Master the essential quick reference material for the CREST Practitioner Security Analyst (CPSA) certification. This appendix covers critical exam topics including port numbers, protocol references, OSI and TCP/IP models, HTTP methods, security definitions, and common attack patterns that are frequently tested.
Topics Covered
- K1 Oracle Default Credentials - Common default usernames and passwords for Oracle databases
- K2 SQL SELECT Commands - Essential SQL queries for database enumeration and information gathering
- K3 Port Numbers Reference - Common ports (21/FTP, 22/SSH, 23/Telnet, 25/SMTP, 53/DNS, 80/HTTP, 443/HTTPS, etc.)
- K4 OSI Model Layers - The 7 layers of the OSI model with mnemonics and protocols
- K5 TCP/IP Model - The 4-layer TCP/IP model and its relationship to OSI
- K6 Wireless Standards - 802.11a/b/g/n specifications, frequencies, and speeds
- K7 Data Link Protocols - SLIP, PPP, ARP, RARP, L2F, L2TP, PPTP, ISDN
- K8 HTTP Web Methods & Status Codes - GET, POST, PUT, DELETE, and status code categories (1xx-5xx)
- K9 XSS and Injection Attacks - Cross-site scripting, SQL injection, XXE, LDAP injection definitions
- K10 Wireless & Network Standards - WEP, WPA, Ethernet standards, Token Ring
- K11 Security Definitions & Protocols - Kerberos, BGP, NAT, NTLM, routing protocols, and more