CompTia Advanced Security Practitioner

CompTia Advanced Security Practitioner


2KO Africa, based in Cape Town, offers you the most effective way to earn your CompTIA Advanced Security Practitioner certification, online. CompTIA has released a new Certification course called CASP - CompTIA Advanced Security Practitioner. This is a vendor-neutral certification that validates IT professionals with advanced-level security skills and knowledge. This certification course covers the technical knowledge and skills required to conceptualize, design, and engineer secure solutions across complex enterprise environments. It involves applying critical thinking and judgment across a broad spectrum of security disciplines to propose and implement solutions that map to enterprise drivers, while managing risk.
As a prerequisite, CompTIA Security+ or equivalent knowledge and technical, hands-on experience on an enterprise level is recommended.This CASP training course follows the CompTIA authorized objectives, ensuring you receive the training and knowledge needed to succeed. 2KO's online courses are also available as full-time instructor led courses in Cape Town, giving our students hands on skills to help prepare for International IT certification exams. 2KO Africa conducts full time computer courses in 19 countries in Africa, as well as supplying online computer training from the comfort of home or work.

Module 1 - Business Influences and Associated Security Risks

  • Risk Management
  • Business Model Strategies
  • Integrating Diverse Industries
  • Third Party Information Security and Providers
  • Internal and External Influences
  • Impact of De-Perimeterization

Module 2 - Risk Mitigation Planning - Strategies and Controls

  • CIA Triad
  • Business Classifications
  • Information Life Cycle and Steak-Holder Input
  • Implementing Technical Controls
  • Determine Aggregate CIA Score
  • Worst Case Scenario Planning
  • Calculation Tools and Attacker Motivation
  • Return Of Investment
  • Total Cost of Ownership and Risk Strategies
  • Risk Management Process
  • Identifying Vulnerabilities and Threats
  • Security Architecture Frameworks
  • Business Continuity Planning
  • IT Governance
  • Security Policies

Module 3 - Security-Privacy Policies and Procedures

  • Policy Development Updates
  • Developing Processes and Procedures
  • Legal Compliance
  • Security Policy Business Documents
  • Outage Impact and Estimating Downtime Terms
  • Sensitive Information-Internal Security Policies
  • Incident Response Process
  • Forensic Tasks
  • Employment and Termination Procedures
  • Network Auditing

Module 4 - Incident Response and Recovery Procedures

  • E-Discovery and Data Retention Policies
  • Data Recovery-Storage and Backup Schemes
  • Data Owner and Data Handling
  • Disposal Terms and Concepts
  • Data Breach and Data Analysis
  • Incident Response Guidelines
  • Incident and Emergency Response
  • Media-Software and Network Analysis
  • Order of Volatility

Module 5 - Industry Trends

  • Performing Ongoing Research
  • Security Practices
  • Evolution of Technology
  • Situational Awareness and Vulnerability Assessments
  • Researching Security Implications
  • Global Industry Security Response
  • Threat Actors
  • Contract Security Requirements
  • Contract Documents

Module 6 - Securing the Enterprise

  • Benchmarks and Baselines
  • Prototyping and Testing Multiple Solutions
  • Cost/Benefit Analysis
  • Metrics Collection and Trend Data
  • Security Controls-Reverse Engineering and Deconstructing
  • Security Solutions Business Needs
  • Lesson Learned- After Action Report

Module 7 - Assessment Tools and Methods

  • Port Scanners and Vulnerability Scanners
  • Protocol Analyzer- Network Enumerator-Password Cracker
  • Fuzzers and HTTP Interceptors
  • Exploitation Tools
  • Passive Reconnaissance Tools
  • Vulnerability Assessments and Malware Sandboxing
  • Memory Dumping and Penetration Testing
  • Reconnaissance and Fingerprinting
  • Code Review
  • Social Engineering

Module 8 - Social Cryptographic Concepts and Techniques

  • Cryptographic Benefits and Techniques
  • Hashing Algorithms
  • Message Authentication Code
  • Cryptographic Concepts
  • Transport Encryption Protocol
  • Symmetric Algorithms
  • Asymmetric Algorithms
  • Hybrid Encryption and Digital Signatures
  • Public Key Infrastructure
  • Digital Certificate Classes and Cypher Types
  • Des Modes
  • Cryptographic Attacks
  • Strength vs Performance and Cryptographic Implementations

