CompTIA PenTest+

CompTIA PenTest+ exam details and process

February 8, 2022 by Greg Belding

You will have to pass the PenTest+ certification exam to earn this certification. This article will present you with the important information you will need for the PenTest+ exam and is a great starting point on your PenTest+ certification path.

IT and information security professionals that want to improve their skills in penetration testing or to transition their career into a more pentest-focused role may want to earn the PenTest+ certification. This certification covers all red team activities, released by CompTIA and on its second exam version (PT0-002). It is currently the only certification exam available that covers all aspects of vulnerability management. 

What is the CompTIA PenTest+ exam?

To earn the CompTIA PenTest+ certification, you must pass the PenTest+ exam. Passing the exam will make you PenTest+ certified, which verifies that you can:

  • Plan and scope a penetration testing engagement
  • Understand legal and compliance requirements
  • Perform vulnerability scanning and penetration testing using appropriate tools and techniques and then analyze the results
  • Produce a written report containing proposed remediation techniques 
  • Effectively communicate results to the management team, and provide practical recommendations

There are two ways to take the PenTest+ exam — at a Pearson VUE testing center or online. 

What are the PenTest+ exam topics?

Before we delve into the PenTest+ exam topics, let’s look at what has changed since the first exam edition, PT0-001:

PT0-001

PT0-002

Exam Domain Exam Domain
1.0 Planning and Scoping (15%) 1.0 Planning and Scoping (14%)
2.0 Information gathering and vulnerability identification (22%) 2.0 Information gathering and vulnerability scanning (22%)
3.0 Attacks and exploits (30%) 3.0 Attacks and exploits (30%)
4.0 Penetration testing tools (17%) 4.0 Reporting and communication (18%)
5.0 Reporting and communication (16%) 5.0 Tools and code analysis (16%)

As you can see, the number of exam topics or domains has remained the same at five. The difference in PT0-002 is that exam domains 4 and 5 have flipped places, and the focus for domains has changed to give certification candidates an even more relevant focus. For example, exam domain 2 has removed identification from the domain title and has replaced it with scanning.

What is the PenTest+ exam format?

The PenTest+ exam format includes multiple-choice questions, drag and drop activities and performance-based questions. The multiple-choice questions are both single- and multiple-response.

Performance-based questions test problem-solving in a simulated environment which adds a real-world feel to the exam.

What are PenTest+ exam questions like?

The PT0-002 edition of the PenTest+ exam contains questions that are reported as being more difficult than other CompTIA certification exams, and overall, the exam is considered moderate difficulty.

The questions in this exam edition include expanded techniques for pentesting web applications, cloud and hybrid environments and more focus on vulnerability scanning and demonstrating an ethical hacking mindset in various scenarios.

How long is the PenTest+ exam?

PenTest+ candidates have 165 minutes to complete the exam. 

How many questions are on the PenTest+ exam?

There are a maximum of 85 questions on the PenTest+ certification exam. 

How much does the PenTest+ exam cost?

It costs $370 to take the PenTest+ certification exam. 

How to pass the PenTest+ exam

To pass the PenTest+ exam, you will have to earn at least a minimum score of 750 out of a possible score range of 100-900. Those that have passed the exam normally do so with the help of various study aids, including books, PenTest+ certification classes and PenTest+ boot camps. 

When do I get my PenTest+ exam results?

The good thing about receiving your PenTest+ exam results is how fast you find out what you earned. When you complete your exam and the exam exit survey, your exam score will be displayed on your screen.

If you took your PenTest+ exam at a testing center, you would also receive a score report that includes additional information about your exam score, such as which areas of the exam content you performed well in.

What happens after I pass the PenTest+ exam?

After you have passed the PenTest+ exam, you will be officially PenTest+ certified. Your PenTest+ certification will be valid for three years, at which time you will have to renew your certification. To renew your certification, you will have to earn 60 Continuing Education Units (CEUs).

You will have to upload them to your certification account, which will automatically renew every three years if you have the required CEUs in your certification account.

What happens if I fail the PenTest+ exam?

If you fail the PenTest+ exam, it’s not the end of the world!

You can always retake the PenTest+ exam and if you do, make sure to learn from the score report to make the most of your retake.

How to register for the PenTest+ exam?

First, you will have to buy an exam voucher here. Next, choose if you would like to take the PenTest+ exam online or at a Pearson VUE testing center here. You will have to create a CompTIA account if you have not already and schedule your exam. You can create an account here.

Importance of PenTest+ penetration testing certificate

The PenTest+ penetration testing certification will help you verify the knowledge and skills that you have developed over the years. To become a PenTest+ certification holder, you must first pass the PenTest+ exam.

Use this article as your roadmap for the important details of the PenTest+ exam and the process you will have to follow to earn the certification and to maintain the cert as you go into the future.

Sources

Posted: February 8, 2022
Author
Greg Belding
View Profile

Greg is a Veteran IT Professional working in the Healthcare field. He enjoys Information Security, creating Information Defensive Strategy, and writing – both as a Cybersecurity Blogger as well as for fun.

Leave a Reply

Your email address will not be published.