CPSA Exam Preparation
CREST Practitioner Security Analyst ยท 76 topics ยท 283+ practice questions
Topics Studied
0/76
0% complete
Quizzes Taken
0
total attempts
Best Score
0%
need 60%
Exam Format
120 MCQ
2 hours ยท 60%
Study Modules
A. Soft Skills and Assessment Management
Engagement lifecycle, legal compliance, scoping, risk management, and reporting for penetration testing engagements.
B. Core Technical Skills
IP protocols, network architectures, scanning, fingerprinting, cryptography, file permissions, and audit techniques.
C. Background Information Gathering and Open Source
Registration records, DNS, web analysis, Google hacking, NNTP/mailing lists, and mail header analysis.
D. Networking Equipment
Management protocols, traffic analysis, networking protocol security, IPSec, VoIP, wireless, and configuration analysis.
E. Microsoft Windows Security Assessment
Domain reconnaissance, user enumeration, Active Directory, passwords, vulnerabilities, patching, desktop lockdown, Exchange, and common applications.
F. Unix Security Assessment
User enumeration, vulnerabilities, FTP, SMTP, NFS, R-services, X11, RPC, and SSH on Unix systems.
G. Web Technologies
Web servers, enterprise architectures, protocols, markup/programming languages, application servers, APIs, and sub-components.
H. Web Testing Methodologies
Reconnaissance, threat modelling, information gathering, authentication, authorisation, input validation, error handling, XSS, injection, sessions, encryption, and code review.
I. Web Testing Techniques
Website structure discovery, XSS attack execution, SQL injection exploitation, and parameter manipulation.
J. Databases
Microsoft SQL Server, Oracle RDBMS, and web/app/database connectivity.