CompTIA Advanced Security Practitioner (CASP+ Exam CAS-003)
4.3 (253 ratings)
Course Ratings are calculated from individual students’ ratings and a variety of other signals, like age of rating and reliability, to ensure that they reflect course quality fairly and accurately.
1,681 students enrolled

CompTIA Advanced Security Practitioner (CASP+ Exam CAS-003)

Preparatory course for the exam CAS-003
Bestseller
4.3 (253 ratings)
Course Ratings are calculated from individual students’ ratings and a variety of other signals, like age of rating and reliability, to ensure that they reflect course quality fairly and accurately.
1,681 students enrolled
Last updated 3/2019
English
English [Auto-generated]
Current price: $139.99 Original price: $199.99 Discount: 30% off
5 hours left at this price!
30-Day Money-Back Guarantee
This course includes
  • 12 hours on-demand video
  • 6 downloadable resources
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion
Training 5 or more people?

Get your team access to 4,000+ top Udemy courses anytime, anywhere.

Try Udemy for Business
What you'll learn
  • After successfully completing this course, the students will be able to pass the exam CompTIA Advanced Security Practitioner (CASP)
  • The CompTIA Advanced Security Practitioner certification is an international, vendor-neutral exam that proves competency in enterprise security; risk management; research and analysis; and integration of computing, communications, and business disciplines.
  • The exam covers the technical knowledge and skills required to conceptualize, design, and engineer secure solutions across complex enterprise environments. It involves applying critical thinking and judgment across a broad spectrum of security disciplines to propose and implement solutions that map to enterprise drivers.
Requirements
  • There is no required prerequisite for this course however, the CASP certification is intended to follow CompTIA Security+ or equivalent experience and has a technical, hands-on focus at the enterprise level.
  • We recommend that students have a minimum of ten years of experience in IT administration, including at least five years of hands-on technical security experience.
Description

The CompTIA Advanced Security Practitioner course is a preparatory course for the exam CAS-003 conducted by The Computing Technology Industry Association (CompTIA). It covers the exam topics in detail and prepares the students in the areas of risk management; enterprise security operations and architecture; research and collaboration; and integration of enterprise security.

This certification course covers the technical knowledge and skills required to conceptualize, design, and engineer secure solutions across complex enterprise environments. It involves applying critical thinking and judgment across a broad spectrum of security disciplines to propose and implement solutions that map to enterprise drivers, while managing risk.

Who this course is for:
  • An IT security professional who has a minimum of 10 years of experience in IT administration including at least 5 years of hands-on technical security experience.
  • IT professionals aiming to move into a specialist security position such as a risk manager or analyst, security architect, or penetration tester/ethical Hacker.
  • Cyber Security / IS Professional, Information Security Analyst, Security Architect, IT Specialist INFOSEC, IT Specialist, Cybersecurity, Cybersecurity Risk Manager, Cybersecurity Risk Analyst.
Course content
Expand all 260 lectures 12:01:28
+ Chapter 01 - Understanding Risk Management
59 lectures 02:21:59

Download files here

Preview 02:15
Business Models and Strategies
03:25
Cloud Technologies
04:47
Acquisitions and Mergers
03:08
Due Diligence Team
01:05
Data Ownership
01:30
Data Reclassification
01:00
Integrating Diverse Industries
05:01
Common Regulations
05:08
Geographic Differences
02:25
Data Sovereignty
00:53
Internal and External Influences
05:32
De-perimeterization
01:07
Understand Changes in Network Boundaries
06:53
Topic B: Policies and Procedures
00:22
Understanding Policies and Procedures
01:34
Policy Life Cycle
01:28
Process Life Cycle
01:30
Reviewing Policies and Processes
03:45
Common Business Documents
04:44
Security for Contracts
01:14
Contract Requirements
01:54
General Privacy Principles
01:13
Standard Security Practices
11:28
Demo - Examining Security Policies
07:11
Topic C: Risk Mitigation and Control
00:24
Introduction to Risk Mitigation
01:00
Categorizing Data
03:48
Incorporating Stakeholder Input
01:18
Aggregate CIA Scores
01:36
Selecting and Implementing Controls
04:11
Security Control Frameworks
00:51
Options for Frameworks
04:40
Extreme Scenario Planning
02:41
System-Specific Risk Analysis
01:13
Qualitative Risk Analysis
01:39
Quantitative Risk Analysis
01:05
Risk Impact
03:08
Likelihood of Threat
00:48
Return on Investment
01:52
Understanding Payback
02:05
Total Cost of Ownership
01:24
TCO Guidelines
01:23
Translate to Business Terms
01:31
Risk Management Strategies
02:09
Risk Management Processes
01:06
Information and Asset Value and Costs
00:49
Vulnerabilities and Threat Identification
01:06
Additional Factors
01:34
Topic D: Business Continuity Planning
00:21
Continuity Planning
00:19
BCP Components
01:51
BCP Steps
02:38
Additional Plans
01:48
Conducting Business Impact Analysis
04:57
Chapter 01 Review
01:03
Quiz 1
12 questions
+ Chapter 02 - Network and Security Components and Architecture
54 lectures 01:58:44

