Overview

The CompTIA CNVP is an invaluable certification specifically crafted for IT professionals with 2 to 5 years of experience. This stackable program provides the course materials required to not only earn your Security+ and PenTest+ certifications, but also allows you to excel in your knowledge as a cybersecurity specialist. The CompTIA CNVP is an invaluable certification specifically crafted for IT professionals with 2 to 5 years of experience. This stackable program provides the course materials required to not only earn your Security+ and PenTest+ certifications, but also allows you to excel in your knowledge as a cybersecurity specialist. The CompTIA CSIS is a progressive certification in the IT field that was crafted by CompTIA. It is ideal for those with 0-2 years of experience who are looking to upskill. At TOIT, we offer an extensive Certification Path which comes bundled with educative materials and preparing you to pass the three exams;CompTIA A+, Comptia Network+ and Comptia Security+. IT professionals with 2-5 years of experience can gain the valuable CompTIA CCAP certification by following their Certification Path. This comprehensive study guide will provide you with all the essential learning materials and advice needed to ace both your CompTIA Network+ and Cloud+ exams, giving you a competitive edge in today’s ever-evolving tech industry. Are you an IT professional looking to enhance your knowledge of secure cloud environments? You may work as a consultant, technical services provider, or cloud architect today. Our CompTIA Cloud+ Essential IT training program is for you if you are. Our program is a great starting point to jumpstart your IT training and enhance your cloud computing skills. The CompTIA A+ 220-1001 & 220-1002 training for the Core Series covers topics that are growing in IT support, including expanded content on security baselines and a different way of assessing competence in operational procedures. TOIT’s online learning environment is ideal for those with a busy schedule, offering convenience and flexibility, study when you want.

Your Training Instructor

Chrys Thorsen

Education and Technology Expert

Chrys is an education and technology expert who specializes in enterprise-level IT infrastructure consulting and certified training-of-trainers. In her career, she has garnered 35 IT Certifications including Cisco CCSI/CCNP, CISSP, CISA, MCSE/MCITP, and many more. She has also authored 40 published certification textbooks and is currently working on the new CompTIA PenTest+ courseware.

  • 55 Traning Hours
  • 296 Videos
  • 27 Topics
  • 498 Practice Questions

The CompTIA CNVP is a stackable certification by CompTIA. It is designed for IT professionals and Operations Specialist with 2 to 5 years of experience. The TOIT Certification Path for the CompTIA CNVP certification consists of the learning materials to allow you to study for and pass the CompTIA Security+ and CompTIA PenTest+ certification exams.

Completing this path and passing the two certification exam means you end of with two CompTIA certifications and are a designated a CompTIA Network Vulnerability Assessment Professional (CNVP).

The two courses contained in this path are:

  • CompTIA Security+
  • CompTIA PenTest+

Upon successfully passing the applicable exams provided by CompTIA, you will earn the CNVP certification badge.

For more information on CompTIA Stackable Certifications, visit the CompTIA website. Pricing charged by CompTIA varies by exam. For details on current pricing, visit CompTIA Pricing on their website.

Frequently Asked Questions About CompTIA Network Vulnerability Assessment Professional (CNVP)

What is the CompTIA CNVP certification?

The CompTIA CNVP (Network Vulnerability Assessment Professional) is a stackable certification specifically designed for IT professionals with 2 to 5 years of experience. The certification equips learners with the knowledge and skills required to scan applications and systems to identify vulnerabilities, enhancing their expertise as cybersecurity specialists.

What courses are included in the TOIT’s CompTIA CNVP certification path?

The TOIT’s CompTIA CNVP certification path includes two courses: CompTIA Security+ and CompTIA PenTest+. Successfully passing the exams associated with these courses qualifies you as a CompTIA Network Vulnerability Assessment Professional​.

What skills will I acquire from the CompTIA CNVP certification?

The CompTIA CNVP certification covers a broad range of skills, including Access Control, Application Security, Cryptography, Network Security, Penetration Testing, Reconnaissance, Risk Management, Security Exploits, and Vulnerability Assessment.

