CompTIA Advanced Security Practitioner (CASP+)

CompTIA Advanced Security Practitioner (CASP+) is the ideal certification for technical professionals who wish to remain immersed in technology as opposed to strictly managing.

CASP+ is the only hands-on, performance-based certification for practitioners - not managers - at the advanced skill level of cybersecurity. While cybersecurity managers help identify what cybersecurity policies and frameworks could be implemented, CASP+ certified professionals figure out how to implement solutions within those policies and frameworks.

The CompTIA Advanced Security Practitioner certification validates advanced-level competency in risk management, enterprise security operations and architecture, research and collaboration, and integration of enterprise security.

Successful candidates will have the knowledge required to:

• Enterprise Security domain expanded to include operations and architecture concepts, techniques, and requirements
• More emphasis on analyzing risk through interpreting trend data and anticipating cyber defense needs to meet business goals
• Expanding security control topics to include Mobile and small form factor devices, as well as software vulnerability
• Broader coverage of integrating cloud and virtualization technologies into a secure enterprise architecture
• Inclusion of implementing cryptographic techniques, such as Blockchain-Cryptocurrency and Mobile device encryption

You will learn how to;

• Leverage collaboration tools and technology to support enterprise security
• Use research and analysis to secure the enterprise
• Integrate advanced authentication and authorization techniques
• Implement cryptographic techniques
• Implement security controls for hosts
• Implement security controls for mobile devices
• Implement network security
• Implement security in the systems and software development lifecycle
• Integrate hosts, storage, networks, applications, virtual environments, and cloud technologies in a secure enterprise architecture
• Conduct security assessments
• Respond to and recover from security incidents

While there is no required prerequisite, CASP+ certification is intended to follow Security+ and CySA+ or equivalent.

Module 1: Perform Risk Management Activities

Module 2: Summarizing Governance & Compliance Strategies

Module 3: Implementing Business Continuity & Disaster Recovery

Module 4: Identifying Infrastructure Services

Module 5: Performing Software Integration

Module 6: Explain Virtualization, Cloud and Emerging Technology

Module 7: Exploring Secure Configurations and System Hardening

Module 8: Understanding Security Considerations of Cloud and Specialized Platforms

Module 9: Implementing Cryptography

Module 10: Implementing Public Key Infrastructure (PKI)

Module 11: Architecting Secure Endpoints

Module 12: Summarizing IIoT & IoT Concepts

LABS

Assisted Lab: Exploring the Lab Environment

Assisted Lab: Using Automation to Identify Sensitive Data

Assisted Lab: Understanding DR Capabilities in the Cloud

Assisted Lab: Implementing a Web Application Firewall

Assisted Lab: Understanding the Role of SPF Records and DNSSEC

Assisted Lab: Using Security Incident and Event Management Features

Assisted Lab: Performing Static Code Analysis

Assisted Lab: Exploiting Web Applications – Stored XSS, SQL Injection

APPLIED LAB: Analyzing Web Application Vulnerabilities

Assisted Lab: Implementing a VNet in Azure

Assisted Lab: Deploying a Virtual Private Cloud in Amazon Web Services

Assisted Lab: Implementing and Updating Containers on Windows Server 2019

APPLIED LAB: Performing Container Update Tasks

Assisted Lab: Understanding DNS over HTTPS (DoH)

Assisted Lab: Deploying a Hardened Server Image in the Cloud

Assisted Lab: Implementing an Application Blocklist Policy

Assisted Lab: Configuring Monitoring in the Cloud

Assisted Lab: Implementing Data Protection using Symmetric Encryption

Assisted Lab: Exploring Cryptography and Cryptanalysis using Visual Tools

Assisted Lab: Implementing HTTP Server Certificates

APPLIED LAB: Troubleshooting HTTP Server Certificates

Assisted Lab: Exploring MITRE ATT&CK Navigator

Assisted Lab: Exploring and Interpreting Intrusion Detection System Alerts

APPLIED LAB: Analyzing Intrusion Detection System Logs

Assisted Lab: Exploiting the Server Message Block Protocol

Assisted Lab: Analyzing SMB Vulnerabilities

Assisted Lab: Analyzing Firmware using Binary Analysis and Hardware Emulation

Assisted Lab: Analyzing and Attack Wireless Network Protections