WSQ - CompTIA PenTest+ Training

Topic 1: Planning and Scoping 

• Planning a pen test
• Rules of engagement
• Regulatory compliance
• Resources and budgets
• Impact and constraints
• Support resources
• Legal groundwork
• Service provider agreements
• Standards and methodologies
• Environment and scoping considerations
• Ethical mindset
• Lab environment setup
• Project strategy and risk
• Scope vulnerabilities
• Compliance-based assessments

Topic 2: Information Gathering and Vulnerability Scanning 

• Scanning and enumeration
• Scanning and demo
• Packet investigation
• Packet inspection demo
• Lab setup
• Lab: Wireshark
• Application and open-source resources
• Passive reconnaissance
• Active reconnaissance
• Vulnerability scanning
• Vulnerability scanning demo
• Lab: Network basis
• Lab: Nmap discovery
• Target considerations
• Analysing scan output
• Nmap scoping and output options
• Nmap timing and performance options
• Prioritization of vulnerabilities
• Common attack techniques
• Automating vulnerability scans
• Credential attacks
• Lab: Password cracking
• Lab: Secure Sockets Layer
• Lab: Routing basics

Topic 3: Attacks and Exploits 

• Network-based attacks
• Wireless and RF Attacks
• Web and Database Attacks
• Attacking the cloud
• Specialised and Fragile Systems
• Social Engineering and Physical attacks
• Post-Exploitation

Topic 4: Reporting and Communication 

• Report writing
• Important components of written reports
• Mitigation strategies
• Technical and physical controls
• Administrative and operational controls
• Communication
• Presentation of findings
• Post-report activities
• Data destruction process

Topic 5: Tools and Code Analysis 

• Using scripting in pen testing
• Bash scripting basics
• Python scripts
• Tools inventory
• Pen testing toolbox
• Scanners and credential tools
• Code-tracking tools
• Wireless and web pen testing tools
• Remote access tools
• Analysers and mobile pen testing tools

Final Assessment

• Written Assessment - Short Answer Questions (WA-SAQ)
• Practical Performance (PP)

Promotion Code

Promo or discount cannot be applied to WSQ courses

Minimum Entry Requirement

Knowledge and Skills

• Able to operate computer functions with minimum Computer Literacy Level 2 based on ICAS Computer Skills Assessment Framework
• Minimum 3 GCE ‘O’ Levels Passes including English or WPL Level 5 (Average of Reading, Listening, Speaking & Writing Scores)

Attitude

• Positive Learning Attitude
• Enthusiastic Learner

Experience

• Minimum of 1 year of working experience.

Minimum Software/Hardware Requirement

Softtware: Windows / Mac

Hardware: Laptop

About Progressive Wage Model (PWM)

The Progressive Wage Model (PWM) helps to increase wages of workers through upgrading skills and improving productivity. 

Employers must ensure that their Singapore citizen and PR workers meet the PWM training requirements of attaining at least 1 Workforce Skills Qualification (WSQ) Statement of Attainment, out of the list of approved WSQ training modules.

For more information on PWM, please visit MOM site.

Funding Eligility Criteria

Steps to Apply Skills Future Claim

• The staff will send you an invoice with the fee breakdown.
• Login to the MySkillsFuture portal, select the course you’re enrolling on and enter the course date and schedule.
• Enter the course fee payable by you (including GST) and enter the amount of credit to claim.
• Upload your invoice and click ‘Submit’

SkillsFuture Level-Up Program

The  SkillsFuture Level-Up Programme provides greater structural support for mid-career Singaporeans aged 40 years and above to pursue a substantive skills reboot and stay relevant in a changing economy. For more information, visit SkillsFuture Level-Up Programme

Get Additional Course Fee Support Up to $500 under UTAP

The Union Training Assistance Programme (UTAP) is a training benefit provided to NTUC Union Members with an objective of encouraging them to upgrade with skills training. It is provided to minimize the training cost. If you are a NTUC Union Member then you can get 50% funding (capped at $500 per year) under Union Training Assistance Programme (UTAP).

For more information visit NTUC U Portal – Union Training Assistance Program (UTAP)

Steps to Apply UTAP

• Log in to your U Portal account to submit your UTAP application upon completion of the course.

Note

• SSG subsidy is available for Singapore Citizens, Permanent Residents, and Corporates.
• All Singaporeans aged 25 and above can use their SkillsFuture Credit to pay. For more details, visit www.skillsfuture.gov.sg/credit
• An unfunded course fee can be claimed via SkillsFuture Credit or paid in cash.
• UTAP funding for NTUC Union Members is capped at $250 for 39 years and below and at $500 for 40 years and above.
• UTAP support amount will be paid to training provider first and claimed after end of class by learner.

