CompTIA Pentest+

Module 1: Planning and Scoping 

• Explain the importance of planning for an engagement
• Explain key legal concepts.
• Explain the importance of scoping an engagement properly.
• Explain the key aspects of compliance-based assessments.

Module 2: Information Gathering and Vulnerability Identification 

• Given a scenario, conduct information gathering using appropriate techniques
• Given a scenario, perform a vulnerability scan.
• Given a scenario, analyze vulnerability scan results
• Explain the process of leveraging information to prepare for exploitation.
• Explain weaknesses related to specialized systems

Module 3: Attacks and Exploits

• Compare and contrast social engineering attacks
• Given a scenario, exploit network-based vulnerabilities
• Given a scenario, exploit wireless and RF-based vulnerabilities
• Given a scenario, exploit application-based vulnerabilities
• Given a scenario, exploit local host vulnerabilities
• Summaries physical security attacks related to facilities
• Given a scenario, perform post-exploitation techniques

Module 4: Penetration Testing Tools

• Given a scenario, use Nmap to conduct information gathering exercises
• Compare and contrast various use cases of tools
• Given a scenario, analyse tool output or data related to a penetration test
• Given a scenario, analyze a basic script (limited to Bash, Python, Ruby, and PowerShell)

Module 5: Reporting and Communication 

• Given a scenario, use report writing and handling best practices
• Explain post-report delivery activities
• Given a scenario, recommend mitigation strategies for discovered vulnerabilities
• Explain the importance of communication during the penetration testing process