CompTIA CASP - CompTIA Advanced Security Practitioner - Course CAS-002 CurriculumIntroduction
Module 1 - Business Influences and Associated Security RisksRisk Management Business Model Strategies Integrating Diverse Industries Third Party Information Security and Providers Internal and External Influences Impact of De-Perimeterization
Module 2 - Risk Mitigation Planning - Strategies and ControlsCIA Triad Business Classifications Information Life Cycle and Steak-Holder Input Implementing Technical Controls Determine Aggregate CIA Score Worst Case Scenario Planning Calculation Tools and Attacker Motivation Return Of Investment Total Cost of Ownership and Risk Strategies Risk Management Process Identifying Vulnerabilities and Threats Security Architecture Frameworks Business Continuity Planning IT Governance Security Policies
Module 3 - Security-Privacy Policies and ProceduresPolicy Development Updates Developing Processes and Procedures Legal Compliance Security Policy Business Documents Outage Impact and Estimating Downtime Terms Sensitive Information-Internal Security Policies Incident Response Process Forensic Tasks Employment and Termination Procedures Network Auditing
Module 4 - Incident Response and Recovery ProceduresE-Discovery and Data Retention Policies Data Recovery-Storage and Backup Schemes Data Owner and Data Handling Disposal Terms and Concepts Data Breach and Data Analysis Incident Response Guidelines Incident and Emergency Response Media-Software and Network Analysis Order of Volatility
Module 5 - Industry TrendsPerforming Ongoing Research Security Practices Evolution of Technology Situational Awareness and Vulnerability Assessments Researching Security Implications Global Industry Security Response Threat Actors Contract Security Requirements Contract Documents
Module 6 - Securing the EnterpriseBenchmarks and Baselines Prototyping and Testing Multiple Solutions Cost/Benefit Analysis Metrics Collection and Trend Data Security Controls-Reverse Engineering and Deconstructing Security Solutions Business Needs Lesson Learned- After Action Report
Module 7 - Assessment Tools and MethodsPort Scanners and Vulnerability Scanners Protocol Analyzer- Network Enumerator-Password Cracker Fuzzers and HTTP Interceptors Exploitation Tools Passive Reconnaissance Tools Vulnerability Assessments and Malware Sandboxing Memory Dumping and Penetration Testing Reconnaissance and Fingerprinting Code Review Social Engineering
Module 8 - Social Cryptographic Concepts and TechniquesCryptographic Benefits and Techniques Hashing Algorithms Message Authentication Code Cryptographic Concepts Transport Encryption Protocol Symmetric Algorithms Asymmetric Algorithms Hybrid Encryption and Digital Signatures Public Key Infrastructure Digital Certificate Classes and Cypher Types Des Modes Cryptographic Attacks Strength vs Performance and Cryptographic Implementations
Module 9 - Enterprise StorageVirtual Storage Types and Challenges Cloud Storage Data Warehousing Data Archiving Storage Area Networks (SANs) and (VSANs) Network Attached Storage (NAS) Storage Protocols and Fiber Channel over Ethernet (FCoE) Storage Network File Systems Secure Storage Management Techniques LUN Masking/Mapping and HBA Allocation Replication and Encryption Methods
Module 10 - Network and Security Components-Concepts-Security ArchitecturesRemote Access Protocols IPv6 and Transport Encryption Network Authentication Methods 802.1x and Mesh Networks Security Devices Network Devices Firewalls Wireless Controllers Router Security and Port Numbers Network Security Solutions Availability Controls-Terms and Techniques Advanced Router and Switch Configuration Data Flow Enforcement of Applications and Networks Network Device Accessibility and Security
Module 11 - Security Controls for HostsTrusted Operation Systems Endpoint Security Software and Data Loss Prevention Host Based Firewalls Log Monitoring and Host Hardening Standard Operating Environment and Group Policy Security Command Shell Restrictions Configuring and Managing Interface Security USB-Bluetooth-Firewire Restrictions and Security Full Disk Encryption Virtualization Security Cloud Security Services Boot Loader Protections Virtual Host Vulnerabilities Virtual Desktop Infrastructure Terminal Services Virtual TPM
Module 12 - Application Vulnerabilities and Security ControlsWeb Application Security Design Specific Application Issues Session Management Input Validation Web Vulnerabilities and Input Mitigation Issues Buffer Overflow and other Application Issues Application Security Framework Web Service Security and Secure Coding Standards Software Development Methods Monitoring Mechanisms and Client-Server Side Processing Browser Extensions and Other Web Development Techniques
Module 13 - Host-Storage-Network and Application IntegrationSecuring Data Flows Standards Concepts Interoperability Issues In House Commercial and Customized Applications Cloud and Virtualization Models Logical and Physical Deployment Diagrams Secure Infrastructure Design Storage Integration Security Enterprise Application Integration Enablers
Module 14 - Authentication and Authorization TechnologiesAuthentication and Identity Management Password Types-Management and Policies Authentication Factors Biometrics Dual-Multi Factor and Certificate Authentication Single Sign On Issues Access Control Models and Open Authorization Extensible Access Control Markup Language (XACML) Service Provisioning Markup Language (SPML) Attestation and Identity Propagation Federation and Security Assertion Markup Language (SAML) OpenID-Shibboleth and WAYF Advanced Trust Models
Module 15 - Business Unit CollaborationIdentifying and Communicating Security Requirements Security Controls Recommendations Secure Solutions Collaboration
Module 16 - Secure Communication and CollaborationWeb-Video Conferencing-Instant Messaging Desktop Sharing Presence Guidelines Email Messaging Protocol Telephony-VoIP and Social Media Cloud Based Collaboration Remote Access and IPsec Mobile and Personal Device Management Over Air Technology Concerns WLAN Concepts-Terms-Standards WLAN Security and Attacks
Module 17 - Security Across the Technology Life CycleEnd to End Solution Ownership System Development Life Cycle Security Implications of Software Development Methodologies Asset Management Course End Course Delivery: Online
Hudson - Leaders in Learning
Hudson provide high spec e-learning to the consumer and corporate market all over the world. The majority of our online training is accessible across most devices including laptop, desktop, tablet, and smart phones. Our courses are designed to fit around...
Customer Outreach Award 2019
We believe that it should be easy for you to find and compare training courses.
Our Customer Outreach Award is presented to trusted providers who are excellent at responding to enquiries, making your search quicker, more efficient and easier, too.
Find out more about this CompTIA Advanced Security Practitioner (CASP) CAS-002 course - simply fill out your details:
There are no reviews available yet.
Are you curious about the L&D strategies of some of the U.K.'s top companies?
Find out what they're up to in findcourses.co.uk's second annual U.K. L&D Report!