Written by students who passed Immediately available after payment Read online or as PDF Wrong document? Swap it for free 4.6 TrustPilot
logo-home
Exam (elaborations)

CREST CPSA EXAM (NEWEST EXAM 2025) | ALL QUESTIONS AND CORRECT ANSWERS | GRADED A+ | VERIFIED ANSWERS | LATEST VERSION (JUST RELEASED)

Rating
-
Sold
3
Pages
34
Grade
A+
Uploaded on
19-06-2025
Written in
2024/2025

CREST CPSA EXAM (NEWEST EXAM 2025) | ALL QUESTIONS AND CORRECT ANSWERS | GRADED A+ | VERIFIED ANSWERS | LATEST VERSION (JUST RELEASED)

Institution
CREST CPSA
Course
CREST CPSA

Content preview

CREST CPSA EXAM (NEWEST EXAM 2025) | ALL QUESTIONS AND
CREST CPSA Exam Practice
CORRECT ANSWERS | GRADED A+ | VERIFIED ANSWERS | LATEST
Study online at https://quizlet.com/_ha2glc
VERSION
1. Squid Proxy 3128

2. Benefits of a Pen- - Enhancement of the management system
etration Test - Avoid fines
- Protection from financial damage
- Customer protection

3. Structure of a Planning and Preparation
Penetration Test Reconnaissance
Discovery
Analyzing information and risks
Active intrusion attempts
Final analysis Report
Preparation

4. Another Struc- Reconnaissance
ture of a Penetra- Vulnerability Scanning
tion Test Investigation
Exploitation

5. Infrastructure Includes all internal computer systems, associated external devices, internet net-
Testing working, cloud and virtualization testing.

6. Types of Infra- - External Infrastructure Penetration Testing
structure Testing - Internal Infrastructure Penetration Testing
- Cloud and Virtualization Penetration Testing
- Wireless Security Penetration Testing

7. External Infra- Mapping flaws in the external infrastructure
structure Testing

8. - Identifies flaws within the firewall configuration that could be misused.
- Finds how information could be leaked out from the system



, CREST CPSA Exam Practice
Study online at https://quizlet.com/_ha2glc

Benefits of Ex- - Suggests how these issues could be fixed
ternal Infrastruc- - Prepares a comprehensive report highlighting the security risk of the networks
ture Testing and suggests solutions
- Ensures overall efficiency and productivity of your business

9. Benefits of In- - Identifies how an internal attacker could take advantage of even a minor security
ternal Infrastruc- flaw
ture Testing - Identifies the potential business risk and damage that an internal attacker can
inflict
- Improves security systems of internal infrastructure
- Prepares a comprehensive report giving details of the security exposures of
internal networks along with the detailed action plan on how to deal with it

10. Benefits of Cloud - Discover the real risks within the virtual environment and suggests the methods
and Virtualiza- and costs to fix the threats and flaws
tion Penetration - Provides guidelines and an action plan how to resolve the issues
Testing - Improves the overall protection systems
- Prepares a comprehensive security system report of the cloud computing and
virtualization, outline the security flaws, causes and possible solutions

11. Benefits of Wire- - To find the potential risk caused by your wireless device
less Security Pen- - To provide guidelines and an action plan on how to protect from the external
etration Testing threats
- For preparing a comprehensive security system report of the wireless network-
ing, to outline the security flaw, causes, and possible solutions

12. Black Box Testing Black-box testing is a method in which the tester is provided no information about
the application being tested.

13. Advantages of - Test is generally conducted with the perspective of a user, not the designer
Black Box Testing - Verifies contradictions in the actual system and the specifications

14.


, CREST CPSA Exam Practice
Study online at https://quizlet.com/_ha2glc

Disadvantages of - Particularly, these kinds of test cases are difficult to design
Black Box Pene- - Possibly, it is not worth, in case designer has already conducted a test case
tration Testing - It does not conduct everything

15. White Box Pene- A tester is provided a whole range of information about the systems and/or
tration Testing network such as schema, source code, os details, ip address, etc.

