Comptia Pentest pt0 002 Exam Objectives (8 0)
Comptia Pentest pt0 002 Exam Objectives (8 0)
Comptia Pentest pt0 002 Exam Objectives (8 0)
Certification
Exam Objectives
EXAM NUMBER: PT0-002
About the Exam
Candidates are encouraged to use this document to help prepare for the CompTIA
PenTest+ (PT0-002) certification exam. The CompTIA PenTest+ certification exam will
verify the successful candidate has the knowledge and skills required to:
• Plan and scope a penetration testing engagement
• Understand legal and compliance requirements
• Perform vulnerability scanning and penetration testing using appropriate
tools and techniques, and then analyze the results
• Produce a written report containing proposed remediation techniques, effectively
communicate results to the management team, and provide practical recommendations
This is equivalent to three to four years of hands-on experience working
in a security consultant or penetration tester job role.
These content examples are meant to clarify the test objectives and should not be
construed as a comprehensive listing of all the content of this examination.
EXAM ACCREDITATION
The CompTIA PenTest+ (PT0-002) exam is accredited by ANSI to show compliance with the ISO 17024
standard and, as such, undergoes regular reviews and updates to the exam objectives.
EXAM DEVELOPMENT
CompTIA exams result from subject-matter expert workshops and industry-wide survey
results regarding the skills and knowledge required of an IT professional.
CompTIA AUTHORIZED MATERIALS USE POLICY
CompTIA Certifications, LLC is not affiliated with and does not authorize, endorse, or condone utilizing any
content provided by unauthorized third-party training sites (aka “brain dumps”). Individuals who utilize
such materials in preparation for any CompTIA examination will have their certifications revoked and be
suspended from future testing in accordance with the CompTIA Candidate Agreement. In an effort to more
clearly communicate CompTIA’s exam policies on use of unauthorized study materials, CompTIA directs
all certification candidates to the CompTIA Certification Exam Policies. Please review all CompTIA policies
before beginning the study process for any CompTIA exam. Candidates will be required to abide by the
CompTIA Candidate Agreement. If a candidate has a question as to whether study materials are considered
unauthorized (aka “brain dumps”), they should contact CompTIA at [email protected] to confirm.
PLEASE NOTE
The lists of examples provided in bulleted format are not exhaustive lists. Other examples of
technologies, processes, or tasks pertaining to each objective may also be included on the exam
although not listed or covered in this objectives document. CompTIA is constantly reviewing the
content of our exams and updating test questions to be sure our exams are current, and the security
of the questions is protected. When necessary, we will publish updated exams based on existing
exam objectives. Please know that all related exam preparation materials will still be valid.
CompTIA PenTest+ Certification Exam Objectives Version 8.0 (Exam Number: PT0-002)
Copyright © 2020 CompTIA, Inc. All rights reserved.
TEST DETAILS
Required exam PT0-002
Number of questions Maximum of 85
Types of questions Multiple-choice and performance-based
Length of test 165 minutes
Recommended experience 3–4 years of hands-on experience performing
penetration tests, vulnerability assessments,
and code analysis
Passing score 750 (on a scale of 100-900)
Total 100%
CompTIA PenTest+ Certification Exam Objectives Version 8.0 (Exam Number: PT0-002)
Copyright © 2020 CompTIA, Inc. All rights reserved.
1.0 Planning and Scoping
1.1 Compare and contrast governance, risk, and compliance concepts.
• Regulatory compliance considerations - Tool restrictions - Statement of work
- Payment Card Industry Data - Local laws - Non-disclosure agreement (NDA)
Security Standard (PCI DSS) - Local government requirements - Master service agreement
- General Data Protection - Privacy requirements • Permission to attack
Regulation (GDPR) • Legal concepts
• Location restrictions - Service-level agreement (SLA)
- Country limitations - Confidentiality
CompTIA PenTest+ Certification Exam Objectives Version 8.0 (Exam Number: PT0-002)
Copyright © 2020 CompTIA, Inc. All rights reserved.
2.0 Information Gathering
and Vulnerability Scanning
2.1 Given a scenario, perform passive reconnaissance.
• DNS lookups • Company reputation/security posture • Open-source intelligence (OSINT)
• Identify technical contacts • Data - Tools
• Administrator contacts - Password dumps - Shodan
• Cloud vs. self-hosted - File metadata - Recon-ng
• Social media scraping - Strategic search engine - Sources
- Key contacts/job responsibilities analysis/enumeration - Common weakness
- Job listing/technology stack - Website archive/caching enumeration (CWE)
• Cryptographic flaws - Public source-code repositories - Common vulnerabilities
- Secure Sockets Layer (SSL) certificates and exposures (CVE)
- Revocation
CompTIA PenTest+ Certification Exam Objectives Version 8.0 (Exam Number: PT0-002)
Copyright © 2020 CompTIA, Inc. All rights reserved.
