{"product_id":"comptia-pentest-®-training","title":"CompTIA PenTest+® Training","description":"\u003cdiv\u003e\n\u003cp\u003eThe \u003cb\u003eCompTIA PenTest+ (PTO-003)\u003c\/b\u003e course is designed for cybersecurity professionals who want to develop and validate their penetration testing and vulnerability assessment skills. It provides a hands-on, performance-based approach to ethical hacking, focusing on real-world attack techniques, tools, and strategies used by security professionals to identify, exploit, and mitigate vulnerabilities in IT systems. This course bridges the gap between security analysts and penetration testers by covering both offensive and defensive cybersecurity tactics.\u003c\/p\u003e\r\n\u003cp\u003eU.S. DoDM 8140.03 APPROVED BY DEPARTMENT OF DEFENSE\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eCompTIA PenTest+® Training Benefits\u003c\/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eIn this course, you will learn the following:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003ePlan, scope, and perform information gathering as part of a penetration test.\u003c\/li\u003e\n\u003cli\u003ePerform attacks that are aligned to and fulfill legal and compliance requirements.\u003c\/li\u003e\n\u003cli\u003ePerform each phase of a penetration test using and modifying appropriate tools and use the appropriate tactics, techniques, and procedures.\u003c\/li\u003e\n\u003cli\u003eAnalyze the results of each phase of a penetration test to develop a written report, effectively communicate findings to stakeholders and provide practical recommendations.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eTraining Prerequisites\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eWhile prior experience is not mandatory, having a background in cybersecurity and hands-on practice with penetration testing tools will significantly improve comprehension and performance in the course and certification exam.\u003c\/p\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eCertification Information\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eYou must take and pass the CompTIA PenTest+ (PTO-003) certification exam to earn this certification. Exam vouchers are available upon request and included in the tuition fee.\u003c\/p\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eCompTIA PenTest+ Training Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLearning Objectives\u003c\/h4\u003e\n\u003cp\u003e\u003cb\u003e1.0 Engagement Management \u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cb\u003e1.1 Summarize pre-engagement activities. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eScope definition\u003c\/li\u003e\n\u003cli\u003eShared responsibility model\u003c\/li\u003e\n\u003cli\u003eLegal and ethical considerations\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e1.2 Explain collaboration and communication activities. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003ePeer review and  Stakeholder alignment\u003c\/li\u003e\n\u003cli\u003eRoot cause analysis\u003c\/li\u003e\n\u003cli\u003eEscalation path and Secure distribution\u003c\/li\u003e\n\u003cli\u003eArticulation of risk, severity, and impact\u003c\/li\u003e\n\u003cli\u003eGoal reprioritization and  Business impact analysis\u003c\/li\u003e\n\u003cli\u003eClient acceptance\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e1.3 Compare and contrast testing frameworks and methodologies. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eOpen Source Security Testing Methodology Manual (OSSTMM)\u003c\/li\u003e\n\u003cli\u003eCouncil of Registered Ethical Security Testers (CREST)\u003c\/li\u003e\n\u003cli\u003ePenetration Testing Execution Standard (PTES)\u003c\/li\u003e\n\u003cli\u003eMITRE ATT\u0026amp;CK\u003c\/li\u003e\n\u003cli\u003eOpen Worldwide Application Security Project (OWASP) Top 10\u003c\/li\u003e\n\u003cli\u003eOWASP Mobile Application Security Verification Standard (MASVS)\u003c\/li\u003e\n\u003cli\u003ePurdue model\u003c\/li\u003e\n\u003cli\u003eThreat modeling frameworks\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e1.4 Explain the components of a penetration test report. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eFormat alignment\u003c\/li\u003e\n\u003cli\u003eDocumentation specifications\u003c\/li\u003e\n\u003cli\u003eRisk scoring\u003c\/li\u003e\n\u003cli\u003eDefinitions and Report components\u003c\/li\u003e\n\u003cli\u003eTest limitations and assumptions\u003c\/li\u003e\n\u003cli\u003eReporting considerations\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e1.5 Given a scenario, analyze the findings and recommend the appropriate remediation within a report. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eTechnical, Administrative, Operational and Physical controls\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e2.0  Reconnaissance and Enumeration\u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003e \u003cb\u003e2.1  Given a scenario, apply information gathering techniques. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eActive and passive reconnaissance\u003c\/li\u003e\n\u003cli\u003eOpen-source intelligence (OSINT)\u003c\/li\u003e\n\u003cli\u003eNetwork reconnaissance\u003c\/li\u003e\n\u003cli\u003eProtocol scanning\u003c\/li\u003e\n\u003cli\u003eCertificate transparency logs\u003c\/li\u003e\n\u003cli\u003eInformation disclosure\u003c\/li\u003e\n\u003cli\u003eSearch engine analysis\/ enumeration\u003c\/li\u003e\n\u003cli\u003eNetwork sniffing and Banner grabbing\u003c\/li\u003e\n\u003cli\u003eHypertext Markup Language (HTML) scraping\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e2.2 Given a scenario, apply enumeration techniques. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eOperating system (OS) fingerprinting\u003c\/li\u003e\n\u003cli\u003eService discovery\u003c\/li\u003e\n\u003cli\u003eProtocol enumeration\u003c\/li\u003e\n\u003cli\u003eDNS and Directory enumeration\u003c\/li\u003e\n\u003cli\u003eHost discovery and  Share enumeration\u003c\/li\u003e\n\u003cli\u003eLocal user and Email account enumeration\u003c\/li\u003e\n\u003cli\u003eWireless, Permission and Secrets enumeration\u003c\/li\u003e\n\u003cli\u003eAttack path mapping\u003c\/li\u003e\n\u003cli\u003eWeb application firewall (WAF) enumeration\u003c\/li\u003e\n\u003cli\u003eWeb crawling\u003c\/li\u003e\n\u003cli\u003eManual enumeration\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e2.3 Given a scenario, modify scripts for reconnaissance and enumeration. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eInformation gathering\u003c\/li\u003e\n\u003cli\u003eData manipulation\u003c\/li\u003e\n\u003cli\u003eScripting languages\u003c\/li\u003e\n\u003cli\u003eLogic constructs\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e2.4 Given a scenario, use the appropriate tools for reconnaissance and enumeration. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eWayback Machine\u003c\/li\u003e\n\u003cli\u003eMaltego\u003c\/li\u003e\n\u003cli\u003eRecon-ng\u003c\/li\u003e\n\u003cli\u003eShodan\u003c\/li\u003e\n\u003cli\u003eSpiderFoot\u003c\/li\u003e\n\u003cli\u003eWHOIS\u003c\/li\u003e\n\u003cli\u003enslookup\/dig\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e3.1 Given a scenario, conduct vulnerability discovery using various techniques. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eTypes of scans\u003c\/li\u003e\n\u003cli\u003eIndustrial control systems (ICS) vulnerability assessment\u003c\/li\u003e\n\u003cli\u003eTools\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e3.2 Given a scenario, analyze output from reconnaissance, scanning, and enumeration phases. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eValidate scan, reconnaissance, and enumeration results\u003c\/li\u003e\n\u003cli\u003ePublic exploit selection\u003c\/li\u003e\n\u003cli\u003eUse scripting to validate results\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e3.3 Explain physical security concepts. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eTailgating\u003c\/li\u003e\n\u003cli\u003eSite surveys\u003c\/li\u003e\n\u003cli\u003eUniversal Serial Bus (USB) drops\u003c\/li\u003e\n\u003cli\u003eBadge cloning\u003c\/li\u003e\n\u003cli\u003eLock picking\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e4.0 Attacks and Exploits \u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cb\u003e4.1 Given a scenario, analyze output to prioritize and prepare attacks. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eTarget prioritization\u003c\/li\u003e\n\u003cli\u003eCapability selection\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e4.2 Given a scenario, perform network attacks using the appropriate tools. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAttack types and Tools\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e4.3 Given a scenario, perform authentication attacks using the appropriate tools. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAttack types and  Tools\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e4.4 Given a scenario, perform host-based attacks using the appropriate tools. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAttack types and Tools\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e4.5 Given a scenario, perform web application attacks using the appropriate tools. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAttack types and Tools\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e4.6 Given a scenario, perform cloud-based attacks using the appropriate tools. