Comptia Advanced Security Practitioner (Casp)

Gain the CyberSecurity Skills

What you'll learn
This course will prepare you to pass the exam CompTIA Advanced Security Practitioner (CASP)
The CompTIA Advanced Security Practitioner certification is an international, vendor-neutral exam that proves competency in enterprise security; risk management; research and analysis; and integration of computing, communications, and business disciplines.
The exam covers the technical knowledge and skills required to conceptualize, design, and engineer secure solutions across complex enterprise environments. It involves applying critical thinking and judgment across a broad spectrum of security disciplines to propose and implement solutions that map to enterprise drivers.
Requirements
Ten years of IT administration experience, including at least five years of hands-on technical security experience
CompTIA Security + Certification or equivalent experience
Description
CompTIA's CASP - CompTIA Advanced Security Practitioner , is a vendor-neutral certification that validates IT professionals with advanced-level security skills and knowledge. This certification course covers the technical knowledge and skills required to conceptualize, design, and engineer secure solutions across complex enterprise environments. It involves applying critical thinking and judgment across a broad spectrum of security disciplines to propose and implement solutions that map to enterprise drivers, while managing risk.
There is no required prerequisite for this course however, the CASP certification is intended to follow CompTIA Security+ or equivalent experience and has a technical, hands-on focus at the enterprise level.
This CASP training course follows the CompTIA authorized objectives, ensuring you receive the training and knowledge needed to succeed.

