CompTIA PenTest+ Certification All-in-One Exam Guide, Second Edition (Exam PT0-002)
This fully-updated guide delivers complete coverage of every topic on the current version of the CompTIA PenTest+ certification exam.

Get complete coverage of all the objectives included on the CompTIA PenTest+ certification exam PT0-002 from this comprehensive resource. Written by expert penetration testers, the book provides learning objectives at the beginning of each chapter, hands-on exercises, exam tips, and practice questions with in-depth explanations. Designed to help you pass the exam with ease, this definitive volume also serves as an essential on-the-job reference.

Covers all exam topics, including:

  • Planning and engagement
  • Information gathering
  • Vulnerability scanning
  • Network-based attacks
  • Wireless and radio frequency attacks
  • Web and database attacks
  • Cloud attacks
  • Specialized and fragile systems
  • Social Engineering and physical attacks
  • Post-exploitation tools and techniques
  • Post-engagement activities
  • Tools and code analysis
  • And more

Online content includes:

  • 170 practice exam questions
  • Interactive performance-based questions
  • Test engine that provides full-length practice exams or customizable quizzes by chapter or exam objective

1140484180
CompTIA PenTest+ Certification All-in-One Exam Guide, Second Edition (Exam PT0-002)
This fully-updated guide delivers complete coverage of every topic on the current version of the CompTIA PenTest+ certification exam.

Get complete coverage of all the objectives included on the CompTIA PenTest+ certification exam PT0-002 from this comprehensive resource. Written by expert penetration testers, the book provides learning objectives at the beginning of each chapter, hands-on exercises, exam tips, and practice questions with in-depth explanations. Designed to help you pass the exam with ease, this definitive volume also serves as an essential on-the-job reference.

Covers all exam topics, including:

  • Planning and engagement
  • Information gathering
  • Vulnerability scanning
  • Network-based attacks
  • Wireless and radio frequency attacks
  • Web and database attacks
  • Cloud attacks
  • Specialized and fragile systems
  • Social Engineering and physical attacks
  • Post-exploitation tools and techniques
  • Post-engagement activities
  • Tools and code analysis
  • And more

Online content includes:

  • 170 practice exam questions
  • Interactive performance-based questions
  • Test engine that provides full-length practice exams or customizable quizzes by chapter or exam objective

60.0 In Stock
CompTIA PenTest+ Certification All-in-One Exam Guide, Second Edition (Exam PT0-002)

CompTIA PenTest+ Certification All-in-One Exam Guide, Second Edition (Exam PT0-002)

by Raymond Nutting, Heather Linn
CompTIA PenTest+ Certification All-in-One Exam Guide, Second Edition (Exam PT0-002)
Add to Wishlist
CompTIA PenTest+ Certification All-in-One Exam Guide, Second Edition (Exam PT0-002)

CompTIA PenTest+ Certification All-in-One Exam Guide, Second Edition (Exam PT0-002)

by Raymond Nutting, Heather Linn

Overview

This fully-updated guide delivers complete coverage of every topic on the current version of the CompTIA PenTest+ certification exam.

Get complete coverage of all the objectives included on the CompTIA PenTest+ certification exam PT0-002 from this comprehensive resource. Written by expert penetration testers, the book provides learning objectives at the beginning of each chapter, hands-on exercises, exam tips, and practice questions with in-depth explanations. Designed to help you pass the exam with ease, this definitive volume also serves as an essential on-the-job reference.

Covers all exam topics, including:

  • Planning and engagement
  • Information gathering
  • Vulnerability scanning
  • Network-based attacks
  • Wireless and radio frequency attacks
  • Web and database attacks
  • Cloud attacks
  • Specialized and fragile systems
  • Social Engineering and physical attacks
  • Post-exploitation tools and techniques
  • Post-engagement activities
  • Tools and code analysis
  • And more

Online content includes:

  • 170 practice exam questions
  • Interactive performance-based questions
  • Test engine that provides full-length practice exams or customizable quizzes by chapter or exam objective

Product Details

ISBN-13: 9781264274895
Publisher: McGraw Hill LLC
Publication date: 04/04/2022
Edition description: 2nd ed.
Pages: 464
Product dimensions: 7.10(w) x 8.90(h) x 1.00(d)

About the Author

Heather Linn, CompTIA PenTest+, has over 20 years in the security industry and has held roles in corporate security, penetration testing, and as part of a hunt team. She has served as the technical editor for CompTIA PenTest+ Certification All-in-One Exam Guide, First Edition, CompTIA PenTest+ Certification Practice Exams, and Gray Hat Hacking, Fifth Edition. She is the author of CompTIA PenTest+ Passport.

