MCSEClasses Certification Training Boot Camp MCSE MCSD MCDBA Cisco CIW Linux Oracle Java Security Military Discounts Testimonials About Us Linux/Unix Certification MCSD Certification Home MCSE Certification MCDBA Certification Cisco Certification Security Certification Java Certification Oracle® Certification CIW Certification Jobs Boot Camp Financing Boot Camp Pricing Boot Camp Technical Schedule Contact Us


CompTIA CASP+ (CAS-004)

Course Length: 5 days
Certifications: CompTIA CASP+

DoD Approved 8570: IAT Level III, IAM Level II, IASAE Level I, IASAE Level II
Number of Exams: 1

Class Schedule
Call for Class Schedule
  • Certified Instructor
  • Includes all course materials
  • CompTIA Advanced Security Practitioner (CASP+) CAS-004 is an advanced-level cybersecurity certification for security architects and senior security engineers charged with leading and improving an enterprise's cybersecurity readiness.

    Why is CASP+ Different?

    CASP+ is the only hands-on, performance-based certification for advanced practitioners - not managers - at the advanced skill level of cybersecurity. While cybersecurity managers help identify what cybersecurity policies and frameworks could be implemented, CASP+ certified professionals figure out how to implement solutions within those policies and frameworks.

    Unlike other certifications, CASP+ covers both security architecture and engineering - CASP+ is the only certification on the market that qualifies technical leaders to assess cyber readiness within an enterprise, and design and implement the proper solutions to ensure the organization is ready for the next attack.

    What Skills Will You Learn?

    Security Architecture

    Expanded coverage to analyze security requirements in hybrid networks to work toward an enterprise-wide, zero trust security architecture with advanced secure cloud and virtualization solutions.

    Security Operations

    Expanded emphasis on newer techniques addressing advanced threat management, vulnerability management, risk mitigation, incident response tactics, and digital forensics analysis.

    Governance, Risk, and Compliance

    Expanded to support advanced techniques to prove an organization's overall cybersecurity resiliency metric and compliance to regulations, such as CMMC, PCI-DSS, SOX, HIPAA, GDPR, FISMA, NIST, and CCPA.

    Security Engineering and Cryptography

    Expanded to focus on advanced cybersecurity configurations for endpoint security controls, enterprise mobility, cloud/hybrid environments, and enterprise-wide PKI and cryptographic solutions.

    Jobs That Use CASP+

    • Security Architect
    • Senior Security Engineer
    • SOC Manager
    • Security Analyst

    Class Outline

    1.0 Security Architecture

    Given a scenario, analyze the security requirements and objectives to ensure an appropriate, secure network architecture for a new or existing network.
    • Services
    • Segmentation
    • Deperimeterization/zero trust
    • Merging of networks from various organizations
    • Software-defined networking (SDN)
    Given a scenario, analyze the organizational requirements to determine the proper infrastructure security design.
    • Scalability
    • Resiliency
    • Performance
    • Automation
    • Containerization
    • Virtualization
    • Content delivery network
    • Caching
    Given a scenario, integrate software applications securely into an enterprise architecture.
    • Baseline and templates
    • Software assurance
    • Considerations of integrating enterprise applications
    • Integrating security into development life cycle
    Given a scenario, implement data security techniques for securing enterprise architecture.
    • Data loss prevention
    • Data loss detection
    • Data classification, labeling, and tagging
    • Obfuscation
    • Anonymization
    • Encrypted vs. unencrypted
    • Data life cycle
    • Data inventory and mapping
    • Data integrity management
    • Data storage, backup, and recovery
    Given a scenario, analyze the security requirements and objectives to provide the appropriate authentication and authorization controls.
    • Credential management
    • Password policies
    • Federation
    • Access control
    • Protocols
    • Multifactor authentication (MFA)
    • One-time password (OTP)
    • Hardware root of trust
    • Single sign-on (SSO)
    • JavaScript Object Notation (JSON) web token (JWT)
    • Attestation and identity proofing
    Given a set of requirements, implement secure cloud and virtualization solutions
    • Virtualization strategies
    • Provisioning and deprovisioning
    • Middleware
    • Metadata and tags
    • Deployment models and considerations
    • Hosting models
    • Service models
    • Cloud provider limitations
    • Extending appropriate on-premises controls
    • Storage models
    Explain how cryptography and public key infrastructure (PKI) support security objectives and requirements.
    • Privacy and confidentiality requirements
    • Integrity requirements
    • Non-repudiation
    • Compliance and policy requirements
    • Common cryptography use cases
    • Common PKI use cases
    Explain the impact of emerging technologies on enterprise security and privacy.
    • Artificial intelligence
    • Machine learning
    • Quantum computing
    • Blockchain
    • Homomorphic encryption
    • Secure multiparty computation
    • Distributed consensus
    • Big Data
    • Virtual/augmented reality
    • 3-D printing
    • Passwordless authentication
    • Nano technology
    • Deep learning
    • Biometric impersonation

