We may earn an affiliate commission when you visit our partners.
Course image
Michael Solomon and Total Seminars • Over 1 Million Enrollments

Mike Meyers and the Total Seminars Team, your source for best-selling cybersecurity courses, brings you this ethical hacking and penetration testing course with your instructor Michael Solomon, Ph.D. Prepare for the CompTIA PenTest+ PT0-002 exam.

Read more

Mike Meyers and the Total Seminars Team, your source for best-selling cybersecurity courses, brings you this ethical hacking and penetration testing course with your instructor Michael Solomon, Ph.D. Prepare for the CompTIA PenTest+ PT0-002 exam.

This is NOT a boring voice over PowerPoint course. Michael speaks to you and presents the material in an engaging interactive style that will keep you interested and make it easier to understand. Check out the free sample lectures and you will see the difference.

We've added 2 bonus Practice Tests. One practice test covers the EC-Council Certified Ethical Hacker CEH certification exam. The other practice test covers the CompTIA PenTest+ certification exam. Test your readiness to pass either of these industry ethical hacking certification exams.

With 30+ years of experience in security, privacy, blockchain, and data science, and an energetic presentation style, Michael takes his proficiency in network penetration testing and consolidates it into this informative and engaging course.

Did you know penetration testers' average salary is 71,929?* And this career is in one of the fastest-growing job markets.

Whether you're looking to pass the CompTIA PenTest+ certification exam, take your next step in the CompTIA Cybersecurity Pathway, or you're just looking to learn some awesome ethical hacking skills, you’re in the right place.

Keep in mind there's much more to being an ethical hacker than what's covered here, including how to secure a network, however this course focuses on how to be a pen tester. A pen tester plans and scopes a pen test engagement with a client, finds vulnerabilities, exploits them to get into a network, then reports on those findings to the client.

This course shows you how to:

  • Use the tools you’ll need to scan networks, crack passwords, analyze and intercept traffic, discover code vulnerabilities, and compromise resources

  • Recognize vulnerabilities within a system, run exploits, and suggest solutions to a client to remediate the weak points

  • Work within a virtual environment to practice your pen testing skills, including using Oracle VM manager, Kali Linux, Metasploitable, and DVWA

  • Scope, plan, and execute a pen test engagement from start to finish

WHAT'S COVERED?

PenTest+ Exam Domain  -  Percentage of Exam

1.0 Planning and Scoping  - 14%

  • Compare and contrast governance, risk, and compliance concepts

  • Explain the importance of scoping and organizational/customer requirements

  • Given a scenario, demonstrate an ethical hacking mindset by maintaining professionalism and integrity

2.0 Information Gathering and Vulnerability Scannings 22%

  • Given a scenario, perform passive reconnaissance

  • Given a scenario, perform active reconnaissance

  • Given a scenario, analyze the results of a reconnaissance exercise

  • Given a scenario, perform vulnerability scanning

3.0 Attacks and Exploits  -  30%

  • Given a scenario, research attack vectors and perform network attacks

  • Given a scenario, research attack vectors and perform wireless attacks

  • Given a scenario, research attack vectors and perform application-based attacks

  • Given a scenario, research attack vectors and perform attacks on cloud technologies

  • Explain common attacks and vulnerabilities against specialized systems

  • Given a scenario, perform a social engineering or physical attack

  • Given a scenario, perform post-exploitation techniques

4.0 Reporting and Communications 18%

  • Compare and contrast important components of written reports

  • Given a scenario, analyze the findings and recommend the appropriate remediation within a report

  • Explain the importance of communication during the penetration testing process

  • Explain post-report delivery activities

5.0 Tools and Code Analysis 16%

  • Explain the basic concepts of scripting and software development

  • Given a scenario, analyze a script or code sample for use in a penetration test

  • Explain use cases of the following tools during the phases of a penetration test

EXAM INFO

Exam code: PT0-002

Max. 85 questions (performance-based and multiple choice)

Length of exam: 165 minutes

Passing score: 750 (on a scale of 100-900)

Exam voucher cost: 381USD

Recommended experience: Network+, Security+ or equivalent knowledge. Minimum of 3-4 years of hands-on information security or related experience. While there is no required prerequisite, PenTest+ is intended to follow CompTIA Security+ or equivalent experience and has a technical, hands-on focus.

HOW DO I TAKE THE 

Buy an exam voucher (get your discount voucher at Total Seminars' website), schedule your exam on the Pearson VUE website, then take the exam at a qualifying Pearson VUE testing center.

