I'm a studentI'm an educator

CompTIA PenTest+ PT0-002 Cert Guide, 2nd edition

Published by Pearson IT Certification (December 17, 2021) © 2022

  • Omar Santos Best-selling Cisco Press author, expert trainer, and Principal Engineer at Cisco (PSIRT)
Products list
$57.99
Buy nowOpens in a new tab
Sold by InformIT and ebook resellers
  • Available for purchase from all major ebook resellers, including InformIT.com
Products list
$47.99

Price Reduced From: $59.99

Details

  • A print text
  • Free shipping
  • Also available for purchase as an ebook from all major ebook resellers, including InformIT.com
Products list
$140.00

Access Details

  • Access courses online from any computer (PC or Mac) or tablet (Android or iOS)
  • Native app available for mobile use; use online, or download and work offline; data syncs automatically 
  • Purchase print or digital codes from your college bookstore, or printed access code cards here

Features

  • Interactive learning elements throughout, including exercises, quizzes, flashcards, and video tutorials

Learn, prepare, and practice for CompTIA PenTest+ PT0-002 exam success with this CompTIA PenTest+ PT0-002 Cert Guide from Pearson IT Certification, a leader in IT Certification learning.

CompTIA PenTest+ PT0-002 Cert Guide presents students with an organized test preparation routine through the use of proven series elements and techniques. “Do I Know This Already?” quizzes open each chapter and allow students to decide how much time they need to spend on each section. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help students drill on key concepts they must know thoroughly.

CompTIA PenTest+ PT0-002 Cert Guide focuses specifically on the objectives for the CompTIA PenTest+ PT0-002 exam. Leading security expert Omar Santos shares preparation hints and test-taking tips, helping students identify areas of weakness and improve both their conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing their understanding and retention of exam topics.

This complete study package includes:

  • A test-preparation routine proven to help students pass the exams
  • Do I Know This Already? quizzes, which allow students to decide how much time they need to spend on each section
  • Chapter-ending exercises, which help students drill on key concepts that must be known thoroughly
  • An online interactive Flash Cards application to help students drill on Key Terms by chapter
  • A final preparation chapter, which guides students through tools and resources to help students craft their review and test-taking strategies
  • Study plan suggestions and templates to help students organize and optimize their study time

Well regarded for its level of detail, assessment features, and challenging review questions and exercises, this official study guide helps students master the concepts and techniques that ensure their exam success.

This study guide helps students master all the topics on the CompTIA PenTest+ PT0-002 exam, including:

  • Planning and Scoping a Penetration Testing Assessment
  • Information Gathering and Vulnerability Identification
  • Social Engineering Attacks and Physical Security Vulnerabilities
  • Exploiting Wired and Wireless Networks
  • Exploiting Application-Based Vulnerabilities
  • Cloud, Mobile, and IoT Security
  • Performing Post-Exploitation Techniques
  • Reporting and Communication
  • Tools and Code Analysis
Introduction xxix

Chapter 1 Introduction to Ethical Hacking and Penetration Testing 3

    “Do I Know This Already?” Quiz 3

    Foundation Topics 7

    Understanding Ethical Hacking and Penetration Testing 7

    Exploring Penetration Testing Methodologies 9

    Building Your Own Lab 15

    Exam Preparation Tasks 20

    Review All Key Topics 20

    Define Key Terms 20

    Q&A 20

Chapter 2 Planning and Scoping a Penetration Testing Assessment 23

    “Do I Know This Already?” Quiz 23

    Foundation Topics 26

    Comparing and Contrasting Governance, Risk, and Compliance Concepts 26

    Explaining the Importance of Scoping and Organizational or Customer Requirements 39

    Demonstrating an Ethical Hacking Mindset by Maintaining Professionalism and Integrity 48