Appeal Process

1. The candidate has the right to disagree with the assessment decision made by the assessor.
2. When giving feedback to the candidate, the assessor must check with the candidate if he agrees with the assessment outcome.
3. If the candidate agrees with the assessment outcome, the assessor & the candidate must sign the Assessment Summary Record.
4. If the candidate disagrees with the assessment outcome, he/she should not sign in the Assessment Summary Record.
5. If the candidate intends to appeal the decision, he/she should first discuss the matter with the assessor/assessment manager.
6. If the candidate is still not satisfied with the decision, the candidate must notify the assessor of the decision to appeal. The assessor will reflect the candidate’s intention in the Feedback Section of the Assessment Summary Record.
7. The assessor will notify the assessor manager about the candidate’s intention to lodge an appeal.
8. The candidate must lodge the appeal within 7 days, giving reasons for appeal 
9. The assessor can help the candidate with writing and lodging the appeal.
10. he assessment manager will collect information from the candidate & assessor and give a final decision.
11. A record of the appeal and any subsequent actions and findings will be made.
12. An Assessment Appeal Panel will be formed to review and give a decision.
13. The outcome of the appeal will be made known to the candidate within 2 weeks from the date the appeal was lodged.
14. The decision of the Assessment Appeal Panel is final and no further appeal will be entertained.
15. Please click the link below to fill up the Candidates Appeal Form.

Muhammed Siraj: Dr. Muhammed Siraj is an experienced cybersecurity practitioner and academic with over 15 years of expertise in ethical hacking, digital forensics, and IT infrastructure security. He holds an MSc in Information and Communication Technology from Aalborg University in Denmark and is currently pursuing his PhD at Universiti Putra Malaysia, specializing in blockchain and cybersecurity. As Head of IT Support and a Senior Lecturer at Wisconsin International University College, Ghana, he has designed and delivered advanced cybersecurity and digital forensics programs for professionals across the education, finance, and law enforcement sectors. He is also a Certified Ethical Hacker (CEH) and Computer Hacking Forensic Investigator (CHFI), with extensive experience in deploying open-source security solutions and managing enterprise networks.

In “CompTIA PenTest+ Training,” Dr. Siraj brings his deep understanding of penetration testing, ethical hacking, and vulnerability assessment to help learners master offensive security methodologies. His training focuses on real-world threat simulations, security audit practices, and post-exploitation analysis, preparing participants to identify, mitigate, and defend against advanced cyber threats. By integrating his academic rigor with hands-on experience, he empowers cybersecurity professionals to build resilience and expertise in ethical hacking and network defense.

Mohan Pothula: Mohan Pothula is a cybersecurity and cloud infrastructure specialist with more than 15 years of experience across enterprise systems, network security, and DevSecOps. He has managed IT infrastructure and cybersecurity operations for multinational organizations, focusing on compliance, threat mitigation, and secure architecture design. Mohan is a CompTIA-certified instructor with additional credentials in AWS, Azure, and Linux systems administration. His professional focus lies in building secure, scalable environments that meet modern enterprise and regulatory requirements.

In “CompTIA PenTest+ Training,” Mohan delivers practical, scenario-based lessons that bridge cybersecurity theory with hands-on penetration testing. His sessions guide learners through ethical hacking tools, vulnerability exploitation, and remediation planning within enterprise systems. With a strong foundation in both infrastructure and security domains, he equips participants to perform effective penetration tests, identify system weaknesses, and design resilient defense strategies aligned with global cybersecurity standards.

Truman Ng: Truman Ng is a senior technology consultant, AI systems integrator, and cybersecurity expert with over two decades of experience in IT infrastructure, automation, and secure cloud deployment. Holding professional certifications including PMP, ACTA, and Huawei HCIE, he has trained numerous organizations in network defense, DevSecOps, and AI-enabled security systems. His work integrates enterprise architecture with automation to enhance data security and system reliability.

In “CompTIA PenTest+ Training,” Truman combines cybersecurity frameworks with automation to train learners in performing intelligent penetration tests using modern tools and methodologies. His sessions emphasize secure system orchestration, network vulnerability assessments, and incident response planning. Through real-world case studies, he enables participants to conduct structured, repeatable security tests and implement proactive threat mitigation strategies in enterprise IT environments.

Agus Salim: Agus Salim is an IT security engineer and systems analyst with extensive experience in network defense, infrastructure security, and enterprise technology management. With over 15 years of industry practice, he has worked on large-scale cybersecurity projects involving system hardening, data encryption, and secure network design. He is a WSQ-accredited trainer who specializes in ethical hacking, cloud security, and cybersecurity awareness programs for corporate professionals and technical teams.

In “CompTIA PenTest+ Training,” Agus focuses on building participants’ technical capabilities in vulnerability assessment, exploit analysis, and system protection. His training approach blends conceptual learning with hands-on lab simulations using real-world attack vectors. By leveraging his background in IT operations and security testing, he helps learners develop the skills needed to plan, execute, and report on professional penetration tests with precision and confidence.

Alec Tan Chee Wee: Alec Tan is a cybersecurity consultant and infrastructure architect with over 20 years of experience in IT systems design, ethical hacking, and data protection. He holds multiple industry certifications including CompTIA Security+, CISSP, and Certified Information Systems Auditor (CISA). Throughout his career, Alec has led cybersecurity and risk management initiatives for financial institutions, government agencies, and technology firms, focusing on secure systems architecture and compliance governance.

In “CompTIA PenTest+ Training,” Alec provides in-depth guidance on executing ethical hacking operations, network assessments, and risk analysis in accordance with international security standards. His sessions combine technical rigor with strategic insight, teaching participants how to plan, execute, and communicate penetration test results effectively. With his extensive consulting background, Alec prepares learners to navigate complex cybersecurity environments with a structured and analytical approach to offensive security.