Skip to main content

CompTIA Pentest+: A Retrospective

I get asked by students often enough what certifications they should be aiming at. Usually, it's a few freshmen that heard that the OSCP was industry standard for penetration testing and have now set their every so green sights upon that. It's always an interesting conversation correcting that piece of misinformation. There's also an occasional couple of soon to be graduating seniors who would like to bolster their resume with a cert. There are also the students who heard that the CEH was the way to go if you want to become a "real hacker". Bleh. I think this is where the Pentest+ comes in.

Recently, I sat for and passed the CompTIA Pentest+. This will be the certification that I now recommend to my students....along with the Security+ of course. While the argument can be made that this certification is not comprehensive enough with it being completely theoretical and not at all practical there's still value to be found in it. It's an introduction to the world of pentesting that is still approachable enough for the average undergraduate security student. Covering different tools, legal documents, standards, and practices there's a little bit of everything on the exam. It's not going to ask you to pop boxes but it will ask that you know how to run Nmap and what an NDA is versus an MSA. A list of the complete objectives can be found....HERE


Like all certifications, there is some element of studying. I have broken down the materials that I used and my feelings on them below. 

The Essentials

  • Udemy - CompTIA Pentest+ Ethical Hacking Course by Jason Dion
    • Great place to start studying! The course goes over a lot of basic concepts that you'll need to know and includes a few practice tests. It definitely does not go in-depth enough to be the only resource of use but it's enough to get someone started. Plus Udemy courses go on sale more often than DEFCON sells out of electronic badges ¯\_(ツ)_/¯
  • CompTIA PenTest+ Certification All-in-One Exam Guide (Exam PT0-001)
    • This is the book that I would recommend. It's also regrettably not the book I focused the majority of my studying on...more on that later. Most books that I have taken a look at are similar to the above Udemy course. They are as wide as an ocean and as deep as a puddle. This book, however, goes into a bit more depth and includes a lot of the information that you will need for different tools. It also comes with practice exams that are much more challenging and will prepare you significantly better.
  • CompTIA PenTest+ Study Guide: Exam PT0-001
    • At the time this was the only book I could get in a digital format and why I focused my studies on it. Unfortunately, it suffers the ocean/puddle problem. If you plan to utilize this book you will 100% want to spend time reviewing code, learning the tools, and looking at outside practice tests. The practice tests that this one comes with are just not enough to prepare someone for the questions they will see on exam day.


  • Nmap 6 Cookbook: The Fat Free Guide to Network Security Scanning
  • Rtfm: Red Team Field Manual
  • Notecards (Who doesn't love notecards? Just me? Huh.)
    • Nmap
      • Using the books above and this handy Nmap cheat sheet I created a set of flashcards for all the common flags. -O, -A, -T, & -sS. It's possible that you may receive what are called PBQs (essentially drag and drop) questions that will ask you what flag is needed for the specific goal of that Nmap scan. 
    • Port Numbers
      • Going through the books there were lists of common port numbers...8080, 443, 23, & 22. These for sure came in handy as there were a few questions specific to services that would be expected to be running on each port. 
    • Code Snippets
      • In all honesty, I am not a programmer so I created a set with different code snippets and used those to help me begin to recognize the differences between PowerShell, Python, Ruby, and BASH. If you have never programmed in one of these languages I highly recommend creating a set of flashcards. I created a handy cheat sheet for this. 


If you are new to the industry, a student looking get a cert, or just wanting to put skills onto a piece of paper for HR I really do think this is a good entry-level option. The cost is at a good price point of $349 or $226 for students. Significantly cheaper than the CEH. There's just enough material to get someone acquainted with the world of pentesting but to not overwhelm them. Think of it as a stepping stone to something like the eJPT and eventually the OSCP. Hopefully, this guide will be of use to anyone planning to take the exam!