CompTIA PenTest+ (PT1-001) Complete Video Course

CompTIA PenTest+ (PT1-001) Complete Video Course
CompTIA PenTest+ (PT1-001) Complete Video Course
English | MP4 | AVC 1280×720 | AAC 44KHz 2ch | 6h 29m | 4.30 GB

CompTIA PenTest+ (PT1-001) Complete Video Course is a complete resource to prepare for the CompTIA PenTest+ certification exam. This course covers all the topics on the exam, including planning and scoping a security penetration testing (ethical hacking) assessment, understanding legal and compliance requirements, and performing vulnerability scanning and penetration testing using appropriate tools and techniques. In addition, it guides the student on how to analyze the results and write a comprehensive report including remediation techniques and best practices on how to effectively communicate results to the relevant stakeholders.

The course is presented by a seasoned and active cybersecurity expert with years of field and teaching experience. Omar Santos walks you through the exam objectives and provides tips and scenarios throughout, helping to put the knowledge in context. He provides demonstrations as well as detailed explanations and samples of each topic.

Learn How To

  • Prepare for the CompTIA PenTest+ Exam
  • Plan and scope a security penetration test
  • Perform reconnaissance on a target
  • Gain access through vulnerable systems by knowing the various exploits
  • Restore environments after a pentest has successfully found vulnerabilities within the system
  • Record and log activities in a manner that is professional, clear, and advantageous to the client for system improvement

Module 1, “Introduction to Ethical Hacking and How to Plan a Security Penetration Test,” introduces the concept of ethical hacking and how the cybersecurity industry goes about implementing field-tested security parameters using penetration testing. It walks through the planning and scoping of a pentesting assessment.

Module 2, “Reconnaissance,” covers all things related to the intelligence gathering phase of the pentest, including collecting information, port scanning, and vulnerability scanning. It then discusses how to use this intelligence to plan the pentest itself.

Module 3, “Attacks and Exploits,” discusses how to use the intelligence gathered to perform the pentest. It goes over the various kinds of social engineering attacks and how to attack both wired and wireless networks. It then discusses how to exploit application-based vulnerabilities as well as local host and physical security vulnerabilities. Finally, it covers the clean-up and implementation of the post-exploitation techniques.

Module 4, “Tools and Reporting,” shows how to find and leverage the various tools that are available for evasion, decompilation, forensics, and software assurance. It also goes into the reporting aspect of the job, including best practices and how to professionally recommend mitigation strategies for the vulnerabilities found.

