SKIP THE SHIPPING
Use code NOSHIP during checkout to save 40% on eligible eBooks, now through January 5. Shop now.
Register your product to gain access to bonus material or receive a coupon.
Trust the best-selling Cert Guide series from Pearson IT Certification to help you learn, prepare, and practice for exam success. They are built with the objective of providing assessment, review, and practice to help ensure you are fully prepared for your certification exam.
CompTIA PenTest+ PT0-002 Cert Guide presents you with an organized test preparation routine through the use of proven series elements and techniques. Do I Know This Already? quizzes open each chapter and enable you to decide how much time you need to spend on each section. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly.
CompTIA PenTest+ PT0-002 Cert Guide focuses specifically on the objectives for the CompTIA PenTest+ PT0-002 exam. Leading security expert Omar Santos shares preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.
This complete study package includes
The companion website contains the powerful Pearson Test Prep practice test software complete with two complete practice exams.
Well regarded for its level of detail, assessment features, and challenging review questions and exercises, this official study guide helps you master the concepts and techniques that ensure your exam success.
This study guide helps you master all the topics on the CompTIA PenTest+ PT0-002 exam, including
Includes Exclusive Offers For Up to 80% Off Practice Tests
Pearson Test Prep online system requirements:
Browsers: Chrome version 73 and above, Safari version 12 and above, Microsoft Edge 44 and above.
Devices: Desktop and laptop computers, tablets running on Android v8.0 and iOS v13, smartphones with a minimum screen size of 4.7”. Internet access required.
Pearson Test Prep offline system requirements:
Windows 10, Windows 8.1; Microsoft .NET Framework 4.5 Client; Pentium-class 1 GHz processor (or equivalent); 512 MB RAM; 650 MB disk space plus 50 MB for each downloaded practice exam; access to the Internet to register and download exam databases
Also available from Pearson IT Certification for CompTIA PenTest+ PT0-002 study is the CompTIA PenTest+ PT0-002 Cert Guide Premium Edition eBook and Practice Test. This digital-only certification preparation product combines an eBook with enhanced Pearson Test Prep Practice Tests.
This integrated learning package
CompTIA PenTest+ PT0-002 Cert Guide Premium Edition eBook and Practice Test
The exciting new CompTIA PenTest+ PT0-002 Cert Guide Premium Edition eBook and Practice Test is a digital-only certification preparation product combining an eBook with enhanced Pearson Test Prep practice test software. The Premium Edition eBook and Practice Test contains the following items:
Introduction xxix
Chapter 1 Introduction to Ethical Hacking and Penetration Testing 3
“Do I Know This Already?” Quiz 3
Foundation Topics 7
Understanding Ethical Hacking and Penetration Testing 7
Exploring Penetration Testing Methodologies 9
Building Your Own Lab 15
Exam Preparation Tasks 20
Review All Key Topics 20
Define Key Terms 20
Q&A 20
Chapter 2 Planning and Scoping a Penetration Testing Assessment 23
“Do I Know This Already?” Quiz 23
Foundation Topics 26
Comparing and Contrasting Governance, Risk, and Compliance Concepts 26
Explaining the Importance of Scoping and Organizational or Customer Requirements 39
Demonstrating an Ethical Hacking Mindset by Maintaining Professionalism and Integrity 48
Exam Preparation Tasks 50
Review All Key Topics 50
Define Key Terms 51
Q&A 51
Chapter 3 Information Gathering and Vulnerability Scanning 55
“Do I Know This Already?” Quiz 55
Foundation Topics 59
Performing Passive Reconnaissance 59
