CompTIA Advanced Security Practitioner (CASP+) Certification Prep (Exam CAS-003)
Details
This course can also benefit you if you intend to pass the CompTIA Advanced Security Practitioner (CAS-003) certification examination. CASP+ certification is an international, vendor-neutral exam that proves competency in enterprise security. What you learn and practice in this course can be a significant part of your preparation.
The exam covers the technical knowledge and skills required to conceptualize, design, and engineer secure solutions across complex enterprise environments. It involves applying critical thinking and judgment across a broad spectrum of security disciplines to propose and implement solutions that map to enterprise drivers.
Intended Audience
- This course is designed for IT professionals who want to acquire the technical knowledge and skills needed to conceptualize, engineer, integrate, and implement secure solutions across complex enterprise environments.
- The candidates seeking the CompTIA Advanced Security Practitioner (CASP+) certification and who want to prepare for Exam CAS-003.
- 10 years experience in IT administration, including at least 5 years of hands-on technical security experience
- CompTIA Security+ Certification Prep (Exam SY0-401)
Outline
-
- Enterprise Security
- Identifying security concerns in scenarios
- Exploring cryptographic techniques
- Advanced PKI concepts
- Distinguishing between cryptographic concepts
- Entropy
- Confusion and diffusion
- Chain of trust
- Securing enterprise storage
- Examining storage types and protocols
- Secure storage management
- Analyzing network security architectures
- Designing secure networks
- Employing virtual networking solutions
- Troubleshooting security controls for hosts
- Host security: trusted OS, end-point, host hardening
- Vulnerabilities in co-mingling of hosts
- Differentiating application vulnerabilities
- Web application security
- Application security concerns
- Mitigating client-side vs. server-side processing
- Identifying security concerns in scenarios
- Risk Management and Incident Response
- Interpreting business and industry influences and risks
- Analyzing risk scenarios
- Identifying the impact of de-perimeterization
- Executing risk mitigation planning, strategies and control
- Assessing the CIA aggregate scores
- Making risk determination
- Privacy policies and procedures
- Developing policies to support business objectives
- Safeguarding Personally Identifiable Information (PII)
- Conduct incident response and recovery procedures
- Constructing a data inventory with e-discovery
- Minimizing the severity of data breaches
- Interpreting business and industry influences and risks
- Research, Analysis and Assessment
- Determining industry trends impact to the enterprise
- Performing ongoing research to support best practices
- Researching security requirement for contracts
- Appropriate security document usage
- Request for Information (RFI)
- Request for Quote (RFQ)
- Request for Proposal (RFP)
- Evaluating scenarios to determine how to secure the enterprise
- Conducting cost benefit and security solution analysis
- Reviewing effectiveness of existing security controls
- Conducting an assessment and analyzing the results
- Determining appropriate tools for data gathering
- Identifying methods to perform assessments
- Determining industry trends impact to the enterprise
- Integrating Computing, Communications and Business Disciplines
- Collaborating across diverse business units to achieve security goals
- Communicating with stakeholders
- Interpreting security requirements and providing guidance
- Identifying secure communications goals
- Selecting controls for secure communications
- Utilizing unified collaboration tools
- Mobile devices
- Applying over the air technologies
- Implementing security across technology life cycle
- Selecting security controls
- Developing Security Requirements Traceability Matrices
- Collaborating across diverse business units to achieve security goals
- Technical Integration of Enterprise Components
- Integrate devices into a secure enterprise architecture
- Securing data following existing security standards
- Applying technical deployment models
- Integrating storage and applications into the enterprise
- Integrating advanced authentication and authorization technologies
- Implementing certificate-based and SSO authentication
- Applying federation solutions
- Integrate devices into a secure enterprise architecture
- Enterprise Security
NetCom Learning helps build innovative learning organizations in the workplace by structuring a smarter workforce, supporting learning changes, and driving learning growth. Since 1998 we have been empowering organizations to reach optimal performance results and address challenges by managing all aspects of organizational learning.
NetCom Learning is honored to be recognized as Microsoft's Worldwide Training Partner of the Year by Microsoft and as a Top 20 IT Training Company by TrainingIndustry.com for three years. We offer over 1,500 courses available to organizations around the world, encompassing all your technology and business training needs. From authorized or foundational training to specialized certifications, we empower organizations to achieve a competitive advantage. In addition, we provide customers with a choice of customized private programs, convenient scheduling options, flexible delivery formats, and continuous learning support, all tailored towards minimizing the skills gap and gaining maximum business impact for your organization. ...