Welcome to ONLC Training Centers


CompTIA On-Demand: CompTIA Advanced Security Practitioner (CASP+) Certification Training Course Outline

 (5 days)
Version 003

*** Note: This is an On-Demand Self Study Class, 5-days of content, 6-month unlimited access, $1295***
(Applicable State and Local taxes may be added for On-Demand purchases, depending on your location.)
CompTIA On-Demand is a self-study training solution that is a great fit for individuals with considerable IT experience who don't need a traditional 5-day class to prepare for a CompTIA exam.

Overview
You may take this course at any time; there are no set dates. The course includes hours of videos, demonstrations, lab exercises and printed courseware that will prepare students for the CompTIA Advanced Security Practitioner CAS-003 exam. In this course, students will learn about understanding risk management, network and security components and architecture, implementing advanced authentication and cryptographic techniques, implementing security for systems, applications, and storage, implementing security for cloud and virtualization technologies, and utilizing security assessments and incident response.

Target Student
This course is designed for IT professionals in the cybersecurity industry whose primary job responsibility is to secure complex enterprise environments. The target student should have real-world experience with the technical administration of these enterprise environments.
This course is also designed for students who are seeking the CompTIA® Advanced Security Practitioner (CASP+®) certification and who want to prepare for Exam CAS-003. Students seeking CASP+ certification should have at least 10 years of experience in IT management, with at least 5 years of hands-on technical security experience.

Prerequisites
To be fit for this advanced course, you should have at least a foundational knowledge of information security. This includes, but is not limited to:
Knowledge of identity and access management (IAM) concepts and common implementations, such as authentication factors and directory services.
Knowledge of cryptographic concepts and common implementations, such as Secure Sockets Layer/Transport Layer Security (SSL/TLS) and public key infrastructure (PKI).
Knowledge of computer networking concepts and implementations, such as the TCP/IP model and configuration of routers and switches.
Knowledge of common security technologies used to safeguard the enterprise, such as anti-malware solutions, firewalls, and VPNs.
You can obtain this level of knowledge by taking the CompTIA® Security+® (Exam SY0-501) course or by demonstrating this level of knowledge by passing the exam.

Do You Still Prefer a Live, Instructor-led Class?
Already know CompTIA On-Demand training is not right for you? We also offer this same course content in a live, instructor-led format. For more details, click on the link below:
CompTIA Advanced Security Practitioner (CASP+) Training Course

Additional Notes Regarding CompTIA Certification Exams
As with most professional IT certifications, many additional hours of study are required before the class (meeting the prerequisites) and after the class (reviewing exam objectives and practice questions). Expect to spend a significant number of hours studying before you take a CompTIA or any other IT professional exam. CompTIA certification exams are very rigorous and challenging. By studying and using the practice exams, you will greatly improve your chances of passing the actual certification exam the first time.
Note: For the most up-to-date exam and exam prerequisite information, please visit:https://certification.comptia.org/training/exam-objectives


ONLC Extras
ONLC Training Centers bundles in valuable extras with our CompTIA On-Demand Courses. These extras are not available from other training companies.

Certification Exam Voucher (A $379!) All of our CompTIA classes include the cost of the CompTIA exam vouchers. With this class, voucher for exams CAS-003 is included--a $379 value. Students must schedule when and where they will take the exam through Pearson Vue, the CompTIA testing service.

Exam Prep Software. This practice exam software will help you prepare for you actual certification exam. These dynamic practice tests provide links to the training content. If you answer a question wrong, you can go back to that topic for review.

Classroom Live Labs. You get easy browser-based access to the equipment you need to work through the labs that go with the CAS-003 course content. Requires only a browser and high-speed internet access.

24/7 Online Support. You will be able to chat online with a content matter expert while you are taking your CompTIA On-Demand class. And, with your permission, the expert can even take over your computer to provide assistance with your labs. (3-Month Access.)

