The CompTIA Advanced Security Practitioner (CASP) course is a 5-day training course aimed at IT professionals with at least 10 years of experience in enterprise IT Security, who intend on writing the CompTIA CAS-003 exam. In this course, delegates will expand on their knowledge of information security to apply more advanced principles that will keep their organization safe from the many ways it can be threatened.
Delegates will apply critical thinking and judgment across a broad spectrum of security disciplines to propose and implement sustainable security solutions that map to organizational strategies, translate business needs into security requirements, support IT governance and risk management, architect security for hosts, networks, and software, respond to security incidents and more.
This course is designed for IT professionals in the cybersecurity industry whose primary job responsibility is to secure complex enterprise environments. The target student should have real-world experience with the technical administration of these enterprise environments. The target audience includes the following:
- Cyber Security/IS Professionals
- Information Security Analysts
- Security Architects
- IT Specialist
- Cybersecurity Risk Managers
- Cybersecurity Risk Analysts
Prerequisites
- Before attending this course, delegates need to have knowledge of Information Security concepts. This includes, but is not limited to:
- Knowledge of identity and access management (IAM) concepts and common implementations, such as authentication factors and directory services
- Knowledge of cryptographic concepts and common implementations, such as Secure Sockets Layer/Transport Layer Security (SSL/TLS) and public key infrastructure (PKI)
- Knowledge of computer networking concepts and implementations, such as the TCP/IP model and configuration of routers and switches
- Knowledge of common security technologies used to safeguard the enterprise, such as anti-malware solutions, firewalls, and VPNs
- It is highly recommended that delegates attending this course have a minimum of 10 years’ experience in IT administration, including at least 5 years of hands-on technical security experience.
Prepare for the CompTIA CASP+ exam with the course CASP+ CompTIA Advanced Security Practitioner (CAS-004). The course contains assessment questions, test sets, interactive lessons with knowledge checks and quizzes, and labs to provide a hands-on learning experience of security in a safe, online environment. It provides complete coverage of the CAS-004 exam objectives and it is designed to give you insight into the working world of IT security. It describes the types of tasks and activities that a security professional with 5–10 years of experience carries out.
Here’s what you will get
The CompTIA CASP+ (CAS-004) certification is a globally recognized widely-trusted vendor-neutral credential. CASP+ covers the technical knowledge and skills required to architect, engineer, integrate, and implement secure solutions across complex environments to support a resilient enterprise while considering the impact of governance, risk, and compliance requirements. It is an advanced-level cybersecurity certification for security architects and senior security engineers charged with leading and improving an enterprise’s cybersecurity readiness.
Lessons
11+ Lessons | 410+ Exercises | 200+ Quizzes | 313+ Flashcards | 209+ Glossary of terms
TestPrep
90+ Pre Assessment Questions | 2+ Full Length Tests | 90+ Post Assessment Questions | 180+ Practice Test Questions
Hand on lab
31+ LiveLab | 31+ Video tutorials | 01+ Hours
Here’s what you will learn
Lessons 1: Introduction
- Before You Begin the CompTIA CASP+ Certification Exam
- Who Should Read This Course
- What You Will Learn
- How This Course Is Organized
- How to Use This Course
- Tips for Taking the CASP+ Exam
- CompTIA CASP+ Study Guide Exam Objectives
- The CASP+ Exam Objective Map
Lessons 2: Risk Management
- Risk Terminology
- The Risk Assessment Process
- Policies Used to Manage Employees
- Cost-Benefit Analysis
- Continuous Monitoring
- Enterprise Security Architecture Frameworks and Governance
- Training and Awareness for Users
- Best Practices for Risk Assessments
- Business Continuity Planning and Disaster Recovery
- Reviewing the Effectiveness of Existing Security Controls
- Conducting Lessons Learned and After-Action Reviews
- Creation, Collection, and Analysis of Metrics
- Analyzing Security Solutions to Ensure They Meet Business Needs
- Testing Plans
- Internal and External Audits
- Using Judgment to Solve Difficult Problems
- Summary
- Exam Essentials
Lessons 3: Configure and Implement Endpoint Security Controls
- Hardening Techniques
- Trusted Operating Systems
- Compensating Controls
- Summary
- Exam Essentials
Lessons 4: Security Operations Scenarios
- Threat Management
- Actor Types
- Intelligence Collection Methods
- Frameworks
- Indicators of Compromise
- Response
- Summary
- Exam Essentials
Lessons 5: Security Ops: Vulnerability Assessments and Operational Risk
- Terminology
- Vulnerability Management
- Vulnerabilities
- Inherently Vulnerable System/Application
- Proactive Detection
- Summary
- Exam Essentials
Lessons 6: Compliance and Vendor Risk
- Shared Responsibility in Cloud Computing
- Security Concerns of Integrating Diverse Industries
- Regulations, Accreditations, and Standards
- Contract and Agreement Types
- Third-Party Attestation of Compliance
- Legal Considerations
- Summary
- Exam Essentials
Lessons 7: Cryptography and PKI
- The History of Cryptography
- Cryptographic Goals and Requirements
- Supporting Security Requirements
- Risks with Data
- Hashing
- Symmetric Algorithms
- Asymmetric Encryption
- Public Key Infrastructure Hierarchy
- Digital Certificates
- Implementation of Cryptographic Solutions
- Recognizing Cryptographic Attacks
- Troubleshooting Cryptographic Implementations
- Summary
- Exam Essentials
Lessons 8: Incident Response and Forensics
- The Incident Response Framework
- Forensic Concepts
- Forensic Analysis Tools
- Summary
- Exam Essentials
Lessons 9: Security Architecture
- Security Requirements and Objectives for a Secure Network Architecture
- Organizational Requirements for Infrastructure Security Design
- Integrating Applications Securely into an Enterprise Architecture
- Data Security Techniques for Securing Enterprise Architecture
- Security Requirements and Objectives for Authentication and Authorization Controls
- Summary
- Exam Essentials
Lessons 10: Secure Cloud and Virtualization
- Implement Secure Cloud and Virtualization Solutions
- How Cloud Technology Adoption Impacts Organization Security
- Summary
- Exam Essentials
Lessons 11: Mobility and Emerging Technologies
- Emerging Technologies and Their Impact on Enterprise Security and Privacy
- Secure Enterprise Mobility Configurations
- Security Considerations for Technologies, Protocols, and Sectors
- Summary
- Exam Essentials
Hands-on LAB Activities
Configure and Implement Endpoint Security Controls
- Running a Security Scanner to Identify Vulnerabilities
- Bypassing Command Shell Restrictions
Security Operations Scenarios
- Using the Social Engineering Toolkit
- Using WinDump
- Configuring a Standard ACL
Security Ops: Vulnerability Assessments and Operational Risk
- Using Burpsuite
- Simulating a DoS Attack
- Tracking Vulnerabilities in Software
- Performing Passive Reconnaissance
- Cracking Passwords using Pwdump7 and Cain and Abel
- Conducting Vulnerability Scanning Using Nessus
- Performing Nmap Port Scanning
- Cracking a Linux Password using the John the Ripper Tool
- Using PuTTY
- Exploiting a Website using SQL Injection
- Conducting Cross-Site Request Forgery Attacks
- Attacking a Website using XSS Injection
Cryptography and PKI
- Observing an MD5-Generated Hash Value
- Using the SHA Series Algorithm
Incident Response and Forensics
- Using Steganography
- Observing an SHA256-Generated Hash Value
- Using TCPdump
- Using Netstat
- Using ExifTool
Security Architecture
- Configuring Iptables
- Testing an Antivirus Program
- Creating a Firewall Rule
- Attempting a Zone Transfer
- Installing and Configuring AD DS
Secure Cloud and Virtualization
- Installing a Virtual Machine
- Capturing Packets using Wireshark
Reviews
There are no reviews yet.