How many hours of training does the TOIT’s CompTIA CNVP certification path provide?

The TOIT’s CompTIA CNVP certification path provides 55 hours of training, which includes 296 videos covering 27 topics and 498 practice questions​.

How can I access the CompTIA CNVP certification path training on TOIT?

You can access the CompTIA CNVP certification path training and over 2,500 hours of on-demand content with the TOIT’s All Access Monthly Subscription. You can start with a 7-day free trial, and there’s no obligation to continue; you can cancel anytime​.

What are the prerequisites for earning the CompTIA CNVP certification?

To earn the CompTIA CNVP certification, you need to pass the exams for the CompTIA Security+ and CompTIA PenTest+ certifications.

CompTIA PenTest+ (PT0-001) Course Outline

Module 1 – The Pen Test Engagement

  •    Module 1 Notes

  •    1.0 PenTest Plus Introduction

  •    1.1 PenTest Plus Topics

  •    1.2 PenTest Engagement

  •    1.3 Threat Modeling

  •    1.4 Technical Constraints

  •    1.5 PenTest Engagement Review

  •    1.6 Examining PenTest Engagement Documents Act
Module 2 – Passive Reconnaissance

  •    Module 2 Notes

  •    2.1 Passive Reconnaissance part1

  •    2.2 WHOIS Act

  •    2.3 Passive Reconnaissance part2

  •    2.4 Google Hacking Act

  •    2.5 Passive Reconnaissance part3

  •    2.6 DNS Querying Act

  •    2.7 Passive Reconnaissance part4

  •    2.8 Email Server Querying Act

  •    2.9 SSL-TLS Cerfificates

  •    2.10 Shodan Act

  •    2.11 The Havester

  •    2.12 TheHarvester Act

  •    2.13 Recon-ng

  •    2.14 Recon-g Act

  •    2.14 Recon-ng-Part-2-API-key Act

  •    2.15 Maltego

  •    2.16 Have I been Pwned

  •    2.17 Punked and Owned Pwned Act

  •    2.18 Fingerprinting Organization with Collected Archives

  •    2.19 FOCA Act

  •    2.20 Findings Analysis Weaponization

  •    2.21 Chp 2 Review
Module 3 – Active Reconnaissance

  •    Module 3 Notes

  •    3.1 Active Reconnaissannce

  •    3.2 Discovery Scans Act

  •    3.3 Nmap

  •    3.4 Nmap Scans Types Act

  •    3.5 Nmap Options

  •    3.6 Nmap Options Act

  •    3.7 Stealth Scans

  •    3.8 Nmap Stealth Scans Act

  •    3.9 Full Scans

  •    3.10 Full Scans Act

  •    3.11 Packet Crafting

  •    3.12 Packet Crafting Act

  •    3.13 Network Mapping

  •    3.14 Metasploit

  •    3.15 Scanning with Metasploit Act

  •    3.16 Enumeration

  •    3.17 Banner Grabbing Act

  •    3.18 Windows Host Enumeration

  •    3.19 Winddows Host Enumeration Act

  •    3.20 Linux Host Enumeration

  •    3.21 Linux Host Enumeration Act

  •    3.22 Service Enumeration

  •    3.23 Service Enumeration Act

  •    3.24 Network Shares

  •    3.25 SMB Share Enumeration Act

  •    3.26 NFS Network Share Enumeration

  •    3.27 NFS Share Enumeration Act

  •    3.28 Null Sessions

  •    3.29 Null Sessions Act

  •    3.30 Website Enumeration

  •    3.31 Website Enumeration Act

  •    3.32 Vulnerability Scans

  •    3.33 Compliance Scans Act

  •    3.34 Credentialed Non-credentialed Scans

  •    3.35 Using Credentials in Scans Act

  •    3.36 Server Service Vulnerability Scan

  •    3.37 Vulnerability Scanning Act

  •    3.38 Web Server Database Vulnerability Scan

  •    3.39 SQL Vulnerability Scanning Act

  •    3.40 Vulnerability Scan Part 2 OpenVAS Act

  •    3.41 Web App Vulnerability Scan

  •    3.42 Web App Vulnerability Scanning Act

  •    3.43 Network Device Vulnerability Scan

  •    3.44 Network Device Vuln Scanning Act

  •    3.45 Nmap Scripts

  •    3.46 Using Nmap Scripts for Vuln Scanning Act

  •    3.47 Packet Crafting for Vulnerbility Scans

  •    3.48 Firewall Vulnerability Scans

  •    3.49 Wireless Access Point Vunerability

  •    3.50 Wireless AP Scans Act

  •    3.51 WAP Vulnerability Scans

  •    3.52 Container Security issues

  •    3.53 How to Update Metasploit Pro Expired Trial License
Module 4 – Physical Security

