CREST Registered Intrusion Analyst

The technical syllabus for Intrusion Analysis identifies at a high level the technical skills and knowledge that CREST expects candidates to possess for the Certification examinations in this area.

The CREST Registered Intrusion Analyst (CRIA) examination tests a candidates’ knowledge across all three subject areas of network instrusion, host intrusion and malware reverse engineering.

In order to book to take the examination, the candidate must hold a valid CPIA pass.

Examination Format
The Examination is in two parts:  a practical assessment and a multiple-choice section.  Success will confer CREST Registered status to the individual.

You can download the following documents from the links below:

Syllabus for the Registered Intrusion Analyst examination
Notes for Candidates to aid examination preparation

The Registered Intrusion Analyst examination costs £395 + VAT.  The examination is currently delivered at CREST examination centres.

Recommended Preparation Material
The following material and media has been cited as helpful preparation for this examination by previous candidates:

Reading Material:
Hacking Exposed – Scanning and Enumeration
The Art of Memory Forensics:  Detecting Malware and Threats in Windows, Linux, and Mac Memory (by Michael Hale Ligh/Andrew Case/Jamie Levy/Aaron Walters)
Malware Forensic Field Guide for Windows Systems (by Syngress)
Practical Malware Analysis
Network Fundamentals: CCNA Exploration Companion Guide
Real Digital Forensics (particularly chapter 1, Windows Live Response)
TCP/IP Illustrated


Useful Information for Candidates
How to book
Details of the Logistics and Timings of the examinations
CREST’s Policy for Candidates requiring special arrangements including additional time to accommodate a medical condition (including examinations delivered via Pearson Vue)
Terms and Conditions for CREST Examinations (includes hard disk drive wiping policy)