Buying & Building Cyber Services icon
Back
Accreditation Pathway & Membership icon
Back
Skills, Certifications & Careers icon
Back
News, Events & Research icon
Back
About Us icon
Back
Login to profile
Join Today Find a Supplier

CRT FAQs

Home  »  CRT FAQs

General questions

What is the CRT exam?

The CREST Registered Penetration Tester (CRT) exam is recognised by the UK National Cyber Security Centre (NCSC) as the minimum standard for CHECK Team Member Status.  

It is an intermediate level exam that tests a candidate’s ability to carry out basic vulnerability assessment and penetration testing tasks. 

The CRT is the exam available in selected Pearson VUE Test Centres across the globe. 

How can I book the CRT exam?

The CRT exam is available in selected Pearson VUE Test Centres across the globe. You can book your online exam now via the Pearson VUE website.

I need to cancel my exam last minute due to extenuating circumstances.

Please see the following Pearson VUE link and select the correct region for Pearson VUE’s customer support.

How can I prepare for my CRT exam?

In order to allow candidates to familiarise themselves with the tooling available in the exam environment, a virtual machine is available. The virtual machine will host a version of Kali Linux that can be used to perform all required tasks within the exam. This machine has a large number of tools installed. Please note: both Nessus Professional and BurpSuite Professional are NOT licensed on the public AWS AMI. They ARE licensed in the exam.

 

Please access the Kali Virtual Machine here.

 

Additional resources to help with your preparation include: 


Sample questions  

Examples of questions that help candidates to understand what to expect from the examination environment. 

 

Available training 

There are a number of CREST Training Providers offering CRT training. Lab Based training is also available.

 

Top tips 

This document offers some useful tips to help prepare for the exam. 

Will my current CRT still be valid?

All current CRT certifications will be valid until their expiry date. 

What is the CHECK status of the Exam?

The CRT exam has been approved by the National Cyber Security Centre (NCSC) for CHECK Team Member (UK Only). 

CHECK is a UK Government programme under the NCSC which approves cyber security service providers to carry out authorised penetration tests of public sector and critical national infrastructure (CNI) systems and networks. 

What does the CRT exam assess?

The CRT is a practical assessment where the candidate will be expected to find known vulnerabilities across common network, application, infrastructure and database. CRT validates a practitioner’s ability to conduct vulnerability scans using commonly available tools and to interpret the results. 

Is the CRT exam open or closed book?

Candidates are able to pre-upload files ahead of their practical exam via CRESTDrive. These files will be accessible on the day of the exam. 

 

CREST has set up a link where candidates can access the Kali Virtual Machine and familiarise themselves with the tools that will be available during the exam. We also recommend candidates to read the Exam Top Tips which provides guided suggestions on areas to focus when preparing for the CRT exam. 

 

Please access the Kali Virtual Machine here.

How does the CRT exam look?

The image below reproduces the exam environment: 

CRT candidate exam layout example

Screenshot of exam layout in Pearson VUE 

 

The exam will feature short form, trophy answers and some multiple choice. Click here to view the CRT syllabus.

What syllabus should I use when preparing for my CRT exam?

Candidates planning to take the CRT exam should refer to this syllabus.

Is there an expiry date for my CRT certification?

Yes. It remains valid for 3 years from the date you sat the exam. 

Are there any training courses available to help me prepare for the exam?

CREST Training Partners are in the process of updating their course material and will be added to the training webpage when ready. Lab based training is also available.

Where can I take the CRT exam?

Then CRT exam is available in selected Pearson VUE Test Centres across the globe. Book online your exam now via the Pearson VUE website

Exam structure

How long is the exam?

The exam duration is 2.5 hours and candidates will be given an additional 15 minutes for reading time. 

What is the format of the CRT exam?

The exam is a practical assessment consisting of multiple choice, short form and trophy answers. 

When will I get results?

The exam will be auto-marked and the results sent within 5 working days. 

How will I sign the CREST Code of Conduct and NDA?

You will be required to sign both when booking the CRT exam at Pearson VUE. 

Is CREST Practitioner Security Analyst (CPSA) certification still a pre-requisite to sit the CRT exam?

Yes, you must have a valid CPSA certification to sit the CRT. 

Is the CRSA certification still available?

The CRSA certification was part of a pilot program and has been renamed as the CRT exam.

Special Accommodations

Candidates must contact the CREST support team at least 2 weeks before the potential exam date with a formal medical report from a qualified medical practitioner specialising in the particular condition. Candidates should register an account with Pearson VUE but not book an exam date until the accommodation request has been processed. For more information please contact [email protected].

Pearson VUE test centres and exam day

What am I allowed to take into the Pearson VUE Test Centre?

  • Electronic items such as mobile phones, smart watches, ear buds etc will not be permitted to be taken into the exam. You will be required to surrender all electronic items and potentially other personal items. Lockers will be provided. 
  • However, in order to allow candidates to familiarize themselves with the tooling available in the exam environment, a virtual machine is available here. The virtual machine will host a version of Kali Linux that can be used to perform all required tasks within the exam. This machine has a large number of tools installed, including licensed versions of Nessus Professional and BurpSuite Professional. 
  • Pearson VUE Comfort Aid List 

I already have a Pearson VUE login, can I use that to book?

Yes. You can only book the CREST CRT exam through a Pearson VUE account. Please follow the link to set up an account if you have not already done so: Pearson VUE.

What if I run out of time in the exam?

  • If you do run out of time, or forget to save, then your exam will be auto submitted. 
  • You will be provided with a 5-minute warning notification .

What Identification Document (ID) do I need?

You need to bring two forms of government issued IDs one of which must have a picture. Most candidates bring their passport and the driver’s licence. No photocopies will be accepted. Please see the following link for more detailed information: English (pearsonvue.com) 

Are there any tips for the exam day?

Pearson VUE provides relevant information for candidates via their resource hub: helpful resources for test-takers

What can I expect on the day?

  • You will need to arrive at least 15 minutes before your exam starts to allow time to complete the sign in process.
  • Don’t forget to bring your two forms of government issued IDs. 
  • Access to the Kali virtual machine desktop will be provided via the Peason VUE secure browser. 
  • You need to use this Kali virtual machines to perform the required testing. All required tooling is pre-installed into this virtual machine.
  • The virtual machine has no access to the internet; therefore, you won’t be able to update, download any tools, download notes, search blogs etc. 
  • It might take 30-60 seconds to load the virtual machine into the Peason VUE secure browser and this is perfectly normal. 
  • You won’t be able to copy and paste between the Kali virtual machine and the examination answer window.