|
|
|
You Will Learn How To
- Successfully prepare for the CompTIA Advanced Security Practitioner (CASP) Certification Exam
- Explore proven protocols and assessment tools to secure the enterprise
- Investigate end-point security and host hardenening to protect against attacks
- Examine risk management security policies and procedures
- Research potential security threats and identify appropriate countermeasures
- Evaluate collaboration methologies for security communications
Course BenefitsThe CASP certification is a vendor-neutral, intensive exam that validates your knowledge and skills in enterprise security, risk management, research and analysis, and the integration of computing, communications and business disciplines. This exam preparation course provides in-depth review of the four domains included in the exam. Demonstrations and practice exams reinforce the concepts and provide the framework for a personalized study plan for exam success.
Who Should AttendSecurity professionals, government and military personnel, and others seeking advanced security certification. The CompTIA Security+ certification or equivalent experience is highly recommended.
Workshop CourseWorkshops, instructor-led demos and multiple practice exams provide you with experience to prepare for the CASP exam. Workshops include:
- Taking CASP-style daily practice exams
- Encrypting with asymmetric keys
- Analyzing a SQL injection attack
- Concealing files with Alternate Data Streams
- Assessing CIA using the common vulnerability scoring system
- Examining vulnerability and exploit sites
Course 2046 ContentCASP Exam Overview
- Examination and certification goals
- The four domains of the exam
Enterprise Security Principles
Distinguishing cryptographic tools and techniques
- Deploying encryption and hashing
- Advanced PKI concepts
- Cryptographic algorithms and usage
- Transport encryption
- Digital signature
Virtual, distributed and shared computing
- Leveraging virtual servers and the cloud
- Securing virtual environments and equipment
- Assessing vulnerabilities associated with virtual computing
- Implementing secure elastic cloud computing
- Maintaining different classification levels
Securing enterprise storage
- Virtual storage
- NAS
- vSAN
- iSCSI
- FCoE
- Secure storage management
- Maintaining availability with redundancy
Protecting Your Hosts and Networks
Integrating hosts, networks and applications
- Advanced network design
- Complex network security solutions for data flow
- Documenting with a logical deployment diagram
- Advanced configuration of routers and switches
- Host security: firewalls, end-point security, host hardening
Enhancing application security
- Designing secure web applications
- Application sandboxing
- Secure coding standards
- Preventing attacks with proper error and exception handling
- Securing against privilege escalation and fuzzing
- Mitigating client-side vs. server-side vulnerabilities
- Identifying buffer overflows and memory leaks
Conducting assessments
- Determining the best security testing tools
- Port and vulnerability scanners
- Protocol analyzers
- Password crackers
- HTTP interceptor
- Testing methods: penetration testing, black box, code review, social engineering
Risk Management Policies and Procedures
Applying risk mitigation strategies and controls
- Analyzing risk scenarios
- Determining risks associated with evolving business strategies
- Assessing the CIA aggregate score
- Conducting system specific risk analysis
- Selecting security controls
- Continuous monitoring
Supporting incident response and recovery
- Constructing a data inventory with e-discovery
- Minimizing the severity of a data breach
- Responding to incidents and emergencies
Privacy policies and procedures
- Safeguarding Personally Identifiable Information (PII)
- Developing security policies to support business objectives
- Implementing policies designed to prevent fraud
- Preventing social engineering attacks
Research and Analysis
Examining industry trends
- Performing on-going research to support best practices
- Testing new security systems and services
- Assessing social media hazards
Countering new exploits and attack methods
- Preparing to defend against zero days
- Identifying emerging threat information
Integrating Computing, Communications and Business Disciplines
Establishing communication requirements
- Determining how information needs to be shared
- Securely collaborating multiple job roles
- Publishing security documentation
Maintaining security in organizational change
- Complying with rules, policies and regulations
- Minimizing third-party product risk
- Segmenting networks to separate traffic
Securing the technology life cycle
- Selecting security controls
- Implementing unified communication security
- Integrating security to the systems development life cycle
|
<< Back to Security Course List
CompTIA is a registered trademark of the Computing Technology Industry Association, Inc.
Learning Tree AnyWareTM is a trademark of Learning Tree International, Inc. in the United States and other countries, and is covered by a patent application pending in the United States.
|
|
|
Training Dates
 | Most events below can be taken in-class or live, online from your home or office with AnyWare. |
US Dates | | Jun 12 - 15 | Rockville, MD enrol | | Jul 24 - 27 | Reston, VA enrol | | Nov 13 - 16 | Reston, VA enrol |
For AnyWare enrolments, please register at least 7 days prior to the start of the course.
More Dates and Locations.
|
|
Bring this or any Learning Tree Course on-site to your location!
|
|
|
"I have been able to apply the CompTIA security training in my job when I talk to clients about the various existing risks and how to mitigate them. Thank you Learning Tree."
– D. Rinaldi
Technology Integration Group
|
Yours FREE To Take Home:
You receive the CASP CompTIA Advanced Security Practitioner Study Guide: Exam CAS-001 book, which includes numerous practice questions.
|
|
E-mail 
Print 
Q&A 
PDF 
Facebook 
Twitter
