CREST Certified Simulated Attack Specialist

The CREST Certified Simulated Attack Specialist (CCSAS) examination tests candidates’ knowledge and expertise delivering technical components of a Simulated Attack, specifically exploitation of client vulnerabilities through Trojanised files, phishing campaigns, implant development, evasion skills and lateral movement within a compromised network.

This exam is considered a specialism to the existing CREST Certified Infrastructure certification, which is a mandatory prerequisite for all candidates wishing to complete this examination. While it is acknowledged that there is significant overlap with the existing Certified Infrastructure exam syllabus this examination is set at a significantly higher level of detail in a number of areas.  For the avoidance of doubt, all candidates wishing to sit the CCSAS examination must have a valid certificate for the CREST Certified Infrastructure qualification.

Examination Format
The examination consists of three components:

Candidates are required to meet or exceed a two-thirds pass mark in both sections independently in order to pass the exam overall.

You can download the following documents from the links below:

Syllabus for the CCSAS examination
Notes for Candidates to aid examination preparation

The Certified Simulated Attack Specialist examination costs £1,625+ VAT.

To pass the exam, the candidate must pass both sections. The written elements of the examination are delivered at Pearson Vue test centres; the practical element is delivered at a CREST examination centre. Candidates must hold a valid pass in the written element of this examination in order to sit the practical element.

Recommended Preparation Material
The CREST Assessors panel regularly identifies common themes and consolidates common questions and answers from candidates and from the industry in relation to the CREST certification examinations. Candidates are advised to familiarise themselves with these, although they are free to disregard them if they wish. The latest information can be accessed at

CREST recommend that candidates familiarise themselves with the content at  which has been created specifically for those attempting a practical examination.

The following material and media has been cited as helpful preparation for this examination by previous candidates:

Reading Material:
Red Team Field Manual (RTFM) (by Ben Clarke)
Hacking Exposed 7:  Network Security Secrets and Solutions (by Stuart McClure/Joel Scambray/George Kurtz)
Metasploit Unleashed Guide
Hackers Playbook (by Peter Kim)
Network Security Assessment (by O’Reilly, 2nd edition)
Targeted Cyber Attacks (by Syngress)
Metasploit – The Penetration Tester’s Guide (by David Kennedy)

Websites: – free vulnerable images

Offensive Security Virtual Labs
Certified Information Systems Security Professional (CISSP)

Useful Information for Candidates
How to book
Details of the Logistics and Timings of CREST examinations can be found in the Examination Preparation pages for your country of choice
CREST’s Policy for Candidates requiring special arrangements including additional time to accommodate a medical condition (including examinations delivered via Pearson Vue)
Terms and Conditions for CREST Examinations (includes hard disk drive wiping policy)