CSFL Joining Instructions

These instructions are for delegates attending our remote CSFL training and assessment, and should contain all the information you need to organise your course and exam with us.

Please contact us if you have any queries.

Before your course begins

Please look at these videos created by our Head of Education Paul Richards, for in-depth instruction on how to set up Linux (essential for attendance on the training course).

Non-attendance

Please notify us if you are unable to attend or if you have any enquiries prior to the course date. Please read our terms and conditions for our cancellation policy.

Refreshments and lunch break
Please note you will have a 60-minute lunch break on training days during which time you will be able to step away from the screen.

Equipment

Please supply your own laptop and pen testing distro. We do not provide or have loan laptops. All tools and software must be licensed appropriately.

Essential/mandatory:

  • A laptop with at least 8Gig of memory with administrator credentials – so you can add software
  • A NIC (network interface card) – so you can connect to the network
  • A wireless NIC (network interface card) – so you can connect to the wireless network
  • A HDMI port – so you can attach a monitor
  • A working power supply – so you can use your laptop for extended periods of time.


Ideally please also have:

  • An office package for opening Word documents, PDFs and spreadsheets.


Optional:

  • External mouse and keyboard
  • Spare laptop
  • External WIFI adapter for WIFI testing (i.e. an alpha card)
  • USB Stick – for easy transfer of data / notes / slides / etc.


Mobile Phones

You will be asked to put phones / tech on silent and away, you will not be contactable via Teams, Slack etc during the assessment.

Additional Information

What you need to know about the training

The training course associated with the CSFL assessment is an entry level course and as such has no prerequisites. However, candidates should have access to a working laptop (i.e. Windows 11), with a security testing distro (i.e. Kali Linux), some form of VA software (i.e. Nessus) and a working power supply, wired Ethernet port and have admin rights to add and remove software as required. You will need to use the USB ports to copy data.

Base Operating System – Microsoft Windows 11 is advised. Apple Mac and other operating systems are allowed but you will need to provide your own IT support. You will need admin rights to the base OS. A copy of Microsoft Word or something similar would be beneficial.

Virtualisation – Research and get to know a virtualisation solution. We recommend Oracle VirtualBox, but other software is available however you will need to provide your own IT support.

In particular you should get to know:

  • How to install the software
  • How to install the extension pack
  • How to instal the Guest Additions software.

It would be useful to get to know how to clone and snapshot a virtual machine.

Kali Linux – Research and install a copy of Kali Linux as a virtual machine. You should have at least 8G of Ram for your virtual machine, at least 200G of disk space and take some time getting to know the networking settings. (i.e NAT, Bridged, etc).

Nessus – You don’t have to use Nessus; you can use any vulnerability assessment (VA) software you like however you will need to support it yourself. Nessus has a variety of licence options and for the training and assessment the free versions are fine. (Full version free trial or Essentials version). It doesn’t really matter if you install Nessus onto the base OS or onto the virtual Kali machine. If unsure, add it to Kali.

In summary you should have a working laptop, with a virtualised working copy of Kali Linux and a working copy of Nessus. (Other options / configurations are available.)

If you want to start researching some of the topics, take a look at the laws and ethics around ethical hacking and some basic computer networking concepts. We will cover all this in the training, but some people like to get a head start.

What you need to know about the assessment/exam

You must supply your own laptop, with a security testing distro, Nessus (or some form of VA software) and a working powers supply, wired ethernet port and have admin rights to add and remove software as required. You will need to use the USB ports to copy data.

We do not currently insist on the wiping of hard drives during this assessment, but all assessment data must be removed from your laptop at the end of the assessment.

Exam Format

Presentation and resource preparation: 60 minutes
Technical showcase: 15 minutes
Interview: 15 minutes
Short multiple-choice exam: 30 minutes.

Online Training Requirements

  1. Ensure a suitable environment for the duration of the course has been selected. We recommend that the candidate is alone in the room with the door closed.
  2. Do not have music, TV, radio or background noise during the course.
  3. Communication with the trainer via video conferencing / chat during the assessment is expected and allowed.
  4. Internet access (use of google, chat apps, etc) is allowed; the candidate may look things up on the internet.

Taking an Online Course or Exam at The Cyber Scheme – what you need to know.

Please ensure that you have:

Access to a stable internet connection on the day of your exam (30 Mpbs or greater is preferable) with unfiltered outbound internet access. Restricted or heavily locked down corporate devices may be unsuitable. A wired connection is preferable to ensure a consistent connection but a reliable WiFi connection should be fine also. Mobile device tethering is not recommended, however.

The WireGuard VPN client installed on your device. This must be the same device where your vulnerability scanner is installed to ensure your scans can run successfully over the VPN connection.

A VPN configuration will be provided at the start of your exam.

A Teams meeting link will be sent to you the day prior.

WireGuard VPN

Please install the Wireguard VPN client before the assessment.

Please note activating the VPN client outside of the assessment timeslot will cause your device to lose access to the internet. This is by design. Simply turn off the VPN to re-enable your internet access. You can only use the internet through the Cyber Scheme VPN during the assessment time slot, not before or after.

Windows

Browse to: https://www.wireguard.com/install/

Download and install the client then import the .conf (configuration file supplied by the Cyber Scheme).

Linux

apt update

apt install wireguard

You will be sent a config file from the Cyber Scheme.

Rename your .conf (configuration file supplied by the Cyber Scheme) to wg0.conf
mv myfile.conf wg0.conf
To import the file use the following command: nmcli connection import type wireguard file “wg0.conf”.

Click on the link below to access the full syllabus.

Inclusion and Accessibility during exams and training

The Cyber Scheme believe everyone should have access to a career in security testing. We are available to discuss any concerns you have and are more than happy to make reasonable adjustments for any candidate who requires them during training and examinations. 

These reasonable adjustments are to ensure you are given an equal opportunity to demonstrate the necessary knowledge, skills and behaviours required. We recognise that not all disabilities are visible.

We have a range of reasonable adjustments we can offer depending on what difficulty you might face.  If you request an adjustment which we are unable to offer, we will give you a reason why we cannot offer it.  This might be because it maps to a key Knowledge, Skill or Behaviour that we have to assess against within the certification.  If that is the case, we will tell you which aspect we think would not be properly assessed.

There may be background noise during an assessment. Please bring (or ask for) ear plugs / ear defenders or listen to music if background noise is likely to affect your concentration (please note this doesn’t apply to our training courses).

Mobility

Access to all of our facilities is suitable for people with mobility issues. Should any other special facilities be required please get in touch at time of booking.  For some reasonable adjustments, such as access to a disabled parking space, we will need to see supporting documentation around the condition to allow us to apply for this access for you. No information will be retained or stored once the request is validated.