CompTIA

CompTIA CASP+

(DV-SEC395.AE1)
Lessons
Lab
TestPrep
AI Tutor (Add-on)
Instructor-Led (Add-on)
Get A Free Trial

Skills You’ll Get

Get the support you need. Enroll in our Instructor-Led Course.

Download Course Outline

1

Introduction

  • Before You Begin the CompTIA CASP+ Certification Exam
  • Who Should Read This Course
  • What You Will Learn
  • How This Course Is Organized
  • How to Use This Course
  • Tips for Taking the CASP+ Exam
  • CompTIA CASP+ Study Guide Exam Objectives
  • The CASP+ Exam Objective Map
2

Risk Management

  • Risk Terminology
  • The Risk Assessment Process
  • Policies Used to Manage Employees
  • Cost-Benefit Analysis
  • Continuous Monitoring
  • Enterprise Security Architecture Frameworks and Governance
  • Training and Awareness for Users
  • Best Practices for Risk Assessments
  • Business Continuity Planning and Disaster Recovery
  • Reviewing the Effectiveness of Existing Security Controls
  • Conducting Lessons Learned and After-Action Reviews
  • Creation, Collection, and Analysis of Metrics
  • Analyzing Security Solutions to Ensure They Meet Business Needs
  • Testing Plans
  • Internal and External Audits
  • Using Judgment to Solve Difficult Problems
  • Summary
  • Exam Essentials
3

Configure and Implement Endpoint Security Controls

  • Hardening Techniques
  • Trusted Operating Systems
  • Compensating Controls
  • Summary
  • Exam Essentials
4

Security Operations Scenarios

  • Threat Management
  • Actor Types
  • Intelligence Collection Methods
  • Frameworks
  • Indicators of Compromise
  • Response
  • Summary
  • Exam Essentials
5

Security Ops: Vulnerability Assessments and Operational Risk

  • Terminology
  • Vulnerability Management
  • Vulnerabilities
  • Inherently Vulnerable System/Application
  • Proactive Detection
  • Summary
  • Exam Essentials
6

Compliance and Vendor Risk

  • Shared Responsibility in Cloud Computing
  • Security Concerns of Integrating Diverse Industries
  • Regulations, Accreditations, and Standards
  • Contract and Agreement Types
  • Third-Party Attestation of Compliance
  • Legal Considerations
  • Summary
  • Exam Essentials
7

Cryptography and PKI

  • The History of Cryptography
  • Cryptographic Goals and Requirements
  • Supporting Security Requirements
  • Risks with Data
  • Hashing
  • Symmetric Algorithms
  • Asymmetric Encryption
  • Public Key Infrastructure Hierarchy
  • Digital Certificates
  • Implementation of Cryptographic Solutions
  • Recognizing Cryptographic Attacks
  • Troubleshooting Cryptographic Implementations
  • Summary
  • Exam Essentials
8

Incident Response and Forensics

  • The Incident Response Framework
  • Forensic Concepts
  • Forensic Analysis Tools
  • Summary
  • Exam Essentials
9

Security Architecture

  • Security Requirements and Objectives for a Secure Network Architecture
  • Organizational Requirements for Infrastructure Security Design
  • Integrating Applications Securely into an Enterprise Architecture
  • Data Security Techniques for Securing Enterprise Architecture
  • Security Requirements and Objectives for Authentication and Authorization Controls
  • Summary
  • Exam Essentials
10

Secure Cloud and Virtualization

  • Implement Secure Cloud and Virtualization Solutions
  • How Cloud Technology Adoption Impacts Organization Security
  • Summary
  • Exam Essentials
11

Mobility and Emerging Technologies

  • Emerging Technologies and Their Impact on Enterprise Security and Privacy
  • Secure Enterprise Mobility Configurations
  • Security Considerations for Technologies, Protocols, and Sectors
  • Summary
  • Exam Essentials

1

Configure and Implement Endpoint Security Controls

  • Running a Security Scanner to Identify Vulnerabilities
  • Bypassing Command Shell Restrictions
2

Security Operations Scenarios

  • Using the Social Engineering Toolkit
  • Using WinDump
  • Configuring a Standard ACL
3

Security Ops: Vulnerability Assessments and Operational Risk

  • Using Burpsuite
  • Simulating a DoS Attack
  • Tracking Vulnerabilities in Software
  • Performing Passive Reconnaissance
  • Cracking Passwords using Pwdump7 and Cain and Abel
  • Conducting Vulnerability Scanning Using Nessus
  • Performing Nmap Port Scanning
  • Cracking a Password Using the John the Ripper Tool
  • Using PuTTY
  • Exploiting a Website using SQL Injection
  • Conducting Cross-Site Request Forgery Attacks
  • Attacking a Website using XSS Injection
4

Cryptography and PKI

  • Observing an MD5-Generated Hash Value
  • Using the SHA Series Algorithm
5

Incident Response and Forensics

  • Using Steganography
  • Observing an SHA256-Generated Hash Value
  • Using TCPdump
  • Using Netstat
  • Using ExifTool
6

Security Architecture

  • Configuring Iptables
  • Testing an Antivirus Program
  • Creating a Firewall Rule
  • Attempting a Zone Transfer
  • Installing and Configuring AD DS
7

Secure Cloud and Virtualization

  • Installing a Virtual Machine
  • Capturing Packets using Wireshark

Related Courses

All Courses