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAttack types and Tools\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e4.7 Given a scenario, perform wireless attacks using the appropriate tools. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAttack types and Tools\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e4.8 Given a scenario, perform social engineering attacks using the appropriate tools. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAttack types and Tools\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e4.9 Explain common attacks against specialized systems. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAttack types and Tools\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e4.10 Given a scenario, use scripting to automate attacks. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAttack types and Tools\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e5.0 Post-exploitation and Lateral Movement \u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cb\u003e5.1 Given a scenario, perform tasks to establish and maintain persistence. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eScheduled tasks\/cron jobs\u003c\/li\u003e\n\u003cli\u003eService creation\u003c\/li\u003e\n\u003cli\u003eReverse and Bind Shell\u003c\/li\u003e\n\u003cli\u003eAdd new accounts and Obtain valid account credentials\u003c\/li\u003e\n\u003cli\u003eRegistry keys\u003c\/li\u003e\n\u003cli\u003eCommand and control (C2) frameworks\u003c\/li\u003e\n\u003cli\u003eBackdoor and Rootkit\u003c\/li\u003e\n\u003cli\u003eBrowser extensions\u003c\/li\u003e\n\u003cli\u003eTampering security controls\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e5.2 Given a scenario, perform tasks to move laterally throughout the environment. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003ePivoting\u003c\/li\u003e\n\u003cli\u003eRelay creation\u003c\/li\u003e\n\u003cli\u003eEnumeration\u003c\/li\u003e\n\u003cli\u003eService discovery\u003c\/li\u003e\n\u003cli\u003eWindow Management Instrumentation (WMI)\u003c\/li\u003e\n\u003cli\u003eWindow Remote Management (WinRM)\u003c\/li\u003e\n\u003cli\u003eTools\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e5.3 Summarize concepts related to staging and exfiltration. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eFile encryption and compression\u003c\/li\u003e\n\u003cli\u003eCovert channel\u003c\/li\u003e\n\u003cli\u003eEmail\u003c\/li\u003e\n\u003cli\u003eCross-account resources\u003c\/li\u003e\n\u003cli\u003eCloud storage\u003c\/li\u003e\n\u003cli\u003eAlternate data streams\u003c\/li\u003e\n\u003cli\u003eText storage sites\u003c\/li\u003e\n\u003cli\u003eVirtual drive mounting\u003c\/li\u003e\n\u003cli\u003eRemove persistence mechanisms\u003c\/li\u003e\n\u003cli\u003eRevert configuration changes\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e5.4 Explain cleanup and restoration activities. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eRemove tester-created credentials\u003c\/li\u003e\n\u003cli\u003eRemove tools\u003c\/li\u003e\n\u003cli\u003eSpin down infrastructure\u003c\/li\u003e\n\u003cli\u003ePreserve artifacts\u003c\/li\u003e\n\u003cli\u003eSecure data destruction\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"267B27US \/ 2026-07-27T09:00:00 \/ Herndon, VA","offer_id":47534192361691,"sku":"US-2049-IL","price":2085.0,"currency_code":"USD","in_stock":true},{"title":"268A92US \/ 2026-08-24T09:00:00 \/ Austin","offer_id":47534192394459,"sku":"US-2049-IL","price":2085.0,"currency_code":"USD","in_stock":true},{"title":"267D49US \/ 2026-07-13T09:00:00 \/ New York","offer_id":48216572526811,"sku":"US-2049-IL","price":2085.0,"currency_code":"USD","in_stock":true},{"title":"269A83CN \/ 2026-09-14T09:00:00 \/ Ottawa","offer_id":48216572559579,"sku":"US-2049-IL","price":2085.0,"currency_code":"USD","in_stock":true},{"title":"26BC54US \/ 2026-11-30T09:00:00 \/ New York","offer_id":48216572592347,"sku":"US-2049-IL","price":2085.0,"currency_code":"USD","in_stock":true},{"title":"271A35CN \/ 2027-01-25T09:00:00 \/ Ottawa","offer_id":48216572625115,"sku":"US-2049-IL","price":2085.0,"currency_code":"USD","in_stock":true},{"title":"272B69US \/ 2027-02-08T09:00:00 \/ Herndon, VA","offer_id":48230040568027,"sku":"US-2049-IL","price":2085.0,"currency_code":"USD","in_stock":true},{"title":"273B87US \/ 2027-03-15T09:00:00 \/ Austin","offer_id":48363059708123,"sku":"US-2049-IL","price":2085.0,"currency_code":"USD","in_stock":true},{"title":"274B88US \/ 2027-04-26T09:00:00 \/ New York","offer_id":48669323264219,"sku":"US-2049-IL","price":2085.0,"currency_code":"USD","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0691\/4143\/0491\/files\/comptia_pentest.png?v=1709762025","url":"https:\/\/learningtreeinternational-dirinfosec-hhs.myshopify.com\/products\/comptia-pentest-%c2%ae-training","provider":"Learning Tree International","version":"1.0","type":"link"}