Raymond Nutting, CompTIA PenTest+™, CISSP-ISSEP, is a published author and security practitioner with over 20 years of experience in the field of information security. He is the co-owner and founder of nDepth Security, a managed security service provider that specializes in penetration testing. Ray holds numerous industry-recognized certifications and has presented at various conferences and events throughout his career.

Table of Contents

Acknowledgments xv

Introduction xvii

Chapter 1 Planning and Engagement 1

Governance, Risk, and Compliance 1

Regulatory and Compliance Considerations 2

Testing Limitations 6

Time-Based Limitations 6

Asset Scope Limitations 7

Tool Limitations 7

Allowed and Disallowed Tests 8

Contracts and Documentation 8

Master Services Agreement 9

Nondisclosure Agreement 9

Statement of Work 9

Rules of Engagement 10

Permission to Test 10

Scope and Requirements 11

Standards 11

Environmental Considerations for Scoping 18

Target Selection 19

Contract Review 23

Communication Planning 25

Professionalism and Integrity 26

Communication 27

Integrity 29

Risks to the Tester 30

Chapter Review 30

Questions 31

Answers 32

References 33

Chapter 2 Information Gathering and Vulnerability Scanning 35

Passive Reconnaissance 36

DNS Recon 36

OSINT 44

Search Engines 51

Active Reconnaissance 58

Host Enumeration 58

Service Identification and Fingerprinting 62

Web Content Enumeration 68

User Enumeration 71

Defense Detection and Detection Avoidance 73

Vulnerability Scanning and Analysis 78

Credentialed vs. Noncredentialed Scanning 79

Compliance and Configuration Auditing 81

Vulnerability Research Sources 82

Chapter Review 85

Questions 85

Answers 87

References 87

Chapter 3 Network-Based Attacks 89

Name Resolution Exploits 89

DNS Spoofing and Cache Poisoning 91

Attacking LLMNR and NetBIOS 94

Password Attacks 99

Brute-Force and Dictionary Attacks 100

Password Spraying 101

Hash Cracking 101

Stress Testing Applications and Protocols 105

Network Packet Manipulation 108

Analyzing and Inspecting Packets 108

Forge and Decode Packets 109

Layer 2 Attacks 111

Attacking the Spanning Tree Protocol 111

VLAN Hopping 113

Bypassing Network Access Controls 114

Researching an Attack 114

An Attack on FTP 114

An Attack on Samba and NFS 116

Chapter Review 119

Questions 120

Answers 121

Chapter 4 Wireless and RF Attacks 123

802.11 Wireless 123

Wireless Networking Overview 123

Wireless Testing Equipment 131

Attacking Wireless 132

Attacking Bluetooth 148

Bluetooth Specifications 148

Device Discovery 149

Bluetooth Attacks 149

RFID and NFC 150

Chapter Review 153

Questions 153

Answers 155

References 156

Chapter 5 Web and Database Attacks 157

OWASP Top Ten 157

Injection Attacks 157

Command Injection 158

SQL Injection 161

LDAP Injection 168

Cross-Site Scripting 169

Cross-Site Request Forgery 171

Attacking Authentication and Session Management 173

Brute-Force Login Pages 173

Session Management Testing 176

Data Exposure and Insecure Configuration 180

Weak Access Controls 181

Exposing Sensitive Data 182

Directory and Path Traversals 184

Sensitive Data Exposure 187

Inclusion Attacks 188

Race Conditions 189

Chapter Review 189

Questions 190

Answers 192

Chapter 6 Attacking the Cloud 195

Account and Privilege Attacks 196

Credential Harvesting 196

Privesc 197

Account Takeover 202

Password Spraying 202

Misconfigured Cloud Assets 203

Identity and Access Management 203

Federation 205

Object Storage 205

Containerization Technologies 208

Cloud-Centric Attacks 209

Denial of Service 209

