Select Page
Home / CCT-A TRAINING

CCT-A Certification Training | Virtual and Classroom

CCT-App TRAINING

CREST Certified Tester App Basic Information

  • CCT-A Training RRP is £2,495 + vat OR Click here for Todays’ offer Price
  • CCT-A Training Training Duration: 35 Hours
  • 95.8% Certification Success in First Attempt
  • Classroom and Virtual batches available
  • Training delivered by Professionals
  • Dumps and Simulations available for Practice
  • Certified Trainers with enormous industry experience
  • Important Insights on Certification preparation

Book Your Course

DateLocationPriceCourse Booking
February 25-01, 2019London-Ealing£2,495 + vat
May 13-17, 2019London-Ealing£2,495 + vat
Sept 23-27, 2019London-Ealing£2,495 + vat
Dec 16-20, 2019London-Ealing£2,495 + vat

 

Prerequisites:

  • This training is only intended for individuals preparing for the CCT-A certification exam.

CREST Tester App Exam Information (English Language)

LENGTH OF EXAM150 Minutes
NUMBER OF QUESTIONS125
COST395 GBP
FORMATMultiple-choice, multiple-answer

CREST Tester App Exam Info (Other* Languages)

LENGTH OF EXAM150 Minutes
NUMBER OF QUESTIONS125
COST395 GBP
FORMATMultiple-choice, multiple-answer

* French, German, Brazilian Portuguese, Spanish, Japanese, Simplified Chinese, Korean

CREST Tester App COURSE OVERVIEW:

The CREST Certified Web Application Tester course will tailor the candidate’s ability to find vulnerabilities in bespoke web applications as CREST Certified Tester – App. The course uses specially designed applications running on a variety of web application platforms and now covers a wider scope than purely traditional web applications to include more recent advances in the field of web application technology and security.

Objectives

The candidate will be expected to demonstrate that they are able to find a range of security flaws and vulnerabilities, including proving the ability to exploit and leverage the flaws to ascertain the impact of the issues found.

Target Audience

Candidtes holding CREST Registered Tester certification

Course Syllabus:

Soft Skills and Assessment Management

  • Engagement Lifecycle
  • Law & Compliance
  • Scoping
  • Understanding, Explaining and Managing Risk
  • Record Keeping, Interim Reporting & Final Results

Core Technical Skills

  • IP Protocols
  • Network Architecture
  • Network Routing
  • Network Mapping & Target Identification
  • Interpreting Tool Output
  • Filtering Avoidance Techniques
  • Packet Crafting
  • OS Fingerprinting
  • Application fingerprinting and Evaluating Unknown Services
  • Network Access Control Analysis
  • Cryptography
  • Applications of Cryptography
  • File System Permissions
  • Audit Techniques

Background Information Gathering & Open Source

  • Registration Records
  • Domain Name Server (DNS)
  • Customer Web Site Analysis
  • Google Hacking and Web Enumeration
  • NNTP Newsgroups and Mailing Lists
  • Information Leakage from Mail & News Headers

Networking Equipment

  • Management Protocols
  • Network Traffic Analysis
  • Networking Protocols
  • IPSec
  • VoIP
  • Wireless
  • Configuration Analysis

Microsoft Windows Security Assessment

  • Domain Reconnaissance
  • User Enumeration
  • Active Directory
  • Windows Passwords
  • Windows Vulnerabilities
  • Windows Patch Management strategies
  • Desktop Lockdown
  • Exchange
  • Common Windows Applications

Unix Security Assessment

  • User enumeration
  • Unix Vulnerabilities
  • FTP
  • Sendmail / SMTP
  • Network File System (NFS)
  • R* services
  • X11
  • RPC services
  • SSH

Web Technologies

  • Web Server Operation
  • Web Servers & their Flaws
  • Web Enterprise Architectures
  • Web Protocols
  • Web Mark-up Languages
  • Web Programming Languages
  • Web Application Servers
  • Web APIs
  • Web Sub-Components

Web Testing Methodologies

  • Web Application Reconnaissance
  • Threat Modelling and Attack Vectors
  • Information Gathering from Web Mark-up
  • Authentication Mechanisms
  • Authorisation Mechanisms
  • Input Validation
  • Application Fuzzing
  • Information Disclosure in Error Messages
  • Use of Cross Site Scripting Attacks
  • Use of Injection Attacks
  • Session Handling
  • Encryption
  • Source Code Review

Web Testing Techniques

  • Web Site Structure Discovery
  • Cross Site Scripting Attacks
  • SQL Injection
  • Session ID Attacks
  • Fuzzing
  • Parameter Manipulation
  • Data Confidentiality & Integrity
  • Discovery Traversal
  • File Uploads
  • Code Injection
  • CRLF Attacks
  • Application Logic Flaws

Databases

  • Microsoft SQL Server
  • Oracle RDBMS
  • Web / App/ Database Connectivity
 

Audience to the course:

The CCT-A certification – a globally recognized professional requirement in the IT Security domain, is best suited for:

  • Professionals Interested in Obtaining the CCT-A Credential
  • IT Security Professionals
  • IT Auditors
  • Managers, Directors and Executives
  • System Architects
  • Compliance Specialists
  • Risk Specialists
  • Business Analysts

Course Enquiry

Your Name *

Your Email *

Course *

Telephone *

Your Message