About This Study Plan
This 90-day study plan breaks the PENTEST (PenTest+) exam preparation into 3 focused study sessions with 12 actionable tasks. The plan covers all 5 exam domains — Engagement Management, Reconnaissance and Enumeration, Vulnerability Discovery and Analysis, Attacks and Exploits, Post-Exploitation and Lateral Movement — ensuring complete coverage. Comprehensive 90-day plan for CompTIA PenTest+ (PT0-003).
Prerequisites
- Network+ and Security+ recommended
- 1–2 hours per day
Study Schedule
- Weeks 1–2: Penetration testing methodology, engagement types, legal considerations
- Week 3: OSINT, passive recon, DNS enumeration
- Week 4: Active scanning with Nmap, service enumeration, vulnerability scanning
- End of month: Reconnaissance quiz and lab practice
- Week 5: Network exploitation — Metasploit, privilege escalation
- Week 6: Web application attacks — Burp Suite, SQLi, XSS
- Week 7: Wireless and social engineering attacks
- Week 8: Post-exploitation, pivoting, persistence, and data exfiltration
- Week 9: Report writing, risk ratings, remediation, and scripting
- Week 10: Hands-on CTF challenges and PBQ practice
- Week 11: Full practice exam #1 + detailed review
- Week 12: Practice exam #2, tool review, and final prep
Study Tips
Complete at least 20 CTF challenges on TryHackMe or HackTheBox.
Practice writing findings with CVSS ratings and remediation steps.
Know Python/Bash basics — scripting questions appear on the exam.
Recommended CompTIA Study Resources
Supplement this study plan with the official CompTIA CertMaster labs and practice tests. Download the free exam objectives PDF from CompTIA's website and use it as a checklist — cross off each objective as you master it. Professor Messer's free video series covers every CompTIA exam objective and is widely regarded as one of the best free resources available.
Ready to Practice?
Put your study plan into action with PenTest+ practice questions.