CompTIA: CompTIA PenTest+ PT0-002

CompTIA PenTest+ PT0-002 E-Learning

Die CompTIA PenTest + PTO-002-Zertifizierung bestätigt, dass erfolgreiche Kandidaten über die Kenntnisse und Fähigkeiten verfügen, die erforderlich sind, um eine Bewertung zu planen und durchzuführen, gesetzliche und Compliance-Anforderungen zu verstehen, Schwachstellenscans und Penetrationstests durchzuführen, Daten zu analysieren und die Ergebnisse effektiv zu melden und zu kommunizieren.

Kursinhalt

CompTIA PenTest+ (PT0-002): Professionalism & Integrity

Course: 1 Hour, 9 Minutes

• Course Overview
• Performing Background Checks
• Adhering to the Scope of Engagement
• Activity Deemed Criminal in Nature
• Reporting Security Breaches and Suspicious Activity
• Limiting Tool Selection
• Limiting Invasiveness
• Maintaining Confidentiality of Data
• Penetration Tester Risks
• Course Summary

CompTIA PenTest+ (PT0-002): Passive Reconnaissance

Course: 1 Hour, 18 Minutes

• Course Overview
• DNS Information Gathering
• Developing and Maintaining Technical Contacts
• Identifying Administrator Contacts
• Cloud vs. Self-hosted Reconnaissance
• Social Media Scraping Techniques
• Cryptographic Flaws and Vulnerabilities
• Developing Company Reputation
• Passive Reconnaissance Data
• Open Source Intelligence
• Course Summary

CompTIA PenTest+ (PT0-002): Active Reconnaissance

Course: 1 Hour, 15 Minutes

• Course Overview
• Active Reconnaissance Enumeration
• Web Site Reconnaissance Techniques
• Packet Crafting and Scapy Packet Manipulation
• Defense Detection Techniques
• Active Reconnaissance Tokens
• Wardriving Techniques
• Network Traffic Reconnaissance
• Cloud Asset Discovery
• Third-party Hosted Services
• Active Fingerprinting Techniques
• Reconnaissance Output Analysis
• Course Summary

CompTIA PenTest+ (PT0-002): Vulnerability Scanning

Course: 1 Hour, 30 Minutes

• Course Overview
• Vulnerability Scanning Practices
• Scanning Targets for Vulnerabilities
• Scan Settings and Common Configurations
• Scanning Methods and Best Practices
• Nmap Commands for Penetration Testing
• Vulnerability Testing Tools
• Application and Container Scanning
• Asset Categorization
• Adjudication and Prioritization
• Common Scanning Themes
• Performing Vulnerability Scans
• Performing Scan Analysis
• Course Summary

CompTIA PenTest+ (PT0-002): Network Attacks & Exploits

Course: 2 Hours, 7 Minutes

• Course Overview
• Stress Testing for Availability
• Exploit Resources and Tools
• ARP Poisoning Attacks
• Exploit Chaining
• Common Password Attacks
• On-path Attacks
• Kerberoasting Network Attacks
• DNS Cache Poisoning
• Virtual Local Area Network Hopping
• Network Access Control Bypass
• Media Access Control Spoofing
• Link-local Multicast Name Resolution
• New Technology LAN Manager Relay Attacks
• SNMP and SMTP Exploits
• Denial of Service Attacks
• FTP and DNS Exploits
• Network Attack Tools
• Course Summary

CompTIA PenTest+ (PT0-002): Wireless Attacks

Course: 1 Hour, 10 Minutes

• Course Overview
• Wireless Attack Methods
• Evil Twin Attacks
• Captive Portal Attacks
• Wireless Bluejacking
• Wireless Bluesnarfing
• Radio-frequency Identification Cloning
• Bluetooth Low Energy Attacks
• Wireless Amplification Attacks
• Wi-Fi Protected Setup PIN Attack
• Cloning, Jamming, and Repeating
• Wireless Attack Tools
• Course Summary

CompTIA PenTest+ (PT0-002): Application-based Attacks

Course: 1 Hour, 25 Minutes

• Course Overview
• OWASP Security Risks
• Server-side Request Forgery
• Business Logic Vulnerabilities
• Structured Query Language Injection Attacks
• Command Injection Attacks
• Cross-site Scripting Attacks
• Lightweight Directory Access Protocol Injection
• Common Application Vulnerabilities
• Application-based Session Attacks
• Application Programming Interface Attacks
• Directory Traversal Attacks
• Application-based Attack Tools
• Application-based Attack Resources
• Course Summary

