College of Management and IT (CMIT)

CompTIA PenTest+

Leads to Industry certification.

Self-paced course
Online self-paced course.

Start any time and work at your own pace.

Learn anywhere
Learn anytime, anywhere.

Course Details

This comprehensive CompTIA PenTest+ eLearning course prepares you for the PenTest+ exam. PenTest+ is unique because the certification requires a candidate to demonstrate the hands-on ability and knowledge to test devices in new environments such as the cloud and mobile, in addition to traditional desktops and servers. The CompTIA PenTest+ course will ensure the successful candidate has the knowledge and skills required to:

  • Plan and scope an assessment.
  • Understand legal and compliance requirements.
  • Perform vulnerability scanning and penetration testing using appropriate tools and techniques
  • Analyse the results.

This CompTIA PenTest+ Course includes the following features:

  • Instructor-led demonstrations and visual presentations to develop your skills based on real-world scenarios.
  • Unlike a live class, you can fast-forward, repeat or rewind all your lectures. This gives you all the benefit of hands-on training with the flexibility of doing it around your schedule 24/7.
  • FlashCards and Education Games are also provided throughout the course.
  • Practice exams prepare you for your exams. These exams are on average 100 questions to ensure you are 100% prepared if you are taking a certification exam.
  • You can also interact and collaborate with other students through our forums, student contributions and announcement features.
Who should complete this CompTIA PenTest+ Course?
  • Penetration Testers: The CompTIA PenTest+ course is specifically designed for individuals looking to specialise in penetration testing. According to Cybersecurity Ventures, global cybersecurity spending is expected to exceed $1 trillion over the next five years, indicating a substantial demand for skilled professionals who can identify and remediate security vulnerabilities. This course equips penetration testers with the knowledge and practical skills to assess and secure an organisation’s network infrastructure effectively.
  • Ethical Hackers: Ethical hackers play a critical role in helping organisations proactively identify and address security weaknesses. As cyber threats continue to evolve, ethical hacking skills are in high demand. The CompTIA PenTest+ course provides the necessary training for individuals aspiring to become ethical hackers, and it aligns with the growing need for cybersecurity experts.
  • Security Analysts: Security analysts responsible for assessing and improving an organization’s security posture can benefit from the insights gained in the CompTIA PenTest+ course. With the increasing complexity of cyber threats, having professionals who can conduct thorough penetration tests is crucial to identifying vulnerabilities and implementing effective security measures.
  • Cybersecurity Consultants: Cybersecurity consultants provide valuable expertise to organisations seeking to strengthen their security defenses. According to a report by Grand View Research, the global cybersecurity consulting market is expected to reach $50.57 billion by 2028, highlighting the growth in demand for consultancy services. Completing the CompTIA PenTest+ course equips individuals to offer specialised penetration testing and security consulting services.
  • Information Security Managers: Information security managers responsible for overseeing an organisation’s security strategy can benefit from a deep understanding of penetration testing. With cybersecurity breaches making headlines regularly, organisations are investing heavily in security measures. This course allows information security managers to make informed decisions and lead their teams effectively in addressing vulnerabilities.
Entry Requirements / Prerequisites
  • None. It is however recommended that students have Network+, Security+ or equivalent knowledge. Minimum of 3-4 years of hands-on information security or related experience. While there is no required prerequisite, PenTest+ is intended to follow CompTIA Security+ or equivalent experience and has a technical, hands-on focus.
  • For technical requirements required to access CMIT eLearning click here>
  • For more details on the suitability of this course click here>