Overview

Section 1: Introduction

Lecture 1 Course Introduction

Section 2: Business Influences and Associated Security Risks

Lecture 2 Introduction

Lecture 3 Risk Management

Lecture 4 Business Model Strategies

Lecture 5 Integrating Diverse Industries

Lecture 6 Third Party Information Security and Providers

Lecture 7 Internal and External Influences

Lecture 8 Impact of De-Perimeterization

Section 3: Risk Mitigation Planning - Strategies and Controls

Lecture 9 Introduction

Lecture 10 CIA Triad

Lecture 11 Business Classifications

Lecture 12 Information Life Cycle and Steak-Holder Input

Lecture 13 Implementing Technical Controls

Lecture 14 Determine Aggregate CIA Score

Lecture 15 Worst Case Scenario Planning

Lecture 16 Calculation Tools and Attacker Motivation

Lecture 17 Return Of Investment

Lecture 18 Total Cost of Ownership and Risk Strategies

Lecture 19 Risk Management Process

Lecture 20 Identifying Vulnerabilities and Threats

Lecture 21 Security Architecture Frameworks

Lecture 22 Business Continuity Planning

Lecture 23 IT Governance

Lecture 24 Security Policies

Section 4: Security-Privacy Policies and Procedures

Lecture 25 Introduction

Lecture 26 Security-Privacy Policies and Procedures

Lecture 27 Policy Development Updates

Lecture 28 Developing Processes and Procedures

Lecture 29 Legal Compliance Part1

Lecture 30 Legal Compliance Part2

Lecture 31 Security Policy Business Documents

Lecture 32 Outage Impact and Estimating Downtime Terms

Lecture 33 Sensitive Information-Internal Security Policies

Lecture 34 Incident Response Process

Lecture 35 Forensic Tasks

Lecture 36 Employment and Termination Procedures

Lecture 37 Network Auditing

Section 5: Incident Response and Recovery Procedures

Lecture 38 Introduction

Lecture 39 E-Discovery and Data Retention Policies

Lecture 40 Data Recovery-Storage and Backup Schemes

Lecture 41 Data Owner and Data Handling

Lecture 42 Disposal Terms and Concepts

Lecture 43 Data Breach and Data Analysis

Lecture 44 Incident Response Guidelines

Lecture 45 Incident and Emergency Response

Lecture 46 Media-Software and Network Analysis

Lecture 47 Order of Volatility

Section 6: Industry Trends

Lecture 48 Introduction

Lecture 49 Performing Ongoing Research

Lecture 50 Security Practices

Lecture 51 Evolution of Technology

Lecture 52 Situational Awareness and Vulnerability Assessments

Lecture 53 Researching Security Implications

Lecture 54 Global Industry Security Response

Lecture 55 Threat Actors

Lecture 56 Contract Security Requirements

Lecture 57 Contract Documents

Section 7: Securing the Enterprise

Lecture 58 Introduction

Lecture 59 Benchmarks and Baselines

Lecture 60 Prototyping and Testing Multiple Solutions

Lecture 61 Cost/Benefit Analysis

Lecture 62 Metrics Collection and Trend Data

Lecture 63 Security Controls-Reverse Engineering and Deconstructing

Lecture 64 Security Solutions Business Needs

Lecture 65 Lesson Learned- After Action Report

Section 8: Assessment Tools and Methods

Lecture 66 Introduction

Lecture 67 Port Scanners and Vulnerability Scanners

Lecture 68 Protocol Analyzer- Network Enumerator-Password Cracker

Lecture 69 Fuzzers and HTTP Interceptors

Lecture 70 Exploitation Tools

Lecture 71 Passive Reconnaissance Tools

Lecture 72 Vulnerability Assessments and Malware Sandboxing

Lecture 73 Memory Dumping and Penetration Testing

Lecture 74 Reconnaissance and Fingerprinting

Lecture 75 Code Review

Lecture 76 Social Engineering

Section 9: Social Cryptographic Concepts and Techniques

Lecture 77 Introduction

Lecture 78 Cryptographic Benefits and Techniques

Lecture 79 Hashing Algorithms

Lecture 80 Message Authentication Code

Lecture 81 Cryptographic Concepts

Lecture 82 Transport Encryption Protocol

Lecture 83 Symmetric Algorithms

Lecture 84 Asymmetric Algorithms

Lecture 85 Hybrid Encryption and Digital Signatures

Lecture 86 Public Key Infrastructure

Lecture 87 Digital Certificate Classes and Cypher Types

Lecture 88 Des Modes

Lecture 89 Cryptographic Attacks

Lecture 90 Strength vs Performance and Cryptographic Implementations

Section 10: Enterprise Storage

Lecture 91 Introduction

Lecture 92 Virtual Storage Types and Challenges

Lecture 93 Cloud Storage

Lecture 94 Data Warehousing

Lecture 95 Data Archiving

Lecture 96 Storage Area Networks (SANs) and (VSANs)

Lecture 97 Network Attached Storage (NAS)

Lecture 98 Storage Protocols and Fiber Channel over Ethernet (FCoE)

