CompTIA CASP+

Name: CompTIA CASP+
Rating: 4.5 (61 reviews)

Exam Preparatory course

Created byStone River eLearning

Last updated 4/2023

English

What you'll learn

Risk Management: Identify and analyze risk scenarios and select appropriate mitigation strategies.
Enterprise Security Architecture: Design and implement secure network and security architectures that align with business objectives.
Enterprise Security Operations: Implement security policies and procedures to manage security operations, including incident response, disaster recovery, and
Technical Integration of Enterprise Security: Implement security solutions for enterprise applications, data, and host security, and ensure that security is i
Research, Development, and Collaboration: Stay up to date with emerging security technologies and threats, perform security research, collaborate with other s

Course content

4 sections • 73 lectures • 26h 20m total length

Overview4:54
Services - Discussion28:43
Segmentation - Discussion21:10
Services & Segmentation - Scenarios27:22
Deperimeterization/Zero Trust17:30
Merging of Networks21:45
Software-defined Networking (SDN)18:38
Infrastructure Design - Discussion25:33
Infrastructure Design - Scenarios22:32
Baselines & Templates & Software Assurance25:41
Integrating Enterprise Applications10:38
Security in the Development Lifecycle25:08
Securing Enterprise Architecture26:23
Explore how data, the organization’s most valuable asset, moves through five stages—create, store, use, archive, destroy—while applying classification, categorization, and data management to secure the enterprise architecture.
Authentication & Authorization - Discussion24:10
Authentication & Authorization - Scenarios20:31
Secure Cloud & Virtualization26:05
Explore secure cloud and virtualization, including deployment and service models. Understand containers, emulation, VDI, storage types (blob, block, file, object), and databases.
Cryptography & PKI25:52
Impact of Emerging Technologies27:10
Explore blockchain, ai, augmented reality, big data, deep learning, quantum computing, 3d printing, and homomorphic encryption, plus distributed consensus and secure multiparty computation shaping modern security landscapes.
Security Architecture - Key Points14:59

Perform Threat Management24:51
Indicators of Compromise & Response27:35
Identify indicators of compromise and coordinate incident response through logging, SIEM, and SOAR while performing packet and protocol analysis with tcpdump and Wireshark.
Vulnerability Management Activities22:21
Vulnerability Assessment - Methods & Tools27:15
Analyze Vulnerabilities - Vulnerabilities26:29
Analyze Vulnerabilities - Vulnerable Systems24:42
Analyze web application vulnerabilities by comparing client-side versus server-side processing, examining REST/JSON APIs, injection risks, input sanitization, and SOAP, XML, and HTML5 considerations.
Analyze Vulnerabilities - Attacks28:11
Use Processes to Reduce Risk25:13
Triage & Incident Response23:07
Forensic Concepts21:02
File Carving & Binary Analysis27:35
Analysis Tools27:28
Live Collection Tools24:49
Security Operations - Key Points15:57

Managed Configurations27:16
Explore security engineering and cryptography through managed configurations, MDM/EMM, and IAM to enforce policies, patches, encryption, and secure networking with MFA, DoH, WPA3.
Deployment Scenarios12:57
Security Considerations24:34
Hardening Techniques22:06
Processes25:10
Understand how policy, process, and procedure shape patching and host protection. Learn to triage updates and apply firmware patches across on-prem, cloud, and hybrid environments.
Mandatory Access Control15:04
Trustworthy Computing27:18
Compensating Controls9:35
Security Considerations - Embedded15:58
Security Considerations - ICS-SCADA22:07
Security Considerations - Protocols24:46
Security Considerations - Sectors8:45
Identify sectors where ICS and SCADA are prevalent and discuss security considerations as automated systems monitor data and control operations.
Cloud Technology - Basics26:17
Cloud Technology - Advanced26:31
PKI - Basics28:04
PKI - Advanced27:17
Explore advanced PKI concepts, including certificate management, trust, code signing, and digital signatures, and learn how hashing, private keys, non repudiation, and OCSP/CRL secure TLS-based web communications.
Hashing & Symmetric Algorithms27:29
Asymmetric Algorithms & Protocols28:21
Explore asymmetric algorithms and protocols, including public-private key pairs, key exchange (Diffie-Hellman, ECDH), digital signatures (RSA, DSA, ECDSA), TLS cipher suites, S/MIME, IPsec, SSH, and EAP variants.
Troubleshoot Cryptography - Keys13:26
Security Engineering & Cryptography - Key Points12:23
Explore security engineering and cryptography essentials, including PKI, digital certificates, and cipher suites. Examine mobile device management, DNS security, encryption, access controls, patching, and cloud and industrial control systems considerations.
Troubleshoot Cryptography - Misconfigurations17:37

