📞 (800) 555-2678 Sales & enrollment, Mon–Fri
BoosteLearning IT Certification Training · Live Labs
Free Trial Contact Sales
CompTIA Ethical Hacking

CompTIA PenTest+ (PT0-003) Online Training & Certification Prep

CompTIA PenTest+ PT0-003 is the only vendor-neutral penetration testing certification that covers both the technical conduct of assessments and the planning, scoping, and reporting skills required for professional engagements. Boost eLearning delivers PenTest+ prep through Live Labs, Certified Partner instructors, and our Pass Guarantee.

Pass Guarantee Live Labs Available SCORM / xAPI CompTIA Aligned
CompTIA PenTest+ (PT0-003) Online Training & Certification Prep

Course Overview

CompTIA PenTest+ (PT0-003) is the current version of CompTIA’s penetration testing certification, updated in 2024 to reflect the shift towards cloud-native infrastructure, AI-augmented attack techniques, and the expanded scope of modern enterprise engagements. It covers the complete penetration testing lifecycle: engagement scoping, reconnaissance, exploitation, post-exploitation, and professional reporting.

PenTest+ occupies a distinct space in the certification landscape. Where OSCP is a pure practical exam and CEH is a broad knowledge survey, PenTest+ balances hands-on performance-based questions with multiple-choice items and explicitly tests planning, scoping, and compliance knowledge that practitioners need to conduct professional engagements. It is recognised by the US Department of Defense under 8140 and is DoD-approved for both cyberspace effects and exploitation analyst roles.

The PT0-003 update introduces significant new content: generative AI tools used in both attack and defence contexts, expanded cloud penetration testing (AWS, Azure, GCP), updated Active Directory attack techniques, modern evasion and obfuscation methods, and revised reporting standards. Boost’s course materials are fully aligned to the PT0-003 objectives released for the current exam version.

Boost’s Certified Partner instructors bring real engagement experience to each module — not just exam-objective coverage. Learners use Boost Live Labs to execute the attacks they study: scanning, exploitation, web application testing, Active Directory compromise, and cloud infrastructure assessment, all on persistent lab targets with no local infrastructure required.

PenTest+ is an efficient credential for security professionals who need a vendor-neutral, DoD-recognised certification that demonstrates both technical skill and the professional judgement required for client-facing penetration testing work.

What You'll Learn

  • Define engagement scope, rules of engagement, and legal authorisation frameworks for penetration testing contracts
  • Conduct passive and active reconnaissance using OSINT techniques, DNS analysis, and network scanning
  • Perform vulnerability scanning and manual validation to distinguish true positives from false positives
  • Exploit network services, web applications, and wireless infrastructure in controlled lab environments
  • Execute Active Directory attacks including Kerberoasting, credential dumping, and lateral movement
  • Perform cloud infrastructure penetration testing against misconfigured AWS, Azure, and GCP resources
  • Apply evasion and obfuscation techniques to bypass common endpoint and network defences
  • Conduct post-exploitation activities including persistence, pivoting, and data exfiltration simulation
  • Write professional penetration test reports with executive summaries, technical findings, and CVSS-scored recommendations
  • Use AI-assisted attack tools and understand their implications, as covered in PT0-003 updated objectives
  • Map findings to compliance frameworks (NIST, PCI DSS, HIPAA) in client-facing deliverables

Who This Course Is For

  • Security analysts and vulnerability management professionals moving into offensive testing
  • Penetration testers seeking a vendor-neutral, DoD-recognised credential
  • Network and systems administrators who conduct internal security assessments
  • Security consultants who need to demonstrate professional engagement and reporting competency
  • CompTIA Security+ or CySA+ holders progressing along the CompTIA cybersecurity pathway
  • GRC and compliance professionals who need working knowledge of penetration test methodology