WHAT'S THE BIG DEAL ABOUT THE 

CompTIA's PenTest+ is the only penetration testing exam taken at a Pearson VUE testing center or online, with both hands-on, performance-based questions and multiple-choice, to ensure each candidate possesses the skills, knowledge, and ability to perform tasks on systems.

Penetration testing and information security is one of the fastest-growing job categories according to the U.S. Bureau of Labor Statistics. It predicts that roles requiring these skills will see 28 percent overall growth by 2026.

EC-. Even in earlier chapters, the instructor gets you going on sample exercises to chop up the theoretical content a little, which always helps. With a course like this, hands-on is everything. I also appreciate that the theoretical parts are. Total Seminars did a fantastic job of breaking the content up in just the right places. LOVE this course. ” – Chris N

- “Amazing. Well Explained. Detail description for all the fundamental terms.” – Nisarg T

- “Instruction was excellent. Including notes as resources was a big help. I reviewed the notes while watching the videos and I think that is really going to help me with information retention. The instructor used real-world examples to demonstrate points. Overall, I feel confident I can pass the test after studying the materials and doing the exercises the instructor emphasizes. The instructor also highlighted several key points to study for the exam for maximum preparation.” - Tim W

- “This is what I was hoping for and it's much more upbeat than most of the lulling video series' I've seen before.” – John G

- “This course covers everything in the approved CompTIA PenTest+ certification test. The presenter knows his stuff, has done real work pentests and does a good job of showing off the tools you'll be quizzed on and how to manipulate and analyze the results. Highly recommend this for anyone with Security+ that is looking to specialize as a pentester. Great place to start. ” – Casey D

- “Very well thought out course. The instructor is very knowledgeable, and the course is laid out in a great way. A lot of time was put into this and it shows. ” – Luke P

Enroll now

What's inside

Learning objectives

  • Includes 2 bonus practice exams. we have added a comptia pentest+ practice test and a certified ethical hacker ceh practice test.
  • How to plan and scope a penetration test as a contracted pen tester for a client (as an ethical hacker, you’ll be the good guy and get paid to hack networks!)
  • How to work within a virtual environment to practice your pen testing skills, including using oracle vm manager, kali linux, metasploitable, and dvwa
  • Where to find vulnerabilities and how to penetrate a network in order to run exploits, then how to report those vulnerabilities to the client for remediation
  • How to gather intel on a network by scanning and enumerating (finding) targets, then searching out the weak points on those targets
  • Understand social engineering attacks, exploit network-based vulnerabilities, and intercept traffic via on-path (man-in-the-middle) attacks
  • How to use pen testing tools like nmap, nessus, nslookup, john the ripper, immunity debugger, aircrack-ng, wireshark, and many more
  • How to write reports, explain post-delivery activities, and recommend remediation strategies to your client

Syllabus

Introduction

Michael talks about what is covered in the course. He explains what is covered on the CompTIA PenTest+ exam and gives an overview of the Ethical Hacking topics covered in the course.

Read more

All About the CompTIA PenTest+ (PT0-002) Exam.

Planning and Engagement

Pen tests are large projects and must be planned for accordingly, or else it’s easy for them to get out of scope and become more work than you initially thought. Understand the importance of planning and scoping an engagement using strategy, project management skills, and pen testing resources. 

Pen tests are risky at best and can violate security rules or even legislation at worst. Learn how to establish rules of engagement with your client including understanding who they are, what the target limits are, what the test scope is, and who to communicate with should something go awry during one of your attacks. 

Legialative bodies and indurtry organizations may require certain organizations comply with requirements to avoid sanctions or carry out business functions. Pen testing is one way to determine if an organization's policies and controls comply with pertinent requirements. Two common compliance requirements that mandate pen tests are PCI DSS and GDPR.

There are important factors to consider before you even begin your first attack. Planning out and discussing the resources, requirements, and budget with the client is key to a successful engagement. You need to consider who will provide the resources, like the hardware and software, since each of these costs money. Establish the budget from the beginning and assign a value to every part of the test, including the cost of your time. 

A pen test is more than just a simple test; it’s a large-scale engagement. Before you begin, you need to explain to your client what the impact of the tests might be. If they have any constraints, such as not attacking a production server, they should make you aware of them since the result could be catastrophic for the business if it went down during one of your attacks.

