access
1 year
enrolled
327
Description
This CompTIA Advanced Security Practitioner (CASP) training course will prepare you to earn a vendor-neutral certification that validates IT professionals with advanced-level security skills and knowledge. You’ll learn the technical know-how to conceptualize, design, and engineer secure solutions across complex enterprise environments. It's a guaranteed career booster that will open up new avenues for your IT career you'd never before thought possible.- Get the training & knowledge you need to ace the CASP certification exam
- Dive into a broad range of security disciplines to implement enterprise-facing security solutions
- Run through 17 modules, including: Business Influences and Associated Security Risks, Risk Mitigation Planning - Strategies and Controls, Security-Privacy Policies and Procedures, etc.
- Complete a course that follows CompTIA authorized objectives
- Increase your employability & boost your career
iCollege is a leading international provider of E-Learning courses, learning technologies, and development services. iCollege is a collaborative venture between XpertSkills and XpertEase Software. The synergistic result of the joint venture enable them to provide sophisticated, innovative, relevant, flexible, and cost-effective learning solutions. Their collective knowledge and experience in education and training provision sets the standard for service delivery in learning solutions.
For more details on this course and instructor, click here.
Details & Requirements
- Length of time users can access this course: 1 year
- This course includes exam simulations
- Access options: web streaming
- Certification of completion not included
- Redemption deadline: redeem your code within 60 days of purchase
- Experience level required: all levels
- Once you are ready for your exam, you can make an appointment to take the official exam at any center worldwide
- Restrictions: exam vouchers not included
Compatibility
- Internet required
- Windows PC required
- CompTIA Security+ or equivalent knowledge recommended
- Technical, hands-on enterprise experience recommended
Terms
- Instant digital redemption
- You may schedule your exam at any time and at any international examination centre located nationwide. The cost of exams are not included and you will need to directly pay the examination centre while booking.
- Please visit the respective vendor websites for full examination and certification requirements and details.
Course Outline
- Business Influences and Associated Security Risk
- Risk Management
- Business Model Strategies
- Integrating Diverse Industries
- Third Party Information Security and Providers
- Internal and External Influences
- Impact of De-Perimeterization
- Risk Mitigation Planning - Strategies and Controls
- CIA Triad
- Business Classifications
- Information Life Cycle and Steak-Holder Input
- Implementing Technical Controls
- Determine Aggregate CIA Score
- Worst Case Scenario Planning
- Calculation Tools and Attacker Motivation
- Return Of Investment
- Total Cost of Ownership and Risk Strategies
- Risk Management Process
- Identifying Vulnerabilities and Threats
- Security Architecture Frameworks
- Business Continuity Planning
- IT Governance
- Security Policies
- Security-Privacy Policies and Procedures
- Policy Development Updates
- Developing Processes and Procedures
- Legal Compliance
- Security Policy Business Documents
- Outage Impact and Estimating Downtime Terms
- Sensitive Information-Internal Security Policies
- Incident Response Process
- Forensic Tasks
- Employment and Termination Procedures
- Network Auditing
- Incident Response and Recovery Procedures
- E-Discovery and Data Retention Policies
- Data Recovery-Storage and Backup Schemes
- Data Owner and Data Handling
- Disposal Terms and Concepts
- Data Breach and Data Analysis
- Incident Response Guidelines
- Incident and Emergency Response
- Media-Software and Network Analysis
- Order of Volatility
- Industry Trends
- Performing Ongoing Research
- Security Practices
- Evolution of Technology
- Situational Awareness and Vulnerability Assessments
- Researching Security Implications
- Global Industry Security Response
- Threat Actors
- Contract Security Requirements
- Contract Documents
- Securing the Enterprise
- Benchmarks and Baselines
- Prototyping and Testing Multiple Solutions
- Cost/Benefit Analysis
- Metrics Collection and Trend Data
- Security Controls-Reverse Engineering and Deconstructing
