Practice
Learn at your own pace. Answer questions one at a time with instant feedback and explanations.
Start practiceCurrent V3 penetration testing certification covering engagement management, reconnaissance and enumeration, vulnerability discovery and analysis, attacks and exploits, and post-exploitation and lateral movement.
Learn at your own pace. Answer questions one at a time with instant feedback and explanations.
Start practiceSimulate the real thing. Take a timed, full-length test and review your score and weak areas.
Sign up to startStudy your way: beyond Practice and Mock exam, choose adaptive, hard mode, ready review, objective coverage, or retry-your-misses — and set your own question count, timer, and pass mark.
CompTIA PenTest+ (PT0-003) validates current skills across the authorized penetration-testing lifecycle, from engagement management through post-exploitation, reporting, cleanup, and remediation.
Penetration testers, vulnerability analysts, security consultants, and red-team practitioners with intermediate offensive-security experience.
PenTest+ supports roles in penetration testing, vulnerability assessment, red teaming, and security consulting.
Review the official PT0-003 objectives and practice scoped, legal penetration testing across networks, applications, APIs, cloud, identity, and post-exploitation workflows.
Plan, scope, authorize, and manage penetration-testing engagements; apply rules of engagement, legal and compliance constraints, communication, documentation, reporting, remediation guidance, and professional integrity.
Perform passive and active reconnaissance, OSINT, network and service discovery, DNS and directory enumeration, cloud and wireless reconnaissance, social-engineering reconnaissance, and appropriate tool selection.
Conduct and interpret vulnerability scans and manual validation across hosts, networks, applications, APIs, cloud, containers, mobile, and specialized environments; prioritize findings and distinguish false positives.
Given authorized scenarios, select and analyze attacks against networks, authentication, hosts, web applications, APIs, cloud services, containers, wireless systems, social-engineering targets, AI-enabled systems, and physical controls.
Perform authorized privilege escalation, persistence, credential access, pivoting, lateral movement, data collection, evidence handling, cleanup, restoration, documentation, and communication while respecting engagement boundaries.
No. These are original practice questions written to match the exam objectives, each with an explanation so you actually learn the material — not exam dumps.
You answer questions one at a time with instant feedback and explanations. Over time the app adapts, prioritizing the objectives and questions you struggle with most.
A timed, full-length simulation that holds feedback until the end, then shows your score, pass/fail result, and a breakdown by objective.
Yes. Pick the study mode that fits — adaptive practice, hard mode, ready-for-review, objective coverage, or retrying questions you've missed — and set your own question count, timer, and passing score for each session.
You can try free questions for this exam without signing in. Create a free account to save your progress, track weak objectives, and unlock the full question bank.