Glen E. Clarke

CompTIA PenTest+ Certification For Dummies


Скачать книгу

to help you perform common pentest-related tasks on the job.

      I hope you find this book a useful tool that you can refer to time and time again in your career.

      Each chapter in this book has different elements that help you prepare to pass the PenTest+ exam. Each chapter includes the following features:

       Icons: Look for the icons used in each chapter to draw your attention to information needed for the PenTest+ exam or in the real world. For more details on the icons I use, check out the section, “Icons Used in This Book” later in this introduction.

       Reviewing Key Concepts: Found at the end of each chapter, the “Reviewing Key Concepts” summary covers key points you should remember for the exam.

       Prep Test: Following each chapter’s “Reviewing Key Concepts” section, you will find example questions to help you review the chapter content in preparation for the PenTest+ certification exam. Be sure to do the review questions with each chapter! Then, after you complete the book, check out the practice exam that accompanies this book on the www.dummies.com website. This practice exam is designed to function like the real exam, with the same level of difficulty. (See the section, “Beyond the Book” later in this Introduction for more information about how to access the online practice exam.)

      I make a few assumptions about you as a reader and have written this book with these assumptions in mind:

       You are interested in obtaining the PenTest+ certification. After all, the focus of this book is helping you pass the exam.

       You have a computer to work on. To perform the lab exercises in this book, you need a computer with virtualization software to run multiple virtual machines. I recommend using virtualization software such as Hyper-V or VMWare Player to run Kali Linux, Metasploitable2, a Windows Server, and a Windows client.

       You will study hard and do as much hands-on work as possible. There is a lot of content covered by the PenTest+ certification exam, and you should read over the information in this book a few times to ensure you understand everything. You should also experiment as much as possible after you read about a particular topic. For example, after you read about running a vulnerability scan, you should try it. There are lab exercises to help you with this as well.

      Like all For Dummies books, chapters are organized into parts. The chapters in each part are related by a specific theme or topic. For example, Part 1: Planning and Information Gathering, contains all the information you need to know in the initial stages of a penetration test.

      Pre-assessment

      Before you dive into the book, you'll find a set of pre-assessment questions to test your initial knowledge of the areas covered by the CompTIA PenTest+ certification exam. Take time to review each question to see where you stand, and then verify your work with the answers that follow. Use the chapter reference given to learn more about the topic related to the question.

      Part 1: Planning and Information Gathering

      In this part, you discover what the PenTest+ certification is all about and what you will be tested on when taking the CompTIA PenTest+ certification exam. You also learn about how to plan and scope the penetration test and the tools used to perform information gathering and vulnerability identification.

      Part 2: Exploiting Systems

      In Part 2, you learn about how exploits are performed on systems to gain access to those systems. You learn about exploiting systems, wireless networks, and how to exploit common weaknesses in applications.

      Part 3: Post-Exploitation and Reporting

      Part 3 discusses common post-exploitation actions you can take after exploiting a system and gaining access to that system. Part 3 also discusses scripting languages and how to create a penetration testing report.

      Appendixes

      Practice exam

      After you have read through the book multiple times, performed the lab exercises a few times, and completed the end of chapter review questions, you should then take the practice exam available for this book on www.dummies.com. The practice exam gives you the opportunity to experience the feel of a live exam to help you prepare for the Actual works exam. The practice exam also contains sample performance-based questions, which are interactive questions you will find on the real exam. See the section, “Beyond the Book” later in this introduction for more information about how to access the online practice exam.

      I use a number of icons in this book to draw your attention to pieces of useful information.

      For the exam This icon gives you a heads-up on information you should absolutely know for the PenTest+ certification exam.

      Tip Information that would be helpful to you in the real world is indicated with a Tip icon. Expect to find shortcuts and timesavers here.

      Remember This icon is used to flag information that may be useful to remember on the job.

      Warning Information that could cause problems to you or to the computer is indicated with a Warning icon. If you see a Warning icon, make sure you read it. The computer you save may be your own.