CREST Practitioner Security Analyst Eğitimi

  • Eğitim Tipi: Classroom / Virtual Classroom / Online
  • Süre: 5 Gün
  • PDF indir
  • Bu eğitimi kendi kurumunuzda planlayabilirsiniz. Bize Ulaşın!

The CPSA course leads to the CREST Practitioner Security Analyst (CPSA) examination, which is an entry level qualification that tests a candidate’s knowledge in assessing operating systems and common network services at a basic level below that; of the main CRT and CCT qualifications.

The CPSA examination (booked directly with CREST) also includes an intermediate level of web application security testing and methods to identify common web application security vulnerabilities. The examination covers a common set of core skills and knowledge that assess the candidate’s technical knowledge. The candidate must demonstrate that they are able to perform basic infrastructure and web application testing and interpret the results to locate security vulnerabilities. Success will confer the CREST Practitioner status to the individual. This qualification is a pre-requisite for the CREST Registered Penetration Tester (CRT) examination and comprises a multiple-choice examination. CRT is available as a separate course.

Target Audience

  • Aspiring information security personnel who wish to be part of a PenTest team
  • System administrators who are responding to attacks
  • Incident handlers who wish to expand their knowledge into Penetration Testing and Digital Forensics
  • Corporations and Government departments who wish to raise and baseline skills across all security teams
  • Law enforcement officers or detectives who want to expand their investigative skills
  • Information security managers who would like to brush up on the latest techniques and processes inorder to understand information security implications
  • Anyone who is considering a career in Penetration Testing

A good appreciation of the technical aspects of ICT. QAFCCS and or CISMP is recommmended.

MODULE 1 - Soft Skills and Assessment Management

  • Engagement Lifecycle
  • Law & Compliance
  • Scoping
  • Understanding Explaining and Managing Risk
  • Record Keeping, Interim Reporting & Final Results

MODULE 2 - Core Technical Skills

  • IP Protocols
  • Network Architectures
  • Network Mapping & Target Identification
  • Interpreting Tool Output
  • Filtering Avoidance Techniques
  • OS Fingerprinting
  • Application Fingerprinting and Evaluating
  • Unknown Services
  • Network Access Control Analysis
  • Cryptography
  • Applications of Cryptography
  • File System Permissions
  • Audit Techniques

MODULE 3 - Networking Equipment

  • Registration Records
  • Domain Name Server (DNS)
  • Customer Web Site Analysis
  • Google Hacking and Web Enumeration
  • NNTP Newsgroups and Mailing Lists
  • Information Leakage from Mail & News Headers

MODULE 4 - Management Protocols

  • Network Traffic Analysis
  • Networking Protocols
  • IPSec
  • VoIP
  • Wireless
  • Configuration Analysis
  • Information Gathering & Open Source

MODULE 5 - Microsoft Windows Security Assessment

  • Domain Reconnaissance
  • User Enumeration
  • Active Directory
  • Windows Passwords
  • Windows Vulnerabilities
  • Windows Patch Management Strategies
  • Desktop Lockdown
  • Exchange
  • Common Windows Applications

MODULE 6 - Unix Security Assessment

  • User Enumeration
  • Unix Vulnerabilities
  • FTP
  • Sendmail / SMTP
  • Network File System (NFS)
  • R* services X11
  • RPC services
  • SSH

MODULE 7 - Web Technologies

  • Web Server Operation
  • Web Servers & their Flaws
  • Web Enterprise Architectures
  • Web Protocols
  • Web Mark-up Languages
  • Web Programming Languages
  • Web Application Servers
  • Web APIs
  • Web Sub- Components

MODULE 8 - Web Testing Methodologies

  • Web Application Reconnaissance
  • Threat Modelling and Attack Vectors
  • Information Gathering from Web Mark-up
  • Authentication Mechanisms
  • Authorisation Mechanisms
  • Input Validation
  • Information Disclosure in Error Messages
  • Use of Cross Site Scripting Attacks
  • Use of Injection Attacks
  • Session Handling
  • Encryption
  • Source Code Review

MODULE 9 - Databases

  • Microsoft SQL Server
  • Oracle RDBMS
  • Web / App / Database Connectivity

MODULE 10 - Preparation for the CPSA and CRT exams

  • Examination guidance
  • Mock exam
CREST Practitioner Security Analyst Eğitimi hakkında ilginizi çekebilecek yazılar

GELECEK TAHMİNLERİ: SİBER GÜVENLİK

Eğitime kayıt olmak, eğitim planlamak ve diğer tüm konular için bize ulaşın!

Yakın tarihte açılacak eğitimler

Sınıf eğitimlerimizi İstanbul, Ankara ve Londra ofislerimizde düzenlemekteyiz. Kurumunuza özel eğitimleri ise, dilediğiniz tarih ve lokasyonda organize edebiliriz.

30 Kasım 2020

5 Gün
Classroom / Virtual Classroom

İstanbul, Ankara, Londra
Bilgi iste & Kayıt ol İstanbul, Ankara, Londra

İlgili Eğitimler

Certified Ethical Hacker v10 (Bundle)

Sertifikalı Etik Bilgisayar Korsanı (CEH), hedef sistemlerdeki zayıflıkları ve savunmasız noktaları

  • Classroom
  • Virtual Classroom
  • Online

5 Gün

Certified in The Art of Hacking

Securing customer data is often crucial when deploying and managing web applications and network i

  • Classroom
  • Virtual Classroom
  • Online

5 Gün

CREST Registered Intrusion Analyst

The QACRIA course leads to the CREST Registered Intrusion Analyst (CRIA) examination, which suppor

  • Classroom
  • Virtual Classroom
  • Online

3 Gün

Web Hacking Black Belt Edition

NotSoSecure is pleased to launch their much awaited advanced Web Hacking course. Much like the Adv

  • Classroom
  • Virtual Classroom
  • Online

3 Gün

Advanced Infrastructure Hacking

An Advanced Infrastructure Hacking class, new for 2017, designed for those who wish to push their

  • Classroom
  • Virtual Classroom
  • Online

5 Gün

CREST Registered Penetration Tester

The CRT course leads to the CREST Registered Tester (CRT) examination, which is recognised by the

  • Classroom
  • Virtual Classroom
  • Online

3 Gün

CREST Practitioner Intrusion Analyst

This course prepares the student for a career in Incident Response and provides all of the tools a

  • Classroom
  • Virtual Classroom
  • Online

5 Gün

+90 212 282 7700
info@bilginc.com