CompTIA CASP+ (CAS-003)

Objectives

• Implement cryptographic techniques.
• Use research and analysis to secure the enterprise.
• Integrate advanced authentication and authorization techniques.
• Support IT governance in the enterprise with an emphasis on managing risk.
• Implement security controls for hosts.
• Leverage collaboration tools and technology to support enterprise security.
• Implement network security.
• Implement security in the systems and software development lifecycle.
• Integrate hosts, storage, networks, applications, virtual environments, and cloud technologies in secure enterprise architecture.
• Respond to and recover from security incidents.
• Conduct security assessments.

Audience

• IT professionals whose primary job responsibility is to secure complex enterprise environments.
• Existing cybersecurity practitioners who wish to grow their skills to become top-level experts in their field.
• Technical IT professionals that wish to grow their skills in areas such as Risk Management, Enterprise Security Architecture, Operations, Technical Integration of Enterprise Security Research, Development and Collaboration.

Prerequisites

• Before starting your journey to become CompTIA Linux+ certified, we recommend that you meet the following prerequisites:

Prior tostartingCASP+ exam preparation

• CompTIA Security+ certification.
• CySA+ and PentTest+ is strongly recommended.
• Minimum of 10 years of experience in atechnical IT role.

Prior to taking the CompTIA CASP+ exam:

• Completion of ourCompTIA CASP+ training program.
• At least five years of hands-on experience working with IT security in an enterprise environment.
• Thorough understanding of all topics detailed in the exam objectives.

Course Outline

A thorough understanding of the CASP+ curriculum is an absolute must to pass your certification exam. Objectives of the CASP+ curriculum include establishing a solid understanding of risk management, clarifying enterprise security architecture, and growing research and collaboration skills to boost technical development of enterprise security.

Risk Management

• Summarize business and industry influences and associated security risks.
• Compare and contrast security, privacy policies and procedures based on organizational requirements.
• Given a scenario, execute risk mitigation strategies and controls.
• Analyze risk metric scenarios to secure the enterprise.

Enterprise Security Architecture

• Analyze a scenario and integrate network and security components, concepts and architectures to meet security requirements.
• Analyze a scenario to integrate security controls for host devices to meet security requirements.
• Analyze a scenario to integrate security controls for mobile and small form factor devices to meet security requirements.
• Given software vulnerability scenarios, select appropriate security controls.

Enterprise Security Operations

• Given a scenario, conduct a security assessment using the appropriate methods.
• Analyze a scenario or output, and select the appropriate tool for a security assessment.
• Given a scenario, implement incident response and recovery procedures.

Technical Integration of Enterprise Security

• Given a scenario, integrate hosts, storage, networks and applications into a secure enterprise architecture.
• Given a scenario, integrate cloud and virtualization technologies into a secure enterprise architecture.
• Given a scenario, integrate and troubleshoot advanced authentication and authorization technologies to support enterprise security objectives.
• Given a scenario, implement cryptographic techniques.
• Given a scenario, select the appropriate control to secure communications and collaboration solutions.

Research, Development and Collaboration

• Given a scenario, apply research methods to determine industry trends and their impact to the enterprise.
• Given a scenario, implement security activities across the technology life cycle.
• Explain the importance of interaction across diverse business units to achieve security goals.

Top of Form

SUPPORTING IT GOVERNANCE AND RISK MANAGEMENT

• Overview
• So You Want To Setup a Lab
• Begin At The Beginning – Confidentiality
• Begin at the Beginning – Integrity
• Begin At The Beginning – Availability
• Governance And Risk Management: Overview
• Governance and Risk Management Risk Vocabulary
• Governance and Risk Management Risk Management
• Governance And Risk Management: Risk Analysis
• Assess Risks: What is a Security Framework
• Assess Risks: System Specific Risk Analysis
• Assess Risks: Risk Determination
• Assess Risks System Specific Risk Analysis
• Risk Mitigation: What Is A Aggregate CIA Score
• Risk Mitigation: What Are The CVSS And CVE
• Risk Mitigation: Risk Responses
• Risk Management Documentation: Best Practices
• Risk Management Documentation: BCP
• Risk Management Documentation: What Is A BIA
• Risk Management Documentation: Downtime
• Risk Management Documentation: Documents
• T. Governance And Risk Management – Key Points