Performing Active Reconnaissance 93
Understanding the Art of Performing Vulnerability Scans 125
Understanding How to Analyze Vulnerability Scan Results 136
Exam Preparation Tasks 141
Review All Key Topics 142
Define Key Terms 142
Q&A 143
Chapter 4 Social Engineering Attacks 145
“Do I Know This Already?” Quiz 145
Foundation Topics 149
Pretexting for an Approach and Impersonation 149
Social Engineering Attacks 151
Physical Attacks 155
Methods of Influence 170
Exam Preparation Tasks 171
Review All Key Topics 171
Define Key Terms 172
Q&A 172
Chapter 5 Exploiting Wired and Wireless Networks 175
“Do I Know This Already?” Quiz 175
Foundation Topics 180
Exploiting Network-Based Vulnerabilities 180
Exploiting Wireless Vulnerabilities 216
Exam Preparation Tasks 234
Review All Key Topics 234
Define Key Terms 235
Q&A 235
Chapter 6 Exploiting Application-Based Vulnerabilities 237
“Do I Know This Already?” Quiz 237
Foundation Topics 244
Overview of Web Application-Based Attacks for Security Professionals and the OWASP Top 10 244
How to Build Your Own Web Application Lab 255
Understanding Business Logic Flaws 256
Understanding Injection-Based Vulnerabilities 257
Exploiting Authentication-Based Vulnerabilities 273
Exploiting Authorization-Based Vulnerabilities 279
Understanding Cross-Site Scripting (XSS) Vulnerabilities 281
Understanding Cross-Site Request Forgery (CSRF/XSRF) and Server-Side Request Forgery Attacks 288
Understanding Clickjacking 289
Exploiting Security Misconfigurations 289
Exploiting File Inclusion Vulnerabilities 292
Exploiting Insecure Code Practices 293
Exam Preparation Tasks 301
Review All Key Topics 301
Define Key Terms 302
Q&A 303
Chapter 7 Cloud, Mobile, and IoT Security 305
“Do I Know This Already?” Quiz 305
Foundation Topics 309
Researching Attack Vectors and Performing Attacks on Cloud Technologies 309
Explaining Common Attacks and Vulnerabilities Against Specialized Systems 324
Exam Preparation Tasks 336
Review All Key Topics 337
Define Key Terms 337
Q&A 338
Chapter 8 Performing Post-Exploitation Techniques 341
“Do I Know This Already?” Quiz 341
Foundation Topics 345
Creating a Foothold and Maintaining Persistence After Compromising a System 345
Understanding How to Perform Lateral Movement, Detection Avoidance, and Enumeration 355
Exam Preparation Tasks 371
Review All Key Topics 371
Define Key Terms 372
Q&A 372
Chapter 9 Reporting and Communication 375
“Do I Know This Already?” Quiz 375
Foundation Topics 379
Comparing and Contrasting Important Components of Written Reports 379
Analyzing the Findings and Recommending the Appropriate Remediation Within a Report 385
Explaining the Importance of Communication During the Penetration Testing Process 390
Explaining Post-Report Delivery Activities 393
Exam Preparation Tasks 395
Review All Key Topics 395
Define Key Terms 395
Q&A 396
Chapter 10 Tools and Code Analysis 399
“Do I Know This Already?” Quiz 399
Foundation Topics 403
Understanding the Basic Concepts of Scripting and Software
Development 403
Understanding the Different Use Cases of Penetration Testing Tools and Analyzing Exploit Code 409
Exam Preparation Tasks 505
Review All Key Topics 506
Define Key Terms 508
Q&A 508
Chapter 11 Final Preparation 513
Tools for Final Preparation 513
Suggested Plan for Final Review/Study 517
Summary 518
Glossary of Key Terms 519
Appendix A Answers to the “Do I Know This Already?” Quizzes and Q&A Sections 537
Appendix B CompTIA® PenTest+ PT0-002 Cert Guide Exam Updates 559
Online Elements:
Appendix C Study Planner
Glossary of Key Terms
TOC, 9780137566068, 10/21/2021
We've made every effort to ensure the accuracy of this book and its companion content. Any errors that have been confirmed since this book was published can be downloaded below.
Download the errata (54 KB .doc)