CompTIA PenTest+ Exam Prep

Topic 1 Planning and Scoping 

• Planning a pen test
• Rules of engagement
• Regulatory compliance
• Resources and budgets
• Impact and constraints
• Support resources
• Legal groundwork
• Service provider agreements
• Standards and methodologies
• Environment and scoping considerations
• Ethical mindset
• Lab environment setup
• Project strategy and risk
• Scope vulnerabilities
• Compliance-based assessments

Topic 2 Information Gathering and Vulnerability Scanning 

• Scanning and enumeration
• Scanning and demo
• Packet investigation
• Packet inspection demo
• Lab setup
• Lab: Wireshark
• Application and open-source resources
• Passive reconnaissance
• Active reconnaissance
• Vulnerability scanning
• Vulnerability scanning demo
• Lab: Network basis
• Lab: Nmap discovery
• Target considerations
• Analysing scan output
• Nmap scoping and output options
• Nmap timing and performance options
• Prioritization of vulnerabilities
• Common attack techniques
• Automating vulnerability scans
• Credential attacks
• Lab: Password cracking
• Lab: Secure Sockets Layer
• Lab: Routing basics

Topic 3 Attacks and Exploits 

• Network-based attacks
• Wireless and RF Attacks
• Web and Database Attacks
• Attacking the cloud
• Specialised and Fragile Systems
• Social Engineering and Physical attacks
• Post-Exploitation

Topic 4 Reporting and Communication 

• Report writing
• Important components of written reports
• Mitigation strategies
• Technical and physical controls
• Administrative and operational controls
• Communication
• Presentation of findings
• Post-report activities
• Data destruction process

Topic 5 Tools and Code Analysis 

• Using scripting in pen testing
• Bash scripting basics
• Python scripts
• Tools inventory
• Pen testing toolbox
• Scanners and credential tools
• Code-tracking tools
• Wireless and web pen testing tools
• Remote access tools
• Analysers and mobile pen testing tools

Prerequisite:

This course is assumed some basic knowledge on ROS. If you don't have background in  ROS , you can consider the following courses:

• Basic Robot Operating System (ROS) for Beginners
• Full Robot Operating System (ROS) Training

Hardware and Sofware Requirement

• Ubuntu Laptop with Ubuntu 16.04.xx
• PC or Mac installed with VirtualBox and Ubuntu 16.04.xx

HRDF Funding

Please refer to this video https://youtu.be/Kzpd-V1F9Xs

1-     HRD Corp Grant Helper

How to submit grant applications for HRD Corp Claimable Courses

2-     Employers are required to apply for the grant at least one week before training commences.

Employers must submit their applications with supporting documents, including invoices/quotations, trainer profiles, training schedule and course content.

3-     First, Login to Employer’s e-TRIS account -https://etris.hrdcorp.gov.my

Second, Click Application

4-     Click Grant on the left side under Applications

5-     Click Apply Grant on the left side under Applications

6-     Click Apply

7-     Choose a Scheme Code and select HRD Corp Claimable Courses: Skim Bantuan Latihan Khas. Then, click Apply

8-     Scheme Code represents all types of training that suit the requirements provided by HRD Corp. Below are the list of schemes offered by HRD Corp:

9-     Select your Immediate Officer and click Next

10-  Select a Training Provider, then click Next

11-  Please select a training programme from the list, then key in all the required details and click Next

Select your desired training programme.

Give an explanation on why the participant is required to attend the training. E.g., related to their tasks/ career development, etc.

Explain the background and objective of this training.

Select a relevant focus area. For Employer-Specific Courses, select ‘Not Applicable’.

12-  If the training programme is a micro-credential programme, you are required to complete these 3 fields. Save and click Next

Insert MiCAS Application number

13-  Based on the nine (9) pillars listed below, HRD Corp Focus Area Courses are closely tied to support government initiatives towards nation building. As such, courses offered through the HRD Corp Focus Areas are designed to provide the workforce with skills required for current and future demands. Details of the focus areas are as follows:

14-  Please select a Course Title and Type of Training

15-  Select the correct type of training according to the actual type of training, or as mentioned in the training brochure:

16-  Please key in the Training Location and click Next

17-  Please select the Level of Certification and click Next

18-  Please follow the instructions and key in trainee details

19-  Click Add Batch, then click Save

20-  Click Add Trainee Details

21-  Please key in all the required details, then click Add

22-  Click Add if there are more participants. Once done, click Save

23-  Click Next

24-  Please key in the course fees and allowance details, then click Save

25-  Estimated cost includes the course fees/external trainer fees, allowances, and consumable training materials. Please comply with the HRD Corp Allowable Cost Matrix.

26-  Select Upfront Payment to Training Provider and key in the percentage from 0% to 30%. Then, click Save and Next

27-  Complete the declaration form and select a desired officer

28-  Add all the required documents, then click Add Attachment. Then, click Save and Submit Application

29-  Once the New Grant Application is successfully submitted, the Grant Officer will evaluate the application accordingly. The application may be queried if additional information is required.

The application status will be updated via the employer’s dashboard, email, and the e-TRiS inbox.

• Penetration Tester
• Ethical Hacker
• Cybersecurity Analyst
• Information Security Consultant
• Vulnerability Analyst
• Security Operations Center (SOC) Analyst
• Network Security Specialist
• IT Security Engineer
• Cybersecurity Auditor
• Compliance and Controls Analyst
• Incident Response Analyst
• Forensic Analyst
• Security Architect
• Risk Assessment Specialist
• Cyber Defense Analyst
• Application Security Engineer
• Cyber Threat Intelligence Analyst
• IT Auditor focusing on security
• Security Systems Administrator
• Information Assurance Technician

Dr. Alfred Ang: Dr. Alfred Ang is the founder of Tertiary Courses. He is a serial entrepreneur. He founded OSWeb2Design Singapore Pte Ltd in 2007 offering web development, e-commerce store development, graphics design, ebook publishing, mobile apps development, and digital marketing services. He established the first online gardening store in Singapore, Eco City Hydroponics Pte Ltd in 2000, offering a wide range of gardening products such as seeds, plant nutrients, hydroponics kits etc. Eco City Hydroponics has become the most popular and successful gardening store in Singapore. He founded Tertiary Infotech Pte Ltd in 2012 and transformed the business to a training platform, Tertiary Courses in 2014. Tertiary Courses offers a wide range of SkillsFuture courses for PMETs to upgrade their skills and knowledge. He also established Tertiary Courses Malaysia in 2016. He also founded Tertiary Robotics in 2015 offering Arduino, Raspberry Pi, Microbit and Robotics products

Dr. Alfred Ang earned his Ph.D. from National University of Singapore in 2000, majoring in Electrical and Electronics Engineering. He also completed an online MBA course with U21 Global based in Australia. He obtained his B.Sc (Hons) from National University of Singapore in 1992, majoring in Physics. He topped his Physics cohort for 3 consecutive years and funded his degree study with Book prizes, Study awards, bursaries and tuition. He has worked in Defence, Electronics and Semiconductor Industries. His current interests include Machine Learning, Deep Learning, Artificial Intelligence, Internet of Things, Robotics and Programming.

Dr. Alfred Ang was Distinguished Toastmasters (DTM) and Senior Member of IEEE. He has published more than 20 peer reviewed papers and co-inventors for more than 20 inventions.