Setup for CompTIA PenTest+ Certification Training
Required Software
Each student will need one Windows Server® 2016 computer and one Kali Linux™ computer . Make sure that each computer meets the classroom hardware specifications:
All Computers
- 2 gigahertz (GHz) 64-bit processor that supports the VT-x or AMD-V virtualization instruction set and Second Level Address Translation (SLAT).
- 8 gigabytes (GB) of Random Access Memory (RAM).
- 80 GB storage device or larger.
- Super VGA (SVGA) or higher resolution monitor capable of a screen resolution of at least 1,024 × 768 pixels, at least a 256-color display, and a video adapter with at least 4 MB of memory.
- Bootable DVD-ROM or USB drive.
- Keyboard and mouse or a compatible pointing device.
- Gigabit Ethernet adapter (10/100/1000BaseT) and cabling to connect to the classroom network.
- Wireless network adapter for the Kali Linux computer.
- IP addresses that do not conflict with other portions of your network.
- Internet access (contact your local network administrator).
- (Instructor computer only) A display system to project the instructor's computer screen.
- At least one removable USB thumb drive for students to share if they do not have their own.
- (Optional) A network printer for the class to share.
Additional Hardware
- Mobile devices running Android™ version 4.0 or higher. This is required for students to fully key through the optional activity "Exploiting Android Devices" in the "Penetrating Networks" lesson. Ideally, each student would have their own mobile device; if not, consider demonstrating the activity using one device.
- One wireless access point (WAP) connected to the classroom network.This is required for mobile devices to connect to the classroom network in the same "Exploiting Android Devices" activity. One example scenario is connecting all of the classroom servers to the same gateway router using Ethernet cables. If this router has wireless functionality, and it is activated, students' mobile devices will be able to connect as long as they know the passphrase.
Software:
- Microsoft® Windows Server® 2016 Standard Edition build 14393.693.
Note : This specific build is required so that students will be able to successfully exploit unpatched vulnerabilities in the course activities. Newer builds will have patched these vulnerabilities, causing the activities not to key as written. The ISO file with the required build is available from the Microsoft Evaluation Center: https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-2016 . You can verify the build number by entering winver into a command prompt.
- Kali Linux™ version 2019.2.
- Miscellaneous software that is not included in the course data files due to licensing restrictions:
- Arachni Framework version 1.5.1 ( arachni-1.5.1-0.5.12-linux-x86_64.tar.gz).
- MailEnable Standard version 10.26 ( standard1026.exe).
- Metasploitable version 2.0.0 ( metasploitable-linux-2.0.0.zip).
The steps to download these tools are described in the course setup in your manual. Note that the URL paths to these downloads may have changed after this course was written.
- Miscellaneous software that is included in the course data files:
- Oracle® VM VirtualBox version 5.2.10 ( VirtualBox-5.2.10-122406-Win.exe).
- Node.js version 9.11.1 ( node-v9.11.1-x64.msi).
- OWASP Juice Shop version 7.0.2 (store.zip ).
- HttpRequester version 2.2 ( httprequester-2.2-fx.xpi).
- Waterfox version 56.2.12 (waterfox.zip).
VirtualBox is distributed with the course data files under version 2 of the GNU General Public License (GPL). Node.js and OWASP Juice Shop are distributed with the course data files under the MIT License. HttpRequester is distributed under a Berkeley Software Distribution (BSD) license. Waterfox is distributed under version 2 of the Mozilla Public License (MPL).
Instructions
Install the required software before your class starts.