CompTIA PenTest+ (PT0-002): Attacks on Cloud Technologies

Course: 1 Hour, 13 Minutes

• Course Overview
• Credential Harvesting
• Privilege Escalation Attacks
• Account Takeover Attacks
• Metadata Service Attacks
• Cloud Asset Misconfigurations
• Cloud Resource Exhaustion
• Cloud Malware Injection Attacks
• Denial of Service Attacks
• Side-channel Attacks
• Direct-to-Origin Attacks
• Software Development Kit
• Course Summary

CompTIA PenTest+ (PT0-002): Attacks on Specialized Systems

Course: 1 Hour, 15 Minutes

• Course Overview
• Protect against Mobile Attacks
• Common Mobile Vulnerabilities
• Mobile Attack Tools
• Internet of Things Devices
• Data Storage System Vulnerabilities
• Management Interface Vulnerabilities
• Industrial System Vulnerabilities
• Virtual Environment Vulnerabilities
• Container Workload Vulnerabilities
• Course Summary

CompTIA PenTest+ (PT0-002): Social Engineering Attacks

Course: 1 Hour, 51 Minutes

• Course Overview
• The Pretexting Phase of Social Engineering
• E-mail Phishing Attacks
• Short Message Service Phishing
• USB Drop Attacks
• Vishing Attack Methods
• Watering Hole Attacks
• Tailgating Attacks
• Dumpster Diving Attacks
• Shoulder Surfing
• Badge Cloning
• Impersonation Attacks
• Social Engineering Attack Tools
• Social Engineering Methods of Influence
• Course Summary

CompTIA PenTest+ (PT0-002): Post-Exploitation Techniques

Course: 1 Hour, 6 Minutes

• Course Overview
• Performing Post-exploitation Using Empire
• Using Mimikatz for Post-exploitation
• Using the BloodHound Post-exploitation Tool
• Lateral Movement Techniques
• Network Segmentation Testing
• Privilege Escalation
• Restrictive Shell Upgrades
• Footholds and Persistence
• Detection Avoidance
• Enumeration Techniques
• Course Summary

CompTIA PenTest+ (PT0-002): Written Reports

Course: 1 Hour, 25 Minutes

• Course Overview
• Report Audience
• Report Contents
• Securing Storage and Distribution of Reports
• Note Taking and Documentation
• Common Themes and Root Causes
• Technical Control Recommendations
• Administrative Control Recommendations
• Operational Control Recommendations
• Course Summary

CompTIA PenTest+ (PT0-002): Communication & Post-Report Activities

Course: 50 Minutes

• Course Overview
• Active Reconnaissance Enumeration
• Web Site Reconnaissance Techniques
• Packet Crafting and Scapy Packet Manipulation
• Defense Detection Techniques
• Active Reconnaissance Tokens
• Wardriving Techniques
• Network Traffic Reconnaissance
• Cloud Asset Discovery
• Third-party Hosted Services
• Active Fingerprinting Techniques
• Reconnaissance Output Analysis
• Course Summary

CompTIA PenTest+ (PT0-002): Analyzing Tool & Script Output

Course: 1 Hour, 14 Minutes

• Course Overview
• Logic Constructs Concepts
• Data Structure Analysis
• Library Concepts
• Classes in Scripting
• Procedures in Scripts
• Functions in Scripting
• Bash and PowerShell Shells
• Programming Languages
• Exploit Code Analysis
• Implementing Automation
• Course Summary

CompTIA PenTest+ (PT0-002): Penetration Testing Tools

Course: 1 Hour, 44 Minutes

• Course Overview
• Comparing Use Cases
• Using Nmap for Information Gathering
• Working with Scanner Tools
• Working with Credential Testing Tools
• Debuggers and Software Assurance Tools
• OSINT Tools
• Wireless Networking Tools
• Networking Tools
• Web Application Tools
• Using Remote Access Tools
• Social Engineering Tools
• Miscellaneous Tools
• Steganography Tools
• Cloud Tools
• Course Summary