ompTIA PenTest+ is a certification for intermediate skills level cybersecurity professionals who are tasked with hands-on penetration testing to identify, exploit, report, and manage vulnerabilities on a network
Artificial intelligence in the post-deep learning era
CompTIA PenTest+ Exam (PT0-001) Exam Review
1. Joseph Holbrook, Cloud Consulting Architect and Technical Trainer
CompTIA Subject Matter Expert (SME)
Cloudbursting Corp(AWS Partner) in Jacksonville, FL.
03/30/2018
COMPTIA PENTEST+
BETA EXAM CODE PT1-001
2. • Joe Holbrook, owner of Cloudbursting Corp in Jacksonville, FL.
• Cloud Consulting Architect & Technical Trainer who has been consulting in
the Cloud Computing, IT Security Data Storage areas for over 15 years.
• Government contractor and consultant for 10 years. DOD 8570
• IT Security mainly around Cryptography and secure communications for
Federal Gov.
• CompTIA Subject Matter Expert (SME)
• Holds numerous vendor and CompTIA Certs
ABOUT YOUR INSTRUCTOR
CLOUDBURSTING CORP 4/23/2018 2
4. 1. What is the CompTIA PenTest+
2. Exam Objectives
3. Exam Format
4. Areas to Focus on – Frameworks (NIST, FISMA, FIPS, ISO)
5. DOD 8570
6. Observations
7. Course Coming April 2018
WHAT ARE WE COVERING TODAY
Cloudbursting Corp
4/23/2018 4
5. “CompTIA PenTest+ is a certification for intermediate level cybersecurity
professionals who are tasked with penetration testing to identify, exploit,
report, and manage vulnerabilities on a network.”
WHAT IS COMPTIA PENTEST EXAM?
Cloudbursting Corp
4/23/2018 5
6. • Plan and scope an assessment
• Understand legal and compliance requirements
• Perform vulnerability scanning and penetration testing using
appropriate tools and techniques
• Analyze the results
In addition, the candidate will be able to:
• Produce a written report containing proposed remediation techniques
• Effectively communicate results to management
• Provide practical recommendations
DUTIES FOR A PENETRATION TESTER
CLOUDBURSTING CORP 4/23/2018 6
9. 1.0 Planning and Scoping
1.1 Explain the importance of planning for an engagement.
1.2 Explain key legal concepts
1.3 Explain the importance of scoping an engagement properly
1.4 Explain the key aspects of compliance-based assessments
OBJECTIVES
CLOUDBURSTING CORP 4/23/2018 9
10. 2.0 Information Gathering and Vulnerability Identification
• 2.1 Given a scenario, conduct information gathering using appropriate
techniques.
• 2.2 Given a scenario, perform a vulnerability scan
• 2.3 Given a scenario, analyze vulnerability scan results
• 2.4 Explain the process of leveraging information to prepare for
exploitation
• 2.5 Explain weaknesses related to specialized systems
OBJECTIVES
CLOUDBURSTING CORP 4/23/2018 10
11. 3.0 Attacks and Exploits
• 3.1 Compare and contrast social engineering attacks
• 3.2 Given a scenario, exploit network-based vulnerabilities
• 3.3 Given a scenario, exploit wireless and RF-based vulnerabilities
• 3.4 Given a scenario, exploit application-based vulnerabilities
• 3.5 Given a scenario, exploit local host vulnerabilities
• 3.6 Summarize physical security attacks related to facilities
• 3.7 Given a scenario, perform post-exploitation techniques
OBJECTIVES
CLOUDBURSTING CORP 4/23/2018 11
12. 4.0 Penetration Testing Tools
• 4.1 Given a scenario, use Nmap to conduct information gathering exercises
• 4.2 Compare and contrast various use cases of tools
• 4.3 Given a scenario, analyze tool output or data related to a penetration
test
• 4.4 Given a scenario, analyze a basic script
(limited to Bash, Python, Ruby, and PowerShell)
OBJECTIVES
CLOUDBURSTING CORP 4/23/2018 12
13. 5.0 Reporting and Communication
• 4.1 Given a scenario, use report writing and handling best practices
• 4.2 Explain post-report delivery activities
• 4.3 Given a scenario, recommend mitigation strategies for discovered
vulnerabilities
• 4.4 Explain the importance of communication during the penetration
testing process
OBJECTIVES
CLOUDBURSTING CORP 4/23/2018 13
15. • Around 80 questions (165 minutes )
• Passing score: 750 on a scale 100-900
• Multiple Choice and Performance Based
Questions
• Pass/fail information will not be available
until summer 2018; candidates will be
notified. Only a numbered score is issued at
the end of the beta exam. No exam
objectives appear in beta exam results.