- Security Solutions Business Needs
- Lesson Learned- After Action Report
- Assessment Tools and Methods
- Port Scanners and Vulnerability Scanners
- Protocol Analyzer- Network Enumerator-Password Cracker
- Fuzzers and HTTP Interceptors
- Exploitation Tools
- Passive Reconnaissance Tools
- Vulnerability Assessments and Malware Sandboxing
- Memory Dumping and Penetration Testing
- Reconnaissance and Fingerprinting
- Code Review
- Social Engineering
- Social Cryptographic Concepts and Techniques
- Cryptographic Benefits and Techniques
- Hashing Algorithms
- Message Authentication Code
- Cryptographic Concepts
- Transport Encryption Protocol
- Symmetric Algorithms
- Asymmetric Algorithms
- Hybrid Encryption and Digital Signatures
- Public Key Infrastructure
- Digital Certificate Classes and Cypher Types
- Des Modes
- Cryptographic Attacks
- Strength vs Performance and Cryptographic Implementations
- Enterprise Storage
- Virtual Storage Types and Challenges
- Cloud Storage
- Data Warehousing
- Data Archiving
- Storage Area Networks (SANs) and (VSANs)
- Network Attached Storage (NAS)
- Storage Protocols and Fiber Channel over Ethernet (FCoE)
- Storage Network File Systems
- Secure Storage Management Techniques
- LUN Masking/Mapping and HBA Allocation
- Replication and Encryption Methods
- Network and Security Components-Concepts-Security Architectures
- Remote Access Protocols
- IPv6 and Transport Encryption
- Network Authentication Methods
- 802.1x and Mesh Networks
- Security Devices
- Network Devices
- Firewalls
- Wireless Controllers
- Router Security and Port Numbers
- Network Security Solutions
- Availability Controls-Terms and Techniques
- Advanced Router and Switch Configuration
- Data Flow Enforcement of Applications and Networks
- Network Device Accessibility and Security
- Security Controls for Hosts
- Trusted Operation Systems
- Endpoint Security Software and Data Loss Prevention
- Host Based Firewalls
- Log Monitoring and Host Hardening
- Standard Operating Environment and Group Policy Security
- Command Shell Restrictions
- Configuring and Managing Interface Security
- USB-Bluetooth-Firewire Restrictions and Security
- Full Disk Encryption
- Virtualization Security
- Cloud Security Services
- Boot Loader Protections
- Virtual Host Vulnerabilities
- Virtual Desktop Infrastructure
- Terminal Services
- Virtual TPM
- Application Vulnerabilities and Security Controls
- Web Application Security Design
- Specific Application Issues
- Session Management
- Input Validation
- Web Vulnerabilities and Input Mitigation Issues
- Buffer Overflow and other Application Issues
- Application Security Framework
- Web Service Security and Secure Coding Standards
- Software Development Methods
- Monitoring Mechanisms and Client-Server Side Processing
- Browser Extensions and Other Web Development Techniques
- Host-Storage-Network and Application Integration
- Securing Data Flows
- Standards Concepts
- Interoperability Issues
- In House Commercial and Customized Applications
- Cloud and Virtualization Models
- Logical and Physical Deployment Diagrams
- Secure Infrastructure Design
- Storage Integration Security
- Enterprise Application Integration Enablers
- Authentication and Authorization Technologies
- Authentication and Identity Management
- Password Types-Management and Policies
- Authentication Factors
- Biometrics
- Dual-Multi Factor and Certificate Authentication
- Single Sign On Issues
- Access Control Models and Open Authorization
- Extensible Access Control Markup Language (XACML)
- Service Provisioning Markup Language (SPML)
- Attestation and Identity Propagation
- Federation and Security Assertion Markup Language (SAML)
- OpenID-Shibboleth and WAYF
- Advanced Trust Models
- Business Unit Collaboration
- Identifying and Communicating Security Requirements
- Security Controls Recommendations
- Secure Solutions Collaboration
- Secure Communication and Collaboration
- Web-Video Conferencing-Instant Messaging
- Desktop Sharing
- Presence Guidelines
- Email Messaging Protocol
- Telephony-VoIP and Social Media
- Cloud Based Collaboration
- Remote Access and IPsec
- Mobile and Personal Device Management
- Over Air Technology Concerns
- WLAN Concepts-Terms-Standards
- WLAN Security and Attacks
- Security Across the Technology Life Cycle
- End to End Solution Ownership
- System Development Life Cycle
- Security Implications of Software Development Methodologies
- Asset Management
access
1 year
enrolled
327