Title: Watch this Recorded IT Webinar-Getting Started With CompTIA PenTest+
1Getting Started With CompTIA PenTest
Patrick Lane NetCom Learning
www.netcomlearning.com info_at_netcomlearning.com
(888) 563 8266
2Agenda
- What is CompTIA PenTest?
- Cybersecurity career pathway
- PenTest exam objectives
- Partner and instructor resources
- QA
www.netcomlearning.com info_at_netcomlearning.com
(888) 563 8266
3What is CompTIA PenTest?
www.netcomlearning.com info_at_netcomlearning.com
(888) 563 8266
4CompTIA PenTest Certification
- CompTIA PenTest is a certification for
intermediate skills level cybersecurity
professionals who are tasked with hands-on
penetration testing to identify, exploit, report,
and manage vulnerabilities on a network. - PenTest assesses the most up-to-date penetration
testing, and vulnerability assessment and
management skills necessary to determine the
resiliency of the network against attacks.
Successful candidates will have the intermediate
skills and best practices required to customize
assessment frameworks to effectively collaborate
on and report findings, and communicate
recommended strategies to improve the overall
state of IT security. - Skills competence for key job roles
- Application Security Engineer
- Penetration Tester
- Vulnerability Tester
- Security Analyst (II)
- Network Security Operations
- Application Security Vulnerability
Domain of Exam
1.0 Planning and Scoping 15
2.0 Information Gathering and Vulnerability Identification 22
3.0 Attacks and Exploits 30
4.0 Penetration Testing Tools 17
5.0 Reporting and Communication 16
Total 100
www.netcomlearning.com info_at_netcomlearning.com
(888) 563 8266
5Why is it different?
- CompTIA PenTest is the only exam taken at a
Pearson VUE testing center with both hands-on,
performance-based questions and multiple-choice,
to ensure each candidate possesses the skills,
knowledge, and ability to perform tasks on
systems. - CompTIA PenTest exam not only covers hands-on
penetration testing and vulnerability
assessment, but includes management skills used
to plan, scope, and manage weaknesses, not just
exploit them. - CompTIA PenTest is unique because our
certification requires a candidate to
demonstrate the hands-on ability and knowledge to
test devices in new environments such as the
cloud and mobile, in addition to traditional
desktops and servers.
www.netcomlearning.com info_at_netcomlearning.com
(888) 563 8266
6Job Task Analysis (JTA) Participants
- Key JTA participants
- Brotherhood Mutual
- Global Cyber Security
- SecureWorks
- North State Technology Solutions
- BlackFire Consulting
- TransUnion
- Las Vegas Sands Corporation
- Integra LifeSciences
- Enterprise Holdings
- Paylocity
- Johns Hopkins University Applied Physics
Laboratory - ASICS Corporation
www.netcomlearning.com info_at_netcomlearning.com
(888) 563 8266
7PenTest Exam Information
Item Description
Exam code PT0-001
Launch Date July 31, 2018
Availability Worldwide
Pricing 346 USD
Testing Provider Pearson VUE Testing Centers
Question Types Performance based and multiple choice
No. of Questions TBD
Length of Test TBD
Passing Score TBD (on a scale of 100-900)
Languages English only
Recommended Experience Network, Security or equivalent knowledge.
CE Program, ISO/ANSI and DoD accreditation Yes, part of CE program. CompTIA will pursue ISO/ANSI 17024 and DoD 8140/8570 approval.
www.netcomlearning.com info_at_netcomlearning.com
(888) 563 8266
8Proposed Hardware/Software for Labs
- The CompTIA PenTest exam will include hands-on,
performance-based simulations. - To prepare for these performance-based
assessments, trainers, educators and publishers
should emphasize open-source tools and teamwork.
The following items were recommended by the
subject matter experts (SMEs) at the JTA and are
included in the exam objectives.
Software Hardware Tools
OS licensing Open source OS Penetration testing frameworks Virtual machine software Scanning tools Credential testing tools Debuggers Software assurance tools Wireless testing tools Web proxying tools Social engineering tools Remote access tools Network tools Mobility testing tools Laptops Wireless access points Servers Switches Cabling Monitors Firewalls HID/door access controls Wireless adapters capable of packet injection Directional antenna Mobile device SPARE HARDWARE Cables Keyboards Mouse Power supplies Dongles/adapters Lock pick kit Badge cloner Fingerprint lifter
These software/hardware/tools may or may not
appear on the exam. It is listed so that readers
may better understand the job role.
www.netcomlearning.com info_at_netcomlearning.com
(888) 563 8266
9Metasploit Example
www.netcomlearning.com info_at_netcomlearning.com
(888) 563 8266
10SET (Social Engineering Toolkit) Example
www.netcomlearning.com info_at_netcomlearning.com
(888) 563 8266
11Workforce Indicators
- The U.S. Bureau of Labor Statistics (BLS)
classifies the job role under Information
Security Analysts, which includes - Conduct penetration testing, which is when
analysts simulate attacks to look for
vulnerabilities in their systems before they can
be exploited - 2017 Median Pay 92,600 per year
- Number of Jobs Available 82,900
- Job Outlook 28 growth by 2026 (Much faster
than average)
- Cyberseek.org classifies the job role under
Penetration Vulnerability Tester, which
includes - 2017 Median Pay 98,000
- per year
- Number of Jobs Available 6,695
- (For comparison purposes, Cyberseek.org states
Cybersecurity Analyst open jobs at 19,017 jobs. - That identifies one pen tester / vulnerability
assessor job for every three security analyst
jobs.).
