Cyber Security Training Catalog – CompTIA Advanced Security Practitioner (CASP) (Exam CAS-002)!
Overview: The CompTIA Security+ (SY0-401) certification establishes knowledgeable professionals in the field of corporate security, one of the fastest-growing fields in IT. Even in a troubled economy, most businesses plan to at least maintain or optimally increase their investment in IT security. CompTIA Security+ is an international, vendor-neutral certification that demonstrates competency in network infrastructure, system security, organizational security and access control. CompTIA Security+ is the certification globally trusted to validate foundational, vendor- neutral IT security knowledge and skills. As a benchmark for best practices in IT security, this certification covers the essential principles for network security and risk management – making it an important stepping stone of an IT security career. Recommended experience for this certification includes CompTIA Network+ and two years of experience in IT administration with a security focus. No prerequisites required.
$150.00Read more
Course Modules
(Duration: 1h 29m)
- Workbook (Pdf)
- Topic A: The Basics of Enterprise Security
- The Enterprise
- Enterprise Security
- Business Goals and Security
- Common Enterprise Security Principles
- Enterprise Threat Intelligence
- What to Protect?
- Defense in Depth
- Common Components of an Enterprise Security Solutions
- Policies, Standards, and Procedures
- Enterprise Policy Types
- Topic B: The Enterprise Structure
- Organizational Structures
- The Management Team
- Network Administrator
- The DBA
- Programmers
- Stakeholders
- Finance
- Human Resources
- Physical Security and Facilities Roles
- Discipline Collaboration
- Topic C: Enterprise Security Requirements
- Legal Compliance
- PII
- Privacy Requirements
- Organizational Security Requirements
- Lesson 01 Review
- Review Quiz (Number of attempts allowed: Unlimited)
(Duration: 2h 45m)
- Workbook (Pdf)
- Topic A: Common Network Security Components and Technologies
- Common Enterprise Security Components
- VoIP Integration
- IPv6 Migration and Integration
- VLAN Integration
- DNS Security Techniques
- Secure Directory Services
- NIDS
- NIPS
- The NIPS Process
- ESB
- The ESB Process
- DAM
- Topic B: Communications and Collaboration Security
- UC Security
- UC Attacks
- UC Components
- Traffic Prioritization (QoS)
- Security Solutions for Data Flow
- VoIP Security
- The VoIP Implementation Process
- VoIP Implementation Considerations
- Remote Access Security
- VPN Solutions
- External Communications Security
- Collaboration Platform Security Issues
- Demo- Least Privilege
- Common Mobile Devices
- Enterprise Security Methods for Mobile Devices
- Topic C: Cryptographic Tools and Techniques
- Cryptography in the Enterprise
- Considerations for Cryptography in the Enterprise
- Demo- File Encryption
- Cryptographic Methods and Design
- Basic Approaches to Encryption
- Transport Encryption Methods
- Security Implications for Encryption
- Digital Signature Techniques
- Advanced PKI Components
- Code Signing
- Attestation
- Entropy
- PRNG
- PFS
- Confusion and Diffusion
- Topic D: Advanced Authentication
- Advanced Authentication Within the Enterprise
- Certificate-Based Authentication
- SAML
- SPML
- XACML
- SOAP
- WSS
- Lesson 02 Review
- Review Quiz (Number of attempts allowed: Unlimited)
(Duration: 1h 45m)
- Workbook (Pdf)
- Topic A: Enterprise Storage Security Issues
- Common Enterprise Storage Technologies
- NAS Security Implications
- SAN Security Implications
- vSAN Security Implications
- Virtual Storage
- Security Implications of Virtual Storage
- Cloud Storage
- Security Implications of Cloud Stotage
- Data Warehousing
- Security Implications of Data Warehousing
- Data Archiving
- Security Implications of Data Archiving
- iSCSI Security Implications
- iSCSI
- Security Implications of iSCSI
- FCoE Security Implications
- FCoE
- Security Implications of FCoE
- vSAN
- Security Implications of vSAN
- LUN
- LUN Masking in the Security Architecture
- Redundancy
- Dynamic Disk Pools
- LUN Masking and Mapping
- HBA Allocations
- Multipath
- Offsite and Multisite Replication
- Additional Storage Security Implications
- Snapshots
- Deduplication
- Guidelines for Ensuring Secure Storage Management
- Topic B: Distributed, Shared, and Virtualized Computing
- Why Virtualization?
