CREST Certified Simulated Attack Specialist

The CREST Certified Simulated Attack Specialist (CC SAS) examination tests candidates’ knowledge and expertise delivering technical components of a Simulated Attack, specifically exploitation of client vulnerabilities through Trojanised files, phishing campaigns, implant development, evasion skills and lateral movement within a compromised network. This exam is considered a specialism to the existing CREST CCT Infrastructure certification, which is a mandatory prerequisite for all candidates wishing to complete this examination. While it is acknowledged that there is significant overlap with the existing INF examination syllabus, this examination is set at a significantly higher level of detail in a number of areas.

Please note that candidates are required to hold the CREST Certified Infrastructure Tester qualification alongside the Certified Simulated Attack Specialist examination in order to operate under the CREST STAR scheme.  Candidates should also note that expiry of the Certified Infrastructure Tester qualification will result in the Simulated Attack Specialist qualification being suspended until such time as the Inf qualification has been re-certified.

Examination Format
The examination consists of three components:

  • multiple choice plus a written section, comprising a selection of long form questions that require detailed answers
  • hands-on practical

Candidates are required to meet or exceed a two-thirds pass mark in both sections independently in order to pass the exam overall.  The written elements of the examination are delivered at Pearson Vue test centres;  the practical element is delivered at a CREST examination centre.  Candidates must hold a valid pass in the written element of this examination in order to sit the practical element.

You can download the following documents from the links below:

Syllabus for the CC SAS examination
Notes for Candidates to aid examination preparation

Cost
The total Certified Simulated Attack Specialist examination costs £1,600 + VAT

Recommended Preparation Material
The following material and media has been cited as helpful preparation for this examination by previous candidates:

Reading Material:
Red Team Field Manual (RTFM) (by Ben Clarke)
Hacking Exposed 7:  Network Security Secrets and Solutions (by Stuart McClure/Joel Scambray/George Kurtz)
Metasploit Unleashed Guide
Hackers Playbook (by Peter Kim)
Network Security Assessment (by O’Reilly, 2nd edition)
Targeted Cyber Attacks (by Cygress)
Metasploit – The Penetration Tester’s Guide (by David Kennedy)

Websites:
http://vulnhub.com – free vulnerable images

Courses:
Offensive Security Virtual Labs
Certified Information Systems Security Professional (CISSP)

Useful Information for Candidates

Details of the Logistics and Timings of CREST examinations can be found in the Examination Preparation pages for your country of choice
CREST’s Policy for Candidates requiring special arrangements including additional time to accommodate a medical condition (including examinations delivered via Pearson Vue)
Terms and Conditions for CREST Examinations (includes hard disk drive wiping policy)