CompTIA PenTest+ PT0-002 exam is the updated version of PenTest+ billed as an intermediate-level certification that aims to validate a person’s ability to perform penetration testing and vulnerability assessments successfully.

While there were no actual prerequisites, PenTest+ is recommended as the next step in the CompTIA cybersecurity career pathway after Security+. By this point in your career, you are expected to have three to four years of IT security experience.

The certification is approved by the U.S. Department of Defense (DoD) 8570 for cybersecurity jobs in the Cyber Security Service Provider (CSSP) function.

Exam Structure

  • Number of Questions: 75 questions (85 max)
  • Duration: 165 minute duration, not including survey time, about 2 minutes per question
  • Score Range: 100-900
  • Passing Score: 750 (roughly 83%, not including experimental questions)
  • Types of Questions:
    • Multiple Choice – can have more than one answer
    • Performance Based – perform the requested action

Exam Domains

  1. Planning and Scoping 14%
  2. Information Gathering and Vulnerability Scanning 22%
  3. Attacks and Exploits 30%
  4. Reporting and Communication 18%
  5. Tools and Code Analysis 16%

PT0-002 Changes From PT0-001 Domains

If you skim through the domain changes as I initially did, you will see the percentages are very similar and wonder what exactly changed from the PT0-001 Exam Domains. A closer look will reveal the following changes:

  • The second domain was changed from vulnerability identification to vulnerability scanning. This change was meant to reflect a more hands-on ability to analyze and report findings.
  • The fourth domain, Penetration Testing Tools, was flipped with the fifth domain, Reporting and Communication. The Penetration Testing Tools domain was also renamed to Tools and Code Analysis. This change was meant to reflect a more hands-on ability to use testing tools and demonstrate the ability to analyze code during penetration testing.
  • The total number of objectives in the PT0-001 exam has been reduced to 21, compared to 24 previously. CompTIA reports that this is due to the consolidation of topics and improved instructional design.

You can see the domain differences in the two exams by reviewing the following table:

PT0-002PT0-001
1. Planning and Scoping (14%)1. Planning and Scoping (15%)
2. Information Gathering and Vulnerability Scanning (22%)2. Information Gathering and Vulnerability Identification (22%)
3. Attacks and Exploits (30%)3. Attacks and Exploits (30%)
4. Reporting and Communication (18%)4. Penetration Testing Tools (17%)
5. Tools and Code Analysis (16%)5. Reporting and Communication (16%)
Differences between CompTIA PenTest+ PT0-001 and PT0-002

Exam History

  • PT0-002: October 2021, Current
    • The PT0-002 update covers additional topics, including cloud and IoT security, vulnerability scanning, and reporting.
  • PT0-001: July 31, 2018, retiring April 2022

Study Notes

A current overview of the CompTIA PenTest+ certification exam PT0-002 is being worked on.

  1. Planning and Scoping
  2. Information Gathering and Vulnerability Scanning
  3. Attacks and Exploits
  4. Reporting and Communication
  5. Tools and Code Analysis

Domain 1: Planning and Scoping (14%)

  1. Compare and contrast governance, risk, and compliance concepts.
  2. Explain the importance of scoping and organizational/customer requirements.
  3. Given a scenario, demonstrate an ethical hacking mindset by maintaining professionalism and integrity.

Domain 2: Information Gathering and Vulnerability Scanning (22%)

  1. Given a scenario, perform passive reconnaissance.
  2. Given a scenario, perform active reconnaissance.
  3. Given a scenario, analyze the results of a reconnaissance exercise.
  4. Given a scenario, perform vulnerability scanning.

Domain 3: Attacks and Exploits (30%)

  1. Given a scenario, research attack vectors and perform network attacks.
  2. Given a scenario, research attack vectors and perform wireless attacks.
  3. Given a scenario, research attack vectors and perform application-based attacks.
  4. Given a scenario, research attack vectors and perform attacks on cloud technologies
  5. Explain common attacks and vulnerabilities against specialized systems.
  6. Given a scenario, perform a social engineering or physical attack.
  7. Given a scenario, perform post-exploitation techniques.

Domain 4: Reporting and Communication (18%)

  1. Compare and contrast important components of written reports.
  2. Given a scenario, analyze the findings and recommend the appropriate remediation within a report.
  3. Explain the importance of communication during the penetration testing process.
  4. Explain post-report delivery activities.

Domain 5: Tools and Code Analysis (16%)

  1. Explain the basic concepts of scripting and software development.
  2. Given a scenario, analyze a script or code sample for use in a penetration test.
  3. Explain use cases of the following tools during the phases of a penetration test.

After the Exam

Knowledge Learned and Likely Jobs

By the time you pass the exam, you will gain knowledge of the following topics:

  • Planning and sizing a penetration testing project.
  • Understanding the legal and regulatory requirements.
  • Using appropriate tools and techniques to perform vulnerability scanning and penetration testing and then analyzing the results.
  • Creating a written report that includes proposed remediation techniques.
  • Effectively communicating results to the management team and making practical recommendations.

For more information on how this knowledge applies to the job, check out the table under the heading “How CompTIA PenTest+ Evolves With the Industry” on CompTIA’s blog. Possible jobs include the following:

  • Penetration Tester
  • Vulnerability Tester
  • Security Analyst (II)
  • Vulnerability Assessment Analyst
  • Network Security Operations
  • Application Security Vulnerability

Conclusion

The CompTIA PenTest+ certification was introduced in 2018 and quickly made a splash among pros, although it struggled a bit with HR adoption. However, the NICE Cybersecurity Workforce Framework consistently reveals that CompTIA PenTest+ covers two job roles in addition to penetration testing, which is still in high demand: vulnerability management and vulnerability assessment.

If you look at the job boards (Indeed.com, LinkedIn Jobs, etc.), there are many more vulnerability management and assessment jobs in the U.S. than penetration testing jobs. You can also check out CyberSeek to verify that vulnerability management and penetration testing are still skills in demand.

Learn the material in this certification to learn everything all the way from pre-project planning and scoping to post-project reporting and communication. The cybersecurity strategy portion is invaluable. Any up and coming cyber pro will quickly realize there’s more to it than just learning hard cybersecurity skills.

Pin It on Pinterest