ONLC’s Exam Pass Guarantee
ONLC’s CompTIA certification classes come with an Exam Pass Guarantee. What that essentially means is that we want to make sure that everyone is taking advantage of the Practice Test that we are providing and achieve an 85% or better in Certification Mode prior to us releasing the initial exam voucher.
The practice test is ordered upon request. Once you email us at exam@onlc.com with proof of the 85% or better and along with a copy of the course Certificate of Completion, we will go ahead and release the exam voucher to you within 24 business hours. Should you fail on the first attempt, after submitting your authorized exam score and additional study, we will then provide a second voucher. However, should you decide to not take the practice exam or to take the exam without first achieving the 85% in certification mode, the Exam Pass is null and void. Please read through our:
Exam Pass Guarantee

Duration
This course takes 5 days to complete and includes 12h 3m of video presentation plus hours of practice labs.

Course Content

Chapter 01 - Understanding Risk Management
Topic A: Understanding Business and Industry Influences
Ongoing Risk Management
New Products and User Behaviors
Business Models and Strategies
Cloud Technologies
Acquisitions and Mergers
Due Diligence Team
Data Ownership
Data Reclassification
Integrating Diverse Industries
Common Regulations
Geographic Differences
Data Sovereignty
Internal and External Influences
De-perimeterization
Understand Changes in Network Boundaries

Topic B: Policies and Procedures
Understanding Policies and Procedures
Policy Life Cycle
Process Life Cycle
Reviewing Policies and Processes
Common Business Documents
Security for Contracts
Contract Requirements
General Privacy Principles
Standard Security Practices

Topic C: Risk Mitigation and Control
Introduction to Risk Mitigation
Categorizing Data
Incorporating Stakeholder Input
Aggregate CIA Scores
Selecting and Implementing Controls
Security Control Frameworks
Options for Frameworks
Extreme Scenario Planning
System-Specific Risk Analysis
Qualitative Risk Analysis
Quantitative Risk Analysis
Risk Impact
Likelihood of Threat
Return on Investment
Understanding Payback
Total Cost of Ownership
TCO Guidelines
Translate to Business Terms
Risk Management Strategies
Risk Management Processes
Information and Asset Value and Costs
Vulnerabilities and Threat Identification
Additional Factors

Topic D: Business Continuity Planning
Continuity Planning
BCP Components
BCP Steps
Additional Plans
Conducting Business Impact Analysis

Chapter 02 - Network and Security Components and Architecture
Topic A: Physical and Virtual Network Security Devices
Unified Threat Management
Analyzing UTM
Intrusion Detection and Prevention
In-Line Network Encryptor
Network Access Control
SIEM
Firewalls
Firewall Architecture
Wireless Controller
Routers and Switches
Proxy Servers

Topic B: Application and Protocol Level Security
Web Application Firewalls
Hardware Security Modules
Vulnerability Scanners

Topic C: Advanced Network Design
Virtual Private Networks
VPN Protocols
IP Security (IPSec)
IPSec Modes
Secure Sockets Layer (SSL)
Transport Layer Security (TLS)
Additional Security Protocols
Authentication Protocols

Topic D: Network Solutions for Data Flow
Data Loss Prevention
Data Flow Enforcement
Network Flow

Topic E: Secure Baselines of Networking and Security Components
Securing Device Configurations
Access Control Lists (ACLs)
ACL Rule Sets
Change Monitoring
Configuration Lockdown
Availability Controls
Disk Availability
Key Availability Terms

Topic F: Advanced Configuration of Network Devices
Additional Configurations
Transport Security
Trunking Security
Port Security
Ports and Sockets
Security Zones
Network Segmentation
Network Access Control
NAC Concepts
Network Enabled Devices
Automation Systems
Physical Security

Chapter 03 - Implementing Advanced Authentication and Cryptographic Techniques
Topic A: Understanding Authentication and Authorization Concepts
Authentication
The Importance of Identity
Additional Password Options
Demo - Enforcing Strong Passwords
Biometric Authentication
Biometric Considerations
Beyond Single Factor
Certificate Authentication
Authorization
Open Authorization
XACML
SPML
Authorization Concepts
Trust Models

