Crest Practitioner Security Analyst, CPSA

This Crest approved course will take students with basic technical ICT & Network understanding and re-skill them into the first stage of becoming a qualified Penetration Tester.  This course will cover all the theory required for both the CREST CPSA and CRT exams.

Cyber Skills Training - Image of a man

Course Style

Live Instructor Led. Face-to-Face or Attend-From-Any-Where

Skill up and get certified, guaranteed

Exam Pass Guarantee

Exam Pass Guarantee

If you don’t pass your exam on the first attempt, You get to re-sit the course for free
100% Satisfaction Guarantee

100% Satisfaction Guarantee

If you’re not 100% satisfied with your training at the end of the first day, you may withdraw and enroll in a different Classroom course.
Knowledge Transfer Guarantee

Knowledge Transfer Guarantee

High Impact Learning Solutions Designed to help students acquire skills, updates search skills and obtain certification. It also includes covering infrastructure and web application along with web application testing.

What is included?

  • 5 days of training
  • Course material/Slides
  • 95.8% Certification Success in First Attempt
  • Classroom training Or Attend-From-Any-Where
  • Training delivered by Professionals with enormous industry experience 
  • Total comprehensive exam preparation

What you will Learn?

  • The theoretical understanding and knowledge required to pass the CPSA exam.
  • The course is directly aligned to the defined examination syllabus defined by CREST.

Award-winning training that you can trust

Who should attend?

  • Aspiring information security personnel who wish to be part of a Pen Test team
  • System administrators who are responding to attacks
  • Incident handlers who wish to expand their knowledge into Penetration Testing and Digital Forensics
  • Corporations and Government departments who wish to raise and baseline skills across all security teams
  • Law enforcement officers or detectives who want to expand their investigative skills
  • Information security managers who would like to brush up on the latest techniques and processes in order to understand information security implications
  • Anyone who is considering a career in Penetration Testing

Course Dates

11 – 15 Oct, 2021
07 – 11 Feb , 2022
20 – 24 Jun , 2022
14 – 18 Nov , 2022

Course Outline

  • Engagement Lifecycle
  • Law & Compliance
  • Understanding Explaining and Managing Risk
  • Record Keeping, Interim Reporting & Final Results
  • IP Protocols
  • Network Architectures
  • Network Mapping & Target Identification
  • Interpreting Tool Output
  • Filtering Avoidance Techniques
  • OS Fingerprinting
  • Application Fingerprinting and Evaluating Unknown Services
  • Network Access Control Analysis
  • Cryptography
  • Applications of Cryptography
  • File System Permissions
  • Audit Techniques
  • Registration Records
  • Domain Name Server (DNS)
  • Customer Web Site Analysis
  • Google Hacking and Web Enumeration
  • NNTP Newsgroups and Mailing Lists
  • Information Leakage from Mail & News
  • Headers
  • Management Protocols
  • Network Traffic Analysis
  • Networking Protocols
  • IPSec
  • VoIP
  • Wireless
  • Configuration Analysis
  • Domain Reconnaissance
  • User Enumeration
  • Active Directory
  • Windows Passwords
  • Windows Vulnerabilities
  • Windows Patch Management Strategies
  • Desktop Lockdown
  • Exchange
  • Common Windows Applications
  • User enumeration
  • Unix vulnerabilities
  • FTP
  • Sendmail / SMTP
  • Network File System (NFS)
  • R* services
  • X11
  • RPC services
  • SSH
  • Web Server Operation
  • Web Servers & their Flaws
  • Web Enterprise Architectures
  • Web Protocols
  • Web Mark-up Languages
  • Information Gathering from Web Mark up
  • Authentication Mechanisms
  • Authorisation Mechanisms
  • Input Validation
  • Information Disclosure in Error Messages
  • Use of Cross Site Scripting Attacks
  • Use of Injection Attacks
  • Session Handling Encryption
  • Source Code Review
  • Web Site Structure Discovery
  • Cross Site Scripting Attacks
  • SQL Injection
  • Parameter Manipulation
  • Directory Traversal
  • File Uploads
  • Code Injection
  • Microsoft SQL Server
  • Oracle RDBMS
  • Web / App / Database Connectivity


  • Basic understanding of VMware, Operating System, Network Security, Operational Security, Access Control, Threats and Vulnerabilities.
  • A level of knowledge that is equivalent to the Security+ is recommended.

Career, certification and Salary

CREST Certification Training course – CPSA

The security analyst plays a vital role in keeping an organization’s proprietary and digital information protected. He/she works inter-departmentally to identify and correct flaws in the company’s security systems, solutions, and programs while recommending specific measures that can improve the company’s overall security system.

What is a CREST?

CREST presents the Information security industry-standard of practice, service, and customer satisfaction. CREST stands for ‘Council of Registered Ethical Security Testers’. The organization was initially established as a response to unethical penetration vulnerability testing. A lack of regulation led to a lack of uniform methodology and varying outcomes for testing subjects. It is a non-profit accreditation body that seeks to establish professional standards for penetration testers. CREST accreditation represents companies that are recognised as offering the highest-quality and most professional network or website penetration testing.

What Does It Mean to Have a Crest Practitioner Certificate?

There are three levels of CREST accreditation, all requiring different levels of experience and expertise. To be recognised as a CREST practitioner professional, you must take certification exams. Different levels require specific qualifications.

The most prestigious acknowledgement for testers is to be designated a ‘CREST certified professional’. This certification recognizes that these testers are capable of running full testing projects independently, as well as managing and coordinating teams.

How To Become a Crest Practitioner Security Analyst

Security analysts monitor, prevent, and stop attacks on companies’ private information. These CREST professionals create and implement firewalls and software systems to protect data and network infrastructures. This is a digital era, and the world is increasingly relying on technology and digital interfaces to store and share information, security analysts enjoy higher demand.

Responsibilities Of a Crest Practitioner Security Analyst

Security analysts are ultimately responsible for ensuring that the company’s digital data are protected from unauthorized access. These include both online and intranet infrastructure, filter out suspicious activity and finding & migrating risks before security breach. If a security breach does occur, security analysts are often on the front line, encountering the attack.

Security analysts are also responsible for generating reports for IT administrators and business managers to evaluate the efficiency of the security policies and implementing them strictly. They will help to make required changes for a more secure network and may create training programs and modules to educate employees.

Security analysts are also responsible for keeping the company’s security systems updated and creating documentation and planning for sudden incident response and disaster recovery plans.         

Other specific responsibilities include:

  • Monitoring security access
  • Conducting security assessments through vulnerability testing and risk analysis
  • Performing both internal and external security audits
  • Analyzing security breaches to identify the root cause
  • Continuously updating the company’s incident response and disaster recovery plans
  • Verifying the security of third-party vendors and collaborating with them to meet security requirements


How To Get Security Analyst Certifications

You will find lots of information on google which can confuse you. We are listing experts recommended programs to pass a security analysts certification.

Final Thoughts

When you become a Crest Practitioner Security Analyst, you will get a bright future ahead. Penetration testing and cybersecurity will be in huge demand with a handsome salary package.

Are you ready to get started?