2.0 Information Gathering and Vulnerability Scanning
CompTIA PenTest+ Certification Exam Objectives Version 8.0 (Exam Number: PT0-002)
Copyright © 2020 CompTIA, Inc. All rights reserved.
3.0 Attacks and Exploits
3.1 Given a scenario, research attack vectors and perform network attacks.
• Stress testing for availability - DNS cache poisoning
• Exploit resources - Virtual local area network
- Exploit database (DB) (VLAN) hopping
- Packet storm - Network access control (NAC) bypass
• Attacks - Media access control (MAC) spoofing
- ARP poisoning - Link-Local Multicast Name
- Exploit chaining Resolution (LLMNR)/NetBIOS-
- Password attacks Name Service (NBT-NS) poisoning
- Password spraying - New Technology LAN Manager
- Hash cracking (NTLM) relay attacks
- Brute force • Tools
- Dictionary - Metasploit
- On-path (previously known - Netcat
as man-in-the-middle) - Nmap
- Kerberoasting
3.2 Given a scenario, research attack vectors and perform wireless attacks.
• Attack methods - Captive portal
- Eavesdropping - Bluejacking
- Data modification - Bluesnarfing
- Data corruption - Radio-frequency identification
- Relay attacks (RFID) cloning
- Spoofing - Bluetooth Low Energy (BLE) attack
- Deauthentication - Amplification attacks [Near-
- Jamming field communication (NFC)]
- Capture handshakes - WiFi protected setup (WPS) PIN attack
- On-path • Tools
• Attacks - Aircrack-ng suite
- Evil twin - Amplified antenna
CompTIA PenTest+ Certification Exam Objectives Version 8.0 (Exam Number: PT0-002)
Copyright © 2020 CompTIA, Inc. All rights reserved.
3.0 Attacks and Exploits
CompTIA PenTest+ Certification Exam Objectives Version 8.0 (Exam Number: PT0-002)
Copyright © 2020 CompTIA, Inc. All rights reserved.
3.0 Attacks and Exploits
CompTIA PenTest+ Certification Exam Objectives Version 8.0 (Exam Number: PT0-002)
Copyright © 2020 CompTIA, Inc. All rights reserved.
3.0 Attacks and Exploits
CompTIA PenTest+ Certification Exam Objectives Version 8.0 (Exam Number: PT0-002)
Copyright © 2020 CompTIA, Inc. All rights reserved.
4.0 Reporting and Communication
4.1 Compare and contrast important components of written reports.
• Report audience - Findings - Ongoing documentation during test
- C-suite - Risk rating (reference framework) - Screenshots
- Third-party stakeholders - Risk prioritization • Common themes/root causes
- Technical staff - Business impact analysis - Vulnerabilities
- Developers - Metrics and measures - Observations
• Report contents (** not - Remediation - Lack of best practices
in a particular order) - Conclusion
- Executive summary - Appendix
- Scope details • Storage time for report
- Methodology • Secure distribution
- Attack narrative • Note taking
CompTIA PenTest+ Certification Exam Objectives Version 8.0 (Exam Number: PT0-002)
Copyright © 2020 CompTIA, Inc. All rights reserved.
4.0 Reporting and Communication
CompTIA PenTest+ Certification Exam Objectives Version 8.0 (Exam Number: PT0-002)
Copyright © 2020 CompTIA, Inc. All rights reserved.
5.0 Tools and Code Analysis
5.1 Explain the basic concepts of scripting and software development.
• Logic constructs - Dictionaries
- Loops - Comma-separated values (CSV)
- Conditionals - Lists
- Boolean operator - Trees
- String operator • Libraries
- Arithmetic operator • Classes
• Data structures • Procedures
- JavaScript Object Notation (JSON) • Functions
- Key value
- Arrays
CompTIA PenTest+ Certification Exam Objectives Version 8.0 (Exam Number: PT0-002)
Copyright © 2020 CompTIA, Inc. All rights reserved.
