CompTIA PenTest+

As organizations scramble to protect themselves and their customers, the ability to conduct penetration testing is an emerging skill set that is becoming ever more valuable to the organizations seeking protection, and ever more lucrative for those who possess these skills. In this course, the CompTIA PenTest+ will certify the successful candidate has the knowledge and skills required to plan and scope a penetration testing engagement including vulnerability scanning, understand legal and compliance requirements, analyze results, and produce a written report with remediation techniques.


After completing this course, you will be able to plan, conduct, analyze, and report on penetration tests, including the ability to:

  • Plan and scope a penetration testing engagement
  • Understand legal and compliance requirements
  • Perform vulnerability scanning and penetration testing using appropriate tools and techniques, and then analyze the results
  • Produce a written report containing proposed remediation techniques, effectively communicate results to the management team, and provide practical recommendations
  • Network+, Security+ or equivalent knowledge. Minimum of 3-4 years of hands-on information security or related experience.

CompTIA PenTest+ is targeted at cybersecurity professionals responsible for hands-on penetration testing and vulnerability assessment. Some of the job roles that will benefit from this certification include:

  • Penetration Tester
  • Vulnerability Tester
  • Security Analyst (II)
  • Vulnerability Assessment Analyst
  • Network Security Operations
  • Application Security Vulnerability
1.1 Compare and contrast governance, risk, and compliance concepts.
1.2 Explain the importance of scoping and organizational/customer requirements.
1.3 Given a scenario, demonstrate an ethical hacking mindset by maintain professionalism and integrity.
2.1 Given a scenario, perform passive reconnaissance.
2.2 Given a scenario, perform active reconnaissance.
2.3 Given a scenario, analyze the results of a reconnaissance exercise.
2.4 Given a scenario, perform vulnerability scanning.
3.1 Given a scenario, research attack vectors and perform network attacks.
3.2 Given a scenario, research attack vectors and perform wireless attacks.
3.3 Given a scenario, research attack vectors and perform application-based attacks.
3.4 Given a scenario, research attack vectors and perform attacks on cloud technologies.
3.5 Explain common attacks and vulnerabilities against specialized systems.
3.6 Given a scenario, perform a social engineering or physical attack.
3.7 Given a scenario, perform post-exploitation techniques.
4.1 Compare and contrast important components of written reports.
4.2 Given a scenario, analyze the findings and recommend the appropriate remediation within a report.
4.3 Explain the importance of communication during the penetration testing process.
4.4 Explain post-report delivery activities.
5.1 Explain the basic concepts of scripting and software development.
5.2 Given a scenario, analyze a script or code sample for use in a penetration test.
5.3 Explain use cases of the following tools during the phases of a penetration test.
Length of exam 165 minutes
Number of questions Maximum of 85 questions
Question format Multiple choice and performance-based
Passing grade 750 (on a scale of 100-900)
Exam availability English, Japanese, Portuguese and Thai
Testing center Pearson VUE Testing Center