CompTIA Pentest+ Certification Guide

 BACKGROUND:


This is my most recent certification that I obtained back in January 2020. I obtained this cert after the Net+ Sec+ and CySA+ certifications. At the time of me taking this exam I had around 2 years of IT experience but no experience working in Cybersecurity.

EXPERIENCE:

I primarily used Jason Dion's PenTest+ course on Udemy. As I have stated previously, I highly recommend Jason Dion's certification courses. 

I watched Dion's entire course while taking handwritten notes on nearly everything. I did this for about 5 days. The next few days I was able to obtain the Sybex 1000 Practice Question book from a friend as a gift. This book while helpful in some aspects, was very similar to the book that I had purchased for CySA+ also from Sybex. The questions are much more difficult than what is on the test, and introduce too much unnecessary information that is not included in the PenTest+ exam objectives.

After skimming through the practice question book, I scheduled the test a few days in advance. On test day, I finished the exam with about an hour to spare. This test along with CySA+ gives you 2 hours and 45 minutes to complete the exam. I passed with an 807.

RECOMMENDATIONS:

  • Know and understand Python & Bash primarily. I did not get any questions where you were expected to make sense of a Ruby script. I believe I did have one question in regards to a Powershell script. To be safe however, just make sure you know how to spot the differences between them.
  • Know how to spot and remediate specific browser vulnerabilities. This will be important for your PBQ's. 
  • Know your Nmap! I didn't get bombarded with Nmap commands, but I did definitely have a few. Know the major flags (-sS -sT -O -A -p- --script) along with a few others. It helps to simply practice the commands in a Kali VM or however you choose.
  • This is probably the most important tip, and it is similar to that advice I gave for the CySA+ exam. You must possess a very strong grasp of offensive security and pentesting methodology. A very large portion of the questions on the test simply throw you into a scenario where you're a penetration tester, and you're expected to make the next step. For example, you may run into a question like, "You're a penetration tester who has been hired by a corporation to test their network security. You were able to successfully compromise a remote host on the target's network, however after attempting to pivot to another host, you ran into X problem. What would be your next step?"
  • CTFs for practice. CTFs (Capture the Flag) are vulnerable machines that you can mock pentest. They can either be spun up in a VM using an ISO you downloaded (Vulnhub) or boxes provided by a CTF platform like HackTheBox that allows you to connect to their network and spin up boxes at your whim. CTFs help immensely with putting you in the "hacker mindset" and I highly recommend them.


LINK:

https://www.udemy.com/share/1021hKAEUad19QQ3o=/
A capybara with an interest in security.

Comments

Post a Comment

Popular posts from this blog

TryHackMe CTF Walkthrough - "Simple CTF"

Image
Note: This is a reupload of a CTF walkthrough from my original website which no longer exists. Tonight I'll be providing a writeup on the TryHackMe box "Simple CTF" similar to my writeup on Blue. TryHackMe is another great and incredibly educational site dedicated to teaching learners about offensive and defensive cybersecurity. As always, it's typical to start with a basic Nmap scan.  This is one of the typical Nmap scans that I like to run on TryHackMe and HacktheBox machines. It will take longer than most scans due to the enumeration being performed by the vulnerability script. Another I will typically run is - nmap -sC -sV -A x.x.x.x This is an aggressive service scan with default scripts enabled. Here we have quite a bit of output, the bulk of it being a list of CVE's for the specific version of Apache web server running on the target machine. As we can see, Port 21 (FTP), Port 80 (HTTP), and Port 2222 (SSH) are currently open on the target machine. We can al...
Read more

Malware Overview - ZeuS

Image
 Note: This is a reupload of my writeup of the history of the ZeuS malware from my original website. INTRODUCTION:  Image Source:  https://www.bankinfosecurity.com/zeus-banking-trojan-spawn-alive-kicking-a-10471 When discussing the history of malware, you are more than likely going to hear the same few names over and over again. Conficker, Welchia, ILOVEYOU, Stuxnet, Flame, CryptoLocker, Dridex, and even newer malware like WannaCrypt0r, Emotet, and Maze.  What is left behind but stands atop the lesser remembered malware of the last fifteen years in particular is the ZeuS or Zbot Trojan and its successor, the Gameover ZeuS Trojan. This will be a historical summary of the ZeuS and Gameover ZeuS Trojans, beginning from its initial discovery and ending in the current year.  I will be using a variety of sources for my analysis. This is NOT a technical analysis of the malware, simply a historical account. I plan on writing a full technical analysis of the ZeuS and Gam...
Read more

Malware Overview - HelloKitty

Image
Introduction :   If there existed an award for the cutest and most benign sounding family of malware, I am not hesitant to say that the developers of the HelloKitty ransomware would be walking home with the highest honor. That being said, the use of charming and otherwise innocuous sounding names for some of the worst and most malicious malware isn’t a new development. From the comforting-sounding ILOVEYOU worm that originated from the Philippines in 2000 and went on to infect the rest of the planet, to Nation State developed spyware like “ Babar ” (referencing the adorable Elephant from the French children’s literature classic), the utilization of harmless and defusing monikers for malware is just another way for threat actors to further explore their creativity and sense of humor. Hell, it's not even uncommon for individuals to give themselves names of  HelloKitty is not the first and will surely not be the last strain of malware to be given such a name, either afterwards b...
Read more