Select course by Certification/Exam Body or by Topic Below

CREST Practitioner Security Analyst (CPSA) Course

The CREST CPSA course will prepare the candidate to pass the CPSA CREST Practitioner Security Analyst examination. The course is the first of two courses that will take students of varying IT experience and re-skill them so that they can enter the Cybersecurity industry not as a trainee but as qualified Penetration Tester making them productive from day one.

The course is closely aligned to syllabus defined by CREST for Security Analyst Practitioner (CPSA) examination. The CREST CPSA training is the required baseline qualification for a career in Penetration Testing.  The CREST CPSA course is a 5-day course,  it covers all the theory required ahead of the second course (CREST Registered Tester – CRT).  This theoretical understanding will equip students with the knowledge they require to pass the online multiple choice CPSA CREST examination.

A good range of demo applications and lab exercises will be available to the students during the course.


To thoroughly prepare students to gain this hugely respected, industry qualification, Crest Practitioner Security Analyst (CPSA).

+ CREST Practitioner Security Analyst (CPSA)

Course Style:

The instructor-led course will allow our students to leave as sought after professionals, well equipped with the on-demand job skills and certifications needed to be employed as technically well-rounded professionals in any Cyber Security team, as well as being the pre-requisite the sought after CREST qualification, CRT, CREST Registered Tester. Making this course and qualification a great foundation for your career in Cyber Security.

The CPSA course will set the foundations needed for you to pursue a career in Penetration Testing. Preparing you to take the CRT course.

   11000+ Trained Globally- including FTSE 250
   Classroom based small, highly interactive sessions.
   Widest range of Cyber courses – Select on your exact needs.
   The best content developed by qualified professionals.
   Great value – Exceptional quality at a great price.
British Computer Society

Book Your Course

Not sure which course is right for you?

Call us on 020 8840 4496 and we’ll help you try and find the best course for you.

DateLocationPriceCourse Booking
18-22 February, 2019London-EalingClick here -->
10-14 June, 2019London-EalingClick here -->
02-06 September, 2019London-EalingClick here -->
02-06 December, 2019London-EalingClick here -->

Email us for best price!

Course Syllabus

  • Engagement Lifecycle
  • Law & Compliance
  • Understanding Explaining and Managing Risk
  • Record Keeping, Interim Reporting & Final Results
  • IP Protocols
  • Network Architectures
  • Network Mapping & Target Identification
  • Interpreting Tool Output
  • Filtering Avoidance Techniques
  • OS Fingerprinting
  • Application Fingerprinting and Evaluating Unknown Services
  • Network Access Control Analysis
  • Cryptography
  • Applications of Cryptography
  • File System Permissions
  • Audit Techniques
  • Registration Records
  • Domain Name Server (DNS)
  • Customer Web Site Analysis
  • Google Hacking and Web Enumeration
  • NNTP Newsgroups and Mailing Lists
  • Information Leakage from Mail & News
  • Headers
  • Management Protocols
  • Network Traffic Analysis
  • Networking Protocols
  • IPSec
  • VoIP
  • Wireless
  • Configuration Analysis
  • Domain Reconnaissance
  • User Enumeration
  • Active Directory
  • Windows Passwords
  • Windows Vulnerabilities
  • Windows Patch Management Strategies
  • Desktop Lockdown
  • Exchange
  • Common Windows Applications
  • User enumeration
  • Unix vulnerabilities
  • FTP
  • Sendmail / SMTP
  • Network File System (NFS)
  • R* services
  • X11
  • RPC services
  • SSH
  • Web Server Operation
  • Web Servers & their Flaws
  • Web Enterprise Architectures
  • Web Protocols
  • Web Mark up Languages
  • Information Gathering from Web Mark up
  • Authentication Mechanisms
  • Authorisation Mechanisms
  • Input Validation
  • Information Disclosure in Error Messages
  • Use of Cross Site Scripting Attacks
  • Use of Injection Attacks
  • Session Handling Encryption
  • Source Code Review
  • Web Site Structure Discovery
  • Cross Site Scripting Attacks
  • SQL Injection
  • Parameter Manipulation
  • Directory Traversal
  • File Uploads
  • Code Injection
  • Microsoft SQL Server
  • Oracle RDBMS
  • Web / App / Database Connectivity

Additional Information


Basic understanding of Virtualization, VMware, Operating System, Network Security, Operational Security, Access Control ,Threats and Vulnerabilities.

Or a level of knowledge that is equivalent to the Security+ qualification is recommended.

Contact us for more specifics

We Accept

Course List