Table of Contents

01 CompTIA PenTest+ (PT1-001) Complete Video Course – Introduction
02 Learning objectives
03 1.1 Understanding Ethical Hacking and Penetration Testing
04 1.2 Understanding the Current Threat Landscape
05 1.3 Exploring Penetration Testing Methodologies
06 1.4 Building Your Own Lab
07 1.5 Tips on How to Prepare for the Exam
08 Learning objectives
09 2.1 Explaining the Importance of the Planning and Preparation Phase
10 2.2 Understanding the Legal Concepts of Penetration Testing
11 2.3 Learning How to Scope a Penetration Testing Engagement Properly
12 2.4 Learning the Key Aspects of Compliance-based Assessments
13 Module 2 – Introduction
14 Learning objectives
15 3.1 Conducting Information Gathering and Reconnaissance
16 3.2 Performing Port Scanning
17 3.3 Performing and Analyzing Vulnerability Scans
18 3.4 Leveraging Reconnaissance Results to Prepare for the Exploitation Phase
19 Module 3 – Introduction
20 Learning objectives
21 4.1 Understanding Phishing and Spear Phishing Attacks
22 4.2 Understanding Pharming, Whaling, Malvertising, SMS Phishing, and Voice Phishing Attacks
23 4.3 Describing what is Elicitation, Interrogation, and Impersonation (Pretexting)
24 4.4 Understanding What is Social Engineering Motivation Techniques
25 4.5 Understanding What is Shoulder Surfing
26 4.6 Understanding What is USB Key Drop
27 Learning objectives
28 5.1 Exploiting Windows Name Resolution-based Vulnerabilities
29 5.2 Surveying DNS Cache Poisoning Attacks
30 5.3 Attacking and Exploiting Server Message Block (SMB) Implementations
31 5.4 Understanding Simple Network Management Protocol (SNMP) Vulnerabilities and Exploits
32 5.5 Exploiting Simple Mail Transfer Protocol (SMTP) Vulnerabilities
33 5.6 Exploiting File Transfer Protocol (FTP) Vulnerabilities
34 5.7 Performing Pass-the-Hash, Man-in-the-middle (MiTM), and SSL Striping Attacks
35 5.8 Understanding Denial of Service (Dos) and Distributed Denial of Service (DDoS) Attacks
36 5.9 Performing Network Access Control (NAC) Bypass and VLAN Hopping Attacks
37 5.10 Understanding Rogue Access Points and Evil Twin Attacks
38 5.11 Performing Deauthentication Attacks and Attacking the Preferred Network Lists
39 5.12 Jamming Wireless Signal, Causing Interference, and War Driving
40 5.13 Understanding the WEP Protocol
41 5.14 Cracking WEP Implementations
42 5.15 Understanding the WPA Protocol
43 5.16 Attacking WPA2 Implementations
44 Learning objectives
45 6.1 Overview of Web Applications for Security Professionals
46 6.2 How to Build Your Own Web Application Lab
47 6.3 Understanding SQL Injection
48 6.4 Understanding Injection Vulnerabilities
49 6.5 Exploiting Command Injection Vulnerabilities
50 6.6 Understanding Authentication-based Vulnerabilities
51 6.7 Exploiting Authorization-based Vulnerabilities
52 6.8 Understanding Cross-site Scripting (XSS) Vulnerabilities
53 6.9 Understanding Cross-site Request Forgery (CSRF_XSRF)
54 6.10 Understanding Clickjacking
55 6.11 Exploiting Insecure Direct Object References and Path Traversal
56 6.12 Assessing Unsecure Code Practices and APIs
57 Learning objectives
58 7.1 Understanding How to Exploit Local Host Vulnerabilities
59 7.2 Exploiting Insecure Service and Protocol Configurations
60 7.3 Understanding Local Privilege Escalation
61 7.4 Understanding Linux Permissions
62 7.5 Understanding SUID or SGID and Unix Programs
63 7.6 Exploiting Insecure SUDO Implementations
64 7.7 Understanding Ret2libc Attacks
65 7.8 Understanding Windows Privileges
66 7.9 Surveying Kerberoasting
67 7.10 Exploiting Other Windows-based Vulnerabilities
68 7.11 Understanding What Are Key Loggers
69 7.12 Understanding What Are Scheduled Tasks
70 7.13 Exploring Sandboxes and Virtual Machine Escape Attacks
71 7.14 Surveying Mobile Device Security
72 7.15 Understanding How to Exploit Physical Security Vulnerabilities
73 Learning objectives
74 8.1 Maintaining Persistence After Compromising a System
75 8.2 Understanding How to Perform Lateral Movement and Pivoting
76 8.3 Understanding How to Cover Your Tracks and Clean up Systems After a Penetration Testing Engagement
77 Module 4 – Introduction
78 Learning objectives
79 9.1 Understanding the Different Use Cases of Penetration Testing Tools
80 9.2 Exploring Tools for Reconnaissance
81 9.3 Exploring Tools for Vulnerability Scanning
82 9.4 Exploring Tools for Credential Attacks
83 9.5 Exploring Tools for Persistence
84 9.6 Exploring Tools for Evasion
85 9.7 Exploring Tools for De-compilation
86 9.8 Exploring Tools for Forensics
87 9.9 Exploring Tools for Software Assurance
88 9.10 Leveraging Bash, Python, Ruby, and PowerShell in Penetration Testing Engagements
89 Learning objectives
90 10.1 Surveying Report Writing and Handling Best Practices
91 10.2 Recommending Mitigation Strategies for the Discovered Vulnerabilities
92 10.3 Explaining the Importance of Appropriate Communication
93 CompTIA PenTest+ (PT1-001) Complete Video Course – Summary