MCSEClasses Certification Training Boot Camp

MCSE MCSD MCDBA Cisco CIW Linux Oracle Java Security

CompTIA CASP+ (CAS-004)

Course Length:	5 days
Certifications:	CompTIA CASP+ DoD Approved 8570: IAT Level III, IAM Level II, IASAE Level I, IASAE Level II
Number of Exams:	1

Class Schedule

Call for Class Schedule

Certified Instructor
Includes all course materials

CompTIA Advanced Security Practitioner (CASP+) CAS-004 is an advanced-level cybersecurity certification for security architects and senior security engineers charged with leading and improving an enterprise's cybersecurity readiness.

Why is CASP+ Different?

CASP+ is the only hands-on, performance-based certification for advanced practitioners - not managers - at the advanced skill level of cybersecurity. While cybersecurity managers help identify what cybersecurity policies and frameworks could be implemented, CASP+ certified professionals figure out how to implement solutions within those policies and frameworks.

Unlike other certifications, CASP+ covers both security architecture and engineering - CASP+ is the only certification on the market that qualifies technical leaders to assess cyber readiness within an enterprise, and design and implement the proper solutions to ensure the organization is ready for the next attack.

What Skills Will You Learn?

Security Architecture

Expanded coverage to analyze security requirements in hybrid networks to work toward an enterprise-wide, zero trust security architecture with advanced secure cloud and virtualization solutions.

Security Operations

Expanded emphasis on newer techniques addressing advanced threat management, vulnerability management, risk mitigation, incident response tactics, and digital forensics analysis.

Governance, Risk, and Compliance

Expanded to support advanced techniques to prove an organization's overall cybersecurity resiliency metric and compliance to regulations, such as CMMC, PCI-DSS, SOX, HIPAA, GDPR, FISMA, NIST, and CCPA.

Security Engineering and Cryptography

Expanded to focus on advanced cybersecurity configurations for endpoint security controls, enterprise mobility, cloud/hybrid environments, and enterprise-wide PKI and cryptographic solutions.

Jobs That Use CASP+

Security Architect
Senior Security Engineer
SOC Manager
Security Analyst

Class Outline

1.0 Security Architecture

Given a scenario, analyze the security requirements and objectives to ensure an appropriate, secure network architecture for a new or existing network.

Services
Segmentation
Deperimeterization/zero trust
Merging of networks from various organizations
Software-defined networking (SDN)

Given a scenario, analyze the organizational requirements to determine the proper infrastructure security design.

Scalability
Resiliency
Performance
Automation
Containerization
Virtualization
Content delivery network
Caching

Given a scenario, integrate software applications securely into an enterprise architecture.

Baseline and templates
Software assurance
Considerations of integrating enterprise applications
Integrating security into development life cycle

Given a scenario, implement data security techniques for securing enterprise architecture.

Data loss prevention
Data loss detection
Data classification, labeling, and tagging
Obfuscation
Anonymization
Encrypted vs. unencrypted
Data life cycle
Data inventory and mapping
Data integrity management
Data storage, backup, and recovery

Given a scenario, analyze the security requirements and objectives to provide the appropriate authentication and authorization controls.

Credential management
Password policies
Federation
Access control
Protocols
Multifactor authentication (MFA)
One-time password (OTP)
Hardware root of trust
Single sign-on (SSO)
JavaScript Object Notation (JSON) web token (JWT)
Attestation and identity proofing

Given a set of requirements, implement secure cloud and virtualization solutions

Virtualization strategies
Provisioning and deprovisioning
Middleware
Metadata and tags
Deployment models and considerations
Hosting models
Service models
Cloud provider limitations
Extending appropriate on-premises controls
Storage models

Explain how cryptography and public key infrastructure (PKI) support security objectives and requirements.

Privacy and confidentiality requirements
Integrity requirements
Non-repudiation
Compliance and policy requirements
Common cryptography use cases
Common PKI use cases

Explain the impact of emerging technologies on enterprise security and privacy.

Artificial intelligence
Machine learning
Quantum computing
Blockchain
Homomorphic encryption
Secure multiparty computation
Distributed consensus
Big Data
Virtual/augmented reality
3-D printing
Passwordless authentication
Nano technology
Deep learning
Biometric impersonation

2.0 Security Operations

Given a scenario, perform threat management activities.

Intelligence types
Actor types
Threat actor properties
Intelligence collection methods
Frameworks

Given a scenario, analyze indicators of compromise and formulate an appropriate response.

Indicators of compromise
Response

Given a scenario, perform vulnerability management activities.

Vulnerability scans
Security Content Automation Protocol (SCAP)
Self-assessment vs. third- party vendor assessment
Patch management
Information sources

Given a scenario, use the appropriate vulnerability assessment and penetration testing methods and tools.

Methods
Tools
Dependency management
Requirements

Given a scenario, analyze vulnerabilities and recommend risk mitigations.

Vulnerabilities
Inherently vulnerable system/application
Attacks

Given a scenario, use processes to reduce risk.

Proactive and detection
Security data analytics
Preventive
Application control
Security automation
Physical security

Given an incident, implement the appropriate response.

Event classifications
Triage event
Preescalation tasks
Incident response process
Specific response playbooks/processes
Communication plan
Stakeholder management

Explain the importance of forensic concepts.

Legal vs. internal corporate purposes
Forensic process
Integrity preservation
Cryptanalysis
Steganalysis

Given a scenario, use forensic analysis tools.

File carving tools
Binary analysis tools
Analysis tools
Imaging tools
Hashing utilities
Live collection vs. post-mortem tools

3.0 Security Engineering and Cryptography

Given a scenario, apply secure configurations to enterprise mobility.

