Managed to pass the most recent version of the Cloud+ exam, avoiding the loss of that certification (had a February 2019 deadline). Moving on to the new PenTest+ certification exam. I did take the Pentest+ “train the trainer” class taught by T. Lee McWhorter, Jr. in June and July, but wanted to knock off the Cloud+ for certification maintenance purposes. Score was not exactly great (784/900), but a little margin of comfort above the 750 minimum score. Always questioning the value of the designated performance based questions, I did look at them but can’t really say that I spent much time trying to answer them correctly. That lack of attention probably helps explain why I did not break 800.

The  CV0-002 Score Sheet is available for viewing. As with past activities, I want to provide useful help. My initial focus on the exam was to use the e-Book titled CompTIA Cloud+ Study Guide, 2nd edition, authored by Todd Montgomery and Stephen Olson. I found the book very helpful in terms of providing an update for my study purposes. Following my usual pattern, I created a “worksheet” by copying and pasting the CV0-002 Exam Objectives into a table in a Microsoft Word document. The “worksheet” is available for download.

I’ll try to upload study aids I develop for the new PenTest+ exam. The book I’m using, with a heafty 423 pages, is the CompTIA Pentest+ Study Guide by Mike Chapple and David Seidl. An additional book that is worth having is Penetration Testing – A Hands-On Introduction to Hacking by Georgia Weidman. The “worksheet” I’ve created for this exam is available for download. From what I’ve been able to ascertain based upon forum postings, you will need to have a good handle on Nmap and other open source tools in order to have a successful experience with the exam. A good review of the PenTest+ exam is provided on the Tevora blog site, available by clicking HERE. It does a good job of comparing this exam to the EC-Council’s Certified Ethical Hacker (CEH) exam. Other exam reviews that point to study resources include those provided by Jon Wood, Alpine Security, and a video created by Motasem Hamdan.

Additional resources available on the Internet include:

• Red Team Field Manual
• Nmap Cookbook the Fat Free Guide to Network Scanning
• NetCat Tutorial
• NCat Video (compares the old NetCat to the new NCat)
• Nikto – Web Vulnerability Scanner Video
• Reverse Engineer Android Applications
• For Apple and Android devices, consider these practice test applications. The free versions only have 40 questions. The Apple IOS has a paid for version with 300 questions at a current price of $4.99.

I hope to be in a position to take the exam by late January. I need to get through it, and start focusing on the new CASP exam, as it looks as though I’ll lose that certification if I do not meet the continuing education requirements by May 15, 2019.