CompTIA Certifications

CompTIA PenTest+

PenTest+ Logo WHITE

Overview

The new PenTest+ (PT0-002) exam will launch October 27, 2021!

PenTest+ assesses the most up-to-date penetration testing, and vulnerability assessment and management skills necessary to determine the resiliency of the network against attacks. The CompTIA PenTest+ certification exam will verify successful candidates have the knowledge and skills required to:

  • Plan and scope a penetration testing engagement
  • Understand legal and compliance requirements
  • Perform vulnerability scanning and penetration testing using appropriate tools and
  • techniques, and then analyze the results
  • Produce a written report containing proposed remediation techniques, effectively
  • communicate results to the management team, and provide practical recommendations

PenTest+ is compliant with ISO 17024 standards and approved by the US DoD to meet directive 8140/8570.01-M requirements. Regulators and government rely on ANSI accreditation, because it provides confidence and trust in the outputs of an accredited program. Over 2.3 million CompTIA ISO/ANSI-accredited exams have been delivered since January 1, 2011.

What’s in this version

Global cybercrime costs are expected to grow 15% over the next five years. Now more than ever, it is imperative that organizations prevent sensitive data from falling into the wrong hands. Updates to PenTest+ reflect newer pen testing techniques for the latest attack surfaces, including the cloud, hybrid environments, and web applications, as well as more ethical hacking concepts, vulnerability scanning and code analysis.

Top PenTest+ Job Roles

  • Penetration Tester
  • Security Consultant
  • Cloud Penetration Tester
  • Web App Penetration Tester
  • Cloud Security Specialist
  • Network & Security Specialist

Organizations that have contributed to the development of PenTest+

  • Target Corp.
  • General Dynamics IT (GDIT)
  • Ricoh
  • RxSense
  • University Secure Works
  • aeSolutions industrial Cybersecurity

Exam Domains

PenTest+ PT0-001

DOMAIN
PERCENTAGE OF EXAMINATION
1.0 Planning and Scoping
15%
2.0 Information Gathering and Vulnerability Identification
22%
3.0 Attacks and Exploits
30%
4.0 Penetration Testing Tools
17%
5.0 Reporting and Communication
16%
Total
100%

PenTest+ PT0-002

DOMAIN
PERCENTAGE OF EXAMINATION
1.0 Planning and Scoping
14%
2.0 Information Gathering and Vulnerability Scanning
22%
3.0 Attacks and Exploits
30%
4.0 Reporting and Communication
18%
5.0 Tools and Code Analysis
16%
Total
100%

Exam Details

Exam Code PT0-001 PT0-002
Launch Date July 31, 2018 October 27, 2021
Exam Description The CompTIA PenTest+ certification verifies that successful candidates have the knowledge and skills required to plan and scope an assessment, understand legal and compliance requirements, perform vulnerability scanning and penetration testing, analyze data, and effectively report and communicate results. The CompTIA PenTest+ will certify the successful candidate has the knowledge and skills required to plan and scope a penetration testing engagement including vulnerability scanning, understand legal and compliance requirements, analyze results, and produce a written report with remediation techniques.
Number of Questions Maximum of 85 questions
Type of Questions Multiple choice and performance-based
Length of Test 165 minutes
Passing Score 750 (on a scale of 100-900)
Recommended Experience Network+, Security+ or equivalent knowledge. Minimum of 3-4 years of hands-on information security or related experience. While there is no required prerequisite, PenTest+ is intended to follow CompTIA Security+ or equivalent experience and has a technical, hands-on focus.
Languages English
Retirement April 2022 Usually three years after launch
Testing Provider Pearson VUE

Testing Centers
Online Testing

Performance-Based Assessment

The performance-based PenTest+ exam will include hands-on simulations. These simulations require candidates to perform penetration testing and vulnerability assessment job tasks during the exam. To prepare for these performance-based assessments, trainers and educators should emphasize open-source penetration and vulnerability tools and teamwork.