Managed configurations
Deployment scenarios
Security considerations

Given a scenario, configure and implement endpoint security controls.

Hardening techniques
Processes
Mandatory access control
Trustworthy computing
Compensating controls

Explain security considerations impacting specific sectors and operational technologies.

Embedded
ICS/supervisory control and data acquisition (SCADA)
Protocols
Sectors

Explain how cloud technology adoption impacts organizational security.

Automation and orchestration
Encryption configuration
Logs
Monitoring configurations
Key ownership and location
Key life-cycle management
Backup and recovery methods
Infrastructure vs. serverless computing
Application virtualization
Software-defined networking
Misconfigurations
Collaboration tools
Storage configurations
Cloud access security broker (CASB)

Given a business requirement, implement the appropriate PKI solution.

PKI hierarchy
Certificate types
Certificate usages/profiles/templates
Extensions
Trusted providers
Trust model
Cross-certification
Configure profiles
Life-cycle management
Public and private keys
Digital signature
Certificate pinning
Certificate stapling
Certificate signing requests (CSRs)
Online Certificate Status Protocol (OCSP) vs. certificate revocation list (CRL)
HTTP Strict Transport Security (HSTS)

Given a business requirement, implement the appropriate cryptographic protocols and algorithms.

Hashing
Symmetric algorithms
Asymmetric algorithms
Protocols
Elliptic curve cryptography
Forward secrecy
Authenticated encryption with associated data
Key stretching

Given a scenario, troubleshoot issues with cryptographic implementations.

Implementation and configuration issues
Keys

4.0 Governance, Risk, and Compliance

Given a set of requirements, apply the appropriate risk strategies.

Risk assessment
Risk handling techniques
Risk types
Risk management life cycle
Risk tracking
Risk appetite vs. risk tolerance
Policies and security practices

Explain the importance of managing and mitigating vendor risk.

Shared responsibility model (roles/responsibilities)
Vendor lock-in and vendor lockout
Vendor viability
Meeting client requirements
Support availability
Geographical considerations
Supply chain visibility
Incident reporting requirements
Source code escrows
Ongoing vendor assessment tools
Third-party dependencies
Technical considerations

Explain compliance frameworks and legal considerations, and their organizational impact.

Security concerns of integrating diverse industries
Data considerations
Geographic considerations
Third-party attestation of compliance
Regulations, accreditations, and standards
Legal considerations
Contract and agreement types

Explain the importance of business continuity and disaster recovery concepts.

Business impact analysis
Privacy impact assessment
Disaster recovery plan (DRP)/ business continuity plan (BCP)
Incident response plan
Testing plans

MCSEClasses.com is your best choice for CompTIA CASP+, CompTIA CASP+ training, CompTIA CASP+ certification, CompTIA CASP+ certification boot camp, CompTIA CASP+ boot camp, CompTIA CASP+ certification training, CompTIA CASP+ boot camp training, CompTIA CASP+ boot camp certification, CompTIA CASP+ certification course, CompTIA CASP+ course, training CompTIA CASP+, certification CompTIA CASP+, boot camp CompTIA CASP+, certification CompTIA CASP+ boot camp, certification CompTIA CASP+ training, boot camp CompTIA CASP+ training, certification CompTIA CASP+ course.

mcseclasses home | technical schedule | application schedule | class outlines | mcse, mcdba, mcsd training | microsoft .net | cisco certification | security training | ced solutions oracle® certification training | linux, unix, aix | comptia certification | webmaster training | pricing | locations | financing | instructors needed | e-mail us

Search classes by keyword:

Search classes by category:

Copyright © 2024 MCSEclasses.com. MCSEclasses.com Refund Policy. All Rights Reserved.

We offer MCSE certification classes and courses in the United States and Canada:
MCSE Class Alabama	MCSE Class Alaska	MCSE Class Arizona
MCSE Class Arkansas	MCSE Class California	MCSE Class Colorado
MCSE Class Connecticut	MCSE Class Delaware	MCSE Class District of Columbia
MCSE Class Florida	MCSE Class Hawaii	MCSE Class Idaho
MCSE Class Illinois	MCSE Class Indiana	MCSE Class Iowa
MCSE Class Kansas	MCSE Class Kentucky	MCSE Class Louisiana
MCSE Class Maine	MCSE Class Maryland	MCSE Class Massachusetts
MCSE Class Michigan	MCSE Class Minnesota	MCSE Class Mississippi
MCSE Class Missouri	MCSE Class Montana	MCSE Class Nebraska
MCSE Class Nevada	MCSE Class New Hampshire	MCSE Class New Jersey
MCSE Class New Mexico	MCSE Class New York	MCSE Class North Carolina
MCSE Class North Dakota	MCSE Class Ohio	MCSE Class Oklahoma
MCSE Class Oregon	MCSE Class Pennsylvania	MCSE Class Rhode Island
MCSE Class South Carolina	MCSE Class South Dakota	MCSE Class Tennessee
MCSE Class Texas	MCSE Class Utah	MCSE Class Vermont
MCSE Class Virginia	MCSE Class Washington	MCSE Class West Virginia
MCSE Class Wisconsin	MCSE Class Wyoming

MCSE Certification Training Classes in Canada:
MCSE Class Alberta	MCSE Class British Columbia	MCSE Class Manitoba
MCSE Class New Brunswick	MCSE Class Newfoundland	MCSE Class Nova Scotia
MCSE Class Ontario	MCSE Class Prince Edward Island	MCSE Class Quebec
MCSE Class Saskatchewan	MCSE Class Yukon