Crest Practitioner Security Analyst, CPSA
This Crest approved training course will take students with basic technical ICT & Network understanding and re-skill them into the first stage of becoming a qualified Penetration Tester. This course will cover all the theory required for both the CREST CPSA and CRT exams.

Course Style
Live Instructor Led. Face-to-Face or Attend-From-Any-Where
Skill up and get certified, guaranteed

Exam Pass Guarantee
If you don’t pass your exam on the first attempt, You get to re-sit the course for free

100% Satisfaction Guarantee
If you’re not 100% satisfied with your training at the end of the first day, you may withdraw and enroll in a different Classroom course.

Knowledge Transfer Guarantee
High Impact Learning Solutions Designed to help students acquire skills and obtain certification.
What is included?
- 5 days of training.
- Course material/Slides.
- 98% Certification Success in First Attempt.
- Classroom training Or Attend-From-Any-Where.
- Training delivered by Professionals with enormous industry experience.
- Total comprehensive exam preparation.
What you will Learn?
- The theoretical understanding and knowledge required to pass the CPSA exam.
- The course is directly aligned to the defined examination syllabus defined by CREST.
Who should attend?
- Aspiring information security personnel who wish to be part of a Pen Test team.
- System administrators who are responding to attacks.
- Incident handlers who wish to expand their knowledge into Penetration Testing and Digital Forensics.
- Corporations and Government departments who wish to raise and baseline skills across all security teams.
- Law enforcement officers or detectives who want to expand their investigative skills.
- Information security managers who would like to brush up on the latest techniques and processes in order to understand information security implications.
- Anyone who is considering a career in Penetration Testing.
Course Dates
8 – 12 Feb, 2021
21 Jun – 25 Jul, 2021
11 – 15 Oct, 2021
30 Nov – 4 Dec, 2021
Course Outline
- Engagement Lifecycle.
- Law & Compliance.
- Understanding Explaining and Managing Risk.
- Record Keeping, Interim Reporting & Final Results.
- IP Protocols.
- Network Architectures.
- Network Mapping & Target Identification.
- Interpreting Tool Output.
- Filtering Avoidance Techniques.
- OS Fingerprinting.
- Application Fingerprinting and Evaluating Unknown Services.
- Network Access Control Analysis.
- Cryptography.
- Applications of Cryptography.
- File System Permissions.
- Audit Techniques.
- Registration Records.
- Domain Name Server (DNS).
- Customer Web Site Analysis.
- Google Hacking and Web Enumeration.
- NNTP Newsgroups and Mailing Lists.
- Information Leakage from Mail & News.
- Headers.
- Management Protocols.
- Network Traffic Analysis.
- Networking Protocols.
- IPSec.
- VoIP.
- Wireless.
- Configuration Analysis.
- Domain Reconnaissance.
- User Enumeration.
- Active Directory.
- Windows Passwords.
- Windows Vulnerabilities.
- Windows Patch Management Strategies.
- Desktop Lockdown.
- Exchange.
- Common Windows Applications.
- User enumeration.
- Unix vulnerabilities.
- FTP.
- Sendmail / SMTP.
- Network File System (NFS).
- R* services.
- X11.
- RPC services.
- SSH.
- Web Server Operation.
- Web Servers & their Flaws.
- Web Enterprise Architectures.
- Web Protocols.
- Web Mark-up Languages.
- Information Gathering from Web Mark up.
- Authentication Mechanisms.
- Authorisation Mechanisms.
- Input Validation.
- Information Disclosure in Error Messages.
- Use of Cross Site Scripting Attacks.
- Use of Injection Attacks.
- Session Handling Encryption.
- Source Code Review.
- Web Site Structure Discovery.
- Cross Site Scripting Attacks.
- SQL Injection.
- Parameter .Manipulation.
- Directory Traversal.
- File Uploads.
- Code Injection.
- Microsoft SQL Server.
- Oracle RDBMS.
- Web / App / Database Connectivity.
Prerequisites
- Basic understanding of VMware, Operating System, Network Security, Operational Security, Access Control, Threats and Vulnerabilities.
- A level of knowledge that is equivalent to the Security+ is recommended.