CompTIA PenTest+ Certification For Dummies. Glen E. Clarke

Скачать книгу

      After you have read through the book multiple times, performed the lab exercises a few times, and completed the end of chapter review questions, you should then take the practice exam available for this book on www.dummies.com. The practice exam gives you the opportunity to experience the feel of a live exam to help you prepare for the Actual works exam. The practice exam also contains sample performance-based questions, which are interactive questions you will find on the real exam. See the section, “Beyond the Book” later in this introduction for more information about how to access the online practice exam.

Icons Used in This Book

      I use a number of icons in this book to draw your attention to pieces of useful information.

       This icon gives you a heads-up on information you should absolutely know for the PenTest+ certification exam.

       Information that would be helpful to you in the real world is indicated with a Tip icon. Expect to find shortcuts and timesavers here.

       This icon is used to flag information that may be useful to remember on the job.

       Information that could cause problems to you or to the computer is indicated with a Warning icon. If you see a Warning icon, make sure you read it. The computer you save may be your own.

Beyond the Book

      In addition to what you’re reading right now, this book comes with a free access-anywhere Cheat Sheet that includes tips to help you prepare for the PenTest+ certification exam. To get this Cheat Sheet, simply go to www.dummies.com and type CompTIA PenTest+ Certification For Dummies Cheat Sheet in the Search box.

      You also get access to practice exam questions. To gain access to the online practice exam, all you have to do is register. Just follow these simple steps:

      1 Register your book or ebook at Dummies.com to get your PIN. Go to www.dummies.com/go/getaccess.

      2 Select your product from the drop-down list on that page.

      3 Follow the prompts to validate your product, and then check your email for a confirmation message that includes your PIN and instructions for logging in.

      If you do not receive this email within two hours, please check your spam folder before contacting us through our Technical Support website at https://support.wiley.com or by phone at 877-762-2974.

      Now you’re ready to go! You can come back to the practice material as often as you want — simply log on with the username and password you created during your initial login. No need to enter the access code a second time.

      Your registration is good for one year from the day you activate your PIN.

Where to Go from Here

      The CompTIA PenTest+ certification is one of the most popular security certifications for individuals new to ethical hacking and penetration testing. After you pass the CompTIA PenTest+ certification exam, you might want to continue your certification path by studying for the following certifications from CompTIA:

       Security+: If you haven’t completed CompTIA’s Security+ certification, this could be the next step. Most candidates complete Security+ before doing PenTest+, but if you haven’t, there is no problem going back to do it. Security+ covers IT security topics that help you secure company assets.

       CySA+: The CySA+ certification is a vendor-neutral certification that ensures the candidate knows how to respond to security incidents by covering security analytics, intrusion detection, and incident response.

       CASP+: The final security certification in the CompTIA security track is the CASP+ certification, which covers advanced technical IT security topics.

Pre-Assessment

      The following questions are designed to test you on areas of the CompTIA PenTest+ certification exam that you may need to focus on when reading through this book. Take time to review each question to come up with the best answer for each question. Be sure to verify your work with the pre-assessment answers that follow, and use the chapter reference given to learn more about the topic related to the question.

Questions

      1. You are performing a penetration test for a large customer. You are using Nmap to determine the ports that are open on the target systems. What phase of the penetration testing process are you currently on?

      (A) Reporting and communication

      (B) Attacks and exploits

      (C) Planning and scoping

      (D) Information gathering and vulnerability identification

      2. You are preparing to perform a penetration test for a customer. What type of document does the customer typically have the penetration tester sign before the penetration test begins?

      (A) Authorization letter

      (B) Service-level agreement

      (C) Non-disclosure agreement

      (D) Master service agreement

      3. Which of the following penetration tools are considered OSINT tools? (Choose two.)

      (A) Nmap

      (B) Recon-ng

      (C) Hydra

      (D) Metasploit

(E) Maltego

      4. You are in the discovery phase of a penetration test and would like to do a port scan on the network, but not perform a ping operation with the port scan. What Nmap switch would you use to disable pings with the port scan?

      (A) -Pn

      (B) -p

      (C) -sP

      (D) -sT

      5. You are looking to discover vulnerabilities on a group of systems that are target systems for your penetration

Скачать книгу