It’s important to know what resources you can use to be able to successfully attack your targets. This is where software development tools come in handy, since they can shed light on the inner workings of an application, giving you the opportunity to exploit a possible vulnerability. Learn about WSDLs, WADLs, SOAP project files, SDK, swagger, and XSD documentation, sample application requests, and the importance of network architectural diagrams.

Many activities in a pen test are technically against the rules and policies, or even illegal. You need to make sure you’re covered legally so you don’t get in trouble for doing something during an attack that your client isn’t aware of. This video covers the basics of SOWs, MSAs, and NDAs, the differences between environments, nations, cultures, and corporations, and getting written permission to perform the tests so you don’t get in to trouble later.  

A Service Level Agreement (SLA) is an agreement between a customer and a service provider that should include both requirements and limitations on pen testing activities.

A comprehensive pen test is one that addresses as many aspects of an IT infrastructure as possible and satisfies all of the testing requirement goals. Using an industry accepted pen testing standard an methodology helps pen testers to avoind missing critical areas. Two common pen testing frameworks are the MITRE ATT&CK framework and the OWASP resources.

Several organizations publish standards for pen testing to help pen testers plan exhaustive tests, including NIST standards and frameworks, OSSTMM. PTES, and ISSAF.

When scoping pen testing activities, planners should consider the environment in which test will run, including network architecture, applications running, cloud versus on-premises components, off-limits components or segments, and the type of assessment to be performed.

Since pen testers possess the skills and tools to carry out attacks that could cause substantial damage, it is important to require the utpost ethical behavior from all pen test team members.

This video walks you through how to create a lab environment where you can practice your pen testing skills. Learn how to set up the virtual machine manager Oracle VirtualBox and install virtual machines within it including the toolkit of all toolkits, Kali Linux, and two intentionally vulnerable VMs where you can practice attacking a system, called Damn Vulnerable Web App (DVWA) and Metasploitable. 

A black-box pen tester is someone who knows nothing going into the engagement, and a white-box pen tester is more like a company insider who has a certain amount of knowledge before they begin. Whichever way you plan to play the role, these are some of the considerations you’ll need to figure out before you begin your pen testing. Are you whitelisted or blacklisted? Do you know the layers of security controls your client has? How invasive will the test be? Learn the nuances of how to strategize your engagement and prepare the client for the possible risks involved.

As you continue to plan out your pen test, you’ll need to lock in the schedule and make sure you won’t run into scope creep. You’ll also want to hone in on what type of attacker you are and what your motivations are for attacking. Are you an advanced persistent threat with lots of resources? Or perhaps a script kiddie, hacktivist, or an insider threat? With all this information, you can build your threat model, a valuable map for what assets you’re going to use and what specific targets you will be attacking that will help guide you through the next steps in your pen test.

Compliance-based assessments are a bit different than any other type in that standards and regulations outside the client’s control can change how a pen test must be conducted. Learn how to recognize some of these constraints and how to incorporate them into your pen test plan.

Chapter 1 Quiz
Information Gathering and Vulnerability Scanning

It’s important to survey the environment and gather all the correct information to determine where any vulnerabilities might lie. By using techniques such as scanning and enumeration, you’ll know exactly where the weak points are on a network and how to classify them in order to launch the appropriate attacks.  

Now that you know what surveying and enumeration are, it’s time to put that knowledge into action. Running Metasploitable on a virtual box, you will learn how to use, Nmap, ping sweep scan, ARP Scan, and whois lookup to determine which targets are the easiest to get to.   

If you don’t get a response from a host after an initial scan, you can use additional tools to find out more information. Learn how to use packet crafting to create specific network packets to gather or carry out attacks. Also use packet inspection, fingerprinting, cryptography, and eavesdropping to gather information and determine what traffic is being sent. 

Many functions of a pen test are only as good as the tools you have available to you. In conjunction with Metasploitable, learn how to use Wireshark, a free and useful application for information gathering and packet inspection, to break down exactly what’s happening inside each packet sent through the network. 

Labtainers is a self-contained open-source cybersecurity lab environment with dozens of hands-on labs that are easy to access. We will use the labtainers environment for the labs you will explore throughout this course.

The wireshark labtainers lab introduces students to th eprocess of analyzing network traffic using the freely available Wireshark tool.

Sometimes, to go forward, you must go backward. Understand how you can use code decompiling and debugging to work backwards and learn a program’s secrets and weaknesses to determine the best way to exploit them. Learn the resources you can use to dig into web application code and how that information can benefit you when planning your attacks.

Before launching any attacks, an effective pen tester learns about the target environment by carying out reconnaissance on the environment to identify potential weaknesses. Passive reconnaissance describes activities in which the pen tester uses external resources to learn about a potential victim.

Another part of the reconnaissance process is digging into a target's infrastructure to learn more than external resources may yield. Active reconnaissance describes the process of querying a target envirnment's resoources and sending specially crafted network packets to examine any responses. Active reconnaissance is easier for a target to detect but often yields better information that a pen tester can use to device an effective attack plan.

There is no shortage of known vulnerabilities on any computing devices, but how do you match known vulnerabilities with your target's weaknesses? By applying a structured approach, you can find out if specific vulnerabilities exist on a target. Learn about discovery scans, full scans, port scans, stealth scans, and compliance scans.

Now that you know the various methods for testing vulnerabilities, see exactly how to use stealth scanning, port scanning, OS fingerprinting, and OpenVas to assess vulnerabilities.  

The Network Basics labtainers lab introduces students to basic networking concepts and protocols, including ARP, ping, and TCP/IP.

The nmap Discovery labtainers lab introduces students to the nmap utility and how to use nmap to locate an ssh server on a network and also to discover the port numbre being used by the service.

There are some very important considerations to take into account when planning an attack. Learn the importance of finding out whether you’re attacking a physical machine, virtual machine, or container and what the best analysis tool is to use. Learn how to map targets to business value so you can focus on what vulnerability will hurt the business the worst. 

Collecting intelligence about a potential target is only the first step. A pen tester must also be able to analyze the output from reconnaissance activities. Understanding what recinnaissance output contains is a critical part of selecting efective attacks in pen test planning.

As a pen tester, the nmap command will be one of your greatest tools. It is a network mapper with numerous options. Learn how to detect the operating system of a machine, conduct stealthy scans, determine the service and version information, enumerate targets, and output the scan results into several different file formats.

Being fast is normally great, but as a pen tester fast can mean creating a lot of network traffic, unintentionally alerting your target that something is happening. When you need to fly under the radar, use Nmap (along with helpful cheat sheet), to help you stealthily apply your vulnerability scans so there’s less chance of being detected.

You’ve ranked your assets, vulnerabilities, and exploits, now it’s time to make a priorities list and leverage that information to plan your penetration tests. Use powerful Nmap scripts to map those vulnerabilities to potential exploits. 

There are many pen testing techniques and often they are used together to successfully attack a target. Learn some of the more common attack techniques such as exploit modification, exploit chaining, social engineering, credential brute forcing, and enlightened attacks. 

Since many pen testing activities are interative and are repeated multiple times with slight input variations, automating as much of the pen tests as possible increases efficiency and reduces human errors. Explore options to automate any tests that are part of a pen test plan.

This video walks you through the process of a brute force attack. With a list of usernames and passwords, and an ip address and a port number, you will see how the Hydra tool can help you become an authorized user. 

The Password Cracking labtainers lab introduces students to passowrd basics and how to carry out elementary password cracking attacks.

The Secure Socket Layers labtainers lab introduces students to the use of SSL to authenticate both sides of a connection, including creating and signing certificates using a CA.

The Routing Basics labtainers lab introduces students to a simple routing example with two LANs and an Internet connection via NAT.

Chapter 2 Quiz
Network-Based Attacks

Effective pen tests are those developed from the most comprehensive planning efforts possible. Pen testers should incorporate as many exploit resources, such as exploit databases and online resources as possible. Having a large repository of exploit input information makes it easier to chain exploits together and carry out more sophisticated attacks, such as network password attacks.

This video covers a high-level overview of the various network-based protocols and their vulnerabilities. These include NETBIOS Name Service (NBNS), LLMNR (Link-Local Multicast Name Resolution), DNS and ARP poisoning, SMB (Server Message Block), SNMP (Simple Network Management Protocol), SMTP (Simple Mail Transport Protocol), and FTP (File Transfer Protocol).  

In this video, learn how to launch an FTP attack in Kali Linux. You’ll start by using the vulscan option in nmap to identify vulnerabilities within specific ports and IP addresses. Then explore the databases in the Metasploitable Framework to find the specific exploit you’ll want to use. Finally, you’ll launch the Metasploitable Framework Console, type in a few commands, and let Kali execute the exploit for you as you sit back and watch the pen testing magic happen. 

You don’t have to be on the client or the server side to exploit a target. Man-in-the-middle attacks put the attacker in between the communication as a proxy to steal the network packets as they’re passed back and forth. These include DNS cache poisoning, ARP spoofing, pass the hash, replay, relay, SSL stripping, downgrading, DoS, NAC bypass, and VLAN hopping. 

