Vulnerabilities in our technology-enabled systems and services are the Achilles heel of our extended IT networks. In 2019, CVE Details recorded 16,556 such vulnerabilities across thousands of technology products. This is a concern, as cybercriminals are opportunists: one of the main methods they use to cause data breaches and other IT resource damage is by exploiting vulnerabilities (flaws) in software.
Finding software vulnerabilities can be a complex and intensive task. It requires many skills across IT architecture, cloud and mobile computing and cybersecurity. Dedicated penetration testers (pentesters) or information security professionals with pentest skills use this combination of know-how to security test IT systems.
When carrying out a penetration test, your team must think like hackers but act like cybersecurity professionals. This is why a CompTIA PenTest+ certificate is an important way to judge the expertise and professionalism of your employees.
What is the CompTIA PenTest+ certification?
The CompTIA PenTest+ certification is designed to test the skills of those security professionals who are involved in penetration testing of IT networks and vulnerability management. Assessment is by means of hands-on, performance-based questions and multiple-choice questions.
The certification is of dual use. Not only does it test the capability of penetration testers, but it also looks at the individual’s management skills in planning, understanding of a scope of work and system weakness management.
The assessment covers everything from traditional desktops through cloud and web servers to mobile devices. The CompTIA PenTest+ meets the ISO 17024 standard.
The CompTIA PenTest+ exam is typically taken by employees with the following prerequisites:
- CompTIA Network+
- Security+ or equivalent knowledge
- Minimum of three to four years of hands-on information security or related experience.
PenTest+ is intended to follow the CompTIA Security+ or equivalent experience.
What roles need the CompTIA PenTest+ certification?
*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Susan Morrow. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/hAsHDC6IAT8/