Login to profile

CREST Registered Intrusion Analyst

The technical syllabus for Intrusion Analysis identifies at a high level the technical skills and knowledge that CREST expects candidates to possess for the Certification examinations in this area.

The CREST Registered Intrusion Analyst (CRIA) examination tests a candidates’ knowledge across all three subject areas of network intrusion, host intrusion and malware reverse engineering.

In order to book to take the examination, the candidate must hold a valid CPIA pass.

Examination Format
The Examination is in two parts:  a practical assessment and a multiple-choice section.  Success will confer CREST Registered status to the individual.

You can download the following documents from the links below:

Syllabus for the Registered Intrusion Analyst examination
Notes for Candidates to aid examination preparation

For costs and availability please refer to individual country booking. The examination is currently delivered at CREST examination centres.

Training Providers
In our mission to support individuals in their examination preparation and professional growth, we collaborate with training providers. Search for a Training Provider using our Training Provider Search.

Recommended Preparation Material
The CREST Assessors panel regularly identifies common themes and consolidates common questions and answers from candidates and from the industry in relation to the CREST certification examinations. Candidates are advised to familiarise themselves with these, although they are free to disregard them if they wish. The latest information can be accessed at https://www.crest-approved.org/professionalqualifications/examination-faqs/index.html.

CREST recommend that candidates familiarise themselves with the content at https://www.crest-approved.org/ufaqs/do-you-have-any-technique-advice-for-the-practical-exams/index.html which has been created specifically for those attempting a practical examination.

The following material and media has been cited as helpful preparation for this examination by previous candidates:

Reading Material:
Hacking Exposed – Scanning and Enumeration
The Art of Memory Forensics:  Detecting Malware and Threats in Windows, Linux, and Mac Memory (by Michael Hale Ligh/Andrew Case/Jamie Levy/Aaron Walters)
Malware Forensic Field Guide for Windows Systems (by Syngress)
Practical Malware Analysis
Network Fundamentals: CCNA Exploration Companion Guide
Real Digital Forensics (particularly chapter 1, Windows Live Response)
TCP/IP Illustrated


How to Book
Please complete the booking form below for your region. If you have any problems, please email [email protected]

Examination booking form

Useful Information for Candidates
CREST’s Policy for Candidates requiring special arrangements including additional time to accommodate a medical condition (including examinations delivered via Pearson VUE)
Terms and Conditions for CREST Examinations (includes hard disk drive wiping policy)