    2.0 Security Operations

    Given a scenario, perform threat management activities.
    • Intelligence types
    • Actor types
    • Threat actor properties
    • Intelligence collection methods
    • Frameworks
    Given a scenario, analyze indicators of compromise and formulate an appropriate response.
    • Indicators of compromise
    • Response
    Given a scenario, perform vulnerability management activities.
    • Vulnerability scans
    • Security Content Automation Protocol (SCAP)
    • Self-assessment vs. third- party vendor assessment
    • Patch management
    • Information sources
    Given a scenario, use the appropriate vulnerability assessment and penetration testing methods and tools.
    • Methods
    • Tools
    • Dependency management
    • Requirements
    Given a scenario, analyze vulnerabilities and recommend risk mitigations.
    • Vulnerabilities
    • Inherently vulnerable system/application
    • Attacks
    Given a scenario, use processes to reduce risk.
    • Proactive and detection
    • Security data analytics
    • Preventive
    • Application control
    • Security automation
    • Physical security
    Given an incident, implement the appropriate response.
    • Event classifications
    • Triage event
    • Preescalation tasks
    • Incident response process
    • Specific response playbooks/processes
    • Communication plan
    • Stakeholder management
    Explain the importance of forensic concepts.
    • Legal vs. internal corporate purposes
    • Forensic process
    • Integrity preservation
    • Cryptanalysis
    • Steganalysis
    Given a scenario, use forensic analysis tools.
    • File carving tools
    • Binary analysis tools
    • Analysis tools
    • Imaging tools
    • Hashing utilities
    • Live collection vs. post-mortem tools

    3.0 Security Engineering and Cryptography

    Given a scenario, apply secure configurations to enterprise mobility.
    • Managed configurations
    • Deployment scenarios
    • Security considerations
    Given a scenario, configure and implement endpoint security controls.
    • Hardening techniques
    • Processes
    • Mandatory access control
    • Trustworthy computing
    • Compensating controls
    Explain security considerations impacting specific sectors and operational technologies.
    • Embedded
    • ICS/supervisory control and data acquisition (SCADA)
    • Protocols
    • Sectors
    Explain how cloud technology adoption impacts organizational security.
    • Automation and orchestration
    • Encryption configuration
    • Logs
    • Monitoring configurations
    • Key ownership and location
    • Key life-cycle management
    • Backup and recovery methods
    • Infrastructure vs. serverless computing
    • Application virtualization
    • Software-defined networking
    • Misconfigurations
    • Collaboration tools
    • Storage configurations
    • Cloud access security broker (CASB)
    Given a business requirement, implement the appropriate PKI solution.
    • PKI hierarchy
    • Certificate types
    • Certificate usages/profiles/templates
    • Extensions
    • Trusted providers
    • Trust model
    • Cross-certification
    • Configure profiles
    • Life-cycle management
    • Public and private keys
    • Digital signature
    • Certificate pinning
    • Certificate stapling
    • Certificate signing requests (CSRs)
    • Online Certificate Status Protocol (OCSP) vs. certificate revocation list (CRL)
    • HTTP Strict Transport Security (HSTS)
    Given a business requirement, implement the appropriate cryptographic protocols and algorithms.
    • Hashing
    • Symmetric algorithms
    • Asymmetric algorithms
    • Protocols
    • Elliptic curve cryptography
    • Forward secrecy
    • Authenticated encryption with associated data
    • Key stretching
    Given a scenario, troubleshoot issues with cryptographic implementations.
    • Implementation and configuration issues
    • Keys

    4.0 Governance, Risk, and Compliance

    Given a set of requirements, apply the appropriate risk strategies.
    • Risk assessment
    • Risk handling techniques
    • Risk types
    • Risk management life cycle
    • Risk tracking
    • Risk appetite vs. risk tolerance
    • Policies and security practices
    Explain the importance of managing and mitigating vendor risk.
    • Shared responsibility model (roles/responsibilities)
    • Vendor lock-in and vendor lockout
    • Vendor viability
    • Meeting client requirements
    • Support availability
    • Geographical considerations
    • Supply chain visibility
    • Incident reporting requirements
    • Source code escrows
    • Ongoing vendor assessment tools
    • Third-party dependencies
    • Technical considerations
    Explain compliance frameworks and legal considerations, and their organizational impact.
    • Security concerns of integrating diverse industries
    • Data considerations
    • Geographic considerations
    • Third-party attestation of compliance
    • Regulations, accreditations, and standards
    • Legal considerations
    • Contract and agreement types
    Explain the importance of business continuity and disaster recovery concepts.
    • Business impact analysis
    • Privacy impact assessment
    • Disaster recovery plan (DRP)/ business continuity plan (BCP)
    • Incident response plan
    • Testing plans

