Login to profile

CREST Practitioner Security Analyst (CPSA)

Book your CPSA exam today

Book now!

Earn your CPSA certification

The CREST Practitioner Security Analyst (CPSA) is an entry level exam that tests a candidate’s knowledge in assessing operating systems and common network services.

The examination covers a common set of core skills and knowledge. The candidate must demonstrate that they have the knowledge to perform basic infrastructure and web application vulnerability scans using commonly available tools and to interpret the results to locate security vulnerabilities.

CPSA candidates will be able to demonstrate that they are qualified for hands on Pen Test Roles (indicative of 2 years experience).

CPSA exam guidance

Syllabus

CPSA is an entry level exam that tests a candidate’s knowledge in assessing operating systems and common network services and includes an intermediate level of web app security testing and methods to identify common web app security vulnerabilities.

 

CPSA validates a practitioner’s knowledge of Pen Testing Principles beyond terminology. Successful CPSA candidates will be able to demonstrate that they are qualified for hands on Pen Test Roles (indicative of 2 years experience) with respect to:

– Soft Skills and Assessment Management

– Core Technical Skills

– Background Information Gathering and Open Source

– Networking Equipment

– Microsoft Windows Security Assessment

– Unix Security Assessment

– Web Testing Methodologies

– Web Testing Techniques

– Databases

 

Exam Certification Objectives & Outcome Statements

 

  • Soft Skills and Assessment Management

 

The candidate will understand the PT engagement lifecycle, Applicable Legislation, Scoping Requirements, risks of a PT and Record Keeping.

 

  • Core Technical Skills

 

The candidate will demonstrate an understanding of IP Protocols, Network Architectures, Network Mapping and Target Identification, the interpretation of Tooling Outputs, Filtering Avoidance Techniques, OS and Application Fingerprinting, Network Access Control Analysis, Files System Permissions and Audit Techniques.

 

  • Cryptography

 

The candidate will have a basic understanding of the concepts of Cryptography and its applications, including Encryption Algorithms, Hashes and Integrity Codes.

 

  • Background Information Gathering and Open Source

 

The candidate will demonstrate an understanding of Registry Records, DNS, Website Analysis, Search Engines and Enumeration, the exploitation of Newsgroups, how to secure Containers and understand security features provided in MacOS.

 

  • Networking Equipment

 

The candidate will have a basic understanding of Network Management Protocols, Traffic Analysis, Networking Protocols, IPSec, VoiP, Enumeration of Wireless Devices and Encryption Methods, and Configuration Analysis.

 

  • Microsoft Windows Security Assessment

 

The candidate will have a high-level understanding of Domain Reconnaissance, User Enumeration of Target Systems, Active Directory, Windows Passwords and Cracking, Windows Vulnerabilities, Patch Management Strategies, Desktop Lockdown, MS Exchange and common Windows Applications.

 

  • Unix Security Assessment

 

The candidate will understand User Enumeration of Usernames, Unix Vulnerabilities, FTP, SMTP, NFS, R* Services, X11, RPC Services and SSH.

 

  • Web Technologies

 

The candidate will understand Web Server Operations and their flaws, Web Enterprise Architectures, Web Protocols, Web Mark-up and Programming Languages, and Web App Servers, APIs and sub-components.

 

  • Web Testing Methodologies

 

The candidate will demonstrate a basic understanding of Web App Reconnaissance, Threat Modelling and Attack Vectors, information gathering from Web Mark-Up, Authentication and Authorisation, Input Validation for Defensive Coding, information disclosure in Error Messages, XSS and Injection Attacks, Session Handling and Source Code Review.

 

  • Web Testing Techniques

 

The candidate will demonstrate how to architect a network to be monitored and controlled to resist intrusion.

 

  • Databases

 

The candidate will have a high-level understanding of the features of Group Policy and working with INF Security Templates.

 

A full version of the CPSA syllabus is available here.

Notes for candidates

CREST Practitioner Security Analyst (CPSA) – Notes for Candidates

 

The Notes for Candidates gathers essential information about the CPSA exam and intends to support CREST candidates on their preparation, increasing their chances of success.

