,Table of Contents
Cover
Table of Contents
Title Page
Copyright
Dedication
Acknowledgments
About the Authors
About the Technical Editor
Introduction
CompTIA
The PenTest+ Exam
What Does This Book Cover?
CompTIA PenTest+ Certification Exam Objectives
How to Contact the Publisher
Assessment Test
Answers to Assessment Test
Chapter 1: Penetration Testing
What Is Penetration Testing?
Reasons for Penetration Testing
Who Performs Penetration Tests?
The CompTIA Penetration Testing Process
The Cyber Kill Chain
Tools of the Trade
Summary
Exam Essentials
, Lab Exercises
Chapter 2: Planning and Scoping Penetration Tests
Summarizing Pre‐engagement Activities
Shared Responsibility Model
Key Legal Concepts for Penetration Tests
Regulatory Compliance Considerations
Penetration Testing Standards and Methodologies
Threat Modeling Frameworks
Summary
Exam Essentials
Lab Exercises
Review Questions
Chapter 3: Information Gathering
Reconnaissance and Enumeration
Active Reconnaissance and Enumeration
Summary
Exam Essentials
Lab Exercises
Review Questions
Chapter 4: Vulnerability Scanning
Identifying Vulnerability Management
Requirements
Configuring and Executing Vulnerability Scans
Software Security Testing
Developing a Remediation Workflow
Overcoming Barriers to Vulnerability Scanning
Summary
Exam Essentials
, Lab Exercises
Review Questions
Chapter 5: Analyzing Vulnerability Scans
Reviewing and Interpreting Scan Reports
Validating Scan Results
Common Vulnerabilities
Summary
Exam Essentials
Lab Exercises
Review Questions
Chapter 6: Exploit and Pivot
Exploits and Attacks
Pivoting and Lateral Movement
Exploitation Toolkits and Tools
Exploit Specifics
Leveraging Exploits
Persistence and Evasion
Covering Your Tracks
Summary
Exam Essentials
Lab Exercises
Review Questions
Chapter 7: Exploiting Network Vulnerabilities
Identifying Exploits
Conducting Network Exploits
Exploiting Windows Services
Identifying and Exploiting Common Services
Wireless Exploits
Cover
Table of Contents
Title Page
Copyright
Dedication
Acknowledgments
About the Authors
About the Technical Editor
Introduction
CompTIA
The PenTest+ Exam
What Does This Book Cover?
CompTIA PenTest+ Certification Exam Objectives
How to Contact the Publisher
Assessment Test
Answers to Assessment Test
Chapter 1: Penetration Testing
What Is Penetration Testing?
Reasons for Penetration Testing
Who Performs Penetration Tests?
The CompTIA Penetration Testing Process
The Cyber Kill Chain
Tools of the Trade
Summary
Exam Essentials
, Lab Exercises
Chapter 2: Planning and Scoping Penetration Tests
Summarizing Pre‐engagement Activities
Shared Responsibility Model
Key Legal Concepts for Penetration Tests
Regulatory Compliance Considerations
Penetration Testing Standards and Methodologies
Threat Modeling Frameworks
Summary
Exam Essentials
Lab Exercises
Review Questions
Chapter 3: Information Gathering
Reconnaissance and Enumeration
Active Reconnaissance and Enumeration
Summary
Exam Essentials
Lab Exercises
Review Questions
Chapter 4: Vulnerability Scanning
Identifying Vulnerability Management
Requirements
Configuring and Executing Vulnerability Scans
Software Security Testing
Developing a Remediation Workflow
Overcoming Barriers to Vulnerability Scanning
Summary
Exam Essentials
, Lab Exercises
Review Questions
Chapter 5: Analyzing Vulnerability Scans
Reviewing and Interpreting Scan Reports
Validating Scan Results
Common Vulnerabilities
Summary
Exam Essentials
Lab Exercises
Review Questions
Chapter 6: Exploit and Pivot
Exploits and Attacks
Pivoting and Lateral Movement
Exploitation Toolkits and Tools
Exploit Specifics
Leveraging Exploits
Persistence and Evasion
Covering Your Tracks
Summary
Exam Essentials
Lab Exercises
Review Questions
Chapter 7: Exploiting Network Vulnerabilities
Identifying Exploits
Conducting Network Exploits
Exploiting Windows Services
Identifying and Exploiting Common Services
Wireless Exploits
