Best Learning Strategy for PenTest+

Hello my fellow hax0rs! Today we will be covering the best learning strategy for passing and earning CompTIA’s PenTest+ certification. For those that haven’t heard of this certification, let me explain what it covers and where it sits compared to other CompTIA certs.

Overview

At the time of writing this, the most up-to-date exam code for PenTest+ was PT0-002. The test came out in 2021 and states that successful candidates have the knowledge and skills required to plan and scope a penetration testing engagement including vulnerability scanning, understanding legal and compliance requirements, analyzing results, and producing a written report with remediation techniques. In order to best prepare for the exam, understanding the test objectives will help us understand what CompTIA believes is more valuable and, in turn, what we should focus on the most during our preparation. Below are the five objectives the exam is broken down to, with the percentage of questions in the exam associated with the objective:

1. Planning and Scoping (14%)
2. Information Gathering and Vulnerability Scanning (22%)
3. Attacks and Exploits (30%)
4. Reporting and Communication (18%)
5. Tools and Code Analysis (16%)

As you can see by looking at the objectives, almost a third of the questions in the exam are going to be related to ‘Attacks and Exploits.’ This doesn’t mean just study Attacks and Exploits, but it does mean you should be putting in more learning time towards Objective 3 than Planning and Scoping, which is only 14%. Another thing to take into account is that these objectives might have more questions because the content itself covered by the objective is merely larger, and that’s why all of the topics are not weighted the same.

Another thing we should understand is where this certification sits compared to the other CompTIA certifications. Below is a graphic of the traditional order that these tests are taken in:

In this case, since we are focusing on the cybersecurity pathway, we are mainly focused on that path. Entry-level certificates are taken in order such as ITF+, A+, Network+, and Security+. Then you have the intermediate certs where they split to different paths; these two certs are PenTest+ (Penetration Testing / Red Team) and CySA+ (Cybersecurity Analyst / Blue Team). After these, you have a more management-focused cert on the advanced side of CompTIA certs, which is the CASP+ (CompTIA Advanced Security Practitioner). While PenTest+ is considered an intermediate certification by CompTIA, it is believed to be an entry-level cert when it comes to offensive security. Due to the fact that when diving into offensive security, you need all your core skills such as hardware and networking so that you can understand how to use a lot of these fundamental concepts in ways they are not intended to be used, aka hacking. The more intermediate/advanced certifications for penetration testing/ethical hacking are going to test your knowledge in a way that you are performing the penetration test and are being judged based on your procedures and final report.

Learning Strategy

Now that you understand the structure of the test, let’s get you resources that you can use to best prepare you for the exam. I consider myself a hands-on learner/visual learner, so what I used to prepare for this test might not work for someone who learns their best by reading. So I’ll do my best to provide resources that anyone can use no matter their learning style.

Hands-On Learning

When it comes to hands-on learning, I believe that this is something everyone should be doing when it comes to preparing for this exam. In CompTIA’s Security+ certification, a lot of people can get away with not having to do practical work with the tools mentioned and still understand what the tool does. But in this certification, you need to understand how to use the tool and what all of its different mechanisms/flags do. It’s something you just learn by doing, and when you see that question on the test, you’ll just say, “Oh, I’ve used this tool before, and I know exactly how to use it in a real environment,” instead of “I read about this tool on the flashcards but don’t know how to actually implement it in a real environment.”

The tools I would specifically recommend for hands-on learning are TryHackMe, HackTheBox, and capture-the-flag events. TryHackMe is a cybersecurity learning platform where you’ll be given a virtual environment that is specifically crafted so that you can learn about the implementation of a specific tool. They even have a learning path that was made especially for PenTest+, which contains most of the tools the objectives mention and how to use them step-by-step in a virtual environment. I can honestly say that I would not have passed my exam if it weren’t for THM and their PenTest+ learning path.

The other resource is Hack The Box. I highly recommend HTB if you already know some of the basics of offensive security and want to be challenged without getting your hand held through each step. This is the resource for you. Lastly, I would recommend capture-the-flag events. There are websites such as CTFtime that show you all the upcoming CTF events and their difficulty. If you want a place to validate and test your skills, CTFs are the place to go.”

Visual Learning

Video series are a great way to learn about more conceptual topics, such as planning and scoping, as well as reporting and communication. I highly recommend Jason Dion’s video series and practice exams. He goes topic by topic based on the exam objectives and gives extremely well-articulated explanations for each subject, with graphics that help you understand the topic at a faster rate. You can also control the speed at which you consume these videos by changing the playback speed. I personally used Jason Dion’s resources through Udemy.com, and I did not regret it. His practice exams are obviously not the exact same questions you will see on the exam, but they will be the closest you will see a practice exam get to what the real ones will look like. This is important because something that CompTIA has that makes their questions special is the way they word them. Going through the practice questions helps you gauge the level of understanding you have for each objective and also gets you into the habit of answering questions that have a lot of fluff. As a technician, you have to be able to get rid of the fluff and pick out what will help you answer each question.

Reading Learners

For those who prefer reading, I personally struggle with dry books that contain a lot of content, especially when it comes to books that are essentially an index of CompTIA test objectives. However, a book series that I have used for other CompTIA exams and found to be very helpful is “The CompTIA PenTest+ Certification All in One Guide,” This is what I would recommend if you prefer reading over watching videos all day.

Conclusion

Overall, I really enjoyed preparing for this exam, and I highly recommend it to anyone who wants to pursue a career in cybersecurity. Even if you plan to stay on the blue side of the industry, I believe that understanding an adversary’s TTPs (Tactics, Techniques, and Procedures) is crucial to being the best defender you can be. I also believe that for those of us who want to go the red side, this certification will provide the foundation needed to start preparing for more performance-based exams, such as OSCP and PNPT. Please feel free to comment below if you agree or disagree, or if you have more resources to share with others pursuing this certification.

Thank you for reading, JAYT0RR3S OUT!