25,000+ Courses Nationwide
0203 908 2376

CREST Practitioner Security Analyst

The CREST CPSA course will prepare the candidate to pass the CPSA CREST Practitioner Security Analyst examination. The course is the first of two courses that will take students of varying IT experience and re-skill them so that they can enter the Cybersecurity industry not as a trainee but as qualified Penetration Tester making them productive from day one.

The course is closely aligned to syllabus defined by CREST for Security Analyst Practitioner (CPSA) examination. The CREST CPSA training is the required baseline qualification for a career in Penetration Testing.  The CREST CPSA course is a 5-day course,  it covers all the theory required ahead of the second course (CREST Registered Tester – CRT).  This theoretical understanding will equip Students with the knowledge they require to pass the online multiple choice CPSA CREST examination.

A good range of demo applications and lab exercises will be available to the students during the course.

Select specific date to see price, venue and full details.

Learning Objectives

To thoroughly prepare Students to gain this hugely respected, industry qualification, Crest Practitioner Security Analyst (CPSA).

+ CREST Practitioner Security Analyst (CPSA)

Course Style:

The instructor-led course will allow our students to leave as sought after professionals, well equipped with the on-demand job skills and certifications needed to be employed as technically well-rounded professionals in any Cyber Security team, as well as being the pre-requisite the sought after CREST qualification, CRT, CREST Registered Tester. Making this course and qualification a great foundation for your career in Cyber Security.

The CPSA course will set the foundations needed for you to pursue a career in Penetration Testing. Preparing you to take the CRT course.


Basic understanding of Virtualization, VMware, Operating System, Network Security, Operational Security, Access Control ,Threats and Vulnerabilities.

Or a level of knowledge that is equivalent to the Security+ qualification is recommended.

Contact us for more specifics

Course Content

Course Syllabus


•Engagement Lifecycle

•Law & Compliance

•Understanding Explaining and Managing Risk

•Record Keeping, Interim Reporting & Final Results

•IP Protocols

•Network Architectures

•Network Mapping & Target Identification

•Interpreting Tool Output

•Filtering Avoidance Techniques

•OS Fingerprinting

•Application Fingerprinting and Evaluating Unknown Services

•Network Access Control Analysis


•Applications of Cryptography

•File System Permissions

•Audit Techniques

•Registration Records

•Domain Name Server (DNS)

•Customer Web Site Analysis

•Google Hacking and Web Enumeration

•NNTP Newsgroups and Mailing Lists

•Information Leakage from Mail & News


•Management Protocols

•Network Traffic Analysis

•Networking Protocols




•Configuration Analysis

•Domain Reconnaissance

•User Enumeration

•Active Directory

•Windows Passwords

•Windows Vulnerabilities    

•Windows Patch Management Strategies

•Desktop Lockdown


•Common Windows Applications

•User enumeration

•Unix vulnerabilities


•Sendmail / SMTP

•Network File System (NFS)

•R* services


•RPC services


•Web Server Operation

•Web Servers & their Flaws

•Web Enterprise Architectures

•Web Protocols

•Web Mark up Languages

•Information Gathering from Web Mark up

•Authentication Mechanisms

•Authorisation Mechanisms

•Input Validation

•Information Disclosure in Error Messages

•Use of Cross Site Scripting Attacks

•Use of Injection Attacks

•Session Handling Encryption

•Source Code Review

•Web Site Structure Discovery

•Cross Site Scripting Attacks

•SQL Injection

•Parameter Manipulation

•Directory Traversal

•File Uploads

•Code Injection

•Microsoft SQL Server

•Oracle RDBMS

•Web / App / Database Connectivity

Exams & Certification

The exam is 60 minutes multiple choice.

Related Courses

Privacy Notice

In order to provide you with the service requested we will need to retain and use your contact information in accordance with our Privacy Notice. If you choose to provide us with this information you explicitly consent to us using the information as necessary to provide the requested service to you. If you do not agree please do not proceed to request the service from us.

Marketing Permissions

Would you like to receive our newsletter and other information on products and services which we think will be of interest to you by email. We will always treat your information with care and in accordance with our Privacy Notice. You are free to withdraw this permission at any time.


We work with the best