CompTIA PenTest+

Maintaining your PenTest+ certification: CPE and renewal requirements

February 15, 2022 by Greg Belding

PenTest+ is one of the leading penetration testing certifications. Once you earn the certification, you have to maintain it as it will only last for three years. This article will detail what you have to do to satisfy the CPE and renewal requirements for the PenTest+ certification.

For IT and information security professionals responsible for penetration testing within their organization, the PenTest+ certification can help verify their knowledge and hands-on skill. Once you earn this certification, your work is not finished. 

Use this article to plot the course for maintaining this penetration testing certification.

What is the CompTIA PenTest+ certification?

PenTest+ is a penetration testing certification offered by CompTIA. This certification verifies the following:

  • Plan and scope a penetration testing engagement
  • Understand legal and compliance requirements
  • Perform vulnerability scanning and penetration testing using appropriate tools and techniques, and then analyze the results
  • Produce a written report containing proposed remediation techniques
  • Effectively communicate results to the management team, and provide practical recommendations

What are the CompTIA PenTest+ renewal requirements?

As mentioned earlier, after you earn your PenTest+ certification, your work is not complete towards the cert. Like many other certifications, PenTest+ is good for only a certain amount of years — three years to be exact, and if you want to continue being a PenTest+ cert holder, you have to satisfy the renewal requirements.

With this said, CompTIA has set renewal requirements for the PenTest+ certification. To renew your certificate, you will have to earn continuing professional education units (CPE). You will also have to pay a continuing education (CE) fee of either $50 per year or $150 for the three years of the PenTest+ certification, your choice. This is also known as the PenTest+ renewal fees. 

PenTest+ CPE policy overview

The good thing about this is earning your CEU credits is fairly flexible, making it easy to fit into your already busy life. With that said, let’s delve into the PenTest+ CPE policy overview.

All CompTIA certifications have different requirements for how many CPE units you must earn to satisfy the renewal requirements. For the PenTest+ certification, you will have to earn 60 CPE units to maintain your certification. This may seem like a steep hill to climb with everything else in your busy professional life but fear not. Remember that your certificate is good for three years from the day you earn the certification, and with that said, you will have a period of three years to earn the CPE units. This breaks down to a much easier number to swallow of 20 CPE units per year. 

One more thing to remember is the activity that you will be earning your CPE credits with must contain at least 50% material from at least one of the PenTest+ objectives.

Ways to earn PenTest+ CPE credits

As mentioned earlier, one of the best things about maintaining your PenTest+ certification is the fact that there are multiple ways to earn your CPE credits which makes the whole process far more flexible and easier to satisfy than a strict requirement that only allows for one or two avenues to earning your CPE credits. Below are the ways that you can earn them:

Renew with a single activity

The first way you can earn your CPE credits is to renew with a single activity. This means that instead of sitting through courses or training, you would just have to complete one of the following:

  • Earn additional CompTIA certifications
  • Earn non-CompTIA IT industry certifications
  • Pass the latest release of the PenTest+ certification exam

For those looking for the proverbial “one and done” solution, this path is for you.

Renew with multiple activities

The second way to earn your CPE credits is to renew with multiple activities. This means that you can essentially collect CPE credits as you work your way through different activities, collecting CPE credits along the way. Below is the list of what qualifies as multiple activities that CompTIA will accept toward your PenTest+ CPE credit requirement:

  • Attend a live webinar
  • Attend a conference
  • Complete a college course
  • Complete a training course
  • Complete an American Council on Education (ACE) course
  • Create instructional materials
  • Earn additional CompTIA certifications
  • Earn non-CompTIA IT industry certifications
  • Participate as a CompTIA subject matter expert in an exam development workshop
  • Publish a blog post
  • Publish a book
  • Publish an article or white paper
  • Teach or mentor
  • Work experience

What happens if my PenTest+ certification is expired or revoked?

For some, their PenTest+ certification may expire for failure to keep on top of their CPE renewal requirements, or it may be revoked. Below is what you need to do in each situation:

  • If your PenTest+ certification expires, you will have to pass the latest release of the PenTest+ certification exam (but it cannot be the same exam you passed to earn the certification). You will have a grace period of 90 days to pay any outstanding CPE balance or upload your CPE units.
  • If your PenTest+ certification is revoked, you can file an appeal with CompTIA within 30 days. You will also not be eligible to register for a CompTIA exam for a minimum period of 6 months from the date your PenTest+ certification was revoked.

Pursuing the PenTest+ certification 

The PenTest+ certification is intended for IT and information security professionals who use penetration testing to benefit their respective organizations. To keep this certification, you must satisfy the PenTest+ CPE and renewal requirements. Use this article to guide what you will need to do to satisfy your renewal requirements and maintain this penetration testing certification.


Posted: February 15, 2022
Greg Belding
View Profile

Greg is a Veteran IT Professional working in the Healthcare field. He enjoys Information Security, creating Information Defensive Strategy, and writing – both as a Cybersecurity Blogger as well as for fun.