Only 4 days
Classroom
02/12/2024 (Monday)
Overview
The accelerated CREST Certified Web Application Tester (CCTT APP) certification is an assessment of the candidate’s ability to find vulnerabilities in bespoke web applications. The examination uses specially designed applications running on a variety of web application platforms and now covers a wider scope than purely traditional web applications to include more recent advances in the field of web application technology and security. The candidate will be expected to demonstrate that they are able to find a range of security flaws and vulnerabilities, including proving the ability to exploit and leverage the flaws to ascertain the impact of the issues found.
In addition to traditional web application security, it is advised that candidates familiarise themselves with the following topics which are included in the practical examination and also may be included in the written components:
- Flash Application Testing
- .Net Thick Clients
- Java Applets
- Identification of functionality within client-side code that is accessible only to privileged users
- Vulnerabilities in increasingly prevalent application frameworks – e.g. Rails
- Identification of more recent SSL vulnerabilities – e.g. BEAST
- HTTP Header Fields relating to security features – e.g. HSTS
- Decompilation of client-side code – e.g. Flash, Java, .Net
- Web Server security misconfigurations – e.g. WebDAV
At the end of this course, you’ll achieve your CREST Certified Web Application Tester (CCTT APP) certification. Through Firebrand’s Lecture | Lab | Review methodology, you’ll get certified at twice the speed of the traditional training and get access to courseware, learn from certified instructors, and train in a distraction-free environment.
Audience
- The CREST Practitioner level examinations are the entry level professional exams and are aimed at individuals with around 2,500 hours (two years) of relevant and frequent experience.
- The CREST Registered level examinations are the next step and by passing this you are demonstrating your commitment as an information security tester. Typically, candidates wishing to sit a Registered examination should have at least 6,000 hours (three years or more) of relevant and frequent experience.
- The CREST Certified level examinations are designed to set the benchmark for senior professionals. These are the certifications to which most aspire and the examinations are aimed at individuals with approximately 10,000 hours (five to six years) of relevant and frequent experience.The above timescales are recommended, not mandatory.
Curriculum
- Module 1: Flash Application Testing
- Module 2: .Net Thick Clients
- Module 3: Java Applets
- Module 4: Identification of functionality within client-side code that is accessible only to privileged users
- Module 5: Vulnerabilities in increasingly prevalent application frameworks – e.g. Rails
- Module 6: Identification of more recent SSL vulnerabilities – e.g. BEAST
- Module 7: HTTP Header Fields relating to security features – e.g. HSTS
- Module 8: Decompilation of client-side code – e.g. Flash, Java, .Net
- Module 9: Web Server security misconfigurations – e.g. WebDAV
Exam Track
- At the end of this accelerated course, you’ll sit the following exam at the Firebrand Training centre, covered Certification Guarantee:
CREST Certified Web Application Tester (CCTT APP) Exam
- Duration: 3 hours
- Format: 150 multiple choice questions
- Number of questions: 150
- Passing score: 60%
Prerequisites
- The CREST Practitioner level examinations are the entry level professional exams and are aimed at individuals with around 2,500 hours (two years) of relevant and frequent experience.
- The CREST Registered level examinations are the next step and by passing this you are demonstrating your commitment as an information security tester. Typically, candidates wishing to sit a Registered examination should have at least 6,000 hours (three years or more) of relevant and frequent experience.
- The CREST Certified level examinations are designed to set the benchmark for senior professionals. These are the certifications to which most aspire and the examinations are aimed at individuals with approximately 10,000 hours (five to six years) of relevant and frequent experience.The above timescales are recommended, not mandatory.
What's Included
Your accelerated course includes:
- Accommodation *
- Meals, unlimited snacks, beverages, tea and coffee *
- On-site exams **
- Practice tests **
- Certification Guarantee ***
- Courseware
- Up-to 12 hours of instructor-led training each day
- 24-hour lab access
- Digital courseware **
* For residential training only. Accommodation is included from the night before the course starts. This doesn't apply for online courses.
** Some exceptions apply. Please refer to the Exam Track or speak with our experts.
*** Pass first time or train again free as many times as it takes, unlimited for 1 year. Just pay for accommodation, exams, and incidental costs.
Benefits
Six reasons why you should sit your course with Firebrand Training
- Two options of training. Choose between residential classroom-based, or online courses
- You'll be certified fast. With us, you’ll be trained in record time
- Our course is all-inclusive. A one-off fee covers all course materials, accommodation* and meals*. No hidden extras.
- Pass the first time or train again for free. This is our guarantee. We’re confident you’ll pass your course the first time. But if not, come back within a year and only pay for accommodation, exams and incidental costs
- You’ll learn faster. Chances are, you’ll have a different learning style to those around you. We combine visual, auditory and tactile styles to deliver the material in a way that ensures you will learn faster and more easily
- You’ll be studying with the best. We’ve been named in the Training Industry’s “Top 20 IT Training Companies of the Year” every year since 2010. As well as winning many more awards, we’ve trained and certified over 135,000 professionals
*For residential training only. Doesn't apply for online courses.