Risk Assessment26:50
Risk Handling Techniques17:51
Learn four risk handling techniques: avoid, accept, transfer, and mitigate through a cloud security scenario, with emphasis on due diligence, mutual risk acceptance, and a shared responsibility model.
Risk Types15:46
Risk Management Life Cycle20:57
Risk Tracking25:20
Policies and Security Practices23:55
Shared Responsibility Model - Cloud15:41
Performing Vendor Assessments19:42
Technical Considerations15:33
Data Considerations25:41
Regulations Accreditations & Standards28:14
Legal Considerations16:48
Contract and Agreement Types14:12
Business Impact Analysis (BIA)25:05
Explore the business continuity plan and its link to disaster recovery, and how the business impact analysis sets priorities and recovery objectives (RTO, RPO, WRT, MAD/MDT) for high availability.
Privacy Impact Assessment10:19
Learn how a privacy impact assessment identifies PII risks, ensures conformance with legal, regulatory and policy requirements, and guides the protection and proactive management of personal data.
Disaster Recovery & Business Continuity Planning15:22
Explore disaster recovery and business continuity by comparing hot, warm, cold, and mobile sites. Assess activation time, data loading, latency, and cloud disaster recovery as a service to balance cost.
Incident Response Plan26:12
Testing Plans16:29
Explore incident response planning and testing through NIST guidance, including SP 800-61 R2 and SP 800-84, with after-action report templates and tabletop exercise guidance.
Governance, Risk & Compliance - Key Points16:16

Requirements

While there are no formal prerequisites for the CASP+ certification exam, candidates should ensure that they have the necessary knowledge and skills to pass the exam by studying and preparing adequately.
The CompTIA CASP+ certification exam is an advanced-level certification that is designed for experienced IT security professionals. CompTIA recommends that candidates have at least 10 years of IT experience, including at least five years of hands-on technical security experience, before attempting the exam.

Description

CompTIA Advanced Security Practitioner (CASP+) is an advanced-level certification that focuses on the technical knowledge and skills required to conceptualize, design, and engineer secure solutions across complex enterprise environments. While there are no formal prerequisites for the CASP+ certification exam, candidates should ensure that they have the necessary knowledge and skills to pass the exam by studying and preparing adequately.

The CompTIA CASP+ certification exam covers the following domains:

1. Risk Management: Analyze risk scenarios and identify the appropriate mitigation strategies.

2. Enterprise Security Architecture: Design and implement secure network and security architectures.

3. Enterprise Security Operations: Implement security policies and procedures to manage security operations.

4. Technical Integration of Enterprise Security: Implement security solutions for enterprise applications, data, and host security.

5. Research, Development, and Collaboration: Perform security research, collaborate with other security professionals, and stay up to date with emerging security technologies and threats.

Upon completion of the CompTIA CASP+ course, candidates should have a solid understanding of these domains and be well-prepared to pass the certification exam. Additionally, they should have the practical skills necessary to design and implement secure solutions across complex enterprise environments, and to manage security operations and mitigate security risks. The certification is ideal for experienced security professionals who want to demonstrate their knowledge and skills in enterprise security architecture, operations, and integration.

"This course qualifies for CompTIA continuing education units (CEUs)."

Available CEUs* for this Course Series : 26

By completing this course series, you can earn up to 26 CEUs.

(*CEUs are entirely dependent on the organization you are applying)

Who this course is for:

IT security professionals
Security architects
Security engineers
Security consultants
Security managers
Enterprise architects
Systems engineers
Network architects
Technical support engineers
IT managers

CompTIA CASP+

What you'll learn

Explore related topics

Course content

Security Architecture19 lectures • 6hr 55min

Security Operations14 lectures • 5hr 47min

Security Engineering and Cryptography21 lectures • 7hr 23min

Governance, Risk, and Compliance19 lectures • 6hr 16min

Requirements

Description

Who this course is for: