Includes updated techniques emphasizing governance, risk and compliance concepts, scoping and organizational/customer requirements, and demonstrating an ethical hacking mindset
Includes updated skills on performing vulnerability scanning and passive/active reconnaissance, vulnerability management, as well as analyzing the results of the reconnaissance exercise
Includes updated approaches to expanded attack surfaces, researching social engineering techniques, performing network attacks, wireless attacks, application-based attacks and attacks on cloud technologies, and performing post-exploitation techniques
Expanded to focus on the importance of reporting and communication in an increased regulatory environment during the pen testing process through analyzing findings and recommending appropriate remediation within a report
Includes updated concepts of identifying scripts in various software deployments, analyzing a script or code sample, and explaining use cases of various tools used during the phases of a penetration test–scripting or coding is not required
Exam Description | The CompTIA PenTest+ will certify the successful candidate has the knowledge and skills required to plan and scope a penetration testing engagement including vulnerability scanning, understand legal and compliance requirements, analyze results, and produce a written report with remediation techniques. |
Number of Questions | Maximum of 85 questions |
Type of Questions | Performance-based and multiple choice |
Length of Test | 165 minutes |
Passing Score | 750 (on a scale of 100-900) |
Recommended Experience | Network+, Security+ or equivalent knowledge. Minimum of 3-4 years of hands-on information security or related experience. While there is no required prerequisite, PenTest+ is intended to follow CompTIA Security+ or equivalent experience and has a technical, hands-on focus. |
Demonstrate Competency of Current Trends
Unlike other penetration testing exams that only cover a portion of stages with essay questions and hands-on, CompTIA PenTest+ uses both performance-based and knowledge-based questions to ensure all stages are addressed.
Become an Expert in Vulnerability Management
CompTIA PenTest+ is the only exam on the market covering hands-on vulnerability assessment, scanning and analysis, as well as planning, scoping, and managing weaknesses.
Prove You Know the Latest Techniques
CompTIA PenTest+ requires a candidate to demonstrate the most relevant pen testing skills for the cloud, hybrid environments, web applications, Internet of Things (IoT) and traditional on-premises.