NEWEST 2026 TEST BANK| CREST
PRACTITIONER SECURITY ANALYST
(CPSA) CERTIFICATION EXAM PREP
WITH COMPLETE 420 REAL EXAM
QUESTIONS AND CORRECT VERIFIED
ANSWERS/ ALREADY GRADED A+
(MOST RECENT!!)
EXAM OVERVIEW
The CREST Practitioner Security Analyst (CPSA) is an entry-level
certification that tests a candidate's knowledge of operating system security
and common network services . It is the first certification in CREST's
Penetration Testing career pathway and serves as a prerequisite for the
CREST Registered Penetration Tester (CRT) qualification .
Successful CPSA candidates demonstrate foundational competency for
hands-on penetration testing roles, indicative of approximately two years of
industry experience . The examination is delivered as a computer-based test
consisting of 120 multiple-choice questions that must be completed within 2
hours .
The exam is structured around core knowledge groups including Soft Skills
and Assessment Management, Core Technical Skills, Information Gathering,
Networking Equipment, Microsoft Windows Security Assessment, Unix
Security Assessment, Web Technologies, Web Testing Methodologies, Web
Testing Techniques, and Databases .
,This comprehensive question bank is designed to mirror the actual exam
content and difficulty level, covering all syllabus areas with detailed
Rationales for each Answer .
SECTION 1: CORE TECHNICAL SKILLS (Questions 1-100)
Network Protocols and OSI Model
1. The IP (Internet Protocol) operates at which layer of the OSI model?
A) Application Layer
B) Transport Layer
C) Network Layer
D) Data Link Layer
Answer: C
Rationale: The Internet Protocol (IP) operates at the Network layer (Layer 3)
of the OSI model. Its primary task is to deliver packets from the source host
to the destination host based on the IP addresses in the packet headers .
2. Which protocol is known for performing a three-way handshake to
establish a connection?
A) UDP
B) ICMP
C) TCP
D) ARP
Answer: C
Rationale: TCP (Transmission Control Protocol) is known for performing a
,three-way handshake to establish a connection between client and server
before data can be sent. UDP does not perform handshakes .
3. What does SYN stand for in a TCP handshake?
A) System Notification
B) Synchronize
C) Synchronous Network
D) System Network
Answer: B
Rationale: SYN stands for Synchronize. It is used to initiate and establish a
connection and helps synchronize sequence numbers between devices .
4. What is the purpose of ACK in a TCP handshake?
A) To initiate the connection
B) To confirm receipt of the SYN
C) To terminate the connection
D) To synchronize sequence numbers
Answer: B
Rationale: ACK (Acknowledgement) helps confirm to the other side that it
has received the SYN. It is a critical part of the three-way handshake
process .
5. Which of the following statements about UDP is correct?
A) UDP performs a three-way handshake
B) UDP is part of the Internet protocol suite
, C) UDP requires a reliable data stream
D) UDP is connection-oriented
Answer: B
Rationale: UDP (User Datagram Protocol) is part of the Internet protocol
suite. Applications that do not require a reliable data stream use UDP.
Unlike TCP, UDP does not perform handshakes .
6. What is FIN used for in TCP?
A) To establish a connection
B) To synchronize sequence numbers
C) To terminate the connection
D) To acknowledge receipt of data
Answer: C
Rationale: FIN (Finish) is used to terminate the connection in TCP. It is part
of the connection termination process .
7. What is the primary task of the Internet Protocol (IP)?
A) To create a connection between client and server
B) To deliver packets based on IP addresses in packet headers
C) To provide reliable data transmission
D) To perform error checking
Answer: B
Rationale: The primary task of IP is to deliver packets from the source host
to the destination host based on the IP addresses in the packet headers .