This CompTIA Advanced Security Practitioner (CASP+) training course will prepare you to successfully achieve this in-demand certification and teach you to assess, investigate, examine, and research potential security threats in your organisation.

In this certification training course, you will gain the foundational knowledge to fully prepare for the CASP+ exam (CAS-003). Earning CASP+ certification demonstrates your knowledge and skills in enterprise security, risk management, research and analysis, and the integration of computing, communications, and business disciplines.

Associated Certification:

• Exam Code: CAS-004

CASP+ Exam Overview

• Examination and certification goals
• The five domains of the exam
• Learning techniques

Enterprise Security

Identifying security concerns in scenarios

• Exploring cryptographic techniques
• Advanced PKI concepts

Distinguishing between cryptographic concepts

• Entropy
• Confusion and diffusion
• Chain of trust

Securing enterprise storage

• Examining storage types and protocols
• Secure storage management

Analysing network security architectures

• Designing secure networks
• Employing virtual networking solutions

Troubleshooting security controls for hosts

• Host security: trusted OS, end-point, host hardening
• Vulnerabilities in co-mingling of hosts

Differentiating application vulnerabilities

• Web application security
• Application security concerns
• Mitigating client-side vs. server-side processing

Risk Management and Incident Response

Interpreting business and industry influences and risks

• Analysing risk scenarios
• Identifying the impact of de-perimeterization

Executing risk mitigation planning, strategies and control

• Assessing the CIA aggregate scores
• Making risk determination

Privacy policies and procedures

• Developing policies to support business objectives
• Safeguarding Personally Identifiable Information (PII)

Conduct incident response and recovery procedures

• Constructing a data inventory with e-discovery
• Minimising the severity of data breaches

Research, Analysis and Assessment

Determining industry trends impact to the enterprise

• Performing ongoing research to support best practises
• Researching security requirement for contracts

Appropriate security document usage

• Request for Information (RFI)
• Request for Quote (RFQ)
• Request for Proposal (RFP)

Evaluating scenarios to determine how to secure the enterprise

• Conducting cost benefit and security solution analysis
• Reviewing effectiveness of existing security controls

Conducting an assessment and analysing the results

• Determining appropriate tools for data gathering
• Identifying methods to perform assessments

Integrating Computing, Communications and Business Disciplines

Collaborating across diverse business units to achieve security goals

• Communicating with stakeholders
• Interpreting security requirements and providing guidance
• Identifying secure communications goals

Selecting controls for secure communications

• Utilising unified collaboration tools
• Mobile devices
• Applying over the air technologies

Implementing security across technology life cycle

• Selecting security controls
• Developing Security Requirements Traceability Matrices

Technical Integration of Enterprise Components

Integrate devices into a secure enterprise architecture

• Securing data following existing security standards
• Applying technical deployment models
• Integrating storage and applications into the enterprise

Integrating advanced authentication and authorisation technologies

• Implementing certificate-based and SSO authentication
• Applying federation solutions

This course is designed for IT professionals in the cybersecurity industry whose primary job responsibility is to secure complex enterprise environments.

• CompTIA Security + Certification
• Ten years of IT administration experience, including at least five years of hands-on technical security experience