Topic B: Cryptographic Techniques
Introduction to Cryptography
Cryptographic Techniques
Key Stretching
Hashing
Message Digest (MD) Algorithms
Secure Hash Algorithm (SHA)
Digital Signatures
Message Authentication
Code Signing
Additional Concepts
Protecting Data in Transit
Protecting Data in Memory
Protecting Data at Rest
Symmetric Algorithms
Asymmetric Algorithms
Encryption Methods

Topic C: Cryptographic Implementations
Crypto Options
Additional Crypto Options
Cryptographic Applications
Crypto Considerations
Stream vs. Block Ciphers
Block Cipher Modes
Public Key Infrastructure
Primary PKI Functions
Additional PKI Concepts

Chapter 04 - Implementing Security for Systems, Applications, and Storage
Topic A: Security for Host Devices
Trusted OS
Trusted OS Options
Security Software
Additional Host-Based Software Options
Auditing
Endpoint Detection Response
Host Hardening
Group Policy
Command Shell Restrictions
Out-of-Band Management
Dedicated Interfaces
External I/O Restrictions
Wireless Technologies
Wi-Fi Components
802.11 Standards
Wireless Security
Securing Other Host Devices
Boot Security
Additional Boot Security Options

Topic B: Mobile Device Security
Enterprise Mobility Management
MDM Concepts
Management Options
Context Aware Management
Security and Privacy
Physical Security Options
Additional Mobile Device Concepts
Authentication Options
Mobile Devices
Wearable Security Implications

Topic C: Software Security Controls
Application Security Design Considerations
Application Issues
Data Remnants
Securing Applications
Using JSON and REST
Browser Extensions
Application Vulnerabilities

Chapter 05 - Implementing Security for Cloud and Virtualization Technologies
Topic A: Cloud and Virtualization Technology
Cloud Computing and Virtualization
Cloud Options
Security Considerations
Cloud Service Models
Security and Virtualization
Cloud-Augmented Security Services
Security as a Service
Virtualization Vulnerabilities

Topic B: Securing Remote Access and Collaboration
Remote Access
Dial-Up Access
Virtual Private Networks
Remote Access Purposes
Security Considerations
Unified Collaboration Tools
Web Conferencing
Video Conferencing
Storage and Document Collaboration
Unified Communication
Instant Messaging
Presence
E-Mail

Chapter 06 - Utilizing Security Assessments and Incident Response
Topic A: Security Assessments
Importance of Security Assessments
Malware Sandboxing
Memory Dumping
Runtime Debugging
Reconnaissance
Fingerprinting
Code Review
Social Engineering
Public Information
Penetration Test
Vulnerability Assessment
Assessment Styles

Topic B: Security Assessment Tools
Network Tool Types
Security Content Automation Protocol (SCAP)
Common Vulnerability Scoring System (CVSS)
Fuzzing
Exploit Kits
Host Tools
Additional Host Tools
Physical Security Tools

Topic C: Incident Response and Recovery
E-discovery
Data Breach
Incident Response Process

View outline in Word

GCASP3

Attend hands-on, instructor-led CompTIA On-Demand: CompTIA Advanced Security Practitioner (CASP+) Certification Training training classes at ONLC's more than 300 locations. Not near one of our locations? Attend these same live classes from your home/office PC via our Remote Classroom Instruction (RCI) technology.

For additional training options, check out our list of Courses and select the one that's right for you.

Microsoft Gold Partner

Price:$1295

Need a price quote?

Follow the link to our self-service price quote form to generate an email with a price quote.

Attend computer classes from ONLC Training Centers Request a copy via mail

GENERAL INFO

Class Format
Class Policies
Student Reviews

Bookmark and Share


HAVE QUESTIONS?
First Name

Last Name

Company

Phone

Email

Location

Question/Comment



ONLC TRAINING CENTERS
800-288-8221
www.onlc.com