identifying Restrictions
• Recognizing Country, State, and Local Laws
• Regulating the Use of Tools
• Providing the Details
• Adhering to a Timeline
• Selecting a strategy- White, Grey or Black Box
• Preparing Legal Documents
• Sign a Nondisclosure agreement (NDA).
• The Master Service Agreement (MSA) is a contract that establishes precedence and guidelines for any business
documents that are executed between two parties
• The Statement of Work (SOW) is a document that defines the expectations for a specific business arrangement
• SLA

|
|
|
|
Lesson 3
Footprinting and Gathering Intelligence
• Discover the Target
• Gathering Information
• Identifying Organizational Contacts
• Scraping Social Media
• Scouring Job Listings
• Examining DNS Information
• Gather Essential Data
• Using Public Source-Optimizing Search Results-
Archived Websites- Searching for Images
• Compile Website Information
• Enumerating the Target’s Website
• Investigating the Website
• OSINT Tools
• Metagoofil
• FOCA (Fingerprinting Organizations with Collected
Archives)
• theHarvester
• Recon-ng
• Maltego
• Shodan

|
|
|
|
Lesson 4
Evaluating Human and Physical Vulnerabilities
• Exploit the Human Psyche
• Using Social Engineering
• Phishing-Pharming
• Spam-Vishing- SMiShing
• Impersonation
• Exploiting Physical Security
• Circumventing Security
• Scaling Fences
• Detecting Motion
• Cloning a Badge
• Gaining Access
• Bypassing Locks
• Tailgating and Piggybacking
• Dumpster diving
• Shoulder surfing
• The Social Engineering Toolkit (SET)

|
|
|
|
Lesson 5
Preparing the Vulnerability Plan
• Plan the Vulnerability Scan
• Understanding Vulnerabilities
• Exploiting the Unknown
• Reducing Risks to Data
• Performing Active Reconnaissance
• Banner Grabbing
• Mapping the Network
• Detect Defenses
• Identifying Load Balancers, Firewalls, Antivirus
• Utilize Scanning Tools
• Shodan, Censys
• Nessus, OpenVAS, Nikto
Lifecycle of a vulnerability

|
|
|
|
Lesson 6
Scanning Logical Vulnerabilities
• Scan Identified Targets
• Different Types of Scans
• Discovering Network Hosts
• Scanning Ports- Full Scan, Stealth Scan
• Assessing Vulnerable Web Applications
• Crawling Web Applications
• Automating Vulnerability Scanning
• Security Content Automation Protocol (SCAP)
• Evaluate Network Traffic
• Sniffing Using Wireshark
• Scanning With Nessus
• Gathering ARP Traffic
• Uncover Wireless Assets
• War Driving Open Access Points
• Mapping WAP Using WiGLE

|
|
|
|
Lesson 7
Analyzing Scanning Results
• Discover Nmap and NSE
• Timingand Performance Considerations
• Using TCP or UDP
• Scripting with Nmap
• Enumerate Network Hosts
• Detecting Interesting Hosts
• Fingerprinting the OS
• Analyze Output from Scans
• Examining Network Traffic
• Reporting With Nmap
• Interfacing With Zenmap
• Exposing Vulnerable Web Servers Topology of a network as shown in Zenmap

|
|
|
|
Lesson 8
Avoiding Detection and Covering Tracks
• Evade Detection
• Flying Under the Radar
• Spoofing
• Using a Decoy
• Covering your tracks
• Using Steganography
• Steghide
• OpenStego
• Establish a covert channel
• Remote Access
• Using Secure Shell
• Using Proxy OpenStego

|
|
|
|
Lesson 9
Exploiting the LAN and Cloud
• Enumerating Hosts
• Enumerating Websites
• Nmap Scripts
• Attack LAN Protocols
• Macof attack
• MITM Attack
• Pass the hash
• Exploit Tools
• Metasploit
• Armitage
• Discover Cloud Vulnerabilities
• Configuring Cloud Assets
• Understanding Storage Vulnerabilities
• Controlling Identity and Access
Management
• Explore Cloud-Based Attacks
• Attacking the Cloud
• Harvesting Credentials
• DoS Attack
• Auditing the Cloud
• ScoutSuite
• Testing with Pacu

|
|
|
|
Lesson 10
Testing Wireless Networks
• DiscoverWirelessAttacks
• Securing Wireless Transmissions
• Gathering the Signals
• Cracking the Password or PIN
• MITM Attack, Evil Twin
• Explore Wireless Tools
• Aircrack-ng
• Kismet
• Wifite2
Fern Wi-Fi cracker

