PenTest+

5 bullets on how to pass the PenTest+

• Memorize Nmap Switches

• Understand CompTIA Pentesting steps

• Be able to identify Ruby, Python and Bash scripts + For/while loops

• Use the 50-50 rule to eliminate possible answers(this goes for any test really)

• Use the TryHackMe Learning path

Study Materials & Methods

I started studying for this exam 11/23/21 and passed the exam 01/08/22. I'll try and schedule the exam after working on the material for 2 weeks or so. This will allow me to find a reasonable pace to work at and also give me a deadline to meet. I typically spent around three hours a day working on the material. As part of my WGU Enrollment I was given access to the official Certmaster Learn for Pentest+ PT0-001. I skipped the CompTIA material to start and bought a one year subscription to TryHackMe. They have a dedicated Path for Pentest+ which I found extremely helpful. I also completed the Advent of Cyber 3 event on TryHackMe. It was fun and also helped reinforce the Pentest+ Path.

The CompTIA material was pretty solid, they have a few options, flashcards, quizzes, games and one Assessment. There was also a separate "practice" module. It will take a section from the learning material and ask you questions. It repeats the questions until you get each correct three times in a row. I find this to be the most useful feature.

The first thing I do when starting a course is take a practice test. The test helps me figure out what I need to focus on as I go through the material. I'll then read through all of the material and complete any labs/quizzes along the way. While working during the day I'll listen to videos for the material. After work I'll take a break and then get back to the computer for a few hours(2 minimum). After the first hour or so I'll take short breaks every hour so I don't get burned out.

Exam Day

I'll start with the night before the exam. I try keep the same routine I used when prepping for the test. After dinner and spending time with the family I focus on reviewing the incorrect answers from the practice exams. This leads me to one of the main issues I have with the CompTIA Learn/Certmaster material. The practice Assessment is fairly accurate to the test(Not Including the PBQ's, more on this later) The issue with the included Assessment is that it requires you to "reset" the exam to take it again and it does not retain any history. This prevents you from seeing where you've improved/fallen behind.

Usually I read the section for the incorrect answers and the summarize them on paper. I'll continue this process when I wake up in the morning. I typically schedule the exams for 10 or 10:30AM. This gives me a few hours in the morning to study anything I'm having difficulty with. I try to get to the testing center at least 30 minutes early.

The Exam

I had 6 PBQ's(Problem Based Questions) and 62 multiple answer questions. The bank of questions I got on this exam were mostly on scripting and web app exploitation which happen to be the areas I'm weakest in. My method for these exams is to skip the question if I don't know the answer right away. Usually I skip the PBQ's as they require much more time than the multiple answer questions.

Another Issue I have with CompTIA exams in general are the PBQ's(Example). PBQ's are just questions with multiple drop downs or drag and drop scenarios. They are extremely slow, a tester has to choose to see either the question or the possible answers but can't have both up on the screen at the same time. The example is pretty straightforward and is not reflective in the actual exam PBQ's in my experience. PBQ's on the exam seem to be focused more on reading comprehension than testing troubleshooting or even pentesting methodology.

The exam allows 165 minutes and I finished right around the 60 minute mark including time to review any questions I wasn't 100% sure on.

Lessons Learned & Conclusion

I should have spent more time on scripting in general. The exam covers Bash, Python and Ruby. You need to be able to identify the difference between each. You also need to be able to write what they call a "basic" port scanner in each language. You also need to make sure you know the following tools Maltego, FOCA, Recon-ng, theHarvester, Shodan. Know the difference between Fence Jumping and Dumpster Diving. Make sure you know Nmap and the basic switches(-sS, -O, -oN/oX/oS,oG,oA).