- Advantages of Virtualization
- VLANs
- VMs
- VDI
- Terminal Services
- Virtualization Vulnerabilities
- Vulnerabilities of Hosting VMs for Multiple Companies
- Virtual Environment Security Methods
- Topic C: Cloud Computing and Security
- Cloud Computing
- Cloud Computing Service Models
- Cloud Storage Considerations
- Security Vulnerabilities of Cloud Computing
- Secure Use of Cloud Computing Within the Enterprise
- Lesson 03 Review
- Review Quiz (Number of attempts allowed: Unlimited)
(Duration: 4h 37m)
- Workbook (Pdf)
- Topic A: Network Security Design
- Network Design Types and Techniques
- Network Design Considerations
- Data Network Types
- A Data Network Topology
- Data Network Topology Types
- A Network Diagram
- Data Network Media Types
- Network Transmission Methodologies
- Physical Security
- Building Layout
- Facilities Management
- Unified Threat Management
- NIDS
- NIPS
- Inline Network Encryptor
- Security Information and Event Management
- SIEM Capabilities
- Network-Attached HSM
- Application and Protocol Aware Technologies
- Virtual Networking and Security Components
- Device Placement
- Guidelines for Analyzing Network Security Components and Devices
- Guidelines for Analyzing Network Security Components and Devices (Cont.)
- Building Automation Systems
- Hardware Attacks
- Environmental Threats and Vulnerabilities
- Sensors
- Physical Access Control Systems
- Scientific and Industrial Equipment
- A/V Systems
- IP Video
- Network Attacks
- SCADA
- Secure Infrastructure Design
- Storage Integration Considerations
- Guidelines for Analyzing Network-Enabled Devices
- Remote Access
- IPv6 and Associated Transitional Technologies
- Network Authentication
- 802.1X
- Software-Defined Networking
- Cloud-Managed Networks
- Guidelines for Analyzing Advanced Network Design
- Network Baselining
- Configuration Lockdown
- Change Monitoring
- Availability Controls
- ACLs
- DMZ
- Separation of Critical Assets
- Data Flow Enforcement
- Network Device Configuration
- Network Access Control
- Critical Infrastructure and Industrial Control Systems
- Network Management and Monitoring Tools
- Guidelines for Configuring Controls for Network Security
- Topic B: Conduct a Security Assessment
- Malware Sandboxing
- Memory Dumping
- Runtime Debugging
- Vulnerability Assessment
- Penetration Testing
- Hacking Steps
- Penetration Testing Techniques
- Fingerprinting
- Types of Social Engineering
- Vulnerability Scanners
- Port Scanners
- Protocol Analyzers
- Network Enumerators
- Password Crackers
- Fuzzers
- HTTP Interceptors
- Exploitation Tools and Frameworks
- Passive Reconaissance and Intelligence Gathering Tools
- Code Review Methods
- A Social Engineering Test
- Security Assessment Tools
- How to Conduct a Security Assessment
- Topic C: Host Security
- Host-Based Security Controls
- Host-Based Firewalls
- Firewall Rules
- Demo – Firewalls
- TPM
- Trusted OS
- Endpoint Security
- Endpoint Security Software
- Guidelines for Selecting Host Hardware and Software
- Security and Group Policy Implementations
- Standard Operating Environment
- Command Shell Restrictions
- Patch Management
- Out-of-Band Communication
- Peripheral Restrictions
- Communications Protocols Used by Peripherals
- Full Disk Encryption
- Trusted OS (Cont.)
- Endpoint Security (Cont.)
