Book description
Learn, prepare, and practice for CompTIA Pentest+ PT0-001 exam success with this CompTIA Cert Guide from Pearson IT Certification, a leader in IT Certification.
Master CompTIA Pentest+ PT0-001 exam topics
Assess your knowledge with chapter-ending quizzes
Review key concepts with exam preparation tasks
Practice with realistic exam questions
Get practical guidance for next steps and more advanced certifications
CompTIA Pentest+ Cert Guide is a best-of-breed exam study guide. Best-selling author Omar Santos and leading IT security expert Ron Taylor share preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.
The book presents you with an organized test preparation routine through the use of proven series elements and techniques. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly. Review questions help you assess your knowledge, and a final preparation chapter guides you through tools and resources to help you craft your final study plan.
The companion website contains the powerful Pearson Test Prep practice test software, complete with 340 exam-realistic questions. The assessment engine offers you a wealth of customization options and reporting features, laying out a complete assessment of your knowledge to help you focus your study where it is needed most.
Well regarded for its level of detail, assessment features, and challenging review questions and exercises, this study guide helps you master the concepts and techniques that will allow you to succeed on the exam the first time.
The CompTIA study guide helps you master all the topics on the Pentest+ exam, including:
Planning and scoping: Explain the importance of proper planning and scoping, understand key legal concepts, explore key aspects of compliance-based assessments
Information gathering and vulnerability identification: Understand passive and active reconnaissance, conduct appropriate information gathering and use open source intelligence (OSINT); perform vulnerability scans; analyze results; explain how to leverage gathered information in exploitation; understand weaknesses of specialized systems
Attacks and exploits: Compare and contrast social engineering attacks; exploit network-based, wireless, RF-based, application-based, and local host vulnerabilities; summarize physical security attacks; perform post-exploitation techniques
Penetration testing tools: Use numerous tools to perform reconnaissance, exploit vulnerabilities and perform post-exploitation activities; leverage the Bash shell, Python, Ruby, and PowerShell for basic scripting
Reporting and communication: Write reports containing effective findings and recommendations for mitigation; master best practices for reporting and communication; perform post-engagement activities such as cleanup of tools or shells
Table of contents
- Cover Page
- About This E-Book
- Title Page
- Copyright Page
- Contents at a Glance
- Contents
- About the Authors
- Dedication
- Acknowledgments
- About the Technical Reviewers
- We Want to Hear from You!
- Reader Services
- Credits
- Introduction
- Chapter 1 Introduction to Ethical Hacking and Penetration Testing
-
Chapter 2 Planning and Scoping a Penetration Testing Assessment
- “Do I Know This Already?” Quiz
- Explaining the Importance of the Planning and Preparation Phase
- Understanding the Legal Concepts of Penetration Testing
- Learning How to Scope a Penetration Testing Engagement Properly
- Learning the Key Aspects of Compliance-Based Assessments
- Review All Key Topics
- Define Key Terms
- Q&A
- Chapter 3 Information Gathering and Vulnerability Identification
-
Chapter 4 Social Engineering Attacks
- “Do I Know This Already?” Quiz
- Understanding Social Engineering Attacks
- Phishing
- Pharming
- Malvertising
- Spear Phishing
- SMS Phishing
- Voice Phishing
- Whaling
- Elicitation, Interrogation, and Impersonation (Pretexting)
- Social Engineering Motivation Techniques
- Shoulder Surfing
- USB Key Drop and Social Engineering
- Review All Key Topics
- Define Key Terms
- Q&A
- Chapter 5 Exploiting Wired and Wireless Networks
-
Chapter 6 Exploiting Application-Based Vulnerabilities
- “Do I Know This Already?” Quiz
- Overview of Web Applications for Security Professionals
- How to Build Your Own Web Application Lab
- Understanding Injection-Based Vulnerabilities
- Exploiting Authentication-Based Vulnerabilities
- Exploiting Authorization-Based Vulnerabilities
- Understanding Cross-Site Scripting (XSS) Vulnerabilities
- Understanding Cross-Site Request Forgery Attacks
- Understanding Clickjacking
- Exploiting Security Misconfigurations
- Exploiting File Inclusion Vulnerabilities
- Exploiting Insecure Code Practices
- Review All Key Topics
- Define Key Terms
- Q&A
- Chapter 7 Exploiting Local Host and Physical Security Vulnerabilities
- Chapter 8 Performing Post-Exploitation Techniques
- Chapter 9 Penetration Testing Tools
- Chapter 10 Understanding How to Finalize a Penetration Test
- Chapter 11 Final Preparation
- Appendix A Answers to the “Do I Know This Already?” Quizzes and Q&A Sections
- Glossary of Key Terms
- Index
- Appendix B Study Planner
- Where are the companion content files? - Register
- Code Snippets
Product information
- Title: CompTIA PenTest+ PT0-001 Cert Guide
- Author(s):
- Release date: December 2018
- Publisher(s): Pearson IT Certification
- ISBN: 9780135225523
You might also like
book
Ubuntu Hacks
Ubuntu Linux--the most popular Linux distribution on the planet--preserves the spirit embodied in the ancient African …
article
Use Github Copilot for Prompt Engineering
Using GitHub Copilot can feel like magic. The tool automatically fills out entire blocks of code--but …
article
Managing Encryption Keys
This collection of shortcuts provides a practical and concise guide to securing cloud environments. It covers …
article
Reinventing the Organization for GenAI and LLMs
Previous technology breakthroughs did not upend organizational structure, but generative AI and LLMs will. We now …