  •    Module 4 Notes

  •    4.1 Physical Security

  •    4.2 Badge Cloning Act

  •    4.3 Physical Security Review
Module 5 – Social Engineering

  •    Module 5 Notes

  •    5.1 Social Engineering

  •    5.2 Using Baited USB Stick Act

  •    5.3 Using Social Enginnering to Assist Attacks

  •    5.4 Phishing Act

  •    5.5 Social Engineering Review
Module 6 – Vulnerability Scan Analysis

  •    Module 6 Notes

  •    6.1 Vulnerbility Scan Analysis

  •    6.2 Validating Vulnerability Scan Results Act

  •    6.3 Vulnerbility Scan Analysis Review
Module 7 – Password Cracking

  •    Module 7 Notes

  •    7.1 Password Cracking

  •    7.2 Brute Force Attack Against Network Service Act

  •    7.3 Network Authentication Interception Attack

  •    7.4 Intercepting Network Authentication Act

  •    7.5 Pass the Hash Attacks

  •    7.6 Pass the Hash Act

  •    7.7 Password Cracking Review
Module 8 – Penetrating Wired Networks

  •    Module 8 Notes

  •    8.1 Penetrating Wired Network

  •    8.2 Sniffing Act

  •    8.3 Eavesdropping

  •    8.4 Eavesdropping Act

  •    8.5 ARP Poisoning

  •    8.6 ARP Poisoning Act

  •    8.7 Man In The Middle

  •    8.8 MITM Act

  •    8.9 TCP Session HiJacking

  •    8.10 Server Message Blocks SMB Exploits

  •    8.11 SMB Attack Act

  •    8.12 Web Server Attacks

  •    8.13 FTP Attacks

  •    8.14 Telnet Server Attacks

  •    8.15 SSH Server Attacks

  •    8.16 Simple Network Mgmt Protocol SNMP

  •    8.17 Simple Mail Transfer Protocol SMTP

  •    8.18 Domain Name System DNS Cache Poisoning

  •    8.19 Denail of Service Attack DoS-DDoS

  •    8.20 DoS Attack Act

  •    8.21 VLAN Hopping Review
Module 9 – Penetrating Wireless Networks

  •    Module 9 Notes

  •    9.1 Penetrating Wireless Networks

  •    9.2 Jamming Act

  •    9.3 Wireless Sniffing

  •    9.4 Replay Attacks

  •    9.5 WEP Cracking Act

  •    9.6 WPA-WPA2 Cracking

  •    9.7 WAP Cracking Act

  •    9.8 Evil Twin Attacks

  •    9.9 Evil Twin Attack Act

  •    9.10 WiFi Protected Setup

  •    9.11 Bluetooth Attacks

  •    9.12 Penetrating Wireless Networks
Module 10 – Windows Exploits

  •    Module 10 Notes

  •    10.1 Windows Exploits

  •    10.2 Dumping Stored Passwords Act

  •    10.3 Dictionary Attacks

  •    10.4 Dictionary Attack Against Windows Act

  •    10.5 Rainbow Table Attacks

  •    10.6 Credential Brute Force Attacks

  •    10.7 Keylogging Attack Act

  •    10.8 Windows Kernel

  •    10.9 Kernel Attack Act

  •    10.10 Windows Components

  •    10.11 Memory Vulnerabilities

  •    10.12 Buffer Overflow Attack Act

  •    10.13 Privilegde Escalation in Windows

  •    10.14 Windows Accounts

  •    10.15 Net and WMIC Commands

  •    10.16 Sandboxes
Module 11 – Linux Exploits

  •    Module 11 Notes

  •    11.1 Linux Exploits

  •    11.2 Exploiting Common Linux Features Act

  •    11.3 Password Cracking in Linux

  •    11.4 Cracking Linux Passwords Act

  •    11.5 Vulnerability Linux

  •    11.6 Priviledge Escalation Linux