Download files here

Chapter Introdcution
00:34
Topic A: Physical and Virtual Network Security Devices
00:15
Unified Threat Management
01:18
Analyzing UTM
01:31
Intrusion Detection and Prevention
05:13
In-Line Network Encryptor
01:31
Network Access Control
03:02
SIEM
01:15
Firewalls
07:05
Firewall Architecture
05:16
Wireless Controller
01:49
Routers and Switches
02:09
Proxy Servers
01:30
Topic B: Application and Protocol Level Security
00:29
Web Application Firewalls
01:46
Hardware Security Modules
01:50
Vulnerability Scanners
02:11
Topic C: Advanced Network Design
00:31
Virtual Private Networks
02:51
VPN Protocols
01:58
IP Security (IPSec)
03:01
IPSec Modes
01:02
Demo - Examining IPSec Policies
09:28
Secure Sockets Layer (SSL)
01:44
Transport Layer Security (TLS
01:00
Additional Security Protocols
03:25
Authentication Protocols
04:45
Topic D: Network Solutions for Data Flow
00:36
Data Loss Prevention
02:48
Data Flow Enforcement
02:00
Network Flow
01:32
Topic E: Secure Baselines of Networking and Security Components
00:30
Securing Device Configurations
00:25
Access Control Lists (ACLs)
00:42
ACL Rule Sets
02:04
Change Monitoring
01:30
Configuration Lockdown
00:51
Availability Controls
03:29
Disk Availability
03:56
Key Availability Terms
01:25
Topic F: Advanced Configuration of Network Devices
00:16
Additional Configurations
00:49
Transport Security
01:44
Trunking Security
03:47
Port Security
02:20
Ports and Sockets
03:37
Security Zones
01:29
Network Segmentation
01:24
Network Access Control
02:52
NAC Concepts
02:53
Network Enabled Devices
02:20
Automation Systems
01:23
Physical Security
02:17
Chapter 02 Review
01:16
Quiz
10 questions
+ Chapter 03 - Implementing Advanced Authentication and Cryptographic Techniques
44 lectures 01:45:41

Download files here

Chapter Introdcution
00:56
Topic A: Understanding Authentication and Authorization Concepts
00:20
Authentication
04:42
The Importance of Identity
07:43
Additional Password Options
00:54
Demo - Enforcing Strong Passwords
10:04
Biometric Authentication
02:50
Biometric Considerations
01:35
Beyond Single Factor
01:38
Certificate Authentication
03:01
Authorization
07:42
Open Authorization
01:07
XACML
01:55
SPML
01:06
Authorization Concepts
04:02
Trust Models
01:53
Topic B: Cryptographic Techniques
00:26
Introduction to Cryptography
01:19
Cryptographic Techniques
00:51
Key Stretching
00:58
Hashing
03:14
Message Digest (MD) Algorithms
01:36
Secure Hash Algorithm (SHA)
01:30
Digital Signatures
02:00
Message Authentication
01:17
Code Signing
00:45
Additional Concepts
02:12
Protecting Data in Transit
02:01
Protecting Data in Memory
01:13
Protecting Data at Rest
03:44
Symmetric Algorithms
04:08
Asymmetric Algorithms
03:00
Encryption Methods
03:22
Topic C: Cryptographic Implementations
00:27
Crypto Options
02:08
Additional Crypto Options
02:41
Cryptographic Applications
01:05
Crypto Considerations
01:27
Stream vs. Block Ciphers
01:47
Block Cipher Modes
00:25
Public Key Infrastructure
05:41
Primary PKI Functions
02:09
Additional PKI Concepts
01:42
Chapter 03 Review
01:05
Quiz 3
10 questions
+ Chapter 04 - Implementing Security for Systems, Applications, and Storage
45 lectures 02:23:07

