CompTIA PenTest+ PT0-001 vs. PT0-002: What’s the Difference?

Posted by

IT certifications show employers that candidates have the knowledge and skills they need to do the job, and they help IT pros advance in their careers. As cybersecurity has become a critical function, cybersecurity certifications are among the most popular IT certifications globally.

The CompTIA PenTest+ certification is a vendor-neutral, internationally targeted validation of intermediate-level penetration testing (or pen testing) knowledge and skills. It focuses on the latest pen testing techniques, attack surfaces, vulnerability management, post-delivery and compliance tasks.

The skills covered by CompTIA PenTest+ help companies comply with regulations, such as PCI-DSS and NIST 800-53 Risk Management Framework (RMF), which require pen tests, vulnerability assessments and reports. CompTIA PenTest+ is approved under the Department of Defense (DoD) Directive 8140/8570.01-M and under ANSI/ISO standard 17024.

IT Jobs Related to CompTIA PenTest+
The next version of CompTIA PenTest+ (PT0-002) is slated to launch in October 2021. CompTIA updates its certifications every three years to keep up with evolving technology, so your skills are relevant and you stay up to date on the latest technologies.

When CompTIA updates exams, Subject Matter Experts (SMEs) from the industry participate in workshops to write and review the content, ensuring that the exam domains, objectives and questions validate the skills needed on the job today.

Cybersecurity experts from the following companies contributed to the update of CompTIA PenTest+:
RxSense
John Hopkins University Applied Physics Laboratory
U.S. Army
Target Corp.
General Dynamics IT (GDIT)
Ricoh

CompTIA PenTest+ PT0-001 vs PT0-002
CompTIA PenTest+ addresses the latest trends, techniques and attack surfaces – covering the core and intermediate skills in penetration testing and vulnerability management, ensuring high performance on the job. Let’s break down some of the highlights.

CompTIA PenTest+ Exam Domains
The exam domains covered in CompTIA PenTest+ PT0-001 and PT0-002 are not vastly different, as they are still relevant to the job roles, but you will see some slight changes.

We changed the name of exam domain 2.0 from Information Gathering and Vulnerability Identification to Information Gathering and Vulnerability Scanning.
We also swapped the order of two domains – what was formerly 5.0 Reporting and Communication is now 4.0, (with the same name), and what was formerly 4.0 Penetration Testing Tools is now 5.0 Tools and Code Analysis.

CompTIA PenTest+ PT0-002 Exam Domains
1. Planning and Scoping (14%)
2. Information Gathering and Vulnerability Scanning (22%)
3. Attacks and Exploits (30%)
4. Reporting and Communication (18%)
5. Tools and Code Analysis (16%)

CompTIA PenTest+ PT0-001 Equivalency Exam Domain

How It Applies to the Job

1.0 Planning and Scoping
Includes updated techniques emphasizing governance, risk and compliance concepts, scoping and organizational/customer requirements and demonstrating an ethical hacking mindset
Pen testers can be held criminally liable when operating without ethics or proper approvals. Pen testing is required for compliance to regulations such as PCI-DSS and the NIST 800-53 RMF.

2.0 Information Gathering and Vulnerability Scanning
Includes updated skills on performing vulnerability scanning and passive/active reconnaissance, vulnerability management as well as analyzing the results of the reconnaissance exercise
Automation is required for modern vulnerability management to counteract automated attacks. Organizations must efficiently mitigate vulnerabilities, avoiding unnecessary dangers to operations.

3.0 Attacks and Exploits
Includes updated approaches to expanded attack surfaces; researching social engineering techniques; performing network, wireless, cloud and application-based attacks; and post-exploitation techniques

Updated skills are needed to secure multiple attack surfaces; 87% of CompTIA-certified IT pros already work in expansive hybrid environments (both on-premises and in the cloud), and 93% work in multi-cloud environments.

4.0 Reporting and Communication
Expanded to focus on the importance of reporting and communication in an increased regulatory environment during the pen testing process through analysis and appropriate remediation recommendations
Communication is critical for the penetration testing lifecycle because collaboration is essential for identifying and managing vulnerabilities. Reporting is especially important for complying with regulations.

5.0 Tools and Code Analysis
Includes updated concepts of identifying scripts in software deployments, analyzing a script or code sample and explaining use cases of pen test tools (Note: Scripting and coding is not required)
Exposure to different scripts and code samples provides an expanded toolbox to help pen testers progress through their career. Pen testers work with scripting more as they advance in their careers.

How to Train for CompTIA PenTest+
It may seem like CompTIA PenTest+ covers a lot of ground, but don’t worry, we’ve got your back. CompTIA offers training solutions, including study guides, online self-study tools and instructor-led courses that are designed to cover what you need to know for your CompTIA exam. No other content library covers all the exam objectives for all certifications.

CompTIA training solutions help you prepare for your CompTIA certification exam with confidence. Whether you are just starting to prepare and need comprehensive training with CompTIA CertMaster Learn, want to apply your knowledge hands-on with CompTIA Labs or need a final review with CompTIA CertMaster Practice, CompTIA’s online training tools have you covered.

QUESTION 1
Which of the following commands will allow a penetration tester to permit a shell script to be executed by the file owner?

A. chmod u+x script.sh
B. chmod u+e script.sh
C. chmod o+e script.sh
D. chmod o+x script.sh

Answer: A

QUESTION 2
A penetration tester gains access to a system and establishes persistence, and then run the following commands:
Which of the following actions is the tester MOST likely performing?

A. Redirecting Bash history to /dev/null
B. Making a copy of the user’s Bash history to further enumeration
C. Covering tracks by clearing the Bash history
D. Making decoy files on the system to confuse incident responders

Answer: C

QUESTION 3
A compliance-based penetration test is primarily concerned with:

A. obtaining PII from the protected network.
B. bypassing protection on edge devices.
C. determining the efficacy of a specific set of security standards.
D. obtaining specific information from the protected network.

Answer: C

QUESTION 4
A penetration tester is explaining the MITRE ATT&CK framework to a company’s chief legal counsel.
Which of the following would the tester MOST likely describe as a benefit of the framework?

A. Understanding the tactics of a security intrusion can help disrupt them.
B. Scripts that are part of the framework can be imported directly into SIEM tools.
C. The methodology can be used to estimate the cost of an incident better.
D. The framework is static and ensures stability of a security program over time.

Answer: A

Examkingdom CompTIA PT0-002 Exam pdf, Certkingdom CompTIA PT0-002 PDF

MCTS Training, MCITP Trainnig

Best CompTIA PT0-002 Certification, CompTIA PT0-002 Training at certkingdom.com

Click to rate this post!
[Total: 0 Average: 0]