The Cyber Scheme banner image depicting people discussing something on a laptop screen

Cyber Scheme Team Member (CSTM)

Book your exam

A pass in this technical qualification is one of the mandatory assurance checks undertaken by the National Cyber Security Centre (NCSC) before CHECK Team Member Status can be awarded.

The Cyber Scheme cannot award CHECK status, but do award certificates recognised by NCSC as confirmation that the necessary technical standard for CHECK has been met.

The exam is also suitable for individuals who want formal certification of their understanding of the theory and practical elements of cyber security and the fundamentals of Penetration Testing.

This exam also meets the standard required from NCSC and IASME to operate Cyber Essentials Plus Certification Services. Find out more about becoming an assessor for Cyber Essentials Plus here.

Assessment for the CSTM consists of:

  1.  A one hour 100 question multiple choice exam.
  2.  A one hour written paper which covers theoretical and practical aspects of the course content.
  3.  A two hour practical assessment, which provides a full scenario for penetration testing.
  4.  A 15 – 30-minute viva during which students will provide a synopsis of their findings from the practical assessment.

Assessed components 2, 3 and 4 are invigilated and undertaken by an approved assessor who holds CHECK Team Leader (CTL) status.

Multiple Choice

You will be faced with a number of theoretical and practical questions answered over a relatively short period of time.  This level of challenge ensures the candidate is being challenged at the appropriate level and in keeping with industry standard examination techniques. The questions are structured in such a way as to ascertain knowledge and understanding across a wide variety of subject specific topics, without losing the essence of the subject matter.

Written Assessment

Students are asked to answer two questions in one hour.

The rationale for using a written exam is that this is an appropriate assessment instrument to assess the syllabus taught for the CSTM course. This is also in keeping with standard assessment approaches used within UK and international educational institutions.

Practical Assessment (Network Assault Course)

Candidates are presented with a practical network assault course, where they must demonstrate that they can used the tools and techniques taught in the module to probe a given network infrastructure to gain access to information.

Candidates are permitted access to their own notes and course notes, but unsupervised access to the Internet or the use of mobile phones is not permitted.

This is a National Cyber Security Centre (NCSC) requirement to ensure rigour in the award of the Cyber Scheme CSTM qualification.

The technical skills candidates will be expected to demonstrate include:

Networking

  • Understanding common networking protocols such as SMTP, NFS, FTP, DNS
  • Service enumeration
  • The ability to map a network
  • Port scanning
  • Identification of valuable hosts on a network


Web application

  • Understanding basic web application vulnerabilities such as SQLi, XSS, LFI/RFI


 Host exploitation

  • Understanding of differences between OS’s
  • Identification of server vulnerabilities
  • Exploitation of server vulnerabilities Basic methods of privilege escalation.
 
CSTM syllabus

The Cyber Scheme believe everyone should have access to a career in security testing. We are available to discuss any concerns you have and are more than happy to make reasonable adjustments for any candidate who requires them during examinations. 

These reasonable adjustments are to ensure you are given an equal opportunity to demonstrate the necessary knowledge, skills and behaviours required. We recognise that not all disabilities are visible.

We have a range of reasonable adjustments we can offer depending on what difficulty you might face.  If you request an adjustment which we are unable to offer, we will give you a reason why we cannot offer it.  This might be because it maps to a key Knowledge, Skill or Behaviour that we have to assess against within the certification.  If that is the case, we will tell you which aspect we think would not be properly assessed.

There may be background noise during an assessment. Please bring (or ask for) ear plugs / ear defenders or listen to music if background noise is likely to affect your concentration.

Mobility

Access to all of our facilities is suitable for people with mobility issues. Should any other special facilities be required please get in touch at time of booking.  For some reasonable adjustments, such as access to a disabled parking space, we will need to see supporting documentation around the condition to allow us to apply for this access for you. No information will be retained or stored once the request is validated.

Partnerships and accreditations

NCSC logo
CiiSec logo
UK Cyber Security logo
IASME logo
Cyber Essentials Plus logo

Email us   |   Floor 7, Eagle Tower, Montpellier Drive, Cheltenham GL50 1TA   |  Privacy Policy   |   Booking Conditions

Facebook Twitter Linkedin
Skip to content