CREST Registered Penetration Tester

Difficulty
Rating
5days
Duration
3140,00 
+ VAT
Time: 11:30 - 19:00
Location:
The chosen training includes following dates:
When paid with Sovelto Access -credits, you will be charged the corresponding amount of credits to the Euro-price. Please contact sales: 020 7776 670 or myyntipalvelu@sovelto.fi for exact amount of credits in your case.

Register before
Spoken language: English

We are sorry, but the course is already full, please try with another date or location.

Or contact sales: +358 20 7776 670 or myyntipalvelu@sovelto.fi

Overview

The CRT course leads to the CREST Registered Tester (CRT) examination, which is recognised by the NCSC as providing the minimum standard for CHECK Team Member status and is designed to assess a candidate’s ability to carry out basic vulnerability assessment and penetration testing tasks.

The CREST Registered Tester exam is a practical assessment, where the candidate will be expected to find known vulnerabilities across common network, application and database technologies aimed at assessing the candidate’s technical knowledge of penetration testing methodology and skills against reference networks, hosts and applications.

A pass at CPSA level is a pre-requisite for the Registered Tester examination and success at both CPSA and CRT will confer the CREST Registered status to the individual. An individual passing the CPSA but failing the practical element, which is this CRT exam, will still retain the CPSA Practitioner certificate and may apply to re-take the CRT practical exam at a later date, when they feel that they are ready to do so. Individuals who pass the CRT exam can request that their information be provided to the NCSC to be considered for CHECK Team Member Status. CPSA is available as a separate course.

Target Audience

  • Aspiring information security personnel who wish to be part of a PenTest team
  • System administrators who are responding to attacks
  • Incident handlers who wish to expand their knowledge into Penetration Testing and Digital Forensics
  • Government departments who wish to raise and baseline skills across all security teams
  • Law enforcement officers or detectives who want to expand their investigative skills
  • Information security managers who would like to brush up on the latest techniques and processes inorder to understand information security implications
  • Anyone meeting the pre-requisites who is considering a career in Penetration Testing

Objectives

The course consists of nine modules:

  • Module 1 – Core Technical Skills
  • Module 2 – Background Information Gathering & Open Source
  • Module 3 – Networking Equipment
  • Module 4 – Microsoft Windows Security Assessment
  • Module 5 – Unix Security Assessment
  • Module 6 – Web Technologies
  • Module 7 – Web Testing Techniques
  • Module 8 – Databases
  • Module 9 – Preparation for the CRT exam

Assessment

Continual assessment, with topic quizzes, module tests and practical exercises ensure that you understand the knowledge and learn the skills delivered in each module.

Outline

MODULE 1 – Core Technical Skills

  • Network Mapping & Target Identification
  • Interpreting Tool Output
  • OS Fingerprinting
  • Application Fingerprinting and Evaluating Unknown Services
  • File System Permissions

MODULE 2 – Background Information Gathering & Open Source

  • Domain Name Server (DNS)

MODULE 3 – Networking Equipment

  • Management Protocols

MODULE 4 – Microsoft Windows Security Assessment

  • Domain Reconnaissance
  • User Enumeration
  • Active Directory
  • Windows Vulnerabilities
  • Common Windows Applications

MODULE 5 – Unix Security Assessment

  • User Enumeration
  • Unix Vulnerabilities
  • FTP
  • Sendmail / SMTP
  • Network File System (NFS)
  • R* services
  • X11

MODULE 6 – Web Technologies

  • Web Server Operation
  • Web Servers & their Flaws
  • Web Protocols
  • Web Application Serers

MODULE 7 – Web Testing Techniques

  • Web Site Structure Discovery
  • Cross Site Scripting Attacks
  • SQL Injection
  • Parameter Manipulation

MODULE 8 – Databases

  • Microsoft SQL Server
  • Oracle RDBMS
  • Web / App / Database Connectivity
  • RPC services
  • SSH

MODULE 9 – Preparation for CRT exam

  • CRT – Examination Guidance
  • CRT – Practice Exam

Prerequisites

A pass at CPSA level is a pre-requisite for the Registered Tester examination.

 

Places left:
No participant limit
many
3140,00  + VAT