Crest Practitioner Security Analyst, CPSA

This Crest approved training course will take students with basic technical ICT & Network understanding and re-skill them into the first stage of becoming a qualified Penetration Tester. This course will cover all the theory required for both the CREST CPSA and CRT exams.

Course Style

Live Instructor Led. Face-to-Face or Attend-From-Any-Where

Skill up and get certified, guaranteed

Exam Pass Guarantee

If you don’t pass your exam on the first attempt, You get to re-sit the course for free

100% Satisfaction Guarantee

If you’re not 100% satisfied with your training at the end of the first day, you may withdraw and enroll in a different Classroom course.

Knowledge Transfer Guarantee

High Impact Learning Solutions Designed to help students acquire skills and obtain certification.

What is included?

5 days of training.
Course material/Slides.
98% Certification Success in First Attempt.
Classroom training Or Attend-From-Any-Where.
Training delivered by Professionals with enormous industry experience.
Total comprehensive exam preparation.

What you will Learn?

The theoretical understanding and knowledge required to pass the CPSA exam.
The course is directly aligned to the defined examination syllabus defined by CREST.

Award-winning training that you can trust

Who should attend?

Aspiring information security personnel who wish to be part of a Pen Test team.
System administrators who are responding to attacks.
Incident handlers who wish to expand their knowledge into Penetration Testing and Digital Forensics.
Corporations and Government departments who wish to raise and baseline skills across all security teams.
Law enforcement officers or detectives who want to expand their investigative skills.
Information security managers who would like to brush up on the latest techniques and processes in order to understand information security implications.
Anyone who is considering a career in Penetration Testing.

Course Dates

8 – 12 Feb, 2021

21 Jun – 25 Jul, 2021

11 – 15 Oct, 2021

30 Nov – 4 Dec, 2021

Course Outline

Engagement Lifecycle.
Law & Compliance.
Understanding Explaining and Managing Risk.
Record Keeping, Interim Reporting & Final Results.
IP Protocols.
Network Architectures.
Network Mapping & Target Identification.
Interpreting Tool Output.
Filtering Avoidance Techniques.
OS Fingerprinting.
Application Fingerprinting and Evaluating Unknown Services.
Network Access Control Analysis.
Cryptography.
Applications of Cryptography.
File System Permissions.
Audit Techniques.
Registration Records.
Domain Name Server (DNS).
Customer Web Site Analysis.
Google Hacking and Web Enumeration.
NNTP Newsgroups and Mailing Lists.
Information Leakage from Mail & News.
Headers.
Management Protocols.
Network Traffic Analysis.
Networking Protocols.
IPSec.
VoIP.
Wireless.
Configuration Analysis.
Domain Reconnaissance.
User Enumeration.
Active Directory.
Windows Passwords.
Windows Vulnerabilities.
Windows Patch Management Strategies.
Desktop Lockdown.

Exchange.
Common Windows Applications.
User enumeration.
Unix vulnerabilities.
FTP.
Sendmail / SMTP.
Network File System (NFS).
R* services.
X11.
RPC services.
SSH.
Web Server Operation.
Web Servers & their Flaws.
Web Enterprise Architectures.
Web Protocols.
Web Mark-up Languages.
Information Gathering from Web Mark up.
Authentication Mechanisms.
Authorisation Mechanisms.
Input Validation.
Information Disclosure in Error Messages.
Use of Cross Site Scripting Attacks.
Use of Injection Attacks.
Session Handling Encryption.
Source Code Review.
Web Site Structure Discovery.
Cross Site Scripting Attacks.
SQL Injection.
Parameter .Manipulation.
Directory Traversal.
File Uploads.
Code Injection.
Microsoft SQL Server.
Oracle RDBMS.
Web / App / Database Connectivity.

Prerequisites

Basic understanding of VMware, Operating System, Network Security, Operational Security, Access Control, Threats and Vulnerabilities.
A level of knowledge that is equivalent to the Security+ is recommended.