PenTest+CompTIA PenTest+
Vendor-neutral penetration testing and vulnerability management
Exam details independently verified January 2026
About this certification
CompTIA PenTest+ validates hands-on penetration testing and vulnerability assessment skills. It covers all stages of a pen test including planning, scanning, exploitation, reporting, and remediation recommendations.
MyCertPath verdict
CompTIA's vendor-neutral pentesting cert — useful for breadth and HR keyword coverage, but the industry generally rates OSCP higher for proving you can actually pentest. PenTest+ is a reasonable bridge: deeper than CEH, broader and more business-aware than OSCP.
What it actually tests
Up to 85 questions in 165 minutes, with PBQs that include code analysis, tool-selection scenarios, and report-writing tasks. The exam covers the full engagement lifecycle — planning, recon, exploitation, reporting — rather than only the exploitation phase.
Common traps
Things candidates underestimate or get wrong on this exam.
- Skipping planning, scoping, and reporting — they're heavily tested while candidates focus on hacking.
- Studying only tools. PenTest+ tests methodology and decision-making, not just syntax.
- Not practicing report writing — PBQs include report-related tasks.
What you'll validate
- ✓Penetration testing planning
- ✓Information gathering
- ✓Attacks and exploits
- ✓Reporting and remediation
- ✓Tools and scripting
Pros & Cons
Advantages
- +DoD 8570 approved for CSSP-analyst roles
- +Vendor-neutral approach
- +Covers full pentest lifecycle
Disadvantages
- −Less respected in pentest community than OSCP
- −Relatively newer cert
Who it's for
Best for
- →Security+ holders moving into offensive security
- →Government/DoD pentest roles
Not ideal for
- ×Those seeking the most respected pentest credential (look at OSCP)
Career paths this unlocks
Study Resources
Affiliate links — we may earn a commissionTop picks for PenTest+
Register for the exam
Official vouchers — watch for bundle discounts and CompTIA CertMaster bundles
More places to study
Most popular cert prep courses, often on sale for $14.99
Highest-rated practice exams for AWS, Azure, and GCP
University-backed courses from Google, IBM, DeepLearning.AI
Practice tests and hands-on labs for 30+ cert tracks
Official study guides and exam prep books
Hands-on cloud sandboxes and cert prep subscriptions
1-month free trial — includes 21,000+ cert prep courses
MyCertPath earns a commission when you purchase through these links — at no extra cost to you. We only recommend resources we'd stand behind.
Jobs for PenTest+ holders
PenTest+ holders report $10k–$30k+ salary uplift on average.
LinkedIn Jobs
Updated daily
Indeed
Dice (tech roles)
Tech-focused job board
CyberSeek (cyber only)
NIST-backed supply/demand tool
Job links open external sites. Search results are live and not curated by MyCertPath.
Quick Facts
- Exam Cost
- $392
- Exam Duration
- 165 minutes
- Questions
- ~85
- Passing Score
- 750/900
- Exam Format
- Multiple Choice + Performance
- Study Time
- ~150 hours
- Validity
- 3 years
- Salary Impact
- Strong ($10k–$30k+ uplift reported)
- Last Verified
- January 2026
Prerequisites
- !Security+ and 3 years of hands-on IT security experience
Actyra Training
Custom eLearning built on the science of how people actually learn
Actyra designs and builds cert-prep training programs for enterprise teams — custom courseware grounded in cognitive science.
Talk to a training expert →