    Exam Preparation Tasks 50

    Review All Key Topics 50

    Define Key Terms 51

    Q&A 51

Chapter 3 Information Gathering and Vulnerability Scanning 55

    “Do I Know This Already?” Quiz 55

    Foundation Topics 59

    Performing Passive Reconnaissance 59

    Performing Active Reconnaissance 93

    Understanding the Art of Performing Vulnerability Scans 125

    Understanding How to Analyze Vulnerability Scan Results 136

    Exam Preparation Tasks 141

    Review All Key Topics 142

    Define Key Terms 142

    Q&A 143

Chapter 4 Social Engineering Attacks 145

    “Do I Know This Already?” Quiz 145

    Foundation Topics 149

    Pretexting for an Approach and Impersonation 149

    Social Engineering Attacks 151

    Physical Attacks 155

    Methods of Influence 170

    Exam Preparation Tasks 171

    Review All Key Topics 171

    Define Key Terms 172

    Q&A 172

Chapter 5 Exploiting Wired and Wireless Networks 175

    “Do I Know This Already?” Quiz 175

    Foundation Topics 180

    Exploiting Network-Based Vulnerabilities 180

    Exploiting Wireless Vulnerabilities 216

    Exam Preparation Tasks 234

    Review All Key Topics 234

    Define Key Terms 235

    Q&A 235

Chapter 6 Exploiting Application-Based Vulnerabilities 237

    “Do I Know This Already?” Quiz 237

    Foundation Topics 244

    Overview of Web Application-Based Attacks for Security Professionals and the OWASP Top 10 244

    How to Build Your Own Web Application Lab 255

    Understanding Business Logic Flaws 256

    Understanding Injection-Based Vulnerabilities 257

    Exploiting Authentication-Based Vulnerabilities 273

    Exploiting Authorization-Based Vulnerabilities 279

    Understanding Cross-Site Scripting (XSS) Vulnerabilities 281

    Understanding Cross-Site Request Forgery (CSRF/XSRF) and Server-Side Request Forgery Attacks 288

    Understanding Clickjacking 289

    Exploiting Security Misconfigurations 289

    Exploiting File Inclusion Vulnerabilities 292

    Exploiting Insecure Code Practices 293

    Exam Preparation Tasks 301

    Review All Key Topics 301

    Define Key Terms 302

    Q&A 303

Chapter 7 Cloud, Mobile, and IoT Security 305

    “Do I Know This Already?” Quiz 305

    Foundation Topics 309

    Researching Attack Vectors and Performing Attacks on Cloud Technologies 309

    Explaining Common Attacks and Vulnerabilities Against Specialized Systems 324

    Exam Preparation Tasks 336

    Review All Key Topics 337

    Define Key Terms 337

    Q&A 338

Chapter 8 Performing Post-Exploitation Techniques 341

    “Do I Know This Already?” Quiz 341

    Foundation Topics 345

    Creating a Foothold and Maintaining Persistence After Compromising a System 345

    Understanding How to Perform Lateral Movement, Detection Avoidance, and Enumeration 355

    Exam Preparation Tasks 371

    Review All Key Topics 371

    Define Key Terms 372

    Q&A 372

Chapter 9 Reporting and Communication 375

    “Do I Know This Already?” Quiz 375

    Foundation Topics 379

    Comparing and Contrasting Important Components of Written Reports 379

    Analyzing the Findings and Recommending the Appropriate Remediation Within a Report 385

    Explaining the Importance of Communication During the Penetration Testing Process 390

    Explaining Post-Report Delivery Activities 393

    Exam Preparation Tasks 395

    Review All Key Topics 395

    Define Key Terms 395

    Q&A 396

Chapter 10 Tools and Code Analysis 399

    “Do I Know This Already?” Quiz 399

    Foundation Topics 403

    Understanding the Basic Concepts of Scripting and Software

    Development 403

    Understanding the Different Use Cases of Penetration Testing Tools and Analyzing Exploit Code 409

    Exam Preparation Tasks 505

    Review All Key Topics 506

    Define Key Terms 508

    Q&A 508

Chapter 11 Final Preparation 513

    Tools for Final Preparation 513

    Suggested Plan for Final Review/Study 517

    Summary 518

Glossary of Key Terms 519

Appendix A Answers to the “Do I Know This Already?” Quizzes and Q&A Sections 537

Appendix B CompTIA® PenTest+ PT0-002 Cert Guide Exam Updates 559



Online Elements:

Appendix C Study Planner

Glossary of Key Terms



TOC, 9780137566068, 10/21/2021


Need help? Get in touch