Select Page
Home / CCT-I – CREST Certified Tester – Infrastructure

CCT-I – CREST Certified Tester – Infrastructure | Virtual and Classroom

CREST Certified Tester Infrastructure TRAINING

CREST Certified Tester Infrastructure Basic Information

 

  • CCT-I Training Training Duration: 35 Hours
  • 95.8% Certification Success in First Attempt
  • Classroom and Virtual batches available
  • Training delivered by Professionals
  • Dumps and Simulations available for Practice
  • Certified Trainers with enormous industry experience
  • Important Insights on Certification preparation

Book Your Course

Date Location   Course Booking
18 – 22 May, 2020 London W1                    
21 – 25 Sep, 2020 London W1                    

 

Prerequisites:

  • We recommend for all prospective students to have a basic understanding of CPSA,CRT.
  • This training is only intended for individuals preparing for the CCT-I certification exam.
 

                             CCT-I Exam Information (English Language)

LENGTH OF EXAM 150 Minutes
NUMBER OF QUESTIONS 125
COST 395 GBP
FORMAT Multiple-choice, multiple-answer

                             CCT-I Exam Info (Other* Languages)

LENGTH OF EXAM 150 Minutes
NUMBER OF QUESTIONS 125
COST 395 GBP
FORMAT Multiple-choice, multiple-answer

* French, German, Brazilian Portuguese, Spanish, Japanese, Simplified Chinese, Korean

 

CREST Certified Tester Infrastructure OVERVIEW:

The CREST CCT Training course will provide the candidates with the necessary skills to assess a network for flaws and vulnerabilities at the network and operating system layer.

Objectives

  • Public domain information sources
  • Networking
  • Windows operating systems
  • Unix operating systems
  • Databases
  • Voice networking
  • Wireless networking.

 

Course Syllabus:

Soft Skills and Assessment Management CREST CCT Training

  • Engagement Lifecycle
  • Law & Compliance
  • Scoping
  • Understanding, Explaining and Managing Risk
  • Record Keeping, Interim Reporting & Final Results

Core Technical Skills

  • IP Protocols
  • Network Architecture
  • Network Routing
  • Network Mapping & Target Identification
  • Interpreting Tool Output
  • Filtering Avoidance Techniques
  • Packet Crafting
  • OS Fingerprinting
  • Application fingerprinting and Evaluating Unknown Services
  • Network Access Control Analysis
  • Cryptography
  • Applications of Cryptography
  • File System Permissions
  • Audit Techniques

Background Information Gathering & Open Source

  • Registration Records
  • Domain Name Server (DNS)
  • Customer Web Site Analysis
  • Google Hacking and Web Enumeration
  • NNTP Newsgroups and Mailing Lists
  • Information Leakage from Mail & News Headers

Networking Equipment

  • Management Protocols
  • Network Traffic Analysis
  • Networking Protocols
  • IPSec
  • VoIP
  • Wireless
  • Configuration Analysis

Microsoft Windows Security Assessment

  • Domain Reconnaissance
  • User Enumeration
  • Active Directory
  • Windows Passwords
  • Windows Vulnerabilities
  • Windows Patch Management strategies
  • Desktop Lockdown
  • Exchange
  • Common Windows Applications

Unix Security Assessment

  • User enumeration
  • Unix Vulnerabilities
  • FTP
  • Sendmail / SMTP
  • Network File System (NFS)
  • R* services
  • X11
  • RPC services
  • SSH

Web Technologies

  • Web Server Operation
  • Web Servers & their Flaws
  • Web Enterprise Architectures
  • Web Protocols
  • Web Mark-up Languages
  • Web Programming Languages
  • Web Application Servers
  • Web APIs
  • Web Sub-Components

Web Testing Methodologies

  • Web Application Reconnaissance
  • Threat Modelling and Attack Vectors
  • Information Gathering from Web Mark-up
  • Authentication Mechanisms
  • Authorisation Mechanisms
  • Input Validation
  • Application Fuzzing
  • Information Disclosure in Error Messages
  • Use of Cross Site Scripting Attacks
  • Use of Injection Attacks
  • Session Handling
  • Encryption
  • Source Code Review

Web Testing Techniques

  • Web Site Structure Discovery
  • Cross Site Scripting Attacks
  • SQL Injection
  • Session ID Attacks
  • Fuzzing
  • Parameter Manipulation
  • Data Confidentiality & Integrity
  • Discovery Traversal
  • File Uploads
  • Code Injection
  • CRLF Attacks
  • Application Logic Flaws

Databases

  • Microsoft SQL Server
  • Oracle RDBMS
  • Web / App/ Database Connectivity
 

Audience to the course:

The CREST CCT Course certification – a globally recognized professional requirement in the IT Security domain, is best suited for:

  • Professionals Interested in Obtaining the CREST CCT Course Credential
  • IT Security Professionals CCT Certification
  • IT Auditors
  • Managers, Directors and Executives
  • System Architects
  • Compliance Specialists
  • Risk Specialists
  • Business Analysts

Course Enquiry

    Your Name *

    Your Email *

    Course *

    Telephone *

    Your Message