In this course, you will prepare for the CASP+ exam (CAS-004). Earning a CASP+ certification demonstrates your knowledge and skills in enterprise security, risk management, research and analysis, as well as the integration of computing, communications, and business disciplines. Passing the CompTIA CASP+ Certification Exam meets U.S. DoD Directive 8140/8570.01 Technical (IAT) Level-III, Management (IAM) Level-II and Information Assurance Security Architect/Engineer (IASAE) Level-I and Level II requirements.
CASP Certification Training Delivery Methods
CASP Certification Training Benefits
Experience a CompTIA-approved CASP+ training programme
Receive after-course instructor coaching and an exam voucher
Prepare for the CompTIA Advanced Security Practitioner (CASP+) Certification Exam
Investigate enterprise storage requirements
Examine risk management security policies and procedures
Research potential threats and identify appropriate countermeasures
Evaluate collaboration methodologies for security communications
Continue learning and face new challenges with after-course one-on-one instructor coaching
CASP Certification Training Outline
- Examination and certification goals
- The five domains of the exam
- Learning techniques
Identifying security concerns in scenarios
- Exploring cryptographic techniques
- Advanced PKI concepts
Distinguishing between cryptographic concepts
- Entropy
- Confusion and diffusion
- Chain of trust
Securing enterprise storage
- Examining storage types and protocols
- Secure storage management
Analysing network security architectures
- Designing secure networks
- Employing virtual networking solutions
Troubleshooting security controls for hosts
- Host security: trusted OS, end-point, host hardening
- Vulnerabilities in co-mingling of hosts
Differentiating application vulnerabilities
- Web application security
- Application security concerns
- Mitigating client-side vs. server-side processing
Interpreting business and industry influences and risks
- Analysing risk scenarios
- Identifying the impact of de-perimeterisation
Executing risk mitigation planning, strategies, and control
- Assessing the CIA aggregate scores
- Making risk determination
Privacy policies and procedures
- Developing policies to support business objectives
- Safeguarding Personally Identifiable Information (PII)
Conduct incident response and recovery procedures
- Constructing a data inventory with e-discovery
- Minimising the severity of data breaches
Determining industry trends impact to the enterprise
- Performing ongoing research to support best practices
- Researching security requirements for contracts
Appropriate security document usage
- Request for Information (RFI)
- Request for Quote (RFQ)
- Request for Proposal (RFP)
Evaluating scenarios to determine how to secure the enterprise
- Conducting cost-benefit and security solution analysis
- Reviewing the effectiveness of existing security controls
Conducting an assessment and analysing the results
- Determining appropriate tools for data gathering
- Identifying methods to perform assessments
Collaborating across diverse business units to achieve security goals
- Communicating with stakeholders
- Interpreting security requirements and providing guidance
- Identifying secure communications goals
Selecting controls for secure communications
- Utilising unified collaboration tools
- Mobile devices
- Applying over-the-air technologies
Implementing security across the technology life cycle
- Selecting security controls
- Developing Security Requirements Traceability Matrices
Integrate devices into a secure enterprise architecture
- Securing data following existing security standards
- Applying technical deployment models
- Integrating storage and applications into the enterprise
Integrating advanced authentication and authorisation technologies
- Implementing certificate-based and SSO authentication
- Applying federation solutions