- Anti-Malware Software
- Host Hardening
- Guidelines for Hardening Hosts
- Operating System Security
- Host Hardening Action Steps
- Asset Management
- HIDS
- HIPS
- Host Monitoring
- Virtualization Platforms
- Hypervisors
- Container-Based Virtualization
- VDI
- Security Implications of VDI
- Terminal Services
- Application Delivery Services
- vTPM
- VM Vulnerabilities
- Guidelines for Virtualizing Servers and Desktops
- Cloud Services
- Cloud Security Services
- Hash Matching
- Content Filtering
- Guidelines for Implementing Cloud Augmented Security Services
- BIOS
- UEFI
- Secure Boot
- Measured Launch
- IMA
- Lesson 04 Review
- Review Quiz (Number of attempts allowed: Unlimited)
(Duration: 1h 53m)
- Workbook (Pdf)
- Topic A: Create a Risk Management Plan
- Risk
- Risk Exposure
- Risk Analysis Methods
- Risks Facing an Enterprise
- Project Buffer
- Classification of Risks
- Business Risk vs. Insurable Risk
- Risk Tolerance
- Probability Scale
- Impact Scale
- RBS
- Enterprise Security Architecture Frameworks
- ESA Framework Assessment Process
- New Products and Technologies
- New and Changing Business Models
- Partnership Model
- Outsourcing Model
- Cloud Model
- Mergers
- Demergers and Divestitures
- Integration of Diverse Industries
- Third-Party Providers
- Internal and External Influences
- De-perimeterization
- Risk Determinations
- Guidelines for Assessing Risk
- Classes of Information
- Classification of Information Types into CIA Levels
- Stakeholder Input for CIA Decisions
- Technical Controls
- Aggregate CIA Score
- Extreme Scenario Planning and Worst Case Scenarios
- System-Specific Risk Analysis
- Risk Response Techniques
- Risk Management Processes
- Continuous Monitoring and Improvement
- Risk Management
- The Risk Management Plan
- Components of a Risk Management Plan
- How to Create a Risk Management Plan
- IT Governance
- Guidelines for Mitigating Risk
- Policy Development
- Process and Procedure Development
- Best Practices to Incorporate in Security Policies and Procedures
- Legal Compliance and Advocacy
- General Privacy Principles
- Topic B: Identify Risks and Their Causes
- Triggers
- Information Gathering Techniques
- Documentation Reviews
- SWOT Analysis
- Risk Analysis
- Risk Register
- Components of a Risk Register
- Risk Categories
- How to Identify Risks and Their Causes
- Topic C: Analyze Risks
- Qualitative Risk Analysis
- Quantitative Risk Analysis
- Risk Probability and Impact Assessment
- The Probability and Impact Risk Rating Matrix
- The Ongoing Risk Assessment Process
- Project Risk Ranking
- Data Collection and Representation Techniques
- Basics of Probability
- Probability Distribution
- Quantitative Analysis Methods
- Qualitative Analysis Methods
- Risk Data Quality Assessment
- Risk Urgency Assessment
- Simulation
- Monte Carlo Analysis
- How to Analyze Risks
- Topic D: Develop a Risk Response Plan
- Negative Risks
- Negative Risk Strategies
- Positive Risks
- Positive Risk Strategies
- Contingency Plan
- The BCP
- DRP
- Contingency Reserve
- Risk-Related Contract Decisions
- How to Develop a Risk Response Plan
- Lesson 05 Review
- Review Quiz (Number of attempts allowed: Unlimited)
(Duration: 27m)
- Workbook (Pdf)
- Topic A: Implement Authentication and Authorization Technologies
- Authentication
- Certificate-Based Authentication
- SSO
- Authorization
- OAuth
- The OAuth Process
- XACML
- SPML
- Trust Models
- RADIUS Configurations
- LDAP
- Active Directory
- Kerberos
- Guidelines for Implementing Authentication and Authorization
- Topic B: Implement Advanced Identity Management
- Attestation
- Identity Propagation
- Identity Federation
- Identity Federation Methods
- Guidelines for Implementing Advanced Identity Management
- Lesson 06 Review
- Review Quiz (Number of attempts allowed: Unlimited)
(Duration: 57m)
- Workbook (Pdf)
- Topic A: Describe Cryptographic Concepts
- Confidentiality
- Integrity
- Non-repudiation
- Entropy
- Confusion
- Diffusion
- Chain of Trust
- Root of Trust
- Steganography
- Advanced PKI Concepts
- Topic B: Choose Cryptographic Techniques
- Cryptographic Applications
- Cryptographic Methods
- Block Cipher Modes
- Cryptographic Design Considerations
- Transport Encryption
- Transport Encryption Protocols
- Data at Rest Encryption
- Hashing
- Hash Functions
- Key Stretching
- Digital Signatures
- Code Signing
- Pseudorandom Number Generation
- Perfect Forward Secrecy
- Guidelines for Choosing Cryptographic Techniques
- Topic C: Choose Cryptographic Implementations
- DRM
- Digital Watermarking
- SSL/TLS
- SSH
- PGP and GPG
- S/MIME
- Guidelines for Choosing Cryptographic Implementations
- Lesson 07 Review
- Review Quiz (Number of attempts allowed: Unlimited)
(Duration: 1h 11m)
- Workbook (Pdf)
- Topic A: Implement Security Standards in the Enterprise
- Standards
- Categories of Standards
- Interoperability Issues
- Data Flow Security
- Guidelines for Implementing Standards in the Enterprise
- Topic B: Select Technical Deployment Models
- Deployment Models
- Cloud and Virtualization and Hosting Options
- Elastic Cloud Computing
- Data Remnants in the Cloud
- Data Aggregation
- Data Isolation
- Resource Provisioning and De-provisioning
- Virtual Machine Vulnerabilities
- Virtual Environment Security
- Virtual Environment Security (Cont.)
