CompTIA On-Demand: CompTIA Advanced Security Practitioner (CASP+) Certification Training Course Outline
*** This is an On-Demand (self-study)Course, 180-day, 24/7 access via the internet***
(Applicable State and Local taxes may be added for On-Demand purchases, depending on your location.)
You may take this course at any time; there are no set dates. This On-Demand (self-study) course includes hours of videos, demonstrations, lab exercises and printed courseware that will prepare students for the CompTIA Advanced Security Practitioner CAS-004 exam. Note: The 6-month course access period begins at time of purchase.
Overview
This course will prepare students for the CompTIA Advanced Security Practitioner CAS004 exam. In this course, students will learn about security architecture, security operations, security engineering and cryptography, and governance, risk, and compliance.
Target Student
This course is designed for IT professionals in the cybersecurity industry whose primary job responsibility is to secure complex enterprise environments. The target student should have real-world experience with the technical administration of these enterprise environments.
This course is also designed for students who are seeking the CompTIA® Advanced Security Practitioner (CASP+®) certification and who want to prepare for Exam CAS-004. Students seeking CASP+ certification should have at least 10 years of experience in IT management, with at least 5 years of hands-on technical security experience.
Prerequisites
To be fit for this advanced course, you should have at least a foundational knowledge of information security. This includes, but is not limited to:
• Knowledge of identity and access management (IAM) concepts and common implementations, such as authentication factors and directory services.
• Knowledge of cryptographic concepts and common implementations, such as Secure Sockets Layer/Transport Layer Security (SSL/TLS) and public key infrastructure (PKI).
• Knowledge of computer networking concepts and implementations, such as the TCP/IP model and configuration of routers and switches.
• Knowledge of common security technologies used to safeguard the enterprise, such as anti-malware solutions, firewalls, and VPNs.
You can obtain this level of knowledge by taking the CompTIA® Security+® (Exam SY0-501) course or by demonstrating this level of knowledge by passing the exam.
Do You Still Prefer a Live, Instructor-led Class?
Already know CompTIA On-Demand training is not right for you? We also offer this same course content in a live, instructor-led format. For more details, click on the link below:
CompTIA Advanced Security Practitioner (CASP+) Training Course
Additional Notes Regarding CompTIA Certification Exams
As with most professional IT certifications, many additional hours of study are required before the class (meeting the prerequisites) and after the class (reviewing exam objectives and practice questions). Expect to spend a significant number of hours studying outside of the class before you take a CompTIA or any other IT professional exam.
CompTIA certification exams are very rigorous and challenging. By studying and using the practice exams, you will greatly improve your chances of passing the actual certification exam the first time.
Note: For the most up-to-date exam and exam prerequisite information, please visit:https://certification.comptia.org/training/exam-objectives
ONLC Extras
ONLC Training Centers bundles in valuable extras with our CompTIA On-Demand Courses. These extras are not available from other training companies.
Certification Exam Voucher (A $480 value!) All of our CompTIA classes include the cost of the CompTIA exam vouchers. With this class, the voucher for exam CAS-004 is included. Students must schedule when and where they will take the exam through Pearson Vue, the CompTIA testing service.
Exam Prep Software (A $99 value!). This practice exam software will help you prepare for you actual certification exam. These dynamic practice tests provide links to the training content. If you answer a question wrong, you can go back to that topic for review.
24/7 Online Support. You will be able to chat online with a content matter expert while you are taking your CompTIA On-Demand class. And, with your permission, the expert can even take over your computer to provide assistance with your labs. (3-Month Access.)
ONLC’s Exam Pass Guarantee
ONLC’s CompTIA certification classes come with an Exam Pass Guarantee. If you don't pass the authorized certification exam on your first try, we'll provide one (1) additional exam voucher free of charge. To qualify, please read through our:
Exam Pass Guarantee
Duration
This course takes 5 days to complete and includes 12h 59m of video presentation plus hours of practice labs.