EXAM FORMAT
CLOUDBURSTING CORP TBC
19. • http://csrc.nist.gov/groups/SMA/fisma/assessment.html
• Guide for Assessing the Security Controls in Federal
Information Systems and Organizations
• The purpose of NIST Special Publication 800-53A (as amended) is
to establish common assessment procedures to assess the
effectiveness of security controls in federal information systems,
specifically those controls listed in NIST Special Publication 800-53
(as amended),
GET TO KNOW NIST ASSESSMENTS
CLOUDBURSTING CORP 4/23/2018 19
21. • ESSENCE OF FIPS 200 - MINIMUM SECURITY REQUIREMENTS FOR FEDERAL
INFORMATION AND INFORMATION SYSTEMS
• FIPS 200 defines following 17 security areas covered under
confidentiality, integrity, and availability (CIA) of federal information
systems and the information processed, stored, and transmitted by
those systems.
• For the actual requirements, it refers to NIST Special Publication 800-53
and says that federal agencies must meet its requirements.
https://doi.org/10.6028/NIST.FIPS.200
GET TO KNOW FIPS 200 FRAMEWORK
CLOUDBURSTING CORP 4/23/2018 21
22. • The Federal Information Security Management Act of 2002 was
updated in Public Law 113 to Federal Information Security
Modernization Act of 2014. For more information,
see http://csrc.nist.gov/groups/SMA/fisma/overview.html.
• Protecting the Nation's Critical Information Infrastructure
GET TO KNOW FISMA ACT
CLOUDBURSTING CORP 4/23/2018 22
26. CSA+ is ISO/ANSI 17024 accredited and is awaiting approval by the U.S.
Department of Defense (DoD) for directive 8140/8570.01-M requirements.
https://certification.comptia.org/it-career-
news/post/view/2015/09/11/what-are-u-s-dod-8140-8570-and-8570-01-
m-and-what-do-they-mean-for-your-career-
DOD 8570 & ISO/ANSI 17024
CLOUDBURSTING CORP 4/23/2018 26
27. The DoD 8570 Information Assurance
Training, Certification and Workforce
Management program addresses this
threat by proactively educating and
certifying commercial contractors, and
military and civilian personnel to perform
their critical duties as Information
Assurance professionals.
Under the 8570 Mandate, all personnel
with "privileged access" to DoD systems
must obtain an ANSI-approved
commercial certification.
DOD 8570 & ISO/ANSI 17024
CLOUDBURSTING CORP 4/23/2018 27
29. My observations
• Exam is clearly experienced based
• NMAP is tested highly as other tools
• Expect to have 10% or more performance based
• Study materials not fully available
• 10% of questions were on tools such as NMAP, OpenVAS, Nessus, etc.
• Another 10% covered areas such as exploitation.
• Harder and more technical than the CEH Exam.
OBSERVATIONS
CLOUDBURSTING CORP 4/23/2018 29
30. My observations
• The exam covers scripting somewhat deeper than I would have expected.
Know how to debug, error handling, debugging, etc. PHP, Python and Bash
appeared.
• Study materials from GPEN, GWAPT , OSCP and CEH until proper PenTest
Materials come out.
• Before taking the exam if you have Security Plus or CASP PenTesting
materials review it.
• White Hat, Red Hats…
OBSERVATIONS
CLOUDBURSTING CORP 4/23/2018 30
31. My observations
• One recommendation is to review MetaSploit
• Know to exploit SQL
• Know mobile exploits (Bluetooth, Android)
• Wifi attacks.
• Web Crawling (Scrapy)
• Password attacks(BruteForce, Digests)
OBSERVATIONS
CLOUDBURSTING CORP 4/23/2018 31
32. • Course to be
released
• Udemy
• April 2018
COURSE ON UDEMY –RELEASE DATE APRIL
2018
CLOUDBURSTING CORP 4/23/2018 32