How CMIT eLearning Works…
Topics covered in this CompTIA PenTest+ Course
Module 1: Understanding the target audience
  • Rules of engagement
  • Communication escalation path
  • Resources and requirements
  • Budget
  • Impact analysis and remediation timelines
  • Disclaimers
  • Technical constraints
  • Support resources
  • Contracts
  • Environmental differences
  • Written authorisation
  • Scoping
  • Risk acceptance
  • Tolerance to impact
  • Scheduling
  • Scope creep
  • Threat actors
  • Compliance-based assessments, limitations and caveats
  • Clearly defined objectives based on regulations
Module 2: Information Gathering and Vulnerability Identification
  • Scanning
  • Enumeration
  • Packet crafting
  • Packet inspection
  • Fingerprinting
  • Cryptography
  • Eavesdropping
  • Decompilation
  • Debugging
  • Open Source Intelligence Gathering
  • Credentialed vs. non-credentialed
  • Types of scans
  • Container security
  • Application scan
  • Considerations of vulnerability scanning
  • Asset categorization
  • Adjudication
  • Prioritization of vulnerabilities
  • Common themes
  • Map vulnerabilities to potential exploits
  • Prioritize activities in preparation for penetration test
  • Describe common techniques to complete attack
  • ICS
  • Mobile
  • IoT
  • Embedded
  • Point-of-sale system
  • Biometrics
  • Application containers
  • RTOS
Module 3: Attacks and Exploits
  • Phishing: Spear phishing, SMS phishing, Voice phishing, Whaling
  • Elicitation
  • Interrogation
  • Impersonation
  • Shoulder surfing
  • USB key drop
  • Motivation techniques: Authority, Scarcity, Social proof, Urgency, Likeness, Fear
  • Name resolution exploits
  • SMB exploits
  • SNMP exploits
  • SMTP exploits
  • FTP exploits
  • DNS cache poisoning
  • Pass the hash
  • Man-in-the-middle
  • DoS/stress test
  • NAC bypass
  • VLAN hopping
  • Evil twin
  • Deauthentication attacks
  • Fragmentation attacks
  • Credential harvesting
  • WPS implementation weakness
  • Bluejacking
  • Bluesnarfing
  • RFID cloning
  • Jamming
  • Repeating
  • Injections
  • Authentication: Credential brute-forcing, Session hijacking, Redirect, Default credentials, Weak credentials, Kerberos exploits
  • Authorization
  • Cross-site scripting (XSS)
  • Cross-site request forgery (CSRF/XSRF)
  • Clickjacking
  • Security misconfiguration
  • File inclusion
  • Unsecure code practices: Comments in source code, Lack of error handling, Overly verbose error handling, Hard-coded credentials, Race conditions, Unauthorized use of functions/unprotected APIs, Hidden elements, Lack of code signing
  • OS vulnerabilities
  • Unsecure service and protocol configurations
  • Privilege escalation
  • Default account settings
  • Sandbox escape
  • Physical device security
  • Piggybacking/tailgating
  • Fence jumping
  • Dumpster diving
  • Lock picking
  • Lock bypass
  • Egress sensor
  • Badge cloning
  • Lateral movement
  • Persistence
  • Scheduled jobs
  • Scheduled tasks
  • Daemons
  • Back doors
  • Trojan
  • New user creation
  • Covering your tracks
Module 4: Penetration Testing Tools
  • SYN scan (-sS) vs. full connect scan (-sT)
  • Port selection (-p)
  • Service identification (-sV)
  • OS fingerprinting (-O)
  • Disabling ping (-Pn)
  • Target input file (-iL)
  • Timing (-T)
  • Output parameters: oA, oN, oG, oX
  • Once you successfully pass the programme(s), you will be able to download a CMIT Digital Certificate of Completion. This can be accessed via the Progress Reports section located on the top right side of your eLearning platform.
  • You may optionally take exams to receive certification. Exam fees are not included in the course price. Click here for exam information.

Request Prospectus

Complete the form below to request a prospectus.

Opt in
This field is for validation purposes and should be left unchanged.

Student Reviews
of this course

{{ reviewsOverall }} / 5 Users (0 votes)
What students say... Leave your rating
Order by:

Be the first to leave a review.

{{{review.rating_comment | nl2br}}}

Show more
{{ pageNumber+1 }}
Leave your rating

Request A Prospectus

Opt in
This field is for validation purposes and should be left unchanged.