  •    11.7 Linux Accounts

  •    11.8 Linux Exploits Review
Module 12 – Mobile Devices

  •    Module 12 Notes

  •    12.1 Mobile Devices

  •    12.2 Hacking Android Act

  •    12.3 Apple Exploits

  •    12.4 Moblie Devices Review
Module 13 – Specialized Systems

  •    Module 13 Notes

  •    13.1 Specialized Systems

  •    13.2 Specialized Systems Review
Module 14 – Scripts

  •    Module 14 Notes

  •    14.1 Scripts

  •    14.2 Powershell

  •    14.3 Python

  •    14.4 Ruby

  •    14.5 Common Scripting Elements

  •    14.6 Scripts Review

  •    14.7 Better Ping Sweep

  •    14.8 Simple Port Scanner2

  •    14.9 Multitarget Port Scanner

  •    14.10 Port Scanner with Nmap

  •    14.11 Scripts Review
Module 15 – Application Testing

  •    Module 15 Notes

  •    15.1 Application Testing

  •    15.2 Reverse Engineering
Module 16 – Web App Exploits

  •    Module 16 Notes

  •    16.1 Webb App Exploits

  •    16.2 Injection Attacks

  •    16.3 HTML Injection

  •    16.4 SQL Hacking – SQLmap Act

  •    16.5 Cross-Site Attacks

  •    16.6 Cross-Site Request Forgery

  •    16.7 Other Web-based Attacks

  •    16.8 File Inclusion Attacks

  •    16.9 Web Shells

  •    16.10 Web Shells Review
Module 17 – Lateral Movement

  •    Module 17 Notes

  •    17.1 Lateral Movement

  •    17.2 Lateral Movement with Remote Mgmt Services

  •    17.3 Process Migration Act

  •    17.4 Passing Control Act

  •    17.5 Pivoting

  •    17.6 Tools the Enable Pivoting

  •    17.7 Lateral Movement Review
Module 18 – Persistence

  •    Module 18 Notes

  •    18.1 Persistence

  •    18.2 Breeding RATS Act

  •    18.3 Bind and Reverse Shells

  •    18.4 Bind Shells Act

  •    18.5 Reverse Shells

  •    18.6 Reverse Shells Act

  •    18.7 Netcat

  •    18.8 Netcat Act

  •    18.9 Scheduled Tasks

  •    18.10 Scheduled Tasks Act

  •    18.11 Services and Domains

  •    18.12 Persistence Review
Module 19 – Cover Your Tracks

  •    Module 19 Notes

  •    19.1 Cover Your Tracks

  •    19.2 Cover Your Tracks – Timestomp Files Act

  •    19.3 Cover Your Tracks – Frame the Administrator Act

  •    19.4 Cover Your Tracks – Clear the Event Log Act

  •    19.5 Cover Your Tracks Review
Module 20 – The Report

  •    Module 20 Notes

  •    20.1 The Report

  •    20.2 The Report Review
Module 21 – Post Engagement Cleanup

  •    Module 21 Notes

  •    21.1 Post Engagement Cleanup_1

  •    21.3 Post Engagement Cleanup Review

  •    21.4 PenTest Plus Conclusion.mp4

CompTIA Security+ SY0-501 Course Outline

Module 1: Threats, Attacks and Vulnerabilities

  •    Module 1 Workbook

  •    Introduction

  •    Types Of Malware-Part 1

  •    Types Of Malware-Part 2

  •    Types Of Attacks-Part 1

  •    Types Of Attacks-Part 2

  •    Types Of Attacks-Part 3

  •    Types Of Attacks-Part 4

  •    Types Of Attacks-Part 5

  •    Threat Actors-Part 1

  •    Threat Actors-Part 2

  •    Penetration Testing And Vulnerability Scanning-Part 1