- Network Segmentation
- Network Delegation
- Mergers and Acquisitions
- Guidelines for Selecting Technical Deployment Models
- Topic C: Secure the Design of the Enterprise Infrastructure
- Infrastructure Design Security
- Deployment Diagrams
- Storage Integration
- Guidelines for Securing the Design of the Enterprise Infrastructure
- Topic D: Secure Enterprise Application Integration Enablers
- Customer Relationship Management
- Enterprise Resource Planning
- Governance, Risk, and Compliance
- Enterprise Service Bus
- Service Oriented Architecture
- Directory Services
- Domain Name System
- Configuration Management Database
- Content Management System
- Guidelines for Securing Enterprise Application Integration Enablers
- Lesson 08 Review
- Review Quiz (Number of attempts allowed: Unlimited)
(Duration: 1h 07m)
- Workbook (Pdf)
- Topic A: Perform an Industry Trends and Impact Analysis
- Industry Best Practices
- Demo – Security Research
- Research Methods
- Technology Evolution
- New Technologies, Security Systems, and Services
- New Security Technology Types
- Global IA Industry and Community
- Security Requirements for Contracts
- Guidelines for Determining Industry Trends and Effects on the Enterprise
- Situational Awareness
- Situational Awareness Considerations
- Emerging Business Tools
- Social Media as an Emerging Business Tool
- Mobile Devices as Emerging Business Tools
- Emerging Security Issues
- The Global Impact Analysis Industry
- Security Requirements for Business Contracts
- How to Perform an Industry Trends Impact Analysis
- Topic B: Perform an Enterprise Security Analysis
- Benchmarking
- Network Traffic Analysis
- Types of Network Traffic Analysis
- Prototyping and Testing
- Cost-Benefit Analysis
- Security Analysis Strategies
- Security Solution Analysis
- Lessons Learned Review
- How to Perform an Enterprise Security Analysis
- Review Existing Security
- Reverse Engineering
- Solution Attributes
- After-Action Report
- Guidelines for Analyzing Scenarios to Secure the Enterprise
- Lesson 09 Review
- Review Quiz (Number of attempts allowed: Unlimited)
(Duration: 1h 9m)
- Workbook (Pdf)
- Topic A: BCP Fundamentals
- BCPs
- BCP Development Phases
- NIST Contingency Planning Steps
- NFPA Business Planning Framework
- Disruptive Events
- BIA
- BIA Organizational Goals
- BIA Process
- Critical Business Process
- Vulnerability Assessments
- MTD
- RPO
- RTO
- RPO/RTO Optimization
- Topic B: BCP Implementation
- Program Coordinators
- Advisory Committee-BCP Team
- BCP Team Responsibilities
- BCP Contents
- Business Plan Evaluations
- Business Plan Testing
- Business Plan Maintenance
- Business Continuity Process
- Topic C: DRP Fundamentals
- DRP
- Disaster Recovery Strategy
- Disaster Recovery Priority Levels
- Disaster Recovery Response Approaches
- Backup Strategies
- Data Restoration Strategies
- Alternate Sites
- Topic D: DRP Implementation
- Recovery Team
- Salvage Team
- Disaster Recovery Evaluation and Maintenance
- Disaster Recovery Testing
- Disaster Recovery Process
- Lesson 10 Review
- Review Quiz (Number of attempts allowed: Unlimited)
(Duration: 35m)
- Workbook (Pdf)
- Topic A: Design Systems to Facilitate Incident Response
- Internal and External Violations
- Security Violations and System Design
- System, Audit, and Security Logs
- Guidelines for Designing Systems to Facilitate Incident Response
- Topic B: Conduct Incident and Emergency Responses E-Discovery E-Discovery Policy
- Data Breach
- Data Breach Response
- Chain of Custody
- Forensic Analysis of Compromised Systems
- COOP- Continuity of Operations
- Order of Volatility
- Guidelines for Conducting Incident and Emergency Responses
- Lesson 11 Review
- Review Quiz (Number of attempts allowed: Unlimited)
