CompTIA Pentest+ Beta Review
This is a quick review of CompTIA’s new Pentest+ exam PT0-002 which is the latest offering on their Pentest+ series. Well version 2 is not officially launched yet and I took the Beta exam which is code named PT1-002.
Here are the main differences between the two versions of the exam, which are not that much:
Read here and here for more details.
The Beta Exam is only $50. So if you are ready to explore a bit of unknown, want to save a lot money and have good preparation than go for this Beta exam. Clearing the Beta exam gives you a full certification status. The official launch date of Pentest+ v002 is October 2021.
Find the full objectives of the exam here:
There is no experience required to give this certification but CompTIA recommends to have minimum of 3-4 years of hands-on information security or related experience.
For the BETA exam the number of questions will be more that 85 or at least that was the case with me. Time of 165 minutes is still sufficient to answer these questions.
Performance Based Questions
I really like the performance based questions as they were very practical and requires the candidate to have practical knowledge and gives more weight to this certification. Here are few pointers to prepare for these types of questions:
- Do hands on with your tools, specially NMAP and understand the output.
- Understand 3-way TCP/IP handshake in details. Capture a handshake using Wireshark and understand it thoroughly.
- Understand OWASP Top 10 vulnerabilities thoroughly and their remediation.
- Understand HTTP request and reply. Capture them using any Web Proxy like Burp and understand and analyse all the fields.
