Similar to my Security+ and eJPT post I wanted to create a post talking about my experience studying and passing the CompTIA PenTest+. I should note that I took the PT0-001.
Coming off the Security+ I dove into studying for PenTest+. I started off downloading the objectives from the CompTIA site and similar to how I studied for the Security+, I went down each objective and started to figure out where I was strong and where I was lacking.
I highly encourage anyone taking a CompTIA exam or any exam in general to download the objectives and what is expected to be known for the exam. I feel this is something that gets lost as I often get the common question “what is on the exam”. If you know the objectives you should be fine for the exam.
Resources I used
TryHackMe
TryHackMe has a great Pathway to help get hands on experience with objectives listed by CompTIA. I did the Path TWICE and it did help me a lot. I walked away learning a lot and with hands on practice, got a good idea of how to approach questions on the exam. At the time of writing this post if you complete the Pathway you also get a 10% discount off buying an exam voucher!
Udemy Courses
I used two Udemy Courses while studying. Jason Dion’s CompTIA Security+ (SY0-601) Complete Course and Michael Solomon’s CompTIA PenTest+ (Ethical Hacking) course. Get them when they are on sale. They go on sale a lot just like any other Udemy course.
I used Jason Dion’s Security+ 601 course a while back to study for the Security+ and his PenTest+ course was just as good. I learned a lot and found it to be useful. I came across Michael Solomon’s course while it was on sale and decided to pick it up and I found it did a nice job complementing Jason Dion’s course.
I would like to point out that I like to use multiple resources when I study. I don’t think using one source is a good idea as you could be missing out on some details about an objective listed on the exam. Try and use multiple resources when learning.
Also pick up the Jason Dion practice exams if you can. I think practice exams are a good way to prepare yourself for the exam experience and to test that you know the objectives.
Books
The book I recommend using is the CompTIA PenTest+ Study Guide: Exam PT0-001 1st Edition . I found it had good information and decent practice questions, although I did find some of them to be wrong. If you do practice questions and find that you are confidant in your answer, but the book says you are wrong check online to validate if it was a mistake in the book. I did find a decent amount of mistakes in the book and often got frustrated with it. I would say that was only true of a small amount of questions though. It still has some good information on a fundamental level. Don’t make it your only resource… That’s my warning.
Final Thoughts.
I did learn a lot from taking the PenTest+. I’m happy I took it and was able to pass it on my first attempt. It felt easier to me than the Security+.
My last bits of advice are:
- Make sure you are comfortable with the objectives and are taking practice exams to confirm you know them.
- Study Nmap a lot!
- Study the programming languages Python, Ruby, PowerShell, and Bash. The objectives tell you what you need to know and the video courses demonstrate them. Make sure you can at the very least read and understand them.
- Get hands on experience with the items and tools listed in the objectives.
- You got this and good luck!
I hope this post was helpful. If you have any questions, feel free to hit me up on Twitter.