16. Advantages of - It ensures that all independent paths of a module have been exercised
White Box Pene- - It ensures that all logical decisions have been verified along with their true and
tration Testing false value.
- It discovers the typographical errors and does syntax checking
- It finds the design errors that may have occurred because of the difference
between logical flow of the program and the actual execution.

17. Computer Mis- Section 1: Unauthorized access to computer material
use Act 1990 Section 2: Unauthorized access with intent to commit or facilitate commission of
Highlights further offenses
Section 3: Unauthorized acts with intent to impair, or with recklessness as to
impairing the operation of a computer

18. Human Rights - The right to life
Act 1998 High- - The right to respect for private and family life
lights - The right to freedom of religion and belief
- Your right not to be mistreated or wrongly punished by the state

19. Consent Infor- - Name & Position of the individual who is providing consent
mation for Pene- - Authorized testing period - both the date range and hours that testing is
tration Test permitted
- Contact information for members of technical staff, who may provide assistance
during the test
- IP addresses or URL that are in scope of testing
- Exclusions to certain hosts, services or areas within application testing
- Credentials that may be required as part of authenticated application testing


, CREST CPSA Exam Practice
Study online at https://quizlet.com/_ha2glc


20. Data Protection - Personal data must be processed fairly and lawfully
Act 1998 High- - be obtained only for lawful purposes and not processed in any manner incom-
lights patible with those purposes
- be adequate, relevant and not excessive
- be accurate and current
- not be retained for longer than necessary
- be processed in accordance with the rights and freedoms of data subjects
- Be protected against unauthorized or unlawful processing and against acciden-
tal loss, destruction or damage

21. Police and Justice - Make amendments to the computer misuse act 1990
Act 2006 High- - increased penalties of computer misuse act (makes unauthorized computer
lights access serious enough to fall under extradition)
- Made it illegal to perform DOS attacks
- Made it illegal to supply and own hacking tools.
- Be careful about how you release information about exploits.

22. Issues Between - The tester is unknown to his client - so, on what grounds, he should be given
Tester and Client access of sensitive data
- Who will take the guarantee of security of lost data?
- The client may blame for the loss of data or confidentiality to tester.

23. Preventing Legal - A statement of intent should be duly signed by both parties
Issues in Pene- - The tester has the permission in writing, with clearly defined parameters
tration Testing - the company has the details of its pen tester and an assurance that he would
not leak any confidential data

24. Scoping a Pene- - All relevant risk owners
tration Test - Technical staff knowledgeable about the target system
- The penetration test team should identify what testing they believe will give a full
picture of the vulnerability status of the estate

Written for

Institution
CREST CPSA
Course
CREST CPSA

Document information

Uploaded on
June 19, 2025
Number of pages
34
Written in
2024/2025
Type
Exam (elaborations)
Contains
Questions & answers

Subjects

$23.49
Get access to the full document:

Wrong document? Swap it for free Within 14 days of purchase and before downloading, you can choose a different document. You can simply spend the amount again.
Written by students who passed
Immediately available after payment
Read online or as PDF

Get to know the seller

Seller avatar
Reputation scores are based on the amount of documents a seller has sold for a fee and the reviews they have received for those documents. There are three levels: Bronze, Silver and Gold. The better the reputation, the more your can rely on the quality of the sellers work.
TutorGemini Teachme2-tutor
View profile
Follow You need to be logged in order to follow users or courses
Sold
6945
Member since
1 year
Number of followers
2
Documents
3083
Last sold
1 week ago

5.0

501 reviews

5
492
4
8
3
1
2
0
1
0

Why students choose Stuvia

Created by fellow students, verified by reviews

Quality you can trust: written by students who passed their tests and reviewed by others who've used these notes.

Didn't get what you expected? Choose another document

No worries! You can instantly pick a different document that better fits what you're looking for.

Pay as you like, start learning right away

No subscription, no commitments. Pay the way you're used to via credit card and download your PDF document instantly.

Student with book image

“Bought, downloaded, and aced it. It really can be that simple.”

Alisha Student

Working on your references?

Create accurate citations in APA, MLA and Harvard with our free citation generator.

Working on your references?

Frequently asked questions