Course Outline

Engagement Planning, Scoping & Ethics3 hours
  • Rules of engagement, statement of work, and authorisation letters
  • Scoping decisions: black box, grey box, white box
  • Legal considerations: CFAA, Computer Misuse Act, GDPR in testing contexts
  • PT0-003 exam format: performance-based questions (PBQs) and multiple-choice structure
Reconnaissance & Information Gathering4 hours
  • OSINT techniques: WHOIS, Shodan, Censys, LinkedIn reconnaissance
  • DNS enumeration: zone transfers, subdomain brute-forcing with Amass and Subfinder
  • Active scanning with Nmap: host discovery, service detection, NSE scripts
  • Network topology mapping and asset inventory
Vulnerability Scanning & Analysis3 hours
  • Nessus, OpenVAS, and Qualys scan configuration and interpretation
  • CVSS scoring and prioritising findings for reporting
  • Manual validation: distinguishing true positives from scanner noise
  • Web application scanning with Nikto and OWASP ZAP
Network & System Exploitation5 hours
  • Metasploit Framework: module selection, payload generation, handler setup
  • Exploitation of common network services: SMB (EternalBlue context), SSH, RDP
  • Password attacks: spraying, stuffing, and hash cracking with Hashcat
  • Physical security and social engineering in scope-permitted tests
Web Application Penetration Testing5 hours
  • OWASP Top 10 applied: injection, broken authentication, IDOR, XXE, SSRF
  • Manual testing with Burp Suite: intercepting, repeating, and fuzzing requests
  • Authentication bypass and JWT manipulation
  • API security testing: REST and GraphQL endpoints
Active Directory & Network Post-Exploitation4 hours
  • BloodHound AD enumeration and attack-path analysis
  • Kerberoasting, AS-REP roasting, and Pass-the-Hash with Impacket
  • Lateral movement: WMI, PSExec, SMB shares
  • Pivoting with SSH tunnels and proxychains across segmented networks
Cloud Penetration Testing (AWS, Azure, GCP)4 hours
  • Cloud attack surface: IAM misconfigurations, exposed storage, metadata endpoints
  • AWS-specific attacks: SSRF to IMDSv1, S3 bucket enumeration, role assumption chains
  • Azure enumeration with AzureHound and ROADtools
  • Container and serverless function attack vectors
Evasion, Reporting & PT0-003 Exam Prep4 hours
  • AV and EDR evasion: obfuscation, encoding, and living-off-the-land binaries (LOLBins)
  • AI-assisted attack techniques covered in PT0-003 updated objectives
  • Writing professional findings: CVSS scores, remediation recommendations, executive summary
  • Performance-based question (PBQ) walkthroughs and timed practice exam session

About the Certification Exam

Exam code
PT0-003
Length
165 minutes
Questions
Maximum 85 questions (multiple-choice and performance-based)
Passing score
750 on a scale of 100u2013900
Exam cost
~$404 USD
Where
Pearson VUE test centres or online remote proctoring

The certification exam fee is paid separately to the testing provider and is not included in the course price unless stated otherwise.

Live Labs Included

Hands-on practice on real environments

This course includes Live Labs — direct access to real hardware and cloud environments so you build the skills the exam actually tests.

  • Array
  • Array
  • Array
  • Array
  • Array

Pass Guarantee Included

Complete this course and if you don't pass the certification exam on your first attempt, we'll refund your course fee or give you a free retake — your choice.

Read the guarantee →

Frequently Asked Questions

PT0-003 (released 2024) adds new objectives covering generative AI in offensive security, expanded cloud penetration testing across AWS, Azure, and GCP, updated Active Directory attack techniques, and modern evasion methods. It also refines the reporting domain to reflect current professional standards. All Boost materials align to PT0-003.
PenTest+ is a mixed-format exam (multiple-choice plus performance-based questions) covering planning, scoping, compliance, and technical execution. OSCP is a 24-hour fully practical exam requiring live machine compromise. PenTest+ is broader in scope and DoD-recognised; OSCP is considered the stronger demonstration of pure exploitation skill. They serve different purposes and many professionals hold both.
Yes. CompTIA PenTest+ is a DoD 8140-approved baseline certification for the Cyberspace Effects and Exploitation Analyst work roles, among others.
CompTIA recommends Network+, Security+, and three to four years of hands-on information security experience before attempting PenTest+. It is not a formal entry-level certification.
PBQs present a simulated lab environment or tool interface within the exam. You are asked to complete a task — such as interpreting Nmap output, identifying a vulnerability in a code snippet, or configuring a scan — rather than selecting a multiple-choice answer. Boost's PBQ Simulation Lab is specifically designed to practice these question types under timed conditions.
Students who complete all course modules, pass all in-course assessments, and do not pass PT0-003 on their first attempt receive a full refund of their Boost course fee. Full guarantee terms are provided at enrolment.
CompTIA certifications are valid for three years. PenTest+ can be renewed by earning 30 Continuing Education Units (CEUs) through approved activities, or by passing a current CompTIA exam in the same or higher certification tier.

Related Certifications

EC-Council
Certified Ethical Hacker (CEH) Online Training & Certification Prep
40 hours
OffSec
OffSec Certified Professional (OSCP) Online Training & Certification Prep
90 hours

Related Reading