CompTIA PenTest+ PT0-001 Ausbildung - OEM Certkit

Das Ausbildung CompTIA PenTest + -Zertifizierung bestätigt, dass erfolgreiche Kandidaten über die erforderlichen Kenntnisse und Fähigkeiten verfügen, um eine Bewertung zu planen und durchzuführen, regulatorische und Compliance-Anforderz Erforderlichen Kenntnisse und Fähigkeiten verfügen, um eine Bewertung zu planen und durchzuführen, regulator Scansche und Compliance-Anforderz Erforderlichen, Zuwstu zünfügen, zuwstu zünfügen, zuwstügen , um zu berichten und zu kommunizieren.

Kursinhalt

CompTIA PenTest+: Planning for an Engagemen

Course: 56 Minutes

Why We Need Penetration Testers
The CompTIA PenTest+ Exam4
Understand Your Audience and the Rules of Engagement
Resources, Requirements, and Budgets
Impact Analysis and Remediation Timelines
Disclaimers and Technical Constraints
Engagement Support Resources
Examining Pertiient Contracts and Agreements
Evaluating Environmental Differences
Obtaining Written Authorization
Exercise: Describe Engagement

CompTIA PenTest+: Scoping an Engagement

Course: 56 Minutes

Types of Assessment
Special Scoping Factors
Target Selection
Scoping Strategy
Risk acceptance and Tolerance to Impact
Scheduling and Scope Creep
Threat Actors and Threat Agents
Compliance-Based Assessments and Limitations
Basing Objectives on Regulations
Exercise: Describe Engagement Scoping and Compliance

CompTIA PenTest+: Information Gathering

Course: 53 Minutes

Scanning10 MinutesCompletedActions
Enumeration6
Packet Crafting and Packet Inspection
Fingerprinting
Certificate Inspection
Eavesdropping
Decompilation
Debugging
Open Source Intelligence Gathering
Mapping and Prioritizing
Common Techniques to Complete Attacks
Exercise: Information Gathering and Preparation

CompTIA PenTest+: Vulnerability Identification

Course: 41 Minutes

Types of Scans8
Considerations of Vulnerability Scanning
Application and Container Scanning
Asset Categorization
Adjudication and Prioritization
Common Scanning Themes
Performing Vulnerability Scans
Performing Scan Analysis
Exercise: Vulnerability Scanning

CompTIA PenTest+: Social Engineering and Specialized System Attacks

Course: 57 Minutes

Weaknesses in Specialized Systems
Phishing Attacks
Elicitation Exploits
Interrogation Techniques
Impersonation and Hoaxing
Shoulder Surfing
USB Key Dropping
Motivation Techniques
Setting up a Pentesting Lab (Part I)
Setting up a Pentesting Lab (Part II)
Exercise: Social Attacks and Exploits

CompTIA PenTest+: Network-Based Exploits

Course: 1 Hour, 19 Minutes

Name Resolution and SMB Exploits
SNMP and SMTP Exploits
FTP and DNS Exploits
Pass the Hash Exploits
Man-in-the-Middle Attacks
Denial-of-Service
NAC Bypass and VLAN Hopping
Evil Twin and Deauthentication
Fragmentation and WPS Exploits
Bluejacking and Bluesnarfing
Cloning, Jamming, and Repeating
Exercise: Managing Network Exploits

CompTIA PenTest+: Application-Based vulnerabilities

Course: 53 Minutes

Injection Attacks
Authentication Exploits
Authorization Exploits
Cross-Site Scripting Attacks (XSS)
Cross-Site Request Forgery (CSRF/XSRF)
Clickjacking
Security Misconfiguration
File Inclusion Exploits
Unsecure Code Practices
Exercise: Application Exploits

CompTIA PenTest+: Local Host Vulnerabilities

Course: 39 Minutes

Overview of OS Vulnerabilities
Unsecure Service and Protocol Configuration
Linux-Specific Privilege Escalation
Windows-Specific Privilege Escalation
Additional Host-Based exploits
Default Account Setting Vulnerabilities
Sandbox Escape Exploits
Exercise: Describing Local Host Exploits

CompTIA PenTest+: Post-Exploitation and Facilities Attacks

Course: 41 Minutes

Lateral Movement
Persistence
Covering Tracks
Piggybacking and Tailgating
Fence Jumping
Dumpster Diving
Lock Picking and Bypass
Egress Sensors
Badge Cloning
Exercise: Describing Facilities and Post-exploit

CompTIA PenTest+: Penetration Testing Tools

Course: 1 Hour, 24 Minutes

Using Nmap for Information Gathering
Comparing Use Cases
Scanner Tools
Credential Testing Tools
Debuggers and Software Assurance Tools
OSINT Tools
Networking and Wireless Tools
Web Proxies and Social Engineering Tools
Remote Access Tools
Miscellaneous Tools
Exercise: Describing Pentest Tools

CompTIA PenTest+: Reporting and Communication

Course: 37 Minutes

Normalization of Data
Written Report of Findings and Remediation
Secure Report Handling and Disposition
Post-Report Delivery Activities
Recommend Mitigation Solutions
Recommend Remediation Strategies
The Importance of Pentester Communication
Exercise: Describing Reports and Communication

CompTIA PenTest+: Analyzing Tool and Script Output

Course: 57 Minutes

Password Cracking Output
Pass the Hash Output
Setting up a Bind Shell
Getting a Reverse Shell
Proxying a Connection
Uploading a Web Shell
Analyzing Injections
Analyzing Logic and I/
Substitutions, Variables, and Common Operations
Analyzing Error Handling and Arrays
Analyzing Encoding and Decoding
Exercise: Describing Tool Output