Getting certified in PenTest+
Through a forum post I found out that a PenTest+ (PT0-002) Beta exam could be done for 50 US Dollars. The moment the Beta exam was opened, I registered immediately. And started the journey for me to the exam moment of the new version of Pentest+. The exam of the current version of PenTest+ (PT0-001) can no longer be taken from the end of October 2021.
CompTIA PenTest+ exam preperation
I had never taken an exam of a CompTIA course before, so when registering for the exam, I had no idea what was coming my way. When reading about the exam objectives I understood that there are two types of questions. The exam contains multiple choice questions and performance-based exercises on the exam. The passing score is 750 on a scale of 100-900 and 85 types of questions are asked withing 165 minutes…
DOMAIN PERCENTAGE OF EXAMINATION
| Domain | Weight |
|---|---|
| 1.0 Planning and Scoping | 14% |
| 2.0 Information Gathering and Vulnerability Scanning | 22% |
| 3.0 Attacks and Exploits | 30% |
| 4.0 Reporting and Communication | 18% |
| 5.0 Tools and Code Analysis | 16% |
| Total | 100% |
Study material
At that time, there was no real study material available for the new version. Based on the exam objectives I thought I could compare it with the current version with some recent updates. As there are no study guides for PT0-002 during the beta examination I decided to use the current version (PT0-001). I bought a book: CompTIA PenTest+ Study Guide: Exam PT0-001 1st Edition (yes a hard copy) to read and take some notes from it.
As additional study material I also decided to use the book CEH v10 Certified Ethical Hacker Study Guide 1st Edition . I still had the book because I had used it a while back to prepare for the CEH v10 exam. Furthermore, I did not buy any study materials, because I would look up the rest on the internet if I did not know certain things and could not find them in the books.
Flashcards
Since I passed the CEH last year and I had bought a the book: CEH v10 Certified Ethical Hacker Study Guide 1st Edition back then. I still had access to these flashcards via the website and I had access to the flashcards of the book: CompTIA PenTest+ Study Guide: Exam PT0-001 1st Edition. So I started using them as well since there was a second time a lockdown due to COVID-19, but now a year later.
Practice exams
Because the exam was renewed, logically there are no practice exams available yet. I went back to the practice exams I had from the CEH book and from the Pentest+ book. When these two books are combined with practice questions and practice exams, there are quite a few practice questions to refresh certain knowledge for the exam. Of course, the questions to be dragged in or to indicate what a possible solution is cannot be obtained from these practice questions and practice exams. This makes the difference between the new Pentest+ exam and the CEH exams.
The exam
As usual, I had the exam in mind for a Monday. Because I needed a few weeks to prepare myself, I scheduled my exam at the end of June, just a few days before the last beta test could be taken. Monday morning, June 28, 2021 was the day. The COVID19 measures had just been reduced and I no longer needed a mouth cap at the exam center. I was therefore allowed to take a picture without a mouth cap before the exam started. I know that a number of people had taken an exam a few weeks before me and therefore had to take a picture with a mouth cap. Unfortunately for me, I couldn’t take a picture so anonymously with a mouth cap. After all data had been checked, a photo had been taken and I had left my personal items in a safe, I could go to the exam room, where a place was prepared for me.
The exam started with a number of performance-based exercises, which are not all equally easy or difficult. These are assignments fore example, where you have to drag answers in the correct order, or an answer to a certain question. Sometimes it’s things you have to do. But if you have some experience in security, the performance-based exercises can be done without any problems. After I had completed these performance-based exercises, the multiple choice questions were next in the exam. Many of these questions can be answered by reading the (old or soon the new) book. Of course you can also go blind if you already have some experience on your experience, or deepen more knowledge by searching the internet. I don’t remember the exact number of questions, because I just kept answering the questions until the end. I believe it was around 100 because there are also some test questions included in a beta exam to see how the questions are made and whether they can be asked in the new exam. As soon as I had my questions answered, I called the front desk to say hello. Now it was time to wait quietly until sometime in October.
The exam result
Today (26th of October 2021), I received an email that I passed the exam. I was happy to read that I passed since it was a few months ago I did take the exam. I can’t say exactly what kind of questions there are asked during the exam, even if I would I can’t remember them. But for certain, as long as there are no new materials for this course (which probably will be by now) I recommend you to use the older study material. Then look for the gaps between the old en new version of the Pentest+ learning objectives. Search on Google, Bing, duckduckgo or whetever search engine you use for those learning objectives.