The TCP/IP Attacks labtainers lab introduces students to TCP/IP protocol vulnerabilities, including SYN flooding, RST attacks and session hijacking.

The ARP Spoof Attack labtainers lab introduces students to the use of ARP spoofing for Man-in-the-middle attacks.

The Local DNS Attacks labtainers lab introduces students to DNS spoofing and cache poisoning on a local area network.

The MACs and Hash Functions labtainers lab introduces students to cryptographic hashes and the potential for hash collisions.

Chapter 3 Quiz
Selecting Pen Testing Tools

Because wireless communication uses broadcast technology, essentially sending your data packets in every direction for anyone to grab, it makes it a great target for attackers. Learn how to use tools like Aircrack-ng and Wireshark to sniff and grab packets. Also understand the different types of attacks available to you, such as evil twin, deauthentication, fragmentation, credential harvesting, exploiting WPS weaknesses, Bluejacking, Bluesnarfing, RFID cloning, jamming, and repeating. 

As more and more users depend on wireless communications to connect to network resources, attacker have developed more sophisticated attacks on wireless networks. Some newer wireless attacks include those focused on data modification, data corruption, capturing handshakes, and on-path, or man-in-the-middle attacks.

Regardless of the hwrdware and software used in wireless pen tests, the right antenna can increase the chance of a successful network compromise. Purpose-built and amplified antennas can allow a pen tester to attack a network from farther away than when using off-the-shelf wireless adapters.

Chapter 4 Quiz
Reporting and Communication

The OWASP Top Ten is a list of the top ten most commonly encountered web application risks. Understanding and recognizing the most common errors helps pen testers select attack that have a higher than average chance of success.

Applications are great targets to attack, especially if you’re trying to disrupt communication with DoS, or if you’re looking to exfiltrate or destroy data. This video covers injection attacks, which is essentially inserting additional data beyond what the application is expecting to make it give you some information or perform some action for you. These include SQL, HTML, command, and code injection attacks. 

As a pen tester, you can get web apps to give you all kinds of information by leveraging mistakes developers make during the development phase. After configuring your DVWA to make sure it’s extra vulnerable, you’ll learn how to type commands into a seemingly benign data form box to make the web app respond back with extra database information, and even run a script to make a dialogue box appear. 

The SQL Injection labtainers lab introduces students to SQL injection attacks and countermeasures.

The beauty of applications is they already have access to databases, all you have to do is figure out how to exploit the vulnerabilities to get to that information. This video covers authentication attacks such as credential brute forcing, session hijacking, redirecting, as well as exploiting default or weak credentials and Kerberos tickets. It also covers authorization attacks such as parameter pollution and insecure direct object reference. 

In this final episode describing application exploits, you’ll learn about another application injection attacks called cross-site scripting (XSS) which attacks the server, and its similar cousin, cross-site request forgery (XSRF/CSRF) that attacks the user. You’ll also discover how to launch passive attacks just by exploiting security misconfigurations, including directory traversal errors, cookie manipulation, and file inclusion. 

Pen testing is often trying one thing, tweaking it, and trying again. Back in our lab environment, you’ll see a cross-site scripting (XSS) attack carried out using Kali Linux and the Damn Vulnerable Web App (DVWA).  

The Cross--Site Scripting labtainers lab introduces students to cross site scripting (XSS) attacks on a vulnerable web server.

The Cross-Site Request Forgery labtainers lab introduces students to Cross Site Request Forgery (CSRF) attacks with a vulnerable web site.

There’s more to pen testing than exploits and vulnerabilities, a good pen tester has a broad knowledge base of computer systems as well. Part of that is a general understanding of how applications are coded. When developers write applications, they may use practices that make it easier for them to write code, but also make the application unsecure. In this episode, you will learn what some of those common unsecure code practices are.

Increased reliance on distributed applications means more API use, and more vulnerabilities related to APIs. Pen testers should understand RESTful, XML-RPC, and SOAP API weaknesses and attacks, and understand how to use resources such as word lists in attacking srvices.

In order to access systems and files in Linux, you need privileges. One way to do that is to leverage Linux’s SUID (Set User ID) and SGUID (Set Group ID) capabilities. In this episode, you’ll find out ways to escalate your privilege using various executables. 

Windows OS also has issue of privilege escalation. As a pen tester, you can use this to your advantage by finding ways to access credentials stored in Cpassword, LDAP, LSASS, and SAM databases, among others. You can also take exploit Kerberos tickets by Kerberoasting, or force malicious DLL modules to load with DLL hijacking. 