RESPONDING TO AND RECOVERING FROM INCIDENTS

• Assess Risks ESA Framework Assessment Process
• Incident Response Facilitators
• Incident Response Facilitators Part 2
• E-Discovery
• Incident Response Review Questions
• What is COOP
• CSIRTs and Common Tools
• Evidence Collection and Handling
• Types of Evidence
• Five Rules Of Evidence 5 B’s
• Principles of Criminalistics
• Investigation Process
• Forensic Analysis of Compromised Systems
• What is the Order of Volatility
• Conducting Forensic Analysis with Autopsy
• Responding To Incidents – Key Points

LEVERAGING COLLABORATION TO SUPPORT SECURITY

• Collaboration: GRC And Controls
• Collaboration: What Is An SCA
• Collaboration: Solutions
• Leveraging Collaboration – Key Points

USING RESEARCH AND ANALYSIS TO SECURE THE ENTERPRISE

• Research And Analysis: Industry Trends
• Research And Analysis: Artificial Intelligence
• Research and Analysis Requirements for Contracts
• Analyze Scenarios to Secure the Enterprise
• Using Research And Analysis – Key Points

INTEGRATING ADVANCED AUTHENTICATION AND AUTHORIZATION TECHNIQUES

• Authentication and Access Control
• Authentication Factors and Controls
• Authentication Types
• Centralized Remote Authentication Services
• Deep Dive: RADIUS
• Deep Dive: 802.1X
• What Is Authorization/OAuth2.0
• What is XACML
• Trusts Models and Kerberos
• Trust Models and Kerberos Part 2
• Directory Services and LDAP
• Hands On: Establishing Peer Trusts
• Authentication And Authorization Review Questions
• Advanced Identity Concepts and Vocabulary
• Identity Federation Methods
• Advanced Identity Review Questions
• Authentication And Authorization: Key Points

IMPLEMENTING CRYPTOGRAPHIC TECHNIQUES

• Encryption
• Hashing
• Digital Signatures
• Blockchain and Bitcoin
• Hands On: Configuring A Blockchain
• Public Key Infrastructure PKI – Design
• Public Key Infrastructure PKI – Concepts
• Cryptography Concepts
• Stream Vs. Block Ciphers
• Implement Cryptography
• Implementing Cryptographic Techniques – Key Points

IMPLEMENTING SECURITY CONTROLS FOR HOSTS

• Host Concepts and Vocabulary
• Product Evaluation Models – TCSEC
• Product Evaluation Models – ITSEC
• Product Evaluation Models – Common Criteria
• What is a Trusted OS
• Types of Security Models
• Bell-LaPadula
• Biba
• Clark-Wilson and Others
• Access Control Concepts
• Role-Based Access Control (RBAC)
• Other Access Control Models
• Endpoint Security
• Host Review Questions
• Hardening Hosts Concepts and Vocabulary
• Peripherals
• Full Disk Encryption
• Hands-On: Hardening Windows Hosts, AppLocker
• Virtualization Concepts and Vocabulary
• Common VM Vulnerabilities
• Hands-On: Creating Securing VM Using Virtualbox
• Boot Loader Concepts and Vocabulary
• Hands-On: Protecting Boot Loaders
• Implementing Security Controls Hosts Key Points

SECURITY CONTROLS FOR MOBILE DEVICES

• Mobile Deployment Models
• MDM Concepts and Vocabulary
• MDM Concepts and Vocabulary Part 2
• Storage
• Concepts and Vocabulary
• Concepts and Vocabulary Part 2
• Security Controls For Mobile Devices – Key Points
• Concepts And Vocabulary