5.0 Tools and Code Analysis
CompTIA PenTest+ Certification Exam Objectives Version 8.0 (Exam Number: PT0-002)
Copyright © 2020 CompTIA, Inc. All rights reserved.
PenTest+ (PT0-002) Acronym List
The following is a list of acronyms that appear on the CompTIA PenTest+ exam.
Candidates are encouraged to review the complete list and attain a working
knowledge of all listed acronyms as part of a comprehensive exam
preparation program.
CompTIA PenTest+ Certification Exam Objectives Version 8.0 (Exam Number: PT0-002)
Copyright © 2020 CompTIA, Inc. All rights reserved.
ACRONYM SPELLED OUT ACRONYM SPELLED OUT
NIST SP National Institute of Standards SSHD Solid-State Hybrid Drive
and Technology Special Publication SSID Service Set Identifier
NS Name Server SSL Secure Sockets Layer
NSE Nmap Scripting Engine SSO Single Sign-On
NTLM New Technology LAN Manager SUID Set User ID
NTP Network Time Protocol TCP Transmission Control Protocol
OpenVAS Open Vulnerability Assessment System TKIP Temporal Key Integrity Protocol
OS Operating System TLS Transport Layer Security
OSINT Open-source Intelligence TTL Time to Live
OSSTMM Open-source Security Testing TTPs Tactics, Techniques and Procedures
Methodology Manual UDP User Datagram Protocol
OWASP Open Web Application Security Project URL Uniform Resource Locator
PBKDF2 Password-Based Key Deviation Function 2 URI Uniform Resource Identifier
PCI DSS Payment Card Industry Data Security Standard USB Universal Serial Bus
PDF Portable Document Format UTF Unicode Transformation Format
PHP PHP: Hypertext Preprocessor VAS Vulnerability Assessment Scanner
PII Personal Identifiable Information VLAN Virtual Local Area Network
PKI Public Key Infrastructure VM Virtual Machine
PLC Programmable Logic Controller VoIP Voice over Internet Protocol
PS PowerShell VPN Virtual Private Network
PSK Pre-Shared Key VPS Virtual Private Server
PTES Penetration Testing Execution Standard WAF Web Application Firewall
RAT Remote Access Trojan WEP Wired Equivalent Privacy
RCE Remote Code Execution WiGLE Wireless Geographic Logging Engine
RDP Remote Desktop Protocol WinRM Windows Remote Management
REST Representational State Transfer WMI Windows Management Instrumentation
RF Radio Frequency WPA Wi-Fi Protected Access
RFC Request for Comment WPS Wi-Fi Protected Setup
RFID Radio-Frequency Identification XML Extensible Markup Language
ROE Rules of Engagement XML-RPC Extensible Markup Language-Remote
SCADA Supervisory Control and Data Acquisition Procedure Call
SCAP Security Content Automation Protocol XSS Cross-Site Scripting
SCP Secure Copy Protocol ZAP Zed Attack Proxy
SDK Software Development Kit
SDLC Software Development Life Cycle
SDR Software-defined Radio
SET Social Engineering Toolkit
SGID Set Group ID
SIEM Security Information and Event Management
SIP Session Initiation Protocol
SLA Service-level Agreement
SMB Server Message Block
S/MIME Secure/Multipurpose Internet Mail Extensions
SMS Short Message Service
SMTP Simple Mail Transfer Protocol
SNMP Simple Network Management Protocol
SOC Security Operations Center
SOW Statement of Work
SOX Sarbanes-Oxley
SQL Structured Query Language
SSD Solid-State Drive
SSH Secure Shell
CompTIA PenTest+ Certification Exam Objectives Version 8.0 (Exam Number: PT0-002)
Copyright © 2020 CompTIA, Inc. All rights reserved.
PenTest+ Proposed Hardware and Software List
CompTIA has included this sample list of hardware and software to assist
candidates as they prepare for the PenTest+ exam. This list may also be helpful for
training companies that wish to create a lab component to their training offering.
The bulleted lists below each topic are sample lists and are not exhaustive.
© 2020 CompTIA, Inc., used under license by CompTIA, Inc. All rights reserved. All certification programs and education related to such programs are operated
exclusively by CompTIA, Inc. CompTIA is a registered trademark of CompTIA, Inc. in the U.S. and internationally. Other brands and company names mentioned
herein may be trademarks or service marks of CompTIA, Inc. or of their respective owners. Reproduction or dissemination prohibited without the written consent
of CompTIA, Inc. Printed in the U.S. 08301-Nov2020