|
|
|
|
Lesson 11
Targeting Mobile Devices
• Recognize Mobile Device Vulnerabilities
• Deployment Models
• Controlling Access
• Enterprise mobility management (EMM)
• Identifying Vulnerabilities- jailbreak
• Launch Attacks on Mobile Devices
• Spyware, Trojans, Rootkits, Virus, Worm
• Social engineering
• Hacking a Bluetooth Signal
• Assessment Tools
• Kali Linux
• Mobile Security Framework (MobSF)
• Mobile Security Testing Guide (MSTG).
Using social engineering on a mobile phone

|
|
|
|
Lesson 12
Attacking Specialized Systems
• Identify Attacks on the IoT
• Discovering the IoT
• Outlining Vulnerabilities
• Triggering an Attack
• Recognize Other Vulnerable Systems
• Understanding Data Storage Systems
• Securing Control Systems
• Virtual Machine Vulnerabilities
• Outlining Virtual Environments
• Recognizing Vulnerabilities
• VM Sprawl
• Hyper jacking the Hypervisor IoT ecosystem

|
|
|
|
Lesson 13
Web Application Based Attacks
• Recognize Web Vulnerabilities
• OWASP Top 10
• Attacks
• Session Hijacking
• CSRF
• Escalating Privilege
• SQL Injection
• Directory traversal
• XSS
• Overview of Tools
• Browser Exploitation Framework
• WPScan
• SQLmap
• SearchSploit
SearchSploit

|
|
|
|
Lesson 14
Performing System Hacking
• System Hacking
• PowerShell Scripts
• Use Remote Access Tools
• SSH, Telnet, rlogin
• Metasploit Framework
Metasploit msvenom script creation

|
|
|
|
Lesson 15
Scripting and Software Development
• Analyzing Scripts and Code Samples
• Automating Tasks Using Scripting
• Bash Shell
• PowerShell cmdlets
• Python, Ruby, Perl, JavaScript
• Create Logic Constructs
• Describing Variables
• Applying Logic and Flow Control
• Operators
• Automate Penetration Testing
• Scanning Port Using Automation
• Acquiring Scripts and Tools

|
|
|
|
Lesson 16
Leveraging the Attack: Pivot and Penetrate
• Test Credentials
• Comparing Password Attacks
• Attacking Windows & Linux Passwords
• Password Cracking Tools
• Move Throughout the System
• Metasploit
• Lateral movement
• Obtaining the Hash
• Escalating Privilege
• Maintain Persistence
• Using Backdoors and Trojans
• Scheduling Tasks
Dumping Hashes

|
|
|
|
Lesson 17
Communicating During the Pentesting Protest
• Define the Communication Path
• Outlining the Communication Path
• Defining Contacts
• Communication Triggers
• Triggering Communication Events
• Recognizing Criminal Activity
• Identifying False Positives
• Use Built-In Tools for Reporting
• Sharing Findings with Dradis
• Building Reports with Nessus
An example of Tenable's Nessus' platform.

|
|
|
|
Lesson 18
Summarizing Report Components
• Identify Report Audience
• Reporting to Senior Management
• Including Third-Party Stakeholders
• Sharing Information with Technical Staff
• Providing Details to Developers
• List Report Contents
• Defining the Executive Summary
• Stepping Through the Methodology
• Detailing the Attack Narrative
• Determining Risk Appetite
• Analyzing Business Impact
• Suggesting Remediation
• Define Best Practices for Reports
• Storing Reports
• Securing Report Distribution
• Ongoing Documentation During Tests
• Grabbing Screenshots
• Outlining Best Practices

|
|
|
|
Lesson 19
Recommending Remediation
• EmployTechnical Controls
• Hardening the Systems
• Implementing Multifactor Authentication
• Encrypting Passwords
• Patch management
• Certificate management
• Administrative and Operational Controls
• Implementing Policies and Procedures
• Enforcing Minimum Password Requirements
• Managing Organizational Mobile Devices
• Implementing People Security Controls
• Outlining Other Operational Considerations
• Job Rotation
• Time of Day Restrictions
• Mandatory Vacations
• User Training
• Physical Controls
• Controlling Access to Buildings
• Employing Biometric Controls
• Utilizing Video Surveillance

|
|
|
|
Lesson 20
Performing Post-Report Delivery Activities
• Post-Engagement Cleanup
• Removing Shells
• Deleting Test Credentials
• Eliminating Tools
• Destroying Test Data
• Follow-Up Actions
• Gaining the Client’s Acceptance
• Confirming the Findings
• Planning the Retest
• Reviewing Lessons Learned

|
|
| |
To watch the recorded webinar video for live demos, please access the link:
https://bit.ly/3jTzhV7
RECORDED WEBINAR VIDEO

