About the Book
Learn, prepare, and practice for CompTIA Pentest+ PT0-001 exam success with this CompTIA Cert Guide from Pearson IT Certification, a leader in IT Certification.
- Master CompTIA Pentest+ PT0-001 exam topics
- Assess your knowledge with chapter-ending quizzes
- Review key concepts with exam preparation tasks
- Practice with realistic exam questions
- Get practical guidance for next steps and more advanced certifications
CompTIA Pentest+ Cert Guide is a best-of-breed exam study guide. Best-selling author Omar Santos and leading IT security expert Ron Taylor share preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.
The book presents you with an organized test preparation routine through the use of proven series elements and techniques. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly. Review questions help you assess your knowledge, and a final preparation chapter guides you through tools and resources to help you craft your final study plan.
The companion website contains the powerful Pearson Test Prep practice test software, complete with 340 exam-realistic questions. The assessment engine offers you a wealth of customization options and reporting features, laying out a complete assessment of your knowledge to help you focus your study where it is needed most.
Well regarded for its level of detail, assessment features, and challenging review questions and exercises, this study guide helps you master the concepts and techniques that will allow you to succeed on the exam the first time.
The CompTIA study guide helps you master all the topics on the Pentest+ exam, including:
- Planning and scoping: Explain the importance of proper planning and scoping, understand key legal concepts, explore key aspects of compliance-based assessments
- Information gathering and vulnerability identification: Understand passive and active reconnaissance, conduct appropriate information gathering and use open source intelligence (OSINT); perform vulnerability scans; analyze results; explain how to leverage gathered information in exploitation; understand weaknesses of specialized systems
- Attacks and exploits: Compare and contrast social engineering attacks; exploit network-based, wireless, RF-based, application-based, and local host vulnerabilities; summarize physical security attacks; perform post-exploitation techniques
- Penetration testing tools: Use numerous tools to perform reconnaissance, exploit vulnerabilities and perform post-exploitation activities; leverage the Bash shell, Python, Ruby, and PowerShell for basic scripting
- Reporting and communication: Write reports containing effective findings and recommendations for mitigation; master best practices for reporting and communication; perform post-engagement activities such as cleanup of tools or shells
About the Author:
Omar Santos is a principal engineer in the Cisco Product Security Incident Response Team (PSIRT) within Cisco's Security Research and Operations. He mentors and leads engineers and incident managers during the investigation and resolution of security vulnerabilities in all Cisco products, including cloud services. Omar has been working with information technology and cybersecurity since the mid-1990s. He has designed, implemented, and supported numerous secure networks for Fortune 100 and 500 companies and the U.S. government. Prior to his current role, he was a technical leader within the Worldwide Security Practice and the Cisco Technical Assistance Center (TAC), where he taught, led, and mentored many engineers within both organizations.
Omar is an active member of the security community, where he leads several industrywide initiatives and standards bodies. His active role helps businesses, academic institutions, state and local law enforcement agencies, and other participants that are dedicated to increasing the security of the critical infrastructure. Omar often delivers technical presentations at many cybersecurity conferences. He is the author of more than 20 books and video courses. You can follow Omar on any of the following:
- Personal website: omarsantos.io and theartofhacking.org
- Twitter: @santosomar
- LinkedIn: https: //www.linkedin.com/in/santosomar
Ron Taylor has been in the information security field for almost 20 years, 10 of which were spent in consulting. In 2008, he joined the Cisco Global Certification Team as an SME in information assurance. In 2012, he moved into a position with the Security Research & Operations group, where his focus was mostly on penetration testing of Cisco products and services. He was also involved in developing and presenting security training to internal development and test teams globally. In addition, he provided consulting support to many product teams as an SME on product security testing. He then spent some time as a consulting systems engineer specializing in Cisco's security product line. In his current role, he works in the Cisco Product Security Incident Response Team (PSIRT). He has held a number of industry certifications, including GPEN, GWEB, GCIA, GCIH, GWAPT, RHCE, CCSP, CCNA, CISSP, and MCSE. Ron is also a Cisco Security Blackbelt, SANS mentor, cofounder and president of the Raleigh BSides Security Conference, and an active member of the Packet Hacking Village team at Defcon.
You can follow Ron on any of the following:
- Twitter: @Gu5G0rman
- LinkedIn: www.linkedin.com/in/-RonTaylor