There are a few other Windows OS vulnerabilities you can exploit to gain higher levels of privileges. In this video, you’ll learn about unquoted services paths and writable services in Windows Services. You’ll also learn the weaknesses of applications as well as another tricky way to access credentials: using a keylogger.

Continuing the conversation on possible vulnerabilities you can exploit as a pen tester, you’ll learn about how often default accounts are rarely changed or disabled, making them a perfect target to attack. Yet another way to gain access is to escape sandbox environments such as VMs and containers. Finally, you’ll learn about physical device security such as cold boot attacks, JTAG debuggers, and serial consoles. 

Chapter 5 Quiz
Attacking the Cloud

Cloud computing is more popular and complex than ever, and attacks on cloud environments are more prevalent than in the past. Pen testers should be familiar with common cloud attacks including credential harvesting, privilege escalation, account takeover, metadat service attacks, and misconfigured cloud assets.

In addition to an awareness of general cloud attacks, pen testers should be familiar with specific cloud environment attacks including resource exhaustion, cloud malware injection, DoS, side-channel, and direct-to-origin attacks.

Chapter 6 Quiz
Specialized and Fragile Systems

Mobile devices have unique characteristics and unique vulnerabilities that could lead to successful attacks. To help protect mobile devices you'll learn about reverse engineering, sandbox analysis, spamming, other mobile-specific attacks and tools that can help assess and secure mobile devices.

IoT popularity has exploded and so have potential attacks on these often vulnerable devices. Pen testers need to understand BLE attacks, fragility and availability concerns, data corruption and exfiltration attacks, and other IoT-specific vulnerabilities.

Data storage systems may look like generic computers of devices, but they often have their own types of vulnerabilities that attackers can exploit. In this section you'll learn about data storage misconfigurations, lack of input sanitization, software and exception handling issues, injection vulnerabilities, as well as vunerabilities that are specific to IPMI systems.

Virtualization is a foundation of today's IT environment, both as the basis of cloud computing, as well as in common use within organizations and even on personal computers. In this section you'll learn about virtualization vulnerabilities, including VM escape, hypervisor vulnerabilities, VM repository vulnerabilities, and vulnerabilities related to containerized workloads.

The Industrial Control System labtainers lab introduces students to using the GrassMarlin tool to view traffic you generate interacting with a PLC.

Chapter 7 Quiz
Social Engineering and Physical Attacks

Although well-executed social engineering attacks can be some of the most devastating attacks to any organization, they aren't always the best choice. An important step in planning any social engineering attack is determining whether such an attack makes sense. In this section you'll learn about identifying the proper pretext that least to a successful social engineering attack.

Social engineering takes advantages of one of the greatest vulnerabilities of a client – the people who work there. As a pen tester, one of the easiest ways to gain access is by tricking authorized users into giving up sensitive information. Learn about the basics of phishing, including spear phishing, SMS phishing and whaling. 

Now that you understand what social engineering attacks are, learn how to use Kali Linux to launch a mass email spear phishing attack with a few simple commands. 

In-person social engineering attacks are usually successful because people often want to be helpful and will rarely say “no” to someone face-to-face. These include elicitation, interrogation, impersonation, shoulder surfing, and USB key drops. It’s also important to include multiple elements of what motivates people to give up sensitive information such as authority, scarcity, social proof, urgency, likeness, and fear. 

We’ve explored many of the technical ways to infiltrate a system through the network or directly at the host level. Physical security, on the other hand, involves gaining access to the actual physical location and the data within it by tailgating, fence jumping, dumpster diving, lock picking, or bypassing locks. 

Chapter 8 Quiz
Post-Exploitation

You’ve planned your engagement, you’ve chosen your targets and exploits, and you’ve successfully gained access. Now what? You’ll want to make it easier to get back in, but also figure out how to move laterally throughout the network. There are a number of OS features that can make lateral movement possible, including many remote access protocols. Learn about these features, and see two of them demonstrated: Telnet and SSH.

A successful attack should not be the final step. In fact, a successful attack is often just the beginning of a string of subsequent attacks. In this section you'll learn about the Empire, Mimikatz, and Bloodhound post-exploitation tools that help pen testers to keep an attack going to see how far they can get.