|
|
ABOUT NETCOM LEARNING
NetCom Learningis an award-winning
global leader in managedlearning
services, training and talentdevelopment.
Founded : 1998
Headquarters : NewYorkCity
Delivery Capability : Worldwide
CEO : RussellSarder
100K+
Professionals
trained
| |
14K+
C
orporate
clients
3500
IT,Business&
Soft Skillscourses
96%
Of customers
recommend usto others
8.6/9
Instructor
evaluations
20+
Leadingvendors
recognitions
Microsoft’s
Worldwidetraining
partner of the year
80%
Trainedofthe
Fortune100
T
op20
ITTraining
Company
|
|

|
|
RECOMMENDED COURSES AND MARKETING ASSETS
NetCom Learning offers a comprehensive portfolio for Security
» COMPTIA PENTEST+ CERTIFICATION PREP (EXAM PT0-002) - Class Scheduled on May 16
» CompTIA Advanced Security Practitioner (CASP+) Certification Prep (Exam CAS-004) - Class Scheduled on May 23
» CompTIA A+ Certification Prep (Exam 220-1002) - Class Scheduled on May 16
» CompTIA Network+ Certification Prep (Exam N10-008) - Class Scheduled on May 09
| |
You can also access the below Marketing Assets
» Free 1hr Training - What Is New with CompTIA Network+ N10-008
» Free On-Demand Training - Learn the A to Z of IT Fundamentals with CompTIA A+ Certification
» Blog - CompTIA Certifications: A+ vs. Linux+

|
|
UPCOMING WEBINARS
▪ Microsoft 365 Master Class with FREE Access to Microsoft Official Curriculum (MS-900)
▪ AWS Discovery Day - An official introduction to the core concepts of cloud and AWS
▪ Microsoft Security, Compliance, and Identity Master Class with FREE Access to SC -900
MOC
▪ Visual Analytics: Best Practices, Sharing & Collaboration
▪ Designing the New Creative Experience for Businesses
▪ Microsoft 365: How to Build a Modern Digital Workplace
▪ AWS security: Getting started with cloud encryption
▪ What Is New with CompTIA Network+ N10-008
▪ CCNP Enterprise Networks: Move One Step Closer to Advanced Networking
▪ How to Mitigate Malware and Ransomware Attacks Efficiently
▪ How to Migrate and Modernize with Microsoft Azure
& More
| |
|
|

|
|
PROMOTIONS
Free Cybersecurity Training!
NetCom Learning brings an immersive two-hour, instructor-led Free Training on Cybersecurity that is designed to
help businesses understand the importance of Cybersecurity in today’s digital world and gain expert insights into
how security breaches can affect a business.. Learn More
| |
|
|

|
|
| |
|
|
PROMOTIONS
Explore The World Of Unlimited Training Subscription!
NetCom+ is a limitless 12-month subscription program. Attend over 500+ courses as from a range of authorized
training courses. Get access to bundled offerings of Virtual Instructor-Led courses, e-Learning, Discovery Days, and
On-Demand training via NetCom+ training subscription.. Save Now

|
|
PROMOTIONS
E- Learning To Skill Up !
Align and upskill your team via e-Learning to drive results! Our robust library includes Microsoft, Cisco, Citrix,
CompTIA, Autodesk, and more. Our e-Learning solutions allow perfect balance among work and upskilling,
without interrupting workflow. It’s all about saving time, quality learning, knowledge check, 24/7 availability.
Learn More
| |
|
|

|
|
PROMOTIONS
Access Your Passport To A Year Full Of Learning!
The NetCom Learning Passport is a flexible pre-pay training package allowing you to plan and manage your
teams’ annual training needs. With our Learning Passport, organizations get special pricing and extended
program options to simplify management. Equipped with this Passport, you make the most of your budget. It has
been specifically designed to specialize for the number of learners you plan to train.. Unlock Now
| |

|
|
PROMOTIONS
Worry-Free Training with Price Match Guarantee!
Our Price Match Guarantee ensures that we'll match the offers of any other authorized training provider if you
succeed at finding anyone offering the same publicly scheduled class within 30 days of our schedule at a lower
regular price.. Learn More
| |
|
|

|
|
BUILDING AN INNOVATIVE LEARNING ORG.
A BOOK FROM RUSSELL SARDER,
CEO AT NETCOM LEARNING
A framework to build a smarter
workforce, adapt to change and
drive growth.
DOWNLOADe-book
| |
|
|

What is new with CompTIA PenTest+- PT0 002 - NetCom Learning.pdf

More Related Content

Similar to What is new with CompTIA PenTest+- PT0 002 - NetCom Learning.pdf (20)

More from Tuan Yang (14)

Recently uploaded (20)

What is new with CompTIA PenTest+- PT0 002 - NetCom Learning.pdf