+ Reply to Thread
Results 1 to 8 of 8
  1. Certification Invigilator Forum Admin JDMurray's Avatar
    Join Date
    Jul 2003
    Location
    Surf City USA
    Posts
    10,228
    Blog Entries
    50

    Certifications
    GSEC, EnCE, CISSP, SSCP, CEH (ANSI), CASP, CCNA, CCENT, CWSP, CWNA, CWTS, Security+, Server+, Network+, A+, DHTI+, PDI+, MSIT InfoSec
    #1

    Default CREST pen testing certifications

    Does anyone have any experience with the CREST (Council of Registered Ethical Security Testers) pen testing certs? Are they certs specific to courses offered by a training provider, or are they aimed at being vendor-neutral, industry-neutral in scope? I'm looking to discover if CREST is more like the (ISC)2 or the EC-Council in their approach.
    Moderator of the InfoSec, CWNP, IT Jobs, Virtualization, Java, and Microsoft Developers forums at www.techexams.net
    --
    Blog: www.techexams.net/blogs/jdmurray
    LinkedIn: www.linkedin.com/in/jamesdmurray
    Twitter: www.twitter.com/jdmurray
    Reply With Quote Quote  


  2. Login/register to remove this advertisement.
  3. Sith Lord SephStorm's Avatar
    Join Date
    Dec 2009
    Location
    Atlanta, GA
    Posts
    1,551

    Certifications
    GCIH, SFCP, CCENT, CPT, CEH, QND, Security+
    #2
    It looks like there are a few threads on EH.net. Heres one that may help.

    The Ethical Hacker Network - CREST Information

    From that thread:

    "There is indeed no "official" reading or training for the CREST certification. I know a few people whom have performed the CCT level certifications and they have confirmed that as long as you know the information on the syllabus and have a few years experience pen testng you should be ok. It certainly IS NOT an easy certification and is very far from CEH level."
    Reply With Quote Quote  

  4. Certification Invigilator Forum Admin JDMurray's Avatar
    Join Date
    Jul 2003
    Location
    Surf City USA
    Posts
    10,228
    Blog Entries
    50

    Certifications
    GSEC, EnCE, CISSP, SSCP, CEH (ANSI), CASP, CCNA, CCENT, CWSP, CWNA, CWTS, Security+, Server+, Network+, A+, DHTI+, PDI+, MSIT InfoSec
    #3
    It appears to be a UK-based organization and not well-known in the USA.
    Moderator of the InfoSec, CWNP, IT Jobs, Virtualization, Java, and Microsoft Developers forums at www.techexams.net
    --
    Blog: www.techexams.net/blogs/jdmurray
    LinkedIn: www.linkedin.com/in/jamesdmurray
    Twitter: www.twitter.com/jdmurray
    Reply With Quote Quote  

  5. Junior Member Registered Member
    Join Date
    Apr 2011
    Posts
    2
    #4
    Quote Originally Posted by JDMurray View Post
    It appears to be a UK-based organization and not well-known in the USA.
    Yes, this is exactly the case.
    Reply With Quote Quote  

  6. Junior Member
    Join Date
    Feb 2012
    Location
    Rochester, UK
    Posts
    8

    Certifications
    OSCP, CREST, CISSP, CISA
    #5
    I've gone through CREST CCT (Infrastructure) and passed it last year. Definitely NOT an easy exam. I even thought I've failed it when I handed out the exam USB sticks by the end of the day. CREST is born in the UK but now it has expanded to Australia. The founding members of CREST are trying hard to internationalize the program and I won't be surprised if it becomes big in a couple of years time.

    The exam consists of both theory and hands-on, thus putting it on a different level than CEH, as CEH exam is purely multiple-choice. It's also not comparable to ISC2 as it is a pentesting qualification more than it is a general infosec one. I would say CREST is more comparable to OSCP, where the practical exam involves cracking multiple platforms of servers, workstations, and routers and switches, based on a set of questions. The main thing about CREST is that certifications expire after 3 years and there is no way to maintain the qualification without having to retake the exam.

    CREST also has different flavours in their certifications. The CCT (CREST Certified Tester) has either 'Infrastructure' or 'Application'. Exam takers can choose which they prefer. Then they also have an entry-level certification called the CRT (CREST Registered Tester), also have both theory and hands-on requirement, except that it's probably not as hard as the CCT and all are multiple-choice, including the hands-on element of the exam.
    Reply With Quote Quote  

  7. Senior Member Chivalry1's Avatar
    Join Date
    Mar 2005
    Location
    127.0.0.1
    Posts
    527

    Certifications
    CISSP, CICSP, MCSE, C|EH, MCSA, MCITP: EMA 2K7/2010, MCTS:Exchange 2K7/2010, Sec+, Net+, CCA-XENAPP, ITIL-V3, MCDST, MOS
    #6
    Interesting....I have never heard of this certification organization CREST until yesterday. Seems to be popular in the UK.
    "The recipe for perpetual ignorance is: be satisfied with your opinions and
    content with your knowledge. " Elbert Hubbard (1856 - 1915)
    Reply With Quote Quote  

  8. Junior Member
    Join Date
    Aug 2014
    Posts
    15
    #7
    Anyone planning on any exams with crest or taken any?
    Reply With Quote Quote  

  9. Senior Member
    Join Date
    Dec 2010
    Posts
    180

    Certifications
    VCA-DCV, CEH, ECSA, CHFI
    #8
    I also have not heard of it before, but thanks for sharing.
    Working on: CISSP, CCENT/CCNA R&S, CCNA Security, eLearnSecurity PTS/PPT/WAPT/PWD & GSEC
    Additional Reading: Fedora/Red Hat Linux, SecurityTube Training, CBT Nuggets
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks