CompTIA Advanced Security Practitioner (CASP)

299 USD 9 USD 97%
Test scorm

CompTIA's CASP - CompTIA Advanced Security Practitioner , is a vendor-neutral certification that validates IT professionals with advanced-level security skills and knowledge. This certification course covers the technical knowledge and skills required to conceptualize, design, and engineer secure solutions across complex enterprise environments.read more

Module 1 - Business Influences and Associated Security Risks

  • Risk Management
  • Business Model Strategies
  • Integrating Diverse Industries
  • Third Party Information Security and Providers
  • Internal and External Influences
  • Impact of De-Perimeterization

Module 2 - Risk Mitigation Planning - Strategies and Controls

  • CIA Triad
  • Business Classifications
  • Information Life Cycle and Steak-Holder Input
  • Implementing Technical Controls
  • Determine Aggregate CIA Score
  • Worst Case Scenario Planning
  • Calculation Tools and Attacker Motivation
  • Return Of Investment
  • Total Cost of Ownership and Risk Strategies
  • Risk Management Process
  • Identifying Vulnerabilities and Threats
  • Security Architecture Frameworks
  • Business Continuity Planning
  • IT Governance
  • Security Policies

Module 3 - Security-Privacy Policies and Procedures

  • Policy Development Updates
  • Developing Processes and Procedures
  • Legal Compliance
  • Security Policy Business Documents
  • Outage Impact and Estimating Downtime Terms
  • Sensitive Information-Internal Security Policies
  • Incident Response Process
  • Forensic Tasks
  • Employment and Termination Procedures
  • Network Auditing

Module 4 - Incident Response and Recovery Procedures

  • E-Discovery and Data Retention Policies
  • Data Recovery-Storage and Backup Schemes
  • Data Owner and Data Handling
  • Disposal Terms and Concepts
  • Data Breach and Data Analysis
  • Incident Response Guidelines
  • Incident and Emergency Response
  • Media-Software and Network Analysis
  • Order of Volatility

Module 5 - Industry Trends

  • Performing Ongoing Research
  • Security Practices
  • Evolution of Technology
  • Situational Awareness and Vulnerability Assessments
  • Researching Security Implications
  • Global Industry Security Response
  • Threat Actors
  • Contract Security Requirements
  • Contract Documents

Module 6 - Securing the Enterprise

  • Benchmarks and Baselines
  • Prototyping and Testing Multiple Solutions
  • Cost/Benefit Analysis
  • Metrics Collection and Trend Data
  • Security Controls-Reverse Engineering and Deconstructing
  • Security Solutions Business Needs
  • Lesson Learned- After Action Report

Module 7 - Assessment Tools and Methods

  • Port Scanners and Vulnerability Scanners
  • Protocol Analyzer- Network Enumerator-Password Cracker
  • Fuzzers and HTTP Interceptors
  • Exploitation Tools
  • Passive Reconnaissance Tools
  • Vulnerability Assessments and Malware Sandboxing
  • Memory Dumping and Penetration Testing
  • Reconnaissance and Fingerprinting
  • Code Review
  • Social Engineering

Module 8 - Social Cryptographic Concepts and Techniques

  • Cryptographic Benefits and Techniques
  • Hashing Algorithms
  • Message Authentication Code
  • Cryptographic Concepts
  • Transport Encryption Protocol
  • Symmetric Algorithms
  • Asymmetric Algorithms
  • Hybrid Encryption and Digital Signatures
  • Public Key Infrastructure
  • Digital Certificate Classes and Cypher Types
  • Des Modes
  • Cryptographic Attacks
  • Strength vs Performance and Cryptographic Implementations

Module 9 - Enterprise Storage

  • Virtual Storage Types and Challenges
  • Cloud Storage
  • Data Warehousing
  • Data Archiving
  • Storage Area Networks (SANs) and (VSANs)
  • Network Attached Storage (NAS)
  • Storage Protocols and Fiber Channel over Ethernet (FCoE)
  • Storage Network File Systems
  • Secure Storage Management Techniques
  • LUN Masking/Mapping and HBA Allocation
  • Replication and Encryption Methods

Module 10 - Network and Security Components-Concepts-Security Architectures

  • Remote Access Protocols
  • IPv6 and Transport Encryption
  • Network Authentication Methods
  • 802.1x and Mesh Networks
  • Security Devices
  • Network Devices
  • Firewalls
  • Wireless Controllers
  • Router Security and Port Numbers
  • Network Security Solutions
  • Availability Controls-Terms and Techniques
  • Advanced Router and Switch Configuration
  • Data Flow Enforcement of Applications and Networks
  • Network Device Accessibility and Security

Module 11 - Security Controls for Hosts

  • Trusted Operation Systems
  • Endpoint Security Software and Data Loss Prevention
  • Host Based Firewalls
  • Log Monitoring and Host Hardening
  • Standard Operating Environment and Group Policy Security
  • Command Shell Restrictions
  • Configuring and Managing Interface Security
  • USB-Bluetooth-Firewire Restrictions and Security
  • Full Disk Encryption
  • Virtualization Security
  • Cloud Security Services
  • Boot Loader Protections
  • Virtual Host Vulnerabilities
  • Virtual Desktop Infrastructure
  • Terminal Services
  • Virtual TPM

Module 12 - Application Vulnerabilities and Security Controls

  • Web Application Security Design
  • Specific Application Issues
  • Session Management
  • Input Validation
  • Web Vulnerabilities and Input Mitigation Issues
  • Buffer Overflow and other Application Issues
  • Application Security Framework
  • Web Service Security and Secure Coding Standards
  • Software Development Methods
  • Monitoring Mechanisms and Client-Server Side Processing
  • Browser Extensions and Other Web Development Techniques

Module 13 - Host-Storage-Network and Application Integration

  • Securing Data Flows
  • Standards Concepts
  • Interoperability Issues
  • In House Commercial and Customized Applications
  • Cloud and Virtualization Models
  • Logical and Physical Deployment Diagrams
  • Secure Infrastructure Design
  • Storage Integration Security
  • Enterprise Application Integration Enablers

Module 14 - Authentication and Authorization Technologies

  • Authentication and Identity Management
  • Password Types-Management and Policies
  • Authentication Factors
  • Biometrics
  • Dual-Multi Factor and Certificate Authentication
  • Single Sign On Issues
  • Access Control Models and Open Authorization
  • Extensible Access Control Markup Language (XACML)
  • Service Provisioning Markup Language (SPML)
  • Attestation and Identity Propagation
  • Federation and Security Assertion Markup Language (SAML)
  • OpenID-Shibboleth and WAYF
  • Advanced Trust Models

Module 15 - Business Unit Collaboration

  • Identifying and Communicating Security Requirements
  • Security Controls Recommendations
  • Secure Solutions Collaboration

Module 16 - Secure Communication and Collaboration

  • Web-Video Conferencing-Instant Messaging
  • Desktop Sharing
  • Presence Guidelines
  • Email Messaging Protocol
  • Telephony-VoIP and Social Media
  • Cloud Based Collaboration
  • Remote Access and IPsec
  • Mobile and Personal Device Management
  • Over Air Technology Concerns
  • WLAN Concepts-Terms-Standards
  • WLAN Security and Attacks

Module 17 - Security Across the Technology Life Cycle

  • End to End Solution Ownership
  • System Development Life Cycle
  • Security Implications of Software Development Methodologies
  • Asset Management
  1. CASP - Module 1
6
Start
Third Party Information Security and Providers
7
Start
Internal and External Influences
8
Start
Impact of De-Perimeterization
  1. CASP - Module 2
9
Start
Risk Mitigation Planning - Strategies and Controls
10
Start
CIA Triad
11
Start
Business Classifications
12
Start
Information Life Cycle and Steak-Holder Input
13
Start
Implementing Technical Controls
14
Start
Determine Aggregate CIA Score
15
Start
Worst Case Scenario Planning
16
Start
Calculation Tools and Attacker Motivation
17
Start
Return Of Investment
18
Start
Total Cost of Ownership and Risk Strategies
19
Start
Risk Management Process
20
Start
Identifying Vulnerabilities and Threats
21
Start
Security Architecture Frameworks
22
Start
Business Continuity Planning
23
Start
IT Governance
24
Start
Security Policies
  1. CASP - Module 3
25
Start
Security-Privacy Policies and Procedures
25
Start
Security-Privacy Policies and Procedures
26
Start
Policy Development Updates
27
Start
Developing Processes and Procedures
28
Start
Legal Compliance
28
Start
Legal Compliance
29
Start
Security Policy Business Documents
30
Start
Outage Impact and Estimating Downtime Terms
31
Start
Sensitive Information-Internal Security Policies
32
Start
Incident Response Process
33
Start
Forensic Tasks

Interface to navigate the videos is the worst. How about a 'next' button that will open the next video instead of having to manually close the browser window?

by r0yster

Add New Discussion

How do you rate this product?
8 + 6 =

Select currency