CompTIA Certifications

CompTIA PenTest+

PenTest+ Logo WHITE

Overview

CompTIA PenTest+ is a certification for intermediate level cybersecurity professionals who are tasked with penetration testing to identify, exploit, report, and manage vulnerabilities on a network.

PenTest+ assesses the most up-to-date penetration testing, and vulnerability assessment and management skills necessary to determine the resiliency of the network against attacks. Successful candidates will have the intermediate skills and best practices required to customize assessment frameworks to effectively collaborate on and report findings, and communicate recommended strategies to improve the overall state of IT security.

PenTest+ is compliant with ISO 17024 standards and approved by the US DoD to meet directive 8140/8570.01-M requirements. Regulators and government rely on ANSI accreditation, because it provides confidence and trust in the outputs of an accredited program. Over 2.3 million CompTIA ISO/ANSI-accredited exams have been delivered since January 1, 2011.

CompTIA Cybersecurity Certification Path

CompTIA PenTest+ joins CompTIA Cybersecurity Analyst (CySA+) at the intermediate-skills level of the cybersecurity career pathway as shown below. Depending on your course of study, PenTest+ and CySA+ can be taken in any order but typically follows the skills learned in Security+. While CySA+ focuses on defense through incident detection and response, PenTest+ focuses on offense through penetration testing and vulnerability assessment. Although the two exams teach opposing skills, they are dependent on one another. The most qualified cybersecurity professionals have both offensive and defensive skills. Earn the PenTest+ certification to grow your career within the CompTIA recommended cybersecurity career pathway.

pentest-pathway

Top PenTest+ Job Roles

  • Penetration Tester
  • Vulnerability Tester
  • Security Analyst II
  • Vulnerability Assessment Analyst
  • Network Security Operations
  • Application Security Vulnerability

Organizations that have contributed to the development of PenTest+

  • Brotherhood Mutual
  • TransUnion
  • Las Vegas Sands
  • Integra
  • Johns Hopkins University
  • Asics

Exam Domains

The table below lists the domains measured by this examination and the extent to which they are represented.

DOMAIN
PERCENTAGE OF EXAMINATION
1.0 Planning and Scoping
15%
2.0 Information Gathering and Vulnerability Identification
22%
3.0 Attacks and Exploits
30%
4.0 Penetration Testing Tools
17%
5.0 Reporting and Communication
16%
Total
100%

Exam Details

Exam Code PT0-001
Launch Date July 31, 2018
Exam Description The CompTIA PenTest+ certification verifies that successful candidates have the knowledge and skills required to plan and scope an assessment, understand legal and compliance requirements, perform vulnerability scanning and penetration testing, analyze data, and effectively report and communicate results.
Number of Questions Maximum of 85 questions
Type of Questions Multiple choice and performance-based
Length of Test 165 minutes
Passing Score 750 (on a scale of 100-900)
Recommended Experience Network+, Security+ or equivalent knowledge. Minimum of 3-4 years of hands-on information security or related experience. While there is no required prerequisite, PenTest+ is intended to follow CompTIA Security+ or equivalent experience and has a technical, hands-on focus.
Languages English
Retirement TBD - Usually three years after launch
Testing Provider Pearson VUE

Testing Centers
Online Testing

Performance-Based Assessment

The performance-based PenTest+ exam will include hands-on simulations. These simulations require candidates to perform penetration testing and vulnerability assessment job tasks during the exam. To prepare for these performance-based assessments, trainers and educators should emphasize open-source penetration and vulnerability tools and teamwork.