Good to know

Know what's good
, what to watch for
, and possible dealbreakers
Course explores common cyber security attacks including network, application, cloud, and virtual environment vulnerabilities
Develops budgeting, engagement, and reporting skills, which are essential for security professionals
Explores professional and ethical considerations of ethical hacking
Provides hands-on experience through labs and virtual environment exercises
Taught by industry experts with years of experience in security, privacy, blockchain, and data science
Covers ethical hacking fundamentals and advanced topics, making it suitable for beginners and experienced learners alike

Save this course

Save TOTAL: CompTIA PenTest+ (Ethical Hacking) PT0-002 + 2 Tests to your list so you can find it easily later:
Save

Activities

Be better prepared before your course. Deepen your understanding during and after it. Supplement your coursework and achieve mastery of the topics covered in TOTAL: CompTIA PenTest+ (Ethical Hacking) PT0-002 + 2 Tests with these activities:
Compile a list of free resources for ethical hacking
Organize available materials in one place to improve your learning efficiency.
Show steps
  • Do research on free resources for ethical hacking
  • Create a central location to store the resources
  • Organize the resources logically
Follow online tutorials on penetration testing techniques
Reinforce your knowledge by going through online tutorials and practice your skills.
Browse courses on Penetration Testing
Show steps
  • Find online tutorials on penetration testing techniques
  • Follow the tutorials
  • Practice the techniques
Run enumeration commands using Nmap
Immediately apply your knowledge of Nmap to practice exploiting vulnerabilities.
Browse courses on Enumeration
Show steps
  • Install Nmap on your computer
  • Use Nmap to scan an IP address
  • Use Nmap to scan a range of IP addresses
Four other activities
Expand to see all activities and additional details
Show all seven activities
Discuss ethical hacking strategies with peers
Meet with peers to discuss your ethical hacking skills and learn from each other.
Show steps
  • Find a study buddy or group
  • Set up a regular meeting time
  • Discuss ethical hacking strategies
Attend a workshop on ethical hacking
Enhance your skills by attending a workshop from a professional with experience in the field.
Show steps
  • Find a workshop on ethical hacking
  • Register for the workshop
  • Attend the workshop
Create a presentation on a recent cybersecurity breach
Research and understand a recent cybersecurity breach to improve your understanding of the tactics and techniques used.
Browse courses on Cybersecurity
Show steps
  • Research a recent cybersecurity breach
  • Create a presentation outline
  • Create a presentation
Mentor junior students in ethical hacking
Deepen your understanding and improve your communication skills by mentoring beginners.
Show steps
  • Find junior students interested in ethical hacking
  • Offer to mentor them
  • Meet with them regularly