Download files here

Chapter Introdcution
00:56
Topic A: Security for Host Devices
00:25
Trusted OS
02:14
Trusted OS Options
03:11
Security Software
06:06
Additional Host-Based Software Options
02:23
Demo - Configuring a Host-Based Firewall
07:42
Auditing
02:08
Demo - Configuring Audit Policies
08:14
Endpoint Detection Response
01:00
Host Hardening
04:00
Group Policy
02:20
Demo - Configuring Group Policy Security
04:44
Command Shell Restrictions
02:17
Out-of-Band Management
02:11
Dedicated Interfaces
02:34
External I/O Restrictions
01:54
Wireless Technologies
05:03
Wi-Fi Components
01:59
802.11 Standards
03:21
Wireless Security
05:39
Securing Other Host Devices
03:18
Boot Security
02:06
Additional Boot Security Options
04:30
Topic B: Mobile Device Security
00:40
Enterprise Mobility Management
01:18
MDM Concepts
02:56
Management Options
03:32
Context Aware Management
03:57
Security and Privacy
04:16
Physical Security Options
01:27
Additional Mobile Device Concepts
06:07
Authentication Options
02:22
Mobile Devices
04:46
Wearable Security Implications
01:38
Topic C: Software Security Controls
00:26
Application Security Design Considerations
03:03
Application Issues
06:30
Application Issues conti...
08:18
Data Remnants
01:41
Securing Applications
02:34
Using JSON and REST
01:39
Browser Extensions
02:39
Application Vulnerabilities
01:57
Chapter 04 Review
01:06
Quiz 4
12 questions
+ Chapter 05 - Implementing Security for Cloud and Virtualization Technologies
26 lectures 01:45:23

Download files here

Chapter Introduction
02:21
Topic A: Cloud and Virtualization Technology
01:21
Cloud Computing and Virtualization
05:48
Cloud Options
10:37
Security Considerations
04:35
Cloud Service Models
07:39
Demo - Examining Cloud Service Models
09:14
Security and Virtualization
05:46
Cloud-Augmented Security Services
07:25
Security as a Service
01:54
Virtualization Vulnerabilities
03:40
Topic B: Securing Remote Access and Collaboration
00:37
Remote Access
01:09
Dial-Up Access
03:09
Virtual Private Networks
01:49
Remote Access Purposes
03:05
Security Considerations
02:08
Unified Collaboration Tools
01:08
Web Conferencing
04:43
Video Conferencing
03:06
Storage and Document Collaboration
03:12
Unified Communication
01:44
Instant Messaging
03:01
Presence
03:13
E-Mail
11:55
Chapter 05 Review
01:04
Quiz 5
10 questions
+ Chapter 06 - Utilizing Security Assessments and Incident Response
30 lectures 01:41:37

Download files here

Chapter Introduction
01:09
Topic A: Security Assessments
00:20
Importance of Security Assessments
00:40
Malware Sandboxing
02:29
Memory Dumping
01:36
Runtime Debugging
01:25
Reconnaissance
01:19
Fingerprinting
02:29
Code Review
02:47
Social Engineering
12:47
Public Information
11:15
Demo - Accessing Public Information
06:36
Penetration Test
05:41
Vulnerability Assessment
03:34
Assessment Styles
04:30
Topic B: Security Assessment Tools
00:34
Network Tool Types
04:39
Security Content Automation Protocol (SCAP)
02:03
Common Vulnerability Scoring System (CVSS)
03:16
Fuzzing
00:50
Exploit Kits
01:06
Host Tools
07:25
Additional Host Tools
03:40
Physical Security Tools
03:23
Topic C: Incident Response and Recovery
01:02
E-discovery
05:37
Data Breach
01:23
Incident Response Process
04:30
Chapter 06 Review
00:56
Quiz 6
11 questions
Course Closure
02:36