Lecture 99 Storage Network File Systems

Lecture 100 Secure Storage Management Techniques

Lecture 101 LUN Masking/Mapping and HBA Allocation

Lecture 102 Replication and Encryption Methods

Section 11: Network and Security Components-Concepts-Security Architectures

Lecture 103 Introduction

Lecture 104 Remote Access Protocols

Lecture 105 IPv6 and Transport Encryption

Lecture 106 Network Authentication Methods

Lecture 107 802.1x and Mesh Networks

Lecture 108 Security Devices

Lecture 109 Network Devices

Lecture 110 Firewalls

Lecture 111 Wireless Controllers

Lecture 112 Router Security and Port Numbers

Lecture 113 Network Security Solutions

Lecture 114 Availability Controls-Terms and Techniques

Lecture 115 Advanced Router and Switch Configuration

Lecture 116 Data Flow Enforcement of Applications and Networks

Lecture 117 Network Device Accessibility and Security

Section 12: Security Controls for Hosts

Lecture 118 Introduction

Lecture 119 Trusted Operation Systems

Lecture 120 Endpoint Security Software and Data Loss Prevention

Lecture 121 Network Authentication Protocols

Lecture 122 Log Monitoring and Host Hardening

Lecture 123 Standard Operating Environment and Group Policy Security

Lecture 124 Command Shell Restrictions

Lecture 125 Configuring and Managing Interface Security

Lecture 126 USB-Bluetooth-Firewire Restrictions and Security

Lecture 127 Full Disk Encryption

Lecture 128 Virtualization Security

Lecture 129 Cloud Security Services

Lecture 130 Boot Loader Protections

Lecture 131 Virtual Host Vulnerabilities

Lecture 132 Virtual Desktop Infrastructure

Lecture 133 Terminal Services

Lecture 134 Virtual TPM

Section 13: Application Vulnerabilities and Security Controls

Lecture 135 Introduction

Lecture 136 Web Application Security Design

Lecture 137 Specific Application Issues

Lecture 138 Session Management

Lecture 139 Input Validation

Lecture 140 Web Vulnerabilities and Input Mitigation Issues

Lecture 141 Buffer Overflow and other Application Issues

Lecture 142 Application Security Framework

Lecture 143 Web Service Security and Secure Coding Standards

Lecture 144 Software Development Methods

Lecture 145 Monitoring Mechanisms and Client-Server Side Processing

Lecture 146 Browser Extensions and Other Web Development Techniques

Section 14: Host-Storage-Network and Application Integration

Lecture 147 Introduction

Lecture 148 Securing Data Flows

Lecture 149 Standards Concepts

Lecture 150 Interoperability Issues

Lecture 151 In House Commercial and Customized Applications

Lecture 152 Cloud and Virtualization Models

Lecture 153 Logical and Physical Deployment Diagrams

Lecture 154 Secure Infrastructure Design

Lecture 155 Storage Integration Security

Lecture 156 Enterprise Application Integration Enablers

Section 15: Authentication and Authorization Technologies

Lecture 157 Introduction

Lecture 158 Authentication and Identity Management

Lecture 159 Password Types-Management and Policies

Lecture 160 Authentication Factors

Lecture 161 Biometrics

Lecture 162 Dual-Multi Factor and Certificate Authentication

Lecture 163 Single Sign On Issues

Lecture 164 Access Control Models and Open Authorization

Lecture 165 Extensible Access Control Markup Language (XACML)

Lecture 166 Service Provisioning Markup Language (SPML)

Lecture 167 Attestation and Identity Propagation

Lecture 168 Federation and Security Assertion Markup Language (SAML)

Lecture 169 OpenID-Shibboleth and WAYF

Lecture 170 Advanced Trust Models

Section 16: Business Unit Collaboration

Lecture 171 Introduction

Lecture 172 Identifying and Communicating Security Requirements

Lecture 173 Security Controls Recommendations

Lecture 174 Secure Solutions Collaboration

Section 17: Secure Communication and Collaboration

Lecture 175 Introduction

Lecture 176 Web-Video Conferencing-Instant Messaging

Lecture 177 Desktop Sharing

Lecture 178 Presence Guidelines

Lecture 179 Email Messaging Protocol

Lecture 180 Telephony-VoIP and Social Media

Lecture 181 Cloud Based Collaboration

Lecture 182 Remote Access and IPsec

Lecture 183 Mobile and Personal Device Management

Lecture 184 Over Air Technology Concerns

Lecture 185 WLAN Concepts-Terms-Standards

Lecture 186 WLAN Security and Attacks

Section 18: Security Across the Technology Life Cycle

Lecture 187 Introduction

Lecture 188 End to End Solution Ownership

Lecture 189 System Development Life Cycle

Lecture 190 Security Implications of Software Development Methodologies

Lecture 191 Course End

Lecture 192 Asset Management

An IT security professional who has a minimum of 10 years experience in IT administration including at least 5 years of hands-on technical security experience.,IT professionals aiming to move into a specialist security position such as a risk manager or analyst, security architect, or penetration tester/ethical Hacker.,Cyber Security / IS Professional,Information Security Analyst,Security Architect,IT Specialist INFOSEC,IT Specialist, Cybersecurity, Cybersecurity Risk Manager,Cybersecurity Risk Analyst