 

1. Exam overview 

 

The CPSA exam tests candidates’ knowledge in assessing operating systems and common network services at a basic level below that of the main CRT and CCT qualifications. The CPSA exam also tests knowledge of web application security testing and methods to identify common web application security vulnerabilities.

 

2. Exam structure

 

The exam covers a common set of core skills and knowledge. The candidate must demonstrate that they have the knowledge to perform basic infrastructure and web application vulnerability scans using commonly available tools and interpret the results to locate security vulnerabilities. The examination has one component: a multiple-choice written question section.

 

Exam duration

The written component of the CPSA Examination will comprise one hundred and twenty (120) multiple choice questions, all of which the candidate must complete. Details of the areas covered can be found in the syllabus document. Your examination will last 2 hours. Note that your permitted maximum session time at Pearson VUE is 2.5 hours in total.

 

Pre-requisites

The CPSA has no pre-requisite but a valid CPSA certification is the pre-requisite for the CRT.

 

Exam notes

The CPSA is a closed book exam. Therefore, no books, written notes, internet access or other electronic devices will be allowed.

 

3. Exam preparation and practice

 

In order to aid in the preparation for your exam, we have compiled a list of recommended reading materials, found below:

  • Network Security Assessment (by O’Reilly, 3rd edition)
  • Hacking Exposed Linux
  • Red Team Field Manual (RTFM) (by Ben Clarke)
  • Nmap Network Scanning: The Official Nmap Project (by Gordon Lyon)
  • Grey Hat Hacking (by Allen Harper, Shon Harris & Jonathan Ness)

 

We have also partnered with numerous Training Providers to supplement your knowledge on the topic areas detailed in the syllabus. CREST Training Providers are in the process of updating their course material. These training courses can be found below:

 

 

Sample questions

Examples of questions that help candidates to understand what to expect from the examination environment. You’ll find our sample questions here.

 

4. Exam content

 

Successful CPSA candidates will be able to demonstrate that they are qualified for hands on Pen Test Roles (indicative of 2 years experience) with respect to:

– Soft Skills and Assessment Management

– Core Technical Skills

– Background Information Gathering and Open Source

– Networking Equipment

– Microsoft Windows Security Assessment

– Unix Security Assessment

– Web Testing Methodologies

– Web Testing Techniques

– Databases

 

For further information on the skills being assessed, consult the CPSA exam syllabus.

 

5. Exam grading

 

Each multiple-choice answer is worth one (1) mark. No points are deducted for incorrect answers. The marking scheme is given in the table below:

 

ComponentTotal Marks
Total marks written (multiple choice)120

 

Pass mark

Successful candidates must score 60% of the available marks. That is:

– at least 72 marks from the written component (possible total: 120 marks).

 

Feedback

Unsuccessful candidates will be shown their final scores where they haven’t reached the required standard. The score will not be disclosed where candidates have achieved 60% or more.

 

6. Exam booking and logistics

 

Exam location

The CPSA exam is delivered at a Pearson VUE centre of your choice. Please visit the Pearson VUE website and follow the on-screen instructions to register and schedule your chosen examination.

 

Retake policy

Unsuccessful candidates may retake the CPSA exam 7 days after the original exam date.

 

Invigilation

A test centre administrator/invigilator will be present throughout the examination to answer any procedural questions that candidates may have and assist in troubleshooting. The invigilator will not provide any support or advice related to the exam content.

 

If an issue does occur, a case will be filed. Every effort will be made to accommodate the continuation of your exam and all cases will be investigated and resolved within 3-5 business days. Pearson VUE should provide you with a case ID number. Please ensure you retain this information as this may be required at a later date.

 

Communication of results

Examination results from the automated process are provided by Pearson VUE to the candidate at the end of the exam session and electronically sent from CREST within 5 working days. Digitally signed certificates, where appropriate, will be emailed to candidates.

