Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

HomeCertificationsPT0-002Study Guide

CompTIA · 2026 Edition

PT0-002 Study Guide — How to Pass CompTIA PenTest+

A complete preparation guide written by CompTIA-certified engineers. Covers the exam format,all 5 blueprint domains, a week-by-week study plan, and proven tips for passing first time.

2–3 months

Prep time

Intermediate

Difficulty

85

Exam questions

750/1000

Pass mark

Exam OverviewPractice TestExam DomainsSample QuestionsStudy Guide

On this page

  1. 1. PT0-002 Exam at a Glance
  2. 2. Why Earn the PT0-002?
  3. 3. Exam Domains & Weights
  4. 4. Study Plan
  5. 5. Exam Tips
  6. 6. Practice Questions

PT0-002 Exam at a Glance

Exam code

PT0-002

Full name

CompTIA PenTest+

Vendor

CompTIA

Duration

165 minutes

Questions

85 items

Passing score

750/1000 (scaled)

Domains covered

5 blueprint domains

Recommended experience

Security+ and Network+ or 3–4 years of hands-on security and networking experience

Typical prep time

2–3 months

Why Earn the PT0-002?

PenTest+ is the only vendor-neutral penetration testing certification with both knowledge-based and performance-based questions. It satisfies DoD 8570 requirements and validates the hands-on skills required for offensive security roles.

Job roles this opens

Penetration TesterVulnerability AnalystSecurity ConsultantRed Team AnalystEthical Hacker

PT0-002 Exam Domains

Domain percentage weights are not currently available for this exam. The checklist below is still useful for planning your study.

Planning and Scoping
Information Gathering and Vulnerability Scanning
Attacks and Exploits
Reporting and Communication
Tools and Code Analysis

Detailed domain breakdown with subtopics →

PT0-002 Study Plan

Weeks 1–2

Planning and Scoping: engagement types, legal considerations, scope definition

Tip: Rules of engagement, scope documents, and written authorisation are non-negotiable on PT0-002 — questions about what a tester should do before starting always have an answer involving verifying written permission. This is never ambiguous.

Weeks 3–4

Information Gathering and Vulnerability Scanning: passive/active recon, scan types

Tip: Know the tools by name and what they do: Nmap (port/service discovery), Shodan (passive OSINT), theHarvester (email/DNS harvesting), Maltego (relationship mapping), Nessus/OpenVAS (vulnerability scanning). Questions name a tool and ask what phase it belongs to or what output to expect.

Weeks 5–7

Attacks and Exploits: network, application, wireless, social engineering attacks

Tip: Attacks and Exploits carries 30% of the exam. Cover SQL injection, XSS, buffer overflow concepts, pass-the-hash, Kerberoasting, and wireless attacks (WPA2 cracking, evil twin). You need to recognise these by description and name the correct technique.

Weeks 8–10

Reporting, Communication, Tools, and Code Analysis

Tip: Report writing is tested on PT0-002. Know the components of a penetration test report: executive summary (for stakeholders), technical findings (for engineers), risk ratings (CVSS or custom), and remediation recommendations.

PT0-002 Exam Tips

PT0-002 has performance-based questions involving command output interpretation. Know how to read Nmap output (ports, states, service versions) and basic exploit frameworks (Metasploit module structure) without running them live.

Post-exploitation techniques are tested: privilege escalation (local exploit, misconfigurations), persistence (scheduled tasks, registry run keys, cron jobs), lateral movement (PsExec, WMI, Pass-the-Hash), and pivoting (SSH tunnels, Metasploit routing).

OWASP Top 10 is directly testable. Know what each vulnerability is, what it looks like in a web request, and how to test for it. SQLi, XSS, IDOR, and SSRF are the most common question subjects.

Wireless attack tools: Aircrack-ng suite (packet capture, WEP/WPA cracking), Kismet (passive wireless discovery), and Wireshark (packet analysis). Know the difference between a deauthentication attack (forcing WPA handshake capture) and an evil twin attack.

Common scripting used in penetration testing: Bash one-liners for port sweeps, Python for custom exploit scripts, PowerShell for Windows post-exploitation. You will not write full scripts on the exam but will need to interpret short snippets.

Ready to practice PT0-002?

Apply everything in this guide with adaptive practice questions, detailed answer explanations, and domain analytics.

Free Practice TestStart Practising

PT0-002 concept guides

Deep-dive explanations of the key topics tested on PT0-002 — with exam key points and common misconceptions.

PenTest+ Methodology

Penetration testing without a methodology is just hacking.

Related Study Guides

CS0-003

CompTIA CySA+

SY0-701

CompTIA Security+

CEH

EC-Council CEH