Certified Social Engineering Defense Practitioner

Certified Social Engineering Defense Practitioner
(CSEDP)

The Certified Social Engineering Defense Practitioner (CSEDP) exam is an entry-level exam that validates a candidate’s awareness and foundational knowledge of social engineering attacks and human-focused security weaknesses. It covers a wide range of social engineering concepts, including phishing, vishing, impersonation, manipulation techniques, attacker behavior, and organizational defense measures.

Note: This exam will be made available on/before 17th January, 2026.

  • MCQ
  • 1 Hour
  • Online
  • On-demand
  • Factual and Scenario based questions

£100

Buy Now Add to Cart

Who should take this exam?

CSEDP is intended for security professionals, corporate employees, security teams, and individuals seeking to improve their ability to identify, prevent, and respond to social engineering threats.

What is the format of the exam?

The exam includes Multiple Choice Questions (MCQs) covering the syllabus. The time duration of the exam is 60 minutes. The exam will be proctored but can be taken online, anytime (on-demand) and from anywhere. The exam will cover a variety of questions that are both factual and scenario-based.

What is the pass criteria for the exam?

The pass criteria are as follows:

  • Candidates scoring over 60% marks will be deemed to have successfully passed the exam.
  • Candidates scoring over 75% marks will be deemed to have passed with merit.

What is the experience needed to take the exam?

This is an entry-level exam. It evaluates a candidate’s awareness of social engineering attacks and related human-centric security risks. Candidates should understand common social engineering techniques, attacker mindset, real-world attack scenarios, and best practices for identifying, preventing, and responding to social engineering threats.

Note: Professional pentesting is not a requirement for this exam.

What will the candidates get?

On completing the exam, each candidate will receive:

  • A certificate with their pass/fail and merit status.
  • The certificate will contain a certificate number, which can be used by anyone to validate the certificate.

What is the exam retake policy?

Candidates who fail the exam must purchase a new exam voucher.

What are the benefits of this exam?

The exam will allow candidates to demonstrate their awareness of social engineering attacks.

How long is the certificate valid for?

The certificate does not have an expiration date. However, the passing certificate will mention the details of the exam, such as the exam version and the date. As the exam is updated over time, candidates should retake the newer version as per their convenience.

Exam Syllabus

Principles of Social Engineering

  • Human behavior as an attack surface
  • Trust, authority, urgency, and persuasion mechanisms
  • Differences between technical exploitation and manipulation
  • Common social engineering attack models

Phishing & Business Email Attacks

  • Phishing, spear phishing, and targeted fraud scenarios
  • Abuse of legitimate business processes
  • Characteristics of convincing and high-impact attacks
  • Limitations of visual email inspection

Email Infrastructure & Authentication Basics

  • High-level structure of email delivery
  • Purpose and limitations of SPF, DKIM, and DMARC
  • Spoofing indicators and authentication failures
  • Why authentication does not equal legitimacy

Human Decision-Making Under Pressure

  • Cognitive load and distraction
  • Effects of urgency and time pressure
  • Social norms, politeness, and compliance
  • Why trained users still make mistakes

Voice-Based and Interactive Attacks

  • Vishing and real-time manipulation techniques
  • Identity assumptions in phone-based communication
  • Abuse of verification and support workflows
  • Risks of caller identification and trust cues

Authentication & Trust Indicators

  • MFA concepts and common abuse patterns
  • Misinterpretation of security signals (codes, prompts, warnings)
  • False sense of security through technical indicators
  • Differences between authentication and authorization

Web Impersonation & Domain Trust

  • Lookalike domains and brand impersonation
  • Limitations of HTTPS and certificate trust
  • User assumptions about browser security indicators
  • Risks of visually identical login pages

Emerging Techniques & Automation

  • AI-assisted phishing and impersonation
  • Voice and video synthesis risks
  • Increased believability and personalization
  • Impact on traditional detection methods

Detection, Reporting & Response

  • Indicators of suspicious behavior without malware
  • Importance of timely reporting and escalation
  • Organizational visibility into social engineering attacks
  • Measuring effectiveness beyond prevention

Mitigation & Organizational Resilience

  • Defense-in-depth for human-driven attacks
  • Limiting impact after successful manipulation
  • Role-based risk and privilege management
  • Characteristics of a mature security posture

Sample Question

What makes spear phishing statistically more successful than mass phishing?

  • Contextual relevance lowers suspicion thresholds
  • Malware quality is better
  • Infrastructure reputation is superior
  • Encrypted payloads avoid detection