Course Content
Course Introduction
Introduction to CompTIA CASP+ CAS-004
Instructor Introduction
What is CASP+
New CASP+ CAS-004 Exam
CASP+ CAS-004 Exam Domains
Security Architecture
-Securing Network Architecture-
Services
Segmentation
Deperimeterization and Zero Trust
Merging of Networks from Various Organizations
Software-Defined Networking (SDN)
-Infrastructure Security Design-
Scalability
Resiliency
Automation
Containerization
Virtualization
Content Delivery Network
Caching
-Applications Security and Integration-
Baseline and Templates
Software Assurance
Considerations of Integrating Enterprise Applications
Integrating Security into Development Life Cycle
-Data Security Techniques-
Data Lifecycle
Data Classification and Management
Data Loss Prevention
Data Loss Detection
Data Obfuscation and Masking Techniques
-Authentication and Authorization Controls-
Credential and Password Management
Federated Trust Methods
Access Control Models
Authentication Protocols
Identity Proofing Mechanism
-Cloud and Virtualization Solutions-
Virtualization
Containerization
Emulation
Cloud
-Cryptography and Public Key Infrastructure (PKI-
Cryptographic Terms
Public Key Infrastructure (PKI)
Common PKI Use Cases
Common PKI Issues
-Impact of Emerging Technologies on Security and Privacy-
Artificial Intelligence, Machine Learning, and Deep Learning
Virtual/Augmented Reality
Quantum Computing
Blockchain
Homomorphic Encryption
Secure Multi-Party Computation
Distributed Consensus
Big Data
3D Printing
Security Operations
-Threat Management-
Frameworks
Intelligence Types & Collection Methods
Threat Actors
-Indicators of Compromise and Responses-
Indicators of Compromise
Safeguards and Responses
-Vulnerability Management-
Vulnerability Scans
Security Content Automation Protocol (SCAP)
Vulnerability Assessment Types
Information Source Vulnerabilities
Patch Management
-Vulnerability Assessment, Penetration Testing, and Tools-
Test Types
Tools for Testing
Methods and Requirements
-Vulnerabilities and Attacks-
Vulnerabilities
Attacks
-Processes for Risk Reduction-
Types of Security Controls
Administrative Security Controls
Physical Security Controls
Logical Security Controls
-Incident Management-
Classification
Triage Event
Incident Response
Communication
Stakeholders
-Digital Forensics Concepts-
Forensic Process
Chain of Custody
Data Acquisition and Preservation
Cryptanalysis and Steganalysis
Forensic Images and Clones
Forensic Workstation
-Forensic Analysis Tools-
Forensic Analysis Tools
Security Engineering and Cryptography
-Secure Configurations for Enterprise Mobility-
Enterprise Mobility Management (EMM)
Managed Configurations
Deployment Scenarios
Mobile Device Reconnaissance
Security Considerations
-Endpoint Security-
Hardening Techniques
Protection Processes
Patching
Logging and Monitoring
Mandatory Access Control
Security-Enhanced Linux (SELinux)
Security-Enhanced Android (SEAndroid)
Trustworthy Computing
Trusted Platform Module (TPM)
UEFI and BIOS
Secure Boot
Measured Boot
Attestation Services
Hardware Security Module (HSM)
Self-Encrypting Drives (SEDs)
Host Security Controls
-Security Considerations and Impacts-
Embedded Devices
Internet of Things (IoT)
System on a Chip (SoC)
Microcontrollers
Industrial Computer Systems
Industrial Control Systems (ICSs)
Programmable Logic Controller (PLC)
Supervisory Control and Data Acquisition (SCADA)
Heating, Ventilation, and Air Conditioning (HVAC)
Common Protocols in ICS
Sectors
-Cloud Adoption and Impacts-
Business Continuity and Disaster Recovery Considerations
Key Management Practices
Storage Configurations
Serverless
Logging and Monitoring
Cloud Access Security Broker (CASB)
Misconfiguration
-Public Key Infrastructure (PKI)-
Components of PKI
Certificate and Cryptographic Key Issues
-Cryptographic Algorithms and Protocols-
Hashing
Symmetric Algorithms
Asymmetric Algorithms
Cryptographic Applications and Protocols
Governance, Risk, and Compliance
-Risk Management-
Risk Management Concepts
Risk Frameworks
Risk Assessment Methods and Strategies
People/Insider Risk Management
Vendor Risk Management
-Governance & Compliance Strategies-
Basic Concepts
Managing Critical Data Assets
Regulation, Accreditation, and Standards
Legal Considerations & Contract Types
-Business Continuity & Disaster Recovery-
Business Continuity Planning
Disaster Recovery Planning
Testing
View outline in Word
GCASP4
Facebook
LinkedIn