CREST Practitioner Security Analyst (CPSA)

Advanced Proctored multiple-choice style exam Pass: Provider-set pass mark (commonly around 60%, veri… $650

CPSA is a practitioner-level assessment emphasizing pentest fundamentals, methodology, and professional judgement. 2026 prep should blend theory revision with structured practical validation to strengthen exam confidence.

Official Page

IssuerOther

FormatProctored multiple-choice style exam

Duration~2 hours (indicative)

Pass ScoreProvider-set pass mark (commonly around 60%, veri…

Valid For3y

Overview Syllabus (5) Tools (6) Cheat Sheets (2) Labs (3)

Full Syllabus

Scoping, Methodology & Reporting 15%

Rules of engagement, risk framing, evidence quality, and professional reporting.

External/Internal Reconnaissance 20%

Host discovery, service enumeration, attack-surface prioritization.

Exploitation & Initial Access 25%

Service/web exploitation, credential attacks, and foothold validation.

Privilege Escalation & Lateral Movement 25%

Local escalation, AD abuse paths, pivoting and credential reuse control checks.

Post-Exploitation & Hardening Guidance 15%

Proof of impact, cleanup, remediation mapping, and retest recommendations.