Module 9 - Enterprise Storage

  • Virtual Storage Types and Challenges
  • Cloud Storage
  • Data Warehousing
  • Data Archiving
  • Storage Area Networks (SANs) and (VSANs)
  • Network Attached Storage (NAS)
  • Storage Protocols and Fiber Channel over Ethernet (FCoE)
  • Storage Network File Systems
  • Secure Storage Management Techniques
  • LUN Masking/Mapping and HBA Allocation
  • Replication and Encryption Methods

Module 10 - Network and Security Components-Concepts-Security Architectures

  • Remote Access Protocols
  • IPv6 and Transport Encryption
  • Network Authentication Methods
  • 802.1x and Mesh Networks
  • Security Devices
  • Network Devices
  • Firewalls
  • Wireless Controllers
  • Router Security and Port Numbers
  • Network Security Solutions
  • Availability Controls-Terms and Techniques
  • Advanced Router and Switch Configuration
  • Data Flow Enforcement of Applications and Networks
  • Network Device Accessibility and Security

Module 11 - Security Controls for Hosts

  • Trusted Operation Systems
  • Endpoint Security Software and Data Loss Prevention
  • Host Based Firewalls
  • Log Monitoring and Host Hardening
  • Standard Operating Environment and Group Policy Security
  • Command Shell Restrictions
  • Configuring and Managing Interface Security
  • USB-Bluetooth-Firewire Restrictions and Security
  • Full Disk Encryption
  • Virtualization Security
  • Cloud Security Services
  • Boot Loader Protections
  • Virtual Host Vulnerabilities
  • Virtual Desktop Infrastructure
  • Terminal Services
  • Virtual TPM

Module 12 - Application Vulnerabilities and Security Controls

  • Web Application Security Design
  • Specific Application Issues
  • Session Management
  • Input Validation
  • Web Vulnerabilities and Input Mitigation Issues
  • Buffer Overflow and other Application Issues
  • Application Security Framework
  • Web Service Security and Secure Coding Standards
  • Software Development Methods
  • Monitoring Mechanisms and Client-Server Side Processing
  • Browser Extensions and Other Web Development Techniques

Module 13 - Host-Storage-Network and Application Integration

  • Securing Data Flows
  • Standards Concepts
  • Interoperability Issues
  • In House Commercial and Customized Applications
  • Cloud and Virtualization Models
  • Logical and Physical Deployment Diagrams
  • Secure Infrastructure Design
  • Storage Integration Security
  • Enterprise Application Integration Enablers

Module 14 - Authentication and Authorization Technologies

  • Authentication and Identity Management
  • Password Types-Management and Policies
  • Authentication Factors
  • Biometrics
  • Dual-Multi Factor and Certificate Authentication
  • Single Sign On Issues
  • Access Control Models and Open Authorization
  • Extensible Access Control Markup Language (XACML)
  • Service Provisioning Markup Language (SPML)
  • Attestation and Identity Propagation
  • Federation and Security Assertion Markup Language (SAML)
  • OpenID-Shibboleth and WAYF
  • Advanced Trust Models

Module 15 - Business Unit Collaboration

  • Identifying and Communicating Security Requirements
  • Security Controls Recommendations
  • Secure Solutions Collaboration

Module 16 - Secure Communication and Collaboration

  • Web-Video Conferencing-Instant Messaging
  • Desktop Sharing
  • Presence Guidelines
  • Email Messaging Protocol
  • Telephony-VoIP and Social Media
  • Cloud Based Collaboration
  • Remote Access and IPsec
  • Mobile and Personal Device Management
  • Over Air Technology Concerns
  • WLAN Concepts-Terms-Standards
  • WLAN Security and Attacks

Module 17 - Security Across the Technology Life Cycle

  • End to End Solution Ownership
  • System Development Life Cycle
  • Security Implications of Software Development Methodologies
  • Asset Management

Write a review

Please login or register to review

  • Views: 3108
  • Product Code: CompTia Advanced Security+
  • Availability: 99
0 Product(s) Sold
  • R1,210.00

Tags: CompTia Advanced Security, security online comptia, advanced security practitioner