Cloud Malware Injection 210

Side-Channel Attacks 211

Software Development Kits 211

Chapter Review 213

Questions 213

Answers 214

Chapter 7 Specialized and Fragile Systems 215

Mobile Devices 216

Testing Concepts 216

Mobile Hardware 218

Mobile Operating Systems Overview 219

Mobile Applications Overview 221

Testing iOS 224

Testing Android 230

Virtual and Containerized Systems 239

Other Nontraditional Systems 240

SCADA and Industrial Control Systems 240

Embedded Systems 243

Chapter Review 243

Questions 244

Answers 246

Chapter 8 Social Engineering and Physical Attacks 249

Physical Security and Social Engineering 250

Pretexting and Impersonation 254

Methods of Influence 255

Social Engineering and Physical Attacks 255

Phishing Attacks 256

Other Web Attacks 259

Social Engineering Tools 260

Dumpster Diving 265

USB Dropping 265

Shoulder Surfing 265

Tailgating 266

Badges 266

Bask Physpen Tools 266

Countermeasures 267

Chapter Review 268

Questions 269

Answers 271

References 271

Chapter 9 Post-Exploitation 273

Enumeration 273

Discovery 274

Credential Access 279

Privilege Escalation 287

Linux Privilege Escalation 288

Windows Privilege Escalation 295

Covert Channels and Data Exfiltration 305

SSH Tunneling 306

Shell Types 308

Command and Control 308

Data Exfiltration 309

Lateral Movement 309

Living Off the Land 309

Passing the Hash 310

RPC/DCOM 311

Remote Desktop Protocol 312

WinRM 312

Maintaining Persistence 313

Windows 314

Linux 315

Covering Your Tracks 316

Clearing Command History 316

Timestomping 317

File Deletion 319

Chapter Review 319

Questions 320

Answers 322

Chapter 10 Post-Engagement Activities 323

The Anatomy of a Pentest Report 323

Reporting Audience 324

Report Contents 325

Storage and Secure Distribution 332

Attestations 333

Findings, Recommendations, and Analysis 333

Recommendations 337

Common Themes and Root Causes 340

Post-Engagement Activities 341

Cleanup 342

Client Acceptance 342

Lessons Learned 342

Retesting and Follow-up 343

Chapter Review 343

Questions 343

Answers 345

References 345

Chapter 11 Tools and Code Analysis 347

Logic Constructs 347

Conditionals 348

Loops 349

Boolean Operators 349

Arithmetic and String Operators 350

Data Structures 351

Key Values and Keys 351

Arrays, Dictionaries, and Lists 352

Trees 352

CSV, XML, and JSON 352

Other Programming Concepts 354

Procedures 354

Functions 355

Classes 356

Libraries 357

Practical Examples 357

Bash 358

Python 360

Perl 361

Ruby 362

JavaScript 363

PowerShell 364

Specialized Examples 365

Bash Shells 365

Bash Automation 366

PowerShell Shells 368

PowerShell: Enumerating AD Users and Computers 369

Python Port Scanner 370

Python Encoding 372

Using Python to Upgrade to a Fully Interactive Shell 372

Using Perl to Modify IP Addresses in a File 373

Perl Reverse Shell 374

JavaScript Downloader 374

Chapter Review 375

Questions 376

Answers 377

Chapter 12 Tools Inventory 379

Appendix A Objective Map 397

Objective Map: Exam PT0-002 397

Appendix B About the Online Content 399

System Requirements 399

Your Total Seminars Training Hub Account 399

Privacy Notice 399

Single User License Terms and Conditions 399

TotalTester Online 401

Other Book Resources 401

Performance-Based Questions 401

Downloadable Content 402

Technical Support 402

Glossary 403

Index 425

From the B&N Reads Blog
Page 1 of

Related Subjects

Computers
Computer Certification & Training
Other Computer Certification
Computers
Computer Certification & Training
Other Computer Certification

Customer Reviews