www.netcomlearning.com info_at_netcomlearning.com
(888) 563 8266
12Cybersecurity Career Pathway
www.netcomlearning.com info_at_netcomlearning.com
(888) 563 8266
13Cybersecurity Career Pathway with PenTest
www.netcomlearning.com info_at_netcomlearning.com
(888) 563 8266
14Lab concept for red team / blue team activities
Penetration testing (red team) and security
analyst (blue team) hands-on cybersecurity skills
are taught. For example
Red team
Blue team
Red team exploits are demonstrated
Blue team intrusion detection tools discover
the red team exploits
www.netcomlearning.com info_at_netcomlearning.com
(888) 563 8266
15PenTest Exam Domains
www.netcomlearning.com info_at_netcomlearning.com
(888) 563 8266
1615
PenTest Domain Objectives
1.0 Planning and Scoping
- Explain the importance of planning for an
engagement. - Explain key legal concepts.
- Explain the importance of scoping an engagement
properly. - Explain the key aspects of compliance-based
assessments.
www.netcomlearning.com info_at_netcomlearning.com
(888) 563 8266
1722
PenTest Domain Objectives
2.0 Information Gathering and Vulnerability
Identification
- Given a scenario, conduct information gathering
using appropriate techniques. - Given a scenario, perform a vulnerability scan.
- Given a scenario, analyze vulnerability scan
results. - Explain the process of leveraging information to
prepare for exploitation. - Explain weaknesses related to specialized systems.
www.netcomlearning.com info_at_netcomlearning.com
(888) 563 8266
1830
PenTest Domain Objectives
3.0 Attacks and Exploits
- Compare and contrast social engineering attacks.
- Given a scenario, exploit network-based
vulnerabilities. - Given a scenario, exploit wireless and RF-based
vulnerabilities. - Given a scenario, exploit application-based
vulnerabilities. - Given a scenario, exploit local host
vulnerabilities. - Summarize physical security attacks related to
facilities. - Given a scenario, perform post-exploitation
techniques.
www.netcomlearning.com info_at_netcomlearning.com
(888) 563 8266
194.0 Penetration Testing Tools
PenTest Domain Objectives
17
- Given a scenario, use Nmap to conduct information
gathering exercises. - Compare and contrast various use cases of tools.
- Given a scenario, analyze tool output or data
related to a penetration test. - Given a scenario, analyze a basic script (limited
to Bash, Python, Ruby, and PowerShell).
www.netcomlearning.com info_at_netcomlearning.com
(888) 563 8266
2016
PenTest Domain Objectives
5.0 Reporting and Communication
- Given a scenario, use report writing and handling
best practices. - Explain post-report delivery activities.
- Given a scenario, recommend mitigation strategies
for discovered vulnerabilities. - Explain the importance of communication during
the penetration testing process.
www.netcomlearning.com info_at_netcomlearning.com
(888) 563 8266
21Partner instructor resources
www.netcomlearning.com info_at_netcomlearning.com
(888) 563 8266
22Official CompTIA Content for PenTest
- Instructor-Led Training planned availability by
July 31 - Official CompTIA PenTest Instructor Guide (print
or eBook) - Official CompTIA PenTest Student Guide (print or
eBook) - LogicalLABS
- CompTIA CHOICE Platform
- eLearning fall 2018 availability, exact dates
TBD - CertMaster Learn
- CertMaster Practice
- CertMaster Labs
- Designed for self-paced audiences
www.netcomlearning.com info_at_netcomlearning.com
(888) 563 8266
23Features of Official Content
- Comprehensive Instructional Tools
- Robust Instructor Guide with presentation
planners, helpful tips, and solutions in the
margin - Class tested with real instructors before
publication - Resources within CompTIA Choice including PPT
slides - Focused on Job Roles and 100 Coverage of
Objectives - Lessons in the book align with real world job
objectives and scenarios - Activities require students knowledge into
practice (some align with Labs) - Appendix aligns content to exam objectives
- Flexible and Customizable Content Based on Course
Format - Instructor Guide references different course
formats and how presentation should be tailored - The CompTIA Choice platform is the one stop shop
for all resources for course including eBook,
instructor files, videos, assessments and labs
(if applicable) - Students get lifetime access
www.netcomlearning.com info_at_netcomlearning.com
(888) 563 8266
24CertMaster Suite
CompTIA Official Content can be purchased at
https//store.comptia.org/
www.netcomlearning.com info_at_netcomlearning.com
(888) 563 8266
25PenTest Train the Trainer (TTT)
- Complimentary Webinar Series
- The recorded sessions cover
- PenTest exam domains
- Comprehensive understanding of key pen testing
and vulnerability assessment concepts - Hands-on experience with key technology tools
used - by security professionals
- Instructional strategy to implement PenTest
- Preparation for PenTest certification
PenTest Train the Trainer (TTT) recorded
sessions are available on demand https//gateway.