IMPLEMENTING NETWORK SECURITY

• IDSs Vs IPSs Casp
• What is a SIEM system
• Network Security Concepts and Vocabulary
• Hands-On Deploy Network Security Platform OPNsense
• SoC, BASs, ICS and SCADA
• Network-Enabled Devices Review Questions
• Remote Access and IPv6
• Network Authentication
• Network Topologies and SDN
• Optimizing Resource Placement
• Advanced Network Design Review Questions
• Network Security Controls Concepts Vocabulary
• VLANS and Network Data Flow
• DPI and HTTPS Inspection
• Network Device Configurations
• NAC and Alerting
• Hands On: Implementing Network Monitoring Ntopng
• Implementing Network Security – Key Points

IMPLEMENTING SECURITY IN THE SYSTEMS AND SOFTWARE DEVELOPMENT LIFECYCLE

• What Is The Systems Development Life Cycle SDLC
• Development Methodologies
• What are the SDLC Phases
• Security Requirements Traceability Matrix SRTM
• Common Software Development Approaches
• Common Software Development Methods
• What about Validation and Acceptance Testing
• SDLC Review Questions
• Secure vs Insecure Direct Object References
• Error Exception Handling Try…Catch Statements
• What is Privilege Escalation
• Overflows and Canaries
• Memory Leaks
• Races and Exhaustion
• What is SQL Injection
• What Is Session…
• What is a Cross-Site Scripting XSS Attack
• Cross-Site Request Forgery XSRF/CSRF Attack
• What about Clickjacking and Cookie Hijacking
• What is security by
• Input Validation Fuzzing Application Sandboxing
• WS-Security DAM and Software Assurance Tech
• Implementing Security In The SDLC – Key Points

INTEGRATING ASSETS IN A SECURE ENTERPRISE ARCHITECTURE

• Integrate Best Practices in Enterprise Security
• Technical Deployment Models: What Is A Model
• Technical Deployment Models: What Is Cloud
• Cloud Security Services in the Enterprise
• Secure Design: Vocabulary And Concepts
• Secure Design: Vocabulary And Concepts Part 2
• Secure Design: Review Questions
• Data Security: Owners, Processors And Sovereignty
• Data Security: Data Flow Security
• Data Security: Data Remanence
• Data Security: Provisioning And Deprovisioning
• Data Security: Review Questions
• Enterprise Applications: What are They
• Enterprise Applications: Directory Svcs, DNS
• Enterprise Applications: Directory Svsc, DNS Pt.2
• Enterprise Applications: Hands On With DNS RRs
• DNSSEC, Zone Transfers And TSIGs
• DNSSEC, Zone Transfers And TSIG Part 2
• DNSSEC, Zone Transfers And TSIG Part 3
• Hands on With DNSSEC
• Enterprise Applications: Configuration Management
• Enterprise Applications: Review Questions
• Integrating Assets – Key Points

CONDUCTING SECURITY ASSESSMENTS

• Security Assessments: Types
• Security Assessments: Application Code Review
• Going Deeper: Vulnerability Scanning
• Going Deeper: Testing Software
• Software Testing Types
• Software Testing Types Part 2
• Logs, Memory And Debugging
• Social Engineering
• OSINT, Self-Assessments And Teaming
• Security Assessments – Review Questions
• Vulnerability Scanner (Nikto)
• Port Scanner (Zenmap)
• Protocol Analyzer (Wireshark)
• Network Enumerator (Zenmap)
• Password Cracker (John The Ripper)
• Using a Fuzzer in Kali Linux
• HTTP Interceptor (Burp Suite)
• Exploitation Framework (Social-Engineer Toolkit)
• Log Analysis In Kali (Grep And Cut)
• OpenSCAP
• Reverse Engineering (Strace)
• Conducting Security Assessments – Key Points