    MCSEClasses.com is your best choice for CompTIA CASP+, CompTIA CASP+ training, CompTIA CASP+ certification, CompTIA CASP+ certification boot camp, CompTIA CASP+ boot camp, CompTIA CASP+ certification training, CompTIA CASP+ boot camp training, CompTIA CASP+ boot camp certification, CompTIA CASP+ certification course, CompTIA CASP+ course, training CompTIA CASP+, certification CompTIA CASP+, boot camp CompTIA CASP+, certification CompTIA CASP+ boot camp, certification CompTIA CASP+ training, boot camp CompTIA CASP+ training, certification CompTIA CASP+ course.



    mcseclasses home | technical schedule | application schedule | class outlines | mcse, mcdba, mcsd training | microsoft .net | cisco certification | security training | ced solutions oracle® certification training | linux, unix, aix | comptia certification | webmaster training | pricing | locations | financing | instructors needed | e-mail us





    Search classes by keyword:


    Search classes by category:

    Copyright © 2024 CED Solutions. CED Solutions Refund Policy. All Rights Reserved.

    MCSE certification boot camps and courses are offered in these select cities: Albany MCSE, Albuquerque MCSE, Alexandria MCSE, Anchorage MCSE, Atlanta MCSE, Austin MCSE, Billings MCSE, Birmingham MCSE, Bismarck MCSE, Boise MCSE, Boston MCSE, Charleston MCSE, Charlotte MCSE, Cheyenne MCSE, Chicago MCSE, Cincinnati MCSE, Cleveland MCSE, Columbia MCSE, Columbus MCSE, Dallas MCSE, Denver MCSE, Des Moines MCSE, Detroit MCSE, Hartford MCSE, Honolulu MCSE, Houston MCSE, Indianapolis MCSE, Jackson MCSE, Kansas City MCSE, Las Cruces MCSE, Lincoln MCSE, Little Rock MCSE, Los Angeles MCSE, Louisville MCSE, Madison MCSE, Milwaukee MCSE, Minneapolis MCSE, Montpelier MCSE, New Orleans MCSE, New York City MCSE, Norfolk MCSE, Oklahoma City MCSE, Omaha MCSE, Philadelphia MCSE, Phoenix MCSE, Pierre MCSE, Pittsburgh MCSE, Portland MCSE, Princeton MCSE, Providence MCSE, Raleigh MCSE, Richmond MCSE, Sacramento MCSE, Salt Lake City MCSE, San Antonio MCSE, San Diego MCSE, San Francisco MCSE, San Jose MCSE, Seattle MCSE, Stamford MCSE, Tulsa MCSE, Washington MCSE, Wilmington MCSE.

    MCSE Canada Boot Camps : mcse Calgary, mcse Edmonton, mcse Halifax, mcse Hamilton, mcse Kitchener, mcse London, mcse Montreal, mcse Ottawa, mcse Quebec City, mcse Toronto, mcse Vancouver, mcse Winnipeg.

    CED Solutions offers MCSE certification boot camps and courses in the United States: MCSE Alabama, MCSE Alaska, MCSE Arizona, MCSE Arkansas, MCSE California, MCSE Colorado, MCSE Connecticut, MCSE District of Columbia, MCSE Delaware, MCSE Georgia, MCSE Hawaii, MCSE Idaho, MCSE Illinois, MCSE Indiana, MCSE Iowa, MCSE Kansas, MCSE Kentucky, MCSE Louisiana, MCSE Maine, MCSE Massachusetts, MCSE Michigan, MCSE Minnesota, MCSE Mississippi, MCSE Missouri, MCSE Montana, MCSE Nebraska, MCSE New Jersey, MCSE New Mexico, MCSE New York, MCSE North Carolina, MCSE North Dakota, MCSE Ohio, MCSE Oklahoma, MCSE Oregon, MCSE Pennsylvania, MCSE Rhode Island, MCSE South Carolina, MCSE South Dakota, MCSE Texas, MCSE Utah, MCSE Vermont, MCSE Virginia, MCSE Washington, MCSE West Virginia, MCSE Wisconsin, MCSE Wyoming.

    MCSE Canada Boot Camps : Alberta mcse, British Columbia mcse, Manitoba mcse, New Brunswick mcse, Newfoundland mcse, Nova Scotia mcse, Ontario mcse, Saskatchewan mcse. Quebec mcse.