In cybersecurity, as in the military, sports and more, a solid defense is nothing without an equally strong offense. You can’t just sit back and wait – you need to take action. Cybersecurity professionals need to find system weaknesses before cyber-criminals do, and that’s where penetration testing comes in. Slated for release later this year, CompTIA PenTest+ validates the skills needed for penetration testing, or vulnerability assessment and management.
Similar to CompTIA Cybersecurity Analyst (CySA+), CompTIA PenTest+ is intended for intermediate-level cybersecurity professionals. While CySA+ focuses on defense through incident detection and response, PenTest+ focuses on offense through penetration testing and vulnerability assessment.
CompTIA PenTest+ involves launching attacks on systems, discovering the vulnerabilities and managing them. It’s intended for cybersecurity professionals tasked with identifying, exploiting, reporting and managing vulnerabilities on a network.
CompTIA PenTest+ Is Now DoD Approved
CompTIA PenTest+ is now approved by the U.S. Department of Defense (DoD) 8570 for three cybersecurity job categories.
Specifically, CompTIA PenTest+ covers the following technical areas:
- Planning and scoping
- Information gathering and vulnerability identification
- Attacks and exploits
- Penetration testing tools
- Reporting and communication
The CompTIA Difference: Hands-On Performance-Based Testing and Teamwork
CompTIA PenTest+ is a performance certification, and the exam will include hands-on simulations as well as multiple choice questions, requiring test takers to perform penetration testing and vulnerability assessment job tasks during the exam.
Expanding the CompTIA Cybersecurity Career Pathway
CompTIA PenTest+ will join CompTIA Cybersecurity Analyst (CySA+) at the intermediate-skills level of the CompTIA Cybersecurity Career Pathway. Depending on your course of study, PenTest+ and CySA+ can be taken in any order but typically follow the skills covered by CompTIA Security+. Although the two exams teach opposing skills, they are dependent on one another. The most qualified cybersecurity professionals have both offensive and defensive skills.
CompTIA PenTest+ validates the knowledge, skills and abilities related to many cybersecurity roles, including the following:
- Penetration Tester
- Vulnerability Assessment Analyst
- Vulnerability Assessor
- Cybersecurity Engineer
- Manager, Network Security
- Cybersecurity Analyst
- Cybersecurity Specialist
Validate your red team skills with CompTIA PenTest+. Download the exam objectives to get started.
Patrick Lane, M.Ed., is a director of products for CompTIA. He manages IT workforce skills certifications, including CompTIA Security+, CompTIA Cybersecurity Analyst (CySA+), CompTIA PenTest+, CompTIA Advanced Security Professional (CASP) and CompTIA Server+. He is an Armed Forces Communications and Electronics Association (AFCEA) lifetime member, most recently assisting the Defense Information Security Agency (DISA) with scalable Security Information and Event Management (SIEM) techniques from the private sector. Patrick participated in the U.S. White House’s National Cybersecurity Alliance (NCSA) and worked directly with the Director of Cybersecurity Policy at the U.S. National Security Council (NSC) for the “Lock Down Your Login” campaign. He has implemented a wide variety of IT projects, including a network and help desk for 11,000 end users.
Jen Blackwell also contributed to this article. She is a products marketing manager at CompTIA and oversees the certifications along the CompTIA Cybersecurity Career Pathway.