Council of Registered Ethical Security Testers Certified Consultant

Council of Registered Ethical Security Testers Certified Consultant

The CREST Certified Consultant certification is a professional certification provided by the Council of Registered Ethical Security Testers (CREST)

Overview

CREST Certified Consultants are highly skilled professionals who are experienced in the understanding of potential vulnerabilities and their associated risks. They are able to use tools and techniques to identify and exploit vulnerabilities in target systems, and know what mitigation is possible. The practical exam and viva against the published syllabus ensure this is one of the highest certifications available within the security testing industry. This certification last for three years.

Ethical Security Testers

Security testers are known by several names, but probably the most widely know are that of Ethical Hacker and Penetration Tester. An Ethical Hacker is a trusted individual who is engaged by an organisation to undertake authorised attempts to penetrate networks, computer systems and applications. Such testing is often referred to as Penetration Testing or Attack and Penetration testing. Cracking (unauthorised penetration testing) is illegal in most countries, and is a criminal offense in the UK under the Computer Misuse Act 1990.

Certification Prerequisites

An experienced security tester wishing to take the examination will need to be familiar with the published CREST syllabus and opt for either an infrastructure or application biased assessment, however the individual will require either a pass in the CREST BRE basic written exam, or must hold CEH.

It is also worth noting that CHECK Team Leaders (CTL) have been granted equivalency until December 2007. Existing CTL may therefore obtain a grandfathered CREST Certification for a limited period, until such time as they pass a CREST assessment.

CREST Examination

The exam and viva are administered by CREST. The practical takes the format of a technical assault course. Candidate's must be equipped with their own laptop and full testing toolkit. The candidate's ability to understand potential vulnerabilities and their associated risks, and to use tools and techniques to identify and exploit vulnerabilities in target systems is assessed.

What is CREST?

CREST (Council of Registered Ethical Security Testers) is a professional body and trade association that has a mission to represent the information security testing industry and offer a provable level of assurance as to the competency of organisations and individuals within those organisations. It maintains and publishes a register of those accredited organisations and individuals who have met the CREST standard.

Certification

An individual holding the CREST Certified Consultant certification has proven their ability and understanding, giving confidence to those engaging their services. Furthermore, if the individual is employed by a CREST Member company, integrity is underwritten through that company's vetting obligations.

See also

External links

Search another word or see Council of Registered Ethical Security Testers Certified Consultanton Dictionary | Thesaurus |Spanish
Copyright © 2014 Dictionary.com, LLC. All rights reserved.
  • Please Login or Sign Up to use the Recent Searches feature
FAVORITES
RECENT

;