CREST Registered Penetration Tester (CRT)
The CREST Registered Penetration Tester (CRT) certification is an industry-recognized validation of a penetration tester's skills and knowledge. It focuses on assessing operating systems and common network services, including web application security testing and methods to identify common web application and infrastructure security vulnerabilities.
Key features:
- Practical Assessment: The CRT exam is a practical assessment, requiring candidates to demonstrate their ability to find and exploit vulnerabilities in a realistic environment.
- Industry Recognition: Recognized by Governments and regulators around the globe, including the UK National Cyber Security Centre (NCSC) for its CHECK scheme.
- Syllabus Coverage: The exam covers a wide range of topics, including network awareness, vulnerability assessment, simple exploitation, desktop lockdown, routing manipulation, and web application assessment.
- Exam Environment: Candidates use a pre-configured Kali Linux virtual machine with licensed versions of Nessus Professional and BurpSuite Professional.
Use Cases:
- Penetration Testing: Validates the skills required for hands-on penetration testing roles.
- Vulnerability Assessment: Demonstrates the ability to conduct vulnerability scans and interpret the results.
- Security Auditing: Provides assurance of a professional's competence in assessing and securing IT infrastructure and applications.
