The CREST Certified Infrastructure Tester examination is a rigorous assessment of the candidate’s ability to assess a network for flaws and vulnerabilities at the network and operating system layer. The exam includes:
- Public domain information sources
- Windows operating systems
- Unix operating systems
- Voice networking
- Wireless networking.
The format is the same for both the Infrastructure and Application Certified Tester exams. The candidate will be expected to possess not only the technical ability to find security weaknesses and vulnerabilities, but also the skills to ensure findings are presented in a clear, concise and understandable manner. The examination consists of three tasks:
- A hands-on practical examination
- A multiple choice technical examination
- A long form ‘essay style’ written paper.
To pass the exam, the candidate must pass all three sections. The written elements of the examination are delivered at Pearson Vue test centres; the practical element is delivered at a CREST examination centre. Candidates must hold a valid pass in the written element of this examination in order to sit the practical element.
You can download the following documents from the links below:
The Certified Infrastructure Tester examination costs £1,600 + VAT
Individuals undertaking this examination can request that their information be provided to CESG to be considered for CHECK Team Leader (Infrastructure) Status.
Recommended Preparation Material
The following material and media has been cited as helpful preparation for this examination by previous candidates:
Network Security Assessment (by O’Reilly/McNab)
The Art of Exploitation (by O’Reilly)
Unix in a Nutshell (by O’Reilly)
Red Team Field Manual (RTFM) (by Ben Clarke)
Hacking Exposed 7: Network Security Secrets and Solutions (by Stuart McClure/Joel Scambray/George Kurtz)
The Oracle Hacker’s Handbook: Hacking and Defending Oracle (by David Litchfield)
Red Hat Linux Networking and System Administration (by Terry Collings)
TCP/IP Illustrated (vol.1, 2nd edition) (by Kevin Fall/W.Richard Stevens)
The Art of Software Security Assessment (by Mark Dowd/John McDonald/Justin Schuh)
Grey Hat Hacking (by Allen Harper/Shon Harris/Jonathan Ness)
Network Warrior (by Gary A. Donahue)
Hackers Playbook (by Peter Kim)
Metasploit – The Penetration Tester’s Guide (by David Kennedy)
Useful Information for Candidates
Details of the Logistics and Timings of the examinations
CREST’s Policy for Candidates requiring special arrangements including additional time to accommodate a medical condition (including examinations delivered via Pearson Vue)
Terms and Conditions for CREST Examinations (includes hard disk drive wiping policy)