Examination Preparation Material

The following is a summary of the preparation material for the CREST Penetration Testing and Intrusion Analysis examinations that has been recommended by previous candidates:

Penetration testing


	CPSA	CRT PEN	CCT INF	CCT APP	CC SAM	CC SAS	CCT WS	GENERAL
Reading Material
Network Security Assessment	✓	✓	✓			✓
Hacking Exposed Linux	✓	✓
Red Team Field Manual (RTFM)	✓	✓	✓			✓		✓
Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning	✓	✓
Grey Hat Hacking		✓	✓
The Art of Exploitation			✓
Hacking Exposed 7: Network Security Secrets and Solutions			✓	✓		✓
The Oracle Hacker’s Handbook: Hacking and Defending Oracle			✓	✓
Red Hat Linux Networking and System Administration			✓
TCP/IP Illustrated (vol.1, 2nd edition)			✓
The Art Of Software Security Assessment			✓
Unix in a Nutshell			✓
Web Application Hackers Handbook		✓		✓
The Browser Hacker’s Handbook				✓
SQL Injection: Attacks and Defence				✓
Targeted Cyber Attack					✓	✓
Practical Cryptography								✓
Networked Communications and Compliance with the Law								✓
Metasploit Unleashed Guide						✓
Network Warrior			✓	✓
Blue Team Incident Response	✓
Hackers Playbook			✓			✓
Metasploit – The Penetration Tester’s Guide			✓			✓

Websites
VulnHub: http://vulnhub.com (free vulnerable images)			✓	✓		✓
www.owasp.org (Goat projects, various)			✓
www.securitytube.net			✓	✓
www.legislation.gov.uk								✓

Courses
Austerbury Ltd – CREST Approved Training Provider		✓
ICSI Ltd – CREST Approved Training Provider	✓	✓
iHackLabs – CREST Aprpoved Training Provider	✓	✓
Immersive Labs – CREST Approved Training Provider	✓	✓
QA – CREST Approved Training Provider	✓	✓
Cyberskills Training – CREST Approved Training Provider	✓	✓
Trustwave SpiderLabs – CREST Approved Training Provider		✓
Certified Ethical Hacker Passport	✓	✓
Certified Ethical Hacker Exam Preparation Course	✓	✓
Offensive Security		✓	✓			✓
Certified Information Systems Security Professional (CISSP)						✓

Intrusion Analysis


	CPIA	CR IA	NIA	HIA	MRE	CC IM	CR TSA	GENERAL
Reading Material
Red Team Field Manual (RTFM)								✓
Hacking Exposed 7: Network Security Secrets and Solutions		✓
Hacking Exposed – Scanning and Enumeration	✓	✓
The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory	✓	✓		✓	✓
Malware Forensic Field Guide for Windows Systems	✓	✓
Practical Malware Analysis	✓	✓	✓		✓
Reversing: Secrets of reverse engineering					✓
Practical Cryptography								✓
Networked Communications and Compliance with the Law								✓
Network Fundamentals: CCNA Exploration Companion Guide	✓	✓	✓
Real Digital Forensics	✓	✓
TCP/IP Illustrated	✓	✓
Network Forensics – Tracking Hackers through Cyberspace		✓
Incident Response and Computer Forensics		✓

Websites
http://overapi.com/		✓	✓
http://www.unixiwz.net/techtips/sql-injection.html			✓
http://opensecuritytraining.info/CISSP-5-C.html			✓
www.legislation.gov.uk								✓
www.cesg.gov.uk							✓
http://wiki.opf-labs.org/display/TR/PDF+Tools+(by+Didier+Stevens)				✓
http://www.sans.org/reading-room/whitepapers/incident/creating-managing-incident-response-team-large-company-1821						✓
http://www.sans.org/reading-room/whitepapers/incident/incident-handlers-handbook-33901						✓
http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r2.pdf						✓

Case Studies
https://www.sans.org/reading-room/whitepapers/casestudies						✓

Courses
PGI – CREST Approved Training Provider	✓	✓
Certified Information Systems Security Professional (CISSP)
Information Security Masters Courses							✓

Threat Intelligence

Courses	CRTIA	CCTIM
Crucial Academy – CREST Approved Training Provider	✓

Reading Material
Definitive Guide to Cyber Threat Intelligence
Psychology of Intelligence Analysis