 

Special accommodations

Candidates must contact the CREST Support team at least 2 weeks before the potential exam date with a formal medical report from a qualified medical practitioner specialising in the particular condition. Candidates should register an account with Pearson VUE but not book an exam until the accommodation request has been processed. For more information, please contact [email protected].

Preparing for your exam

The CREST Practitioner Security Analyst exam is a 120-mark, 2 hour long exam that can be taken globally in Pearson VUE centres. The exam is made up of multiple sections, which can be viewed above in our ‘Syllabus’ section.

 

We recommend that candidates also read and understand both the Notes for Candidates and CPSA FAQs sections, as these both provide useful information for your exam.

 

In order to aid in the preparation for your exam, we have compiled a list of recommended reading materials, found below:

  • Network Security Assessment (by O’Reilly, 3rd edition)
  • Hacking Exposed Linux
  • Red Team Field Manual (RTFM) (by Ben Clarke)
  • Nmap Network Scanning: The Official Nmap Project (by Gordon Lyon)
  • Guide to Network Discovery and Security Scanning
  • Grey Hat Hacking (by Allen Harper, Shon Harris & Jonathan Ness)

 

We have also partnered with numerous Training Providers to supplement your knowledge of the topic areas detailed in the syllabus. CREST Training Providers are in the process of updating their course material. These training courses can be found below:

 

 

Finally, we have compiled a list of sample questions that are designed to be similar to those you will see in the exam itself. Please take the time to go through these questions, found in the ‘Sample Questions’ section below.

Sample questions

Below are some official sample questions and answers that will help familiarise you with the exam structure and wording as well as some of the key terms and definitions. 

 

Question 1 (1 Mark)

Which HTTP header would you modify to help perform an “HTTP request smuggling” attack?

 

A. Expires
B. Pragma
C. Cache-Control
D. Content-Length
E. Content-Language

 

Answer

D. Content-Length

 

Question 2 (1 Mark)

Your customer tells you they have a Class B network.  How many IP addresses does this network include?

 

A. 65536

B. 16

C. 16777216

D. 8192

E. 256

 

Answer

A. 65536

 

Question 3 (1 Mark)

Which of the following PowerShell commands would help in determining the local machine’s patching status?

 

A. Get-HotFix

B. Get-SystemUpdates

C. Select-SystemUpdates -Machine localhost

D. Get-InstalledSoftware | Where-Object {$_.HotFixID -like ‘KB*’}

D. None of these

 

Answer

A. Get-HotFix

 

Question 4 (1 Mark)

A well-configured Checkpoint Firewall is running on your local network segment. Which of the following types of probe is it most likely to respond to?

 

A. A ICMP Echo request

B. An ARP ‘who has’ request

C. It will not respond to any type of probe

D. A TCP SYN packet to TCP port 264

E. An IKE probe to UDP port 500

 

Answer

B. An ARP ‘who has’ request

 

You can download a PDF version of these questions here.

Booking your exam

The CREST Practitioner Security Analyst (CPSA) exam is available in selected Pearson VUE Test Centres across the globe. You can book your CPSA exam now via the Pearson VUE website.

 

CREST Pearson VUE vouchers

Pearson VUE vouchers are available from CREST for companies and individuals who either have an account with CREST or need an alternative payment method. These vouchers will be sent on receipt of a paid invoice. For more information please contact [email protected].

 

Special accommodations

Candidates must contact the CREST Support team at least 2 weeks before the potential exam date with a formal medical report from a qualified medical practitioner specialising in the particular condition. Candidates should register an account with Pearson VUE but not book an exam until the accommodation request has been processed. For more information, please contact [email protected].

 

How to cancel, postpone or reschedule

This is done through your own Pearson VUE registration and exam booking page and must be done at least 24hrs before your exam date.

FAQs

Looking for more info on our CPSA exam? Check out our handy CPSA FAQs page.

Ready to book your CPSA exam?

Book now!
CREST icon logo small

Exams promotion!

YouTube logo

Cyber Security Careers Advice

Check out these handy resources to help you on your cyber security career pathway

Watch on YouTube