(Duration: 35m)
- Workbook (Pdf)
- Topic A: Computer Crime Laws and Regulations
- Common Law
- Statutory Law
- Types of Statutory Offenses
- Administrative Law
- Intellectual Property Law
- Information Privacy Law
- Computer Crime Law
- Compliance
- Liability
- Internal and External Audits
- Governmental Oversight Resources
- Topic B: Computer Crime Incident Response
- Computer Crime
- The Computer Criminal Incident Response Process
- The Evidence Life Cycle
- Evidence Collection Techniques
- Evidence Types
- Chain of Evidence
- Rules of Evidence
- Surveillance Techniques
- Search and Seizure
- Computer Forensics
- Lesson 12 Review
- Review Quiz (Number of attempts allowed: Unlimited)
(Duration: 40m)
- Workbook (Pdf)
- Topic A: Develop Critical Thinking Skills
- Intellectual Autonomy
- Humility
- Objectivity
- Focus on the Argument
- Clarity
- Defining Your Argument
- Intellectual Honesty
- Logical Fallacies
- Assessing Arguments Logically
- How to Employ Critical Thinking Skills
- Topic B: Determine the Root of a Problem
- Obstacles to Analysis
- Occam’s Razor
- Techniques for Applying Occam’s Razor
- Theme Analysis
- The Four Guidelines Technique
- How to Determine the Root of a Problem
- Topic C: Use Judgment to Make Sound Decisions
- Analyzing Problems
- Analytical vs. Creative Thinking
- Barriers to Creative Thinking
- Brainstorming
- Rules of Brainstorming
- Evaluating Brainstorming Ideas
- A Fishbone Diagram
- A Pareto Chart
- A Histogram
- A Cost-Benefit Analysis
- Phases in Cost-Benefit Analysis
- A Prioritization Matrix
- A Trade-Off Method
- A Decision Tree
- An Ease and Effect Matrix
- A PMI Analysis Table
- How to Use Judgment to Make Sound Decisions
- Lesson 13 Review
- Course Closure
- Review Quiz (Number of attempts allowed: Unlimited)
- about 19.9 hours on-demand video
- 13 downloadable Pdf Workbooks
- Unlimited time access (During Membership)
- Access on mobile and Desktop
- Certificate of Completion
Course Features Include:
Expert Lectures
Learn on-demand from top instructors who are industry subject matter experts. Our highly certified expert instructors possess a superior understanding of the subject matter in their fields and have the ability to convey this knowledge in an effective, engaging, and professional manner to a wide audience.Certificates of Completion
Upon completion of a series of courses you can earn a certificate of completion from Career Academy. Certificates of Completion will display your full name, course completed, as well as the date of completion. Students have the ability to print this out or save it digitally to showcase your accomplishment.PowerPoint Visuals:
Many of the in-depth theories and processes discussed in our courses can be learned most efficiently through the detailed PowerPoint slides presented. These visuals are accompanied by an instructor voice-over to provide our students with a clear, efficient, and complete presentation of concepts.Professional Development Activities
Students are provided access to professional development activity files which allow for an individual to test out course theories and apply the knowledge they earned from the course.Review Quizzes
Once a course is completed, test your knowledge by taking our course review quiz! Students have the ability to retake any review quizzes as many times as they wish to ensure they understand the material or to improve upon their scores.Mobile Access
With our universal course player, you can learn from your computer, tablet as well as mobile devices. Keep up with your training on the go!
Trusted by Aspiring IT Professionals, Corporations and
Government agencies for more than a Decade
Get unlimited online access learn anywhere, anytime using your computer or mobile device!