About This Study Plan

This 7-day study plan breaks the PENTEST (PenTest+) exam preparation into 7 focused study sessions with 28 actionable tasks. The plan covers all 5 exam domains — Engagement Management, Reconnaissance and Enumeration, Vulnerability Discovery and Analysis, Attacks and Exploits, Post-Exploitation and Lateral Movement — ensuring complete coverage. Intensive 7-day review for CompTIA PenTest+ (PT0-003) covering planning, reconnaissance, attacks, reporting, and tools.

7Study Sessions

28Total Tasks

5Domains Covered

Prerequisites

Security+ and Network+ or equivalent
5–7 hours per day

Study Schedule

Day 1Planning & Scoping

Engagement types: black box, white box, gray box
Rules of engagement, scope definition, and legal agreements
Compliance-driven testing: PCI-DSS, HIPAA penetration test requirements
Threat modeling and attack surface mapping

Day 2Information Gathering & Reconnaissance

Passive recon: OSINT, DNS lookups, WHOIS, social media
Active recon: port scanning (Nmap), service enumeration
Vulnerability scanning and analysis
Network mapping and target identification

Day 3Attacks & Exploits — Network/Systems

Network attacks: MITM, relay, sniffing, spoofing
System exploitation: buffer overflows, privilege escalation
Password attacks: brute force, dictionary, credential stuffing
Post-exploitation: lateral movement, persistence, pivoting

Day 4Attacks — Web & Wireless

Web application attacks: SQL injection, XSS, CSRF, SSRF
API attacks: broken authentication, injection, IDOR
Wireless attacks: evil twin, deauth, WPA cracking
Social engineering: phishing campaigns, pretexting

Day 5Reporting & Communication

Report structure: executive summary, findings, risk ratings
Remediation recommendations and prioritization
Communication during engagement: findings deconfliction
Post-engagement cleanup and evidence handling

Day 6Tools & Practice Exam

Key tools: Nmap, Metasploit, Burp Suite, Hashcat, Wireshark
Scripting: Python and Bash for automation
Take a full timed practice exam
Review incorrect answers and tool associations

Day 7Final Review

Tool-to-task mapping review
Attack methodology cheat sheet
Quick flashcard pass
Rest before exam

Study Tips

💡

Know which tool to use for each phase of a penetration test.

💡

Understand the difference between vulnerability assessment and penetration testing.

💡

Practice reading Nmap and Burp Suite output.

Recommended CompTIA Study Resources

Supplement this study plan with the official CompTIA CertMaster labs and practice tests. Download the free exam objectives PDF from CompTIA's website and use it as a checklist — cross off each objective as you master it. Professor Messer's free video series covers every CompTIA exam objective and is widely regarded as one of the best free resources available.