If you follow me on LinkedIn then you probably know that I obtained my CPSA & CRT certifications not too long ago. While I was preparing for my CPSA exam, I noticed that not many people have it and there are a very few people who have actually wrote a review about it which is why It was very hard to anticipate what I should have been expecting. I write a review about pretty much all my certifications on this blog but I felt a strong need to write about this one to help anyone taking it in the near future.

CREST which mostly operates from UK where this certification body actually originates. They were kind enough to provide free vouchers for CPSA exam in the GCC region in 2019 probably because they want to expand their horizon and I for one took full advantage by getting myself a free voucher and then took the exam. Unfortunately, the offer to take the free voucher was only valid till December 2019.

If you have come out to seek my experience about taking the actual CRT exam then you should stop here because I did not take the exam but rather qualified for the equivalency against my OSCP.


CREST is a not for profit organization that serves the needs of a technical information security marketplace that requires the services of a regulated professional services industry.

According to CREST, the CREST Practitioner Security Analyst (CPSA) examination is an entry level exam which focuses on testing/assessing Operating Systems, Networks, Application Services, and Web Applications. The CPSA exam is actually a prerequisite for taking the CRT exam which is much harder than CPSA or so i have heard. As of July 2018, it is also a prerequisite if you want to apply for CRT equivalency against your OSCP which is why I took CPSA.

CPSA is not per say a hands on certification but rather a knowledge check about various things that you might encounter as a beginner on your path to become a successful security professional.

Learning Material

If you are the kind of a person who relies on the certification body to provide the training material whether paid or free then you are going to have to brace yourself because CREST does not provide you the training/labs/forums or any such helping material to prepare for the exam. They do have a few training partners which you can enroll for separately but that is up to you. The technical syllabus for CPSA can be found on CREST website here.

CREST recommends a few books which you can buy and read/cram yourself to prepare for the exam. I will list them here for your convenience but I definitely do not recommend going through these books from page to page if you have a day job simply because it is going to take more time than you might have intended for this certification.

Following are the books recommended by CREST:

  • Network Security Assessment (by O’Reilly, 2nd edition)
  • Hacking Exposed Linux
  • Red Team Field Manual (RTFM) (by Ben Clarke)
  • Nmap Network Scanning: The Official Nmap Project (by Gordon Lyon)
  • Guide to Network Discovery and Security Scanning
  • Grey Hat Hacking (by Allen Harper, Shon Harris & Jonathan Ness)

Following are the courses recommended by CREST:

  • Crucial Academy – CREST Approved Training Provider
  • iHackLabs Ltd – CREST Approved Training Provider
  • ICSI – CREST Approved Training Provider
  • Net Security Training Ltd – CREST Approved Training Provider
  • QA – CREST Approved Training Provider

The above resources are not too bad if you have plenty of time to go through all the nitty-gritty details but these resources are not available for everyone. For example, the courses are only available in UK which is why many of us cannot enroll.

I personally prefer to watch videos & read articles/books to learn something so that I have a visual understanding of how things should turn out. I prepared for my CPSA exam in the same way for topics where it was applicable. I will list these extra resources according to the CREST syllabus so that you can use these resources while preparing for your exam but I will make sure not to violate the NDA that I signed.

  • PTES aka Penetration Testing Standard
  • OSI Model
  • Introduction to TCP/IP
  • Subnetting 101
  • NMAP
  • Common IT & Network Abbreviations
  • Cryptography Basics
  • Active Directory Domain Enumeration
  • Windows Password Policies
  • Windows Hash Storage
  • Web Application Security

This is all I can think about right now. I will surely update this list as soon as I remember more or I deep something to be important according to the certification.

Proctored Exam

The CPSA exam is taken at a Pearson VUE centre which I always hate because there is always an issue with the slots and timings. After rescheduling for about 2 times, I was able to find a time slot that worked for me. Just like any other exam, you are supposed to reach 15 minutes prior to the exam so that you can get yourself verified by the proctor.

The exam starts off by asking you to sign an NDA to comply with CREST’s rules and regulations which takes care of the things like you should probably not say anything about the exam let alone leak the answers.

You get 2 hours(120 minutes) to complete the exam and you get 120 questions which are all about choosing the correct answer. You have the option to mark a question for review and come back to it after you are done with all other questions which is the strategy that I followed. I marked the questions for review in which I had even a little doubt and quickly went through the ones that I did know the correct answer to. This way, I was able to go through all 120 questions in about 50-55 minutes. I then went back to the questions I had marked for review and carefully looked at them. I then got some of them correct through educated guesses.

You are reminded after you are half way through your time limit and 15 minutes before your exam is about to end. If you don’t end the exam by yourself, it takes the answers you had marked and closes the window.

You are given your exam results right after you are done with the exam in a folded paper which shows your percentage and the end result whether you passed or failed. The minimum percentage to pass the exam is 60% and I was able to get 74%.

Applying for CRT

If you already hold an OSCP from Offensive Security then you can simply follow the procedure mentioned on CREST’s website. For this to happen, you need to contact CREST and apply through their portal. Once they verify your OSCP credentials, they will ask you to send a payment of 100 Pounds via a wire transfer. Once that is all done and good to go, you’ll hear back from them between 3-5 weeks and you’ll obtain your CRT certificate.



The exam is no joke. Although it is as simple as selecting a correct answer on the screen, it’s not that easy. No matter how much you think you know, you’ll be greeted with a surprise in the exam. Let’s just say that the things you might deem important today might not actually be in the exam that you’d take. Think simple and basic.