Career center

Learners who complete TOTAL: CompTIA PenTest+ (Ethical Hacking) PT0-002 + 2 Tests will develop knowledge and skills that may be useful to these careers:
Penetration Tester
Ethical hacking is a burgeoning field that has grown dramatically over the past few years, and with this growth comes growth in a range of job opportunities. To wit, penetration testers are becoming increasingly in-demand. As a penetration tester, you will be charged with assessing the security of computer networks and systems, typically with an eye toward finding ways that these systems might be compromised or broken into. In this course, you will be introduced to the basics of penetration testing, and these skills will serve you well should you wish to enter this growing, exciting field.
Ethical Hacker
Ethical hacking is a rewarding career path that requires a specialized skillset. As an ethical hacker, you will be responsible for working with organizations to assess and improve the security of their networks and systems. This role requires a strong understanding of information security principles and practices, as well as the ability to think critically and solve problems. This course will give you the foundational knowledge you need to become an ethical hacker.
Security Analyst
Security analysts work to protect an organization's computer networks and systems from unauthorized access, use, disclosure, disruption, modification, or destruction. The skills in this course, including network and vulnerability scanning, will help to build the strong foundation you need for this role.
Network Security Engineer
Network security engineers have a great deal in common with pentesters, only instead of being primarily responsible for identifying network vulnerabilities, you will instead be responsible for planning, implementing, and monitoring security measures to protect computer networks and systems. This course will give you a strong foundation in the skills you will need to be successful in this role.
Information Security Analyst
Information security analysts, also known as cybersecurity analysts, play a vital role in the protection of sensitive data and information. Those who work as information security analysts typically need to have a strong foundation in information security principles and practices, as well as the ability to think critically and solve problems. This course will give you a strong foundation in the skills you need to become an information security analyst.
Information Security Manager
Information security managers are responsible for the development and implementation of an organization's information security program. They oversee the organization's cybersecurity strategy and ensure that the organization is compliant with all applicable laws and regulations. The skills you learn in this course will help you to build the foundation you need to become an information security manager.
Cybersecurity Consultant
Cybersecurity consultants help businesses, governments, and other organizations to protect themselves from cyber threats. They advise clients on best practices for cybersecurity and help them to develop and implement security measures. To be successful, you will need a deep understanding of cybersecurity principles and practices. This course can help you build a solid knowledge base in this area.
IT Security Specialist
IT security specialists are primarily concerned with the design, implementation, and management of an organization's IT security measures. IT security specialists must have a deep understanding of cybersecurity principles and practices, as well as the ability to keep up with the latest trends in cyber threats. This course will help to build the foundation you need to become a successful IT security specialist.
IT Security Architect
IT security architects are responsible for designing and implementing an organization's IT security architecture. They work with other IT professionals to ensure that the organization's IT systems are secure and compliant with all applicable laws and regulations. To become an IT security architect, you will need a deep understanding of cybersecurity principles and practices, as well as the ability to keep up with the latest trends in cyber threats. This course will give you a strong foundation in the skills you need to become an IT security architect.
Security Software Developer
Security software developers are responsible for the design, development, and testing of security software products. These products can include antivirus software, firewalls, and intrusion detection systems. Becoming a security software developer requires a strong understanding of the principles and practices of information security, as well as the ability to write secure code. The study of coding skills and the broader principles of software development in this course will help you to build a solid foundation for success in this role.
Cloud Security Engineer
Cloud security engineers are responsible for the security of cloud-based applications and infrastructure. They work with other IT professionals to ensure that cloud-based systems are secure and compliant with all applicable laws and regulations. To succeed in this role, you will need a deep understanding of cybersecurity principles and practices, as well as the ability to keep up with the latest trends in cyber threats. This course will help you build the foundation you need to become a cloud security engineer.
Security Consultant
Security consultants help businesses, governments, and other organizations to protect themselves from cyber threats. They advise clients on best practices for cybersecurity and help them to develop and implement security measures. This role requires a deep understanding of cybersecurity principles and practices, as well as the ability to communicate effectively with a variety of stakeholders. This course will help you build a strong foundation in the skills you need to become a successful security consultant.
Security Engineer
Security engineers are responsible for the design, implementation, and maintenance of an organization's security infrastructure. They work with other IT professionals to ensure that the organization's IT systems are secure and compliant with all applicable laws and regulations. To succeed in this role, you will need a deep understanding of cybersecurity principles and practices, as well as the ability to keep up with the latest trends in cyber threats. This course will help you build the foundation you need to become a security engineer.
Information Security Auditor
Information security auditors are responsible for assessing the security of an organization's information systems. They identify vulnerabilities and make recommendations for improvements. Becoming an information security auditor requires a deep understanding of the principles and practices of information security, as well as the ability to communicate effectively with a variety of stakeholders. This course will help you build a solid foundation in the skills you need to be successful in this role.

Reading list

We've selected 12 books that we think will supplement your learning. Use these to develop background knowledge, enrich your coursework, and gain a deeper understanding of the topics covered in TOTAL: CompTIA PenTest+ (Ethical Hacking) PT0-002 + 2 Tests.
Provides more information regarding the ethical hacking mindset. It also provides more information on specific attack vectors and mitigation techniques.
Reference to one of the most popular penetration testing frameworks, Metasploit.
Is the offical guide to using Nmap, one of the most popular port scanning tools.

Share

Help others find this course page by sharing it with your friends and followers:

Similar courses

Here are nine courses similar to TOTAL: CompTIA PenTest+ (Ethical Hacking) PT0-002 + 2 Tests.
Planning and Scoping for CompTIA Pentest+
Most relevant
Reporting and Communication for CompTIA Pentest+
Most relevant
Information Gathering and Vulnerability Scanning for...
Most relevant
CompTIA PenTest+ Certification
Most relevant
Attacks and Exploits: Specialized Attacks and Post...
Most relevant
Exam Review and Tips for CompTIA Pentest+
Most relevant
Attacks and Exploits: Network and Application Attacks for...
Most relevant
Penetration Testing and Ethical Hacking Complete Hands-on
Most relevant
Tools and Code Analysis for CompTIA Pentest+
Most relevant
Our mission

OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.

Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.

Find this site helpful? Tell a friend about us.

Affiliate disclosure

We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.

Your purchases help us maintain our catalog and keep our servers humming without ads.

Thank you for supporting OpenCourser.

© 2016 - 2024 OpenCourser