on24.com/wcc/gateway/comptiainstructornet/1119137/
category/10121/pentest-ttt
www.netcomlearning.com info_at_netcomlearning.com
(888) 563 8266
26Partner Marketing Sales Tools
Partners.CompTIA.org
Resource Centers
Product Info
- Exam objectives
- Number of questions
- Length of test
- Passing score
- Languages
- Exam code
Presentations / Webinars
Logos Brand Guidelines
Product Guide
www.netcomlearning.com info_at_netcomlearning.com
(888) 563 8266
27Useful Links
Resource Location
Content Availability http//certification.comptia.org/Training/studymaterials.aspx
Classroom Training Availability http//www.comptiastore.com/ http//certification.comptia.org/Training/training.aspx
Exam Voucher Purchase http//www.comptiastore.com/ http//www.pearsonvue.com/vouchers/pricelist/comptia.asp
Exam Registration http//home.pearsonvue.com/test-taker.aspx
Partner Website http//partners.comptia.org
LinkedIn CompTIA Instructor Network https//www.linkedin.com/grp/home?gid8350296 CompTIA Certified Professionals Group https//www.linkedin.com/groups?homegid143484trkanet_ug_hm
Twitter _at_CompTIA https//twitter.com/comptia
YouTube https//www.youtube.com/CompTIATV
Facebook https//www.facebook.com/CompTIA 27
www.netcomlearning.com info_at_netcomlearning.com
(888) 563 8266
28Partner Launch Strategy
www.netcomlearning.com info_at_netcomlearning.com
(888) 563 8266
29- PenTest Partner Launch Strategy
- The PenTest exam will be available worldwide at
Pearson VUE on July 31, 2018. Although the exam
will be available everywhere, CompTIA will not
announce the release to the public until August
21, 2018, in order to help our partners prepare
to teach PenTest. - During the three-week period from July 31 to
August 21, please do the following - Certify your instructors in PenTest
- Guide your instructors to view the PenTest
train-the-trainer series - Select your courseware (July 31 CompTIA-branded
ILT e-book available) - Obtain, prepare and deliver hands-on labs
- Schedule PenTest courses and advertise on the
CompTIA Website by updating your instructor
information through the Partner Website
www.netcomlearning.com info_at_netcomlearning.com
(888) 563 8266
30Cybersecurity labs
- Three options
- Purchase certification-specific hands-on labs for
Security, CySA and PenTest. Guide students
through the labs in classroom assign as
homework. - Purchase a cyber range for red team (PenTest)
and blue team (CySA) labs and competitions. - Build your own labs (requires expert
cybersecurity instructor)
www.netcomlearning.com info_at_netcomlearning.com
(888) 563 8266
31Recorded Webinar Video
To watch the recorded webinar video for live
demos, please access the link https//bit.ly/2NSa
UbZ
www.netcomlearning.com info_at_netcomlearning.com
(888) 563 8266
32About NetCom Learning
www.netcomlearning.com info_at_netcomlearning.com
(888) 563 8266
33Recommended Courses
CompTIA PenTest Certification Prep (Exam
PT0-001) - Class scheduled on Oct 22 CompTIA
Security Certification - Class scheduled on Oct
22 CompTIA Cybersecurity Analyst (CySA)
Certification - Class scheduled on Oct 29
CompTIA Security Certification Prep Boot Camp -
Class scheduled on Oct 29 CompTIA Advanced
Security Practitioner (CASP) Certification -
Class scheduled on Nov 12
www.netcomlearning.com info_at_netcomlearning.com
(888) 563 8266
34PowerPoint 2016 10 Tips to Master Presentations
Hands-On Power BI for Data Visualization ASP.NET
Functions on Microsoft Azure Autodesk Inventor
Essentials Visual Styles, Visualization, and
Graphics Business Acumen for Project Managers
DevOps Foundations Lean and Agile CISSP
Certification Prep Security and Risk Management
Cross Team Collaboration Increasing Productivity
with Office 365 Groups SharePoint 2019 "Wow"
First Look at new SharePoint 2019 Adobe InDesign
CC Down and Dirty Tips and Tricks Architecting
for Security on AWS Big Data for Enterprise
Managing Data and Values
www.netcomlearning.com info_at_netcomlearning.com
(888) 563 8266
35Promotions
From Cloud to Security, to Data and AI, to
Networking, to Application Development, to
Design, to Business Process Application all
classes delivered by top-notch instructors in
in-person Instructor-led Classroom or Live
Online. And after you train, treat yourself with
Gift Card rewards. Learn More
www.netcomlearning.com info_at_netcomlearning.com
(888) 563 8266
36Follow Us On
www.netcomlearning.com info_at_netcomlearning.com
(888) 563 8266
37www.netcomlearning.com info_at_netcomlearning.com
(888) 563 8266
38THANK YOU !!!
www.netcomlearning.com info_at_netcomlearning.com
(888) 563 8266