Preparing for CompTIA PenTest+

It was recommended to me by my local cybersecurity community (DC864) that the CompTIA PenTest+ certification is a desirable first step in my cybersecurity journey. CompTIA is certainly a well known certifier in the IT industry. Their certifications bear a fair amount of weight for employers when considering talented professionals in IT and Cybersecurity. Not only will the content prepare you for you career in pentesting, the certification will also open many doors and get you past the HR gatekeepers.

My intent for this story is to explain what resources I’m using to prepare for the exam, and in subsequent stories I will walk through my preparation. I hope this will also help you in your studies!

When I study for certifications I like to have four things: study guides, preferably official cert guides; video courses; practical labs; flash cards. To that end, here is my list:

• Study guide by MikeMike Chapple and David Seidl, CompTIA PenTest+ Study Guide, 2nd Edition.
• CompTIA Pentest+ (Ethical Hacking) Course & Practice Exam on Udemy
• TryHackMe’s CompTIA PENTEST+ learning path. Also check out the Complete Beginner and Pre Security learning paths
• Flashcards: The study guide above comes with flashcards that I transposed into Anki. I also created my own list of all Nmap options.

To keep costs low, I researched my local library system to see if any books or resources are available. I didn’t find any official CompTIA study guides to check out, but my library offered free access to O’Reilly for Public Libraries and LinkedIn Learning. Both are excellent sources for online training and publications.

Unfortunately, I didn’t find many good options for video content through the library. Mostly, the content was focused on the older PT0–001 exam which retired on April 26th, 2022. To find content for the new PT0–002 exam I sought other, non-free resources for online training. I looked to Udemy and found a good course focused on PT0–002. The great thing about Udemy is the sales! Udemy offers sales frequently and you can get a steep discount if the time is right. And, on Udemy, the time is almost always right! Not a sale going on when you search Udemy? Just wait five minutes.

For the practical side of preparation, I found TryHackMe. Many of the rooms on TryHackMe are free. However, if you find a room you are interested in that’s not free, monthly subscriptions are only $10! They also offer access to virtual machines to attack, and attack with, so you don’t have to spend money on hardware (unless you want to!). There are several curated “learning paths” to help compile rooms to address specific topics related to offensive security.

If you’re like me and use flashcards for your studies, checkout Anki. I utterly love this tool. How the flashcards are presented and curated is very effective and easy to use. I also like how they use a progressive queue to determine when a card is presented to you. The more you demonstrate you know a card, it extends the period when you’ll see the card again. It gives you enough time to possibly forget the card, making it that much harder to remember, which helps to ingrain the topic in your memory. Oh, did I mention it’s free? You can also download decks of flashcards from the community and edit to your hearts content!

What do you think about these resources I’ve chosen? Please comment to let me know, and also let me know what resources you’re using!