Crest Practitioner Security Analyst, CPSA

This Crest approved training course will take students with basic technical ICT & Network understanding and re-skill them into the first stage of becoming a qualified Penetration Tester. This course will cover all the theory required for both the CREST CPSA and CRT exams.

Cyber Skills Training - Image of a man

Course Style

Live Instructor Led. Face-to-Face or Attend-From-Any-Where

Skill up and get certified, guaranteed

Exam Pass Guarantee

Exam Pass Guarantee

If you don’t pass your exam on the first attempt, You get to re-sit the course for free
100% Satisfaction Guarantee

100% Satisfaction Guarantee

If you’re not 100% satisfied with your training at the end of the first day, you may withdraw and enroll in a different Classroom course.
Knowledge Transfer Guarantee

Knowledge Transfer Guarantee

High Impact Learning Solutions Designed to help students acquire skills and obtain certification.

What is included?

  • 5 days of training.
  • Course material/Slides.
  • 98% Certification Success in First Attempt.
  • Classroom training Or Attend-From-Any-Where.
  • Training delivered by Professionals with enormous industry experience.
  • Total comprehensive exam preparation.

What you will Learn?

  • The theoretical understanding and knowledge required to pass the CPSA exam.
  • The course is directly aligned to the defined examination syllabus defined by CREST.

Award-winning training that you can trust

Who should attend?

  • Aspiring information security personnel who wish to be part of a Pen Test team.
  • System administrators who are responding to attacks.
  • Incident handlers who wish to expand their knowledge into Penetration Testing and Digital Forensics.
  • Corporations and Government departments who wish to raise and baseline skills across all security teams.
  • Law enforcement officers or detectives who want to expand their investigative skills.
  • Information security managers who would like to brush up on the latest techniques and processes in order to understand information security implications.
  • Anyone who is considering a career in Penetration Testing.

Course Dates

8 – 12 Feb, 2021

21 Jun – 25 Jul, 2021

11 – 15 Oct, 2021

30 Nov – 4 Dec, 2021

Course Outline

  • Engagement Lifecycle.
  • Law & Compliance.
  • Understanding Explaining and Managing Risk.
  • Record Keeping, Interim Reporting & Final Results.
  • IP Protocols.
  • Network Architectures.
  • Network Mapping & Target Identification.
  • Interpreting Tool Output.
  • Filtering Avoidance Techniques.
  • OS Fingerprinting.
  • Application Fingerprinting and Evaluating Unknown Services.
  • Network Access Control Analysis.
  • Cryptography.
  • Applications of Cryptography.
  • File System Permissions.
  • Audit Techniques.
  • Registration Records.
  • Domain Name Server (DNS).
  • Customer Web Site Analysis.
  • Google Hacking and Web Enumeration.
  • NNTP Newsgroups and Mailing Lists.
  • Information Leakage from Mail & News.
  • Headers.
  • Management Protocols.
  • Network Traffic Analysis.
  • Networking Protocols.
  • IPSec.
  • VoIP.
  • Wireless.
  • Configuration Analysis.
  • Domain Reconnaissance.
  • User Enumeration.
  • Active Directory.
  • Windows Passwords.
  • Windows Vulnerabilities.
  • Windows Patch Management Strategies.
  • Desktop Lockdown.
  • Exchange.
  • Common Windows Applications.
  • User enumeration.
  • Unix vulnerabilities.
  • FTP.
  • Sendmail / SMTP.
  • Network File System (NFS).
  • R* services.
  • X11.
  • RPC services.
  • SSH.
  • Web Server Operation.
  • Web Servers & their Flaws.
  • Web Enterprise Architectures.
  • Web Protocols.
  • Web Mark-up Languages.
  • Information Gathering from Web Mark up.
  • Authentication Mechanisms.
  • Authorisation Mechanisms.
  • Input Validation.
  • Information Disclosure in Error Messages.
  • Use of Cross Site Scripting Attacks.
  • Use of Injection Attacks.
  • Session Handling Encryption.
  • Source Code Review.
  • Web Site Structure Discovery.
  • Cross Site Scripting Attacks.
  • SQL Injection.
  • Parameter .Manipulation.
  • Directory Traversal.
  • File Uploads.
  • Code Injection.
  • Microsoft SQL Server.
  • Oracle RDBMS.
  • Web / App / Database Connectivity.


  • Basic understanding of VMware, Operating System, Network Security, Operational Security, Access Control, Threats and Vulnerabilities.
  • A level of knowledge that is equivalent to the Security+ is recommended.

Are you ready to get started?