CERTIFICATION GUIDE

CompTIA

PenTest+
What is it?

CompTIA PenTest+ is a certification for intermediate

skills level cybersecurity professionals who are tasked
with hands-on penetration testing to identify, exploit,
report, and manage vulnerabilities on a network.
Why is it different? Exam #
PT0-001
• CompTIA PenTest+ is the only exam taken at a Pearson VUE testing center with both hands-on,
performance-based questions and multiple-choice, to ensure each candidate possesses the
Release Date
skills, knowledge, and ability to perform tasks on systems.
July 2018
• CompTIA PenTest+ exam not only covers hands-on penetration testing and vulnerability
assessment, but includes management skills used to plan, scope, and manage weaknesses,
Languages
not just exploit them.
English
• CompTIA PenTest+ is unique because our certification requires a candidate to demonstrate the
hands-on ability and knowledge to test devices in new environments such as the cloud and
CE Required?
mobile, in addition to traditional desktops and servers.
Yes

About the exam

PenTest+ assesses the most up-to-date penetration testing, and vulnerability assessment
and management skills necessary to determine the resiliency of the network against attacks.
Successful candidates will also have the intermediate skills and best practices required to
customize assessment frameworks to effectively collaborate on and report findings and
communicate recommended strategies to improve the overall state of IT security.

PenTest+ maps 100% to the NICE/NIST Cybersecurity Workforce Framework (NCWF) v2.0
Related Work Role of Vulnerability Assessment Analyst. This is used by the U.S. DoD for
determining cybersecurity work roles.
How does PenTest+ Compare to Alternatives?
Certification PenTest+
Performance-based
Yes
Questions
1 exam, 90 questions,
Exam Length
165 minutes
Experience Level Intermediate
Penetration testing and
Exam Focus
vulnerability assessment
Network+, Security+ or
equivalent knowledge.
Minimum of 3-4 years of
hands-on information secu-
Pre-requisites rity or related experience.
While there is no required
prerequisite, PenTest+ is intended
to follow CompTIA Security+ or
equivalent experience and has a
technical, hands-on focus.
CompTIA Certification Pathway
CompTIA certifications align with the skillsets needed to support and manage cybersecurity. Enter
where appropriate for you. Consider your experience and existing certifications or course of study.
PROFESSIONAL SKILLS
Offensive Security
EC-Council Certified GIAC Penetration
Certified Professional
Ethical Hacker (CEH) Tester (GPEN)
(OSCP)
No
A second exam, CEH
No Yes
(Practical) offers perfor-
mance-based questions
1 exam, 4 hours 1 exam, 3 hours 1 exam, 24 hours
Intermediate Intermediate Intermediate / Advanced
Real World-based with
Penetration Testing
Penetration testing a Lab and submitted
from a Business-value
report
CEH Training, 2 years Must first complete
information security the Penetration Testing
None
experience, with Kali Linux training
Endorsement course (self-paced)
“CompTIA PenTest+
exam is different
because it is not only
technical, but also
INFRASTRUCTURE PATHWAY demonstrates that
a candidate has the
ability to understand
and deliver results. A
manager could hire
a PenTest+ certified
individual and fully
trust that he or she
would alleviate day
to day operations.”
CYBERSECURITY PATHWAY Josh Skorich
Managing Principal
Technical Areas Covered in the Certification
Planning and Scoping
15%
• Explain the importance of planning
for an engagement
• Explain legal concepts
• Explain the key aspects of
compliance-based assessments
Penetration Testing Tools
17%
• Use NMAP to conduct information
gathering exercises
• Compare and contrast various use
cases of tools
• Analyze tool output or data related
to a penetration test
• Analyze a basic script (limited to:
Bash, Python, Ruby, PowerShell)
Information Gathering and Attacks and Exploits
Vulnerability Identification
22 % 30%
• Conduct information gathering using • Compare and contrast social
appropriate techniques engineering attacks
• Perform a vulnerability scan • Exploit network-based vulnerabilities
• Analyze vulnerability scan results • Exploit wireless and RF-based
vulnerabilities
• Explain the process of leveraging
information to prepare for exploitation • Exploit application-based vulnerabilities
• Explain weakness related to specialized • Exploit local host vulnerabilities
systems
• Summarize physical security attacks
related to facilities
• Perform post-exploitation techniques
Reporting and
Communication
16%
• Use report writing and handling best
practices
• Explain post-report delivery activities
• Recommend mitigation strategies for
discovered vulnerabilities
• Explain the importance of communi-
cation during the penetration testing
process
Organizations that contributed to the development of PenTest+ Top PenTest+ job roles

• Brotherhood Mutual • Integra LifeSciences • Penetration Tester

• Global Cyber Security
• SecureWorks
• North State Technology
Solutions
• BlackFire Consulting
• TransUnion
• Las Vegas Sands Corporation
• Enterprise Holdings • Vulnerability Tester
• Paylocity • Security Analyst (II)
• Johns Hopkins University • Vulnerability Assessment Analyst
Applied Physics Laboratory • Network Security Operations
• ASICS Corporation • Application Security Vulnerability

Research and Statistics

Fastest-Growing The U.S. Bureau of Labor Statistics predicts that roles requiring penetration
Job Category testing will be within the fastest-growing job category, with 28 percent
overall growth by 2026.1

Growing Priority The overall penetration testing market is estimated to grow 23.7 percent
by 2021.2

“PenTest+ demon-
strates knowledge
beyond entry-level
and that the indi-
vidual is competent
to add value within
a pentester team
immediately; this
person can hit the
ground running.”
Gavin Dennis
Senior IT Security
Consultant
Learn with CompTIA
Official CompTIA Content is the only study material exclusively developed by CompTIA for the
CompTIA certification candidate; no other content library covers all exam objectives for all
certifications. CompTIA eBooks and CertMaster Products have been developed with our Official
CompTIA Content to help you prepare for your CompTIA certification exams with confidence.
Learners now have everything they need to learn the material and ensure they are prepared for
the exam and their career.
Whether you are just starting to prepare and need comprehensive training with CertMaster
Learn, need a final review with CertMaster Practice, or need to renew your certification upon
expiration with CertMaster CE, CertMaster’s online training tools have you covered.

© 2018 CompTIA Properties, LLC, used under license by CompTIA Certifications, LLC. All rights reserved. All certification programs and education related to
such programs are operated exclusively by CompTIA Certifications, LLC. CompTIA is a registered trademark of CompTIA Properties, LLC in the U.S. and interna-
tionally. Other brands and company names mentioned herein may be trademarks or service marks of CompTIA Properties, LLC or of their respective owners.
Reproduction or dissemination prohibited without written consent of CompTIA Properties, LLC. Printed in the U.S. 05626-Aug2018