The CompTIA PenTest+ (V3) certification validates your ability to plan, execute, and report on penetration testing engagements across modern environments from networks, web apps, APIs, to cloud and IoT.
This course equips you with hands-on, performance-based skills in vulnerability discovery, exploitation, post-exploitation, and lateral movement, enabling you to operate as a trusted penetration tester or security consultant.
Your CompTIA Training comes with the following:
• 5 Days instructor-led training
• Lab access included
• Course materials included
CompTIA PenTest+ validates the latest skills in penetration testing, vulnerability assessment, and management. It is essential for evaluating an organization’s network resilience against cyberattacks and is an intermediate-level cybersecurity certification designed for professionals who want to strengthen their offensive security capabilities through hands-on pen testing and vulnerability assessment.
- Plan and scope penetration tests
- Conduct passive reconnaissance
- Perform non-technical tests to gather information
- Conduct active reconnaissance
- Analyze vulnerabilities
- Penetrate networks
- Exploit host-based vulnerabilities
- Test applications
- Complete post-exploit tasks
- Analyze and report penetration test results
About the exam
Engagement Management
13%
- Planning and scoping: defining rules of engagement, testing windows, and target selection.
- Legal and ethical compliance: ensuring authorization letters, mandatory reporting, and adherence to regulations.
- Collaboration and communication: aligning with stakeholders through peer reviews, escalation paths, and risk articulation.
- Penetration test reports: creating reports with executive summaries, findings, and remediation recommendations.
Reconnaissance and Enumeration
21%
- Active and passive reconnaissance: gathering information using open-source intelligence (OSINT), network sniffing, and protocol scanning.
- Enumeration techniques: performing DNS enumeration, service discovery, and directory enumeration.
- Reconnaissance tools: using tools like Nmap, Wireshark, and Shodan for information gathering.
- Script modification: customizing Python, PowerShell, and Bash scripts for reconnaissance and enumeration.
Vulnerability Discovery and Analysis
17%
- Vulnerability scans: conducting authenticated, unauthenticated, static application security testing (SAST) and dynamic application security testing (DAST).
- Result analysis: validating findings, troubleshooting configurations, and identifying false positives.
- Discovery tools: using tools like Nessus, Nikto, and OpenVAS for vulnerability discovery.
Attacks and Exploits
35%
- Network attacks: performing VLAN hopping, on-path attacks, and service exploitation.
- Authentication attacks: executing brute-force attacks, pass-the-hash, and credential stuffing.
- Host-based attacks: conducting privilege escalation, process injection, and credential dumping.
- Web application attacks: performing SQL injection, cross-site scripting (XSS), and directory traversal.
- Cloud-based attacks: exploiting container escapes, metadata service attacks, and identity and access management (IAM) misconfiguration.
- AI attacks: explaining prompt injection and model manipulation against artificial intelligence systems.
Post-exploitation and Lateral Movement
14%
- Post-exploitation activities: establishing persistence, performing lateral movement, and cleaning up artifacts.
- Documentation: creating attack narratives and providing remediation recommendations.
This course is ideal for professionals who:
- Are already in IT security or audit roles and want to move into pentesting
- Want to validate their offensive security skills in modern attack surfaces
- Seek a credential that bridges theoretical knowledge with hands-on practice
Recommended Prerequisites
Recommended experience: 3 to 4 years in a penetration testing or related role, with foundational knowledge of security, networks, systems, and scripting.
Certification Exam
| Exam Codes | V3 (PT0-003) |
| Launch Date | December 17, 2024 |
| Exam Description | The CompTIA PenTest+ exam focuses on today’s best practices to communicate recommended strategies to improve the overall state of IT security including more emphasis on the practical and hands-on ability to perform tasks on systems. |
| Number of Questions | Maximum of 90 questions |
| Type of Questions | Multiple-choice and performance-based tasks |
| Length of Test | 165 Minutes |
| Passing Score | This test has no scaled score; it’s pass/fail only. |
| Recommended Experience | 3–4 years in a penetration tester job role, with Network+ and Security+ or equivalent knowledge |
EXAM OBJECTIVES (DOMAINS)
The table below lists the domains measured by this examination and the extent to which they are represented.
| Domain | Percentage of Examination |
|
1.0 Engagement management |
13% |
|
2.0Reconnaissance and enumeration |
21% |
|
3.0 Vulnerability discovery and analysis |
17% |
|
4.0 Attacks and exploits |
35% |
|
5.0 Post-exploitation and lateral movement |
14% |
|
Total |
100% |
Delivery Mode: Facilitated Classroom / Virtual Training
2025
Please email to enquiry@bridgingminds.net for course dates
Course Fee
| Course Fee w/o GST | $2,400.00 |
| Course Fee w. GST (9% effective 1st Jan 2024) | $2,616.00 |
| SME (Company Sponsored) – All Singaporean and Permanent Resident Employee | $2,616.00 |
| Singapore Citizens aged 40 years old and above | $2,616.00 |
| Singapore Citizens below 40 years old and Permanent Residents | $2,616.00 |
Exam Fee
Exam Voucher is not included in course fee above and could be purchased at $550.
Certification Body