  •    Penetration Testing And Vulnerability Scanning-Part 2

  •    Impact Of Vulnerabilities-Part 1

  •    Impact Of Vulnerabilities-Part 2
Module 2: Technologies and Tools

  •    Module 2 Workbook

  •    Networking Hardware And Software-Part 1

  •    Networking Hardware And Software-Part 2

  •    Networking Hardware And Software-Part 3

  •    Networking Hardware And Software-Part 4

  •    Networking Hardware And Software-Part 5

  •    Networking Hardware And Software-Part 6

  •    Security Assessment-Part 1

  •    Security Assessment-Part 2

  •    Troubleshooting Issues-Part 1

  •    Troubleshooting Issues-Part 2

  •    Securing Mobile Devices-Part 1

  •    Securing Mobile Devices-Part 2

  •    Securing Mobile Devices-Part 3

  •    Securing Mobile Devices-Part 4

  •    Secure Protocols-Part 1

  •    Secure Protocols-Part 2
Module 3: Architecture and Design

  •    Module 3 Workbook

  •    Secure Network Architecture-Part 1

  •    Secure Network Architecture-Part 2

  •    Secure System Designs-Part 1

  •    Secure System Designs-Part 2

  •    Secure Staging Deployment Concepts

  •    Embedded Systems-Part 1

  •    Embedded Systems-Part 2

  •    Application Development And Deployment-Part 1

  •    Application Development And Deployment-Part 2

  •    Application Development And Deployment-Part 3

  •    Physical Security Controls-Part 1

  •    Physical Security Controls-Part 2

  •    Physical Security Controls-Part 3

  •    Cloud Virtualization-Part 1

  •    Cloud Virtualization-Part 2
Module 4: Identity and Access Management

  •    Module 4 Workbook

  •    Identity And Access Management-Part1

  •    Identity And Access Management-Part2

  •    Identity And Access Services-Part1

  •    Identity And Access Services-Part2

  •    Management Controls-Part1

  •    Management Controls-Part2

  •    Account Management Practices-Part1

  •    Account Management Practices-Part2

  •    Account Management Practices-Part3
Module 5: Risk Management

  •    Module 5 Workbook

  •    Organizational Security-Part1

  •    Organizational Security-Part2

  •    Business Impact Analysis Concepts-Part1

  •    Business Impact Analysis Concepts-Part2

  •    Risk Management-Part1

  •    Risk Management-Part2

  •    Incident Response Procedures-Part1

  •    Incident Response Procedures-Part2

  •    Forensics-Part1

  •    Forensics-Part2

  •    Disaster Recovery-Part1

  •    Disaster Recovery-Part2

  •    Types Of Control-Part1

  •    Types Of Control-Part2

  •    Data Security And Privacy Practices-Part1

  •    Data Security And Privacy Practices-Part2
Module 6: Cryptography and PKI

  •    Module 6 Workbook

  •    Cryptographic Basics-Part1

  •    Cryptographic Basics-Part2

  •    Cryptographic Basics-Part3

  •    Cryptographic Algorithms-Part1

  •    Cryptographic Algorithms-Part2

  •    Wireless Security-Part1

  •    Wireless Security-Part2

  •    Implementing PKI-Part1

  •    Implementing PKI-Part2

  •    Implementing PKI-Part3

  •    Conclusion