Skip to main content

CompTIA Pentest+: A Retrospec.

CompTIA Pentest+: A Retrospective

I get asked by students often enough what certifications they should be aiming at. Usually, it's a few freshmen that heard that the OSCP was industry standard for penetration testing and have now set their every so green sights upon that. It's always an interesting conversation correcting that piece of misinformation. There's also an occasional couple of soon to be graduating seniors who would like to bolster their resume with a cert. There are also the students who heard that the CEH was the way to go if you want to become a "real hacker". Bleh. I think this is where the Pentest+ comes in.

Recently, I sat for and passed the CompTIA Pentest+. This will be the certification that I now recommend to my students....along with the Security+ of course. While the argument can be made that this certification is not comprehensive enough with it being completely theoretical and not at all practical there's still value to be found in it. It's an introduction to the world of pentesting that is still approachable enough for the average undergraduate security student. Covering different tools, legal documents, standards, and practices there's a little bit of everything on the exam. It's not going to ask you to pop boxes but it will ask that you know how to run Nmap and what an NDA is versus an MSA. A list of the complete objectives can be found....HERE

Studying

Like all certifications, there is some element of studying. I have broken down the materials that I used and my feelings on them below. 

The Essentials

  • Udemy - CompTIA Pentest+ Ethical Hacking Course by Jason Dion
    • Great place to start studying! The course goes over a lot of basic concepts that you'll need to know and includes a few practice tests. It definitely does not go in-depth enough to be the only resource of use but it's enough to get someone started. Plus Udemy courses go on sale more often than DEFCON sells out of electronic badges ¯\_(ツ)_/¯
  • CompTIA PenTest+ Certification All-in-One Exam Guide (Exam PT0-001)
    • This is the book that I would recommend. It's also regrettably not the book I focused the majority of my studying on...more on that later. Most books that I have taken a look at are similar to the above Udemy course. They are as wide as an ocean and as deep as a puddle. This book, however, goes into a bit more depth and includes a lot of the information that you will need for different tools. It also comes with practice exams that are much more challenging and will prepare you significantly better.
  • CompTIA PenTest+ Study Guide: Exam PT0-001
    • At the time this was the only book I could get in a digital format and why I focused my studies on it. Unfortunately, it suffers the ocean/puddle problem. If you plan to utilize this book you will 100% want to spend time reviewing code, learning the tools, and looking at outside practice tests. The practice tests that this one comes with are just not enough to prepare someone for the questions they will see on exam day.

Optional

  • Nmap 6 Cookbook: The Fat Free Guide to Network Security Scanning
  • Rtfm: Red Team Field Manual
  • Notecards (Who doesn't love notecards? Just me? Huh.)
    • Nmap
      • Using the books above and this handy Nmap cheat sheet I created a set of flashcards for all the common flags. -O, -A, -T, & -sS. It's possible that you may receive what are called PBQs (essentially drag and drop) questions that will ask you what flag is needed for the specific goal of that Nmap scan. 
    • Port Numbers
      • Going through the books there were lists of common port numbers...8080, 443, 23, & 22. These for sure came in handy as there were a few questions specific to services that would be expected to be running on each port. 
    • Code Snippets
      • In all honesty, I am not a programmer so I created a set with different code snippets and used those to help me begin to recognize the differences between PowerShell, Python, Ruby, and BASH. If you have never programmed in one of these languages I highly recommend creating a set of flashcards. I created a handy cheat sheet for this. 

Summary

If you are new to the industry, a student looking get a cert, or just wanting to put skills onto a piece of paper for HR I really do think this is a good entry-level option. The cost is at a good price point of $349 or $226 for students. Significantly cheaper than the CEH. There's just enough material to get someone acquainted with the world of pentesting but to not overwhelm them. Think of it as a stepping stone to something like the eJPT and eventually the OSCP. Hopefully, this guide will be of use to anyone planning to take the exam!



Comments

Popular posts from this blog

Biohacking: Upgrading People

Biohacking: Upgrading People Last summer I was lucky enough to get one c00p3r's last chips installs before the end of DEFCON. This past weekend I spent over 20+ hours answering questions about biohacking, watching implant installs, and explaining the use cases for each type of chip. At this point, you could say that I rep the colors of the biohacking community. I wanted to create a short list of some of the questions I received, recommendations I gave, use cases, and thoughts I had.
FAQWhat about the mark of the beast? I actually only received this question once during the course of the weekend. It sparked some interesting conversation though. Looking at the specific scripture we find the following...

And he causes all, the small and the great, and the rich and the poor, and the free men and the slaves, to be given a mark on their right hand or on their forehead, 17  and he provides that no one will be able to buy or to sell, except the one who has the mark, either the name of the b…

Android 10/Q and WiFi Scan De-Throttling

Android 10/Q and WiFi Scan De-Throttling Some simple instructions on how to enable WiFi scan de-throttling in Android 10/Q. The phone in the following example was a Google Pixel running Android 10/Q. Open the Settings appScroll to the bottom and select About phone.Scroll to the bottom and tap Build Number 7 times.Return to the previous screen (Settings) to find System near the bottom.

Under System is Advanced Options

Scroll to the bottom and select Developer Options

Under Networking is the setting for Wi-Fi scan throttling

Untoggle the previous option and WiFi scanning should be de-throttled...Happy WiGLE'ing!