Scroll to top button

CAS-002 : Pearson: CompTIA Advanced Security Practitioner (Course & Lab)

pearson-cas-002-complete
Pearson: CompTIA Advanced Security Practitioner (Course & Lab)
ISBN : 978-1-61691-620-6
Gain hands-on expertise in CompTIA Advanced Security Practitioner (CASP) certification exam by Pearson: CompTIA Advanced Security Practitioner course and performance-based lab. Performance-based labs simulate real-world, hardware, software & command line interface environments and can be mapped to any text-book, course & training. The course and lab provide complete coverage of CAS-002 exam. The exam involves an application of critical thinking and judgment across a broad spectrum of security disciplines to propose and implement solutions that map to enterprise drivers while managing risk.

Here's what will you get

The CompTIA Advanced Security Practitioner is a standalone certification from CompTIA with the exam code CAS-001. CASP certification is a vendor-neutral credential designed for advanced-level IT security professionals to conceptualize, design, and engineer secure solutions across complex enterprise environments. This certification validates advanced-level security skills and knowledge internationally.

Lessons
19+
Exercises
9+
Quizzes
170+
Flashcards
647+
Glossary of terms
647+
Pre-assessment Questions
80+
Full Length Tests
1+
Post-Assessment Questions
80+
Performance based lab
73+
Video tutorials
17+
Minutes
16+
Exam FAQs
What is the format of the exam? Multiple choice and performance-based.
How many questions are asked in the exam? The exam contains 90 questions.
What is the duration of the exam? 165 minutes
What is the passing score? Pass/Fail only. No scaled score.
Where can I find more information about this exam? To know more about the pearson-cas-002-complete, click here.
Which certification covers this exam?

Here's what will you learn

  • About the Authors
  • Dedication
  • Acknowledgments
  • About the Reviewers
  • We Want to Hear from You!
  • The Goals of the CASP Certification
  • The Value of the CASP Certification
  • CASP Exam Objectives
  • Steps to Becoming a CASP
  • CompTIA Authorized Materials Use Policy
  • Cryptographic Techniques
  • Cryptographic Concepts
  • Cryptographic Implementations
  • Review All Key Topics
  • Storage Types
  • Storage Protocols
  • Secure Storage Management
  • Review All Key Topics
  • Advanced Network Design (Wired/Wireless)
  • Virtual Networking and Security Components
  • Complex Network Security Solutions for Data Flow
  • Secure Configuration and Baselining of Networking and Security Components
  • Software-Defined Networking
  • Cloud-Managed Networks
  • Network Management and Monitoring Tools
  • Advanced Configuration of Routers, Switches, and Other Network Devices
  • Security Zones
  • Network Access Control
  • Operational and Consumer Network-Enabled Devices
  • Critical Infrastructure/Supervisory Control and ...isition (SCADA)/Industrial Control Systems (ICS)
  • Review All Key Topics
  • Trusted OS
  • Endpoint Security Software
  • Host Hardening
  • Security Advantages and Disadvantages of Virtualizing Servers
  • Cloud-Augmented Security Services
  • Boot Loader Protections
  • Vulnerabilities Associated with Commingling of Hosts with Different Security Requirements
  • Virtual Desktop Infrastructure (VDI)
  • Terminal Services/Application Delivery Services
  • Trusted Platform Module (TPM)
  • Virtual TPM (VTPM)
  • Hardware Security Module (HSM)
  • Review All Key Topics
  • Web Application Security Design Considerations
  • Specific Application Issues
  • Application Sandboxing
  • Application Security Frameworks
  • Secure Coding Standards
  • Software Development Methods
  • Database Activity Monitoring (DAM)
  • Web Application Firewalls (WAF)
  • Client-Side Processing Versus Server-Side Processing
  • Review All Key Topics
  • Risk Management of New Products, New Technologies, and User Behaviors
  • New or Changing Business Models/Strategies
  • Security Concerns of Integrating Diverse Industries
  • Ensuring That Third-Party Providers Have Requisite Levels of Information Security
  • Internal and External Influences
  • Impact of De-perimiterization
  • Review All Key Topics
  • Classify Information Types into Levels of CIA Based on Organization/Industry
  • Incorporate Stakeholder Input into CIA Decisions
  • Implement Technical Controls Based on CIA Requirements and Policies of the Organization
  • Determine the Aggregate CIA Score
  • Extreme Scenario/Worst-Case Scenario Planning
  • Determine Minimum Required Security Controls Based on Aggregate Score
  • Conduct System-Specific Risk Analysis
  • Make Risk Determination
  • Recommend Which Strategy Should be Applied Based on Risk Appetite
  • Risk Management Processes
  • Enterprise Security Architecture Frameworks
  • Continuous Improvement/Monitoring
  • Business Continuity Planning
  • IT Governance
  • Review All Key Topics
  • Policy Development and Updates in Light of New Business, Technology, Risks, and Environment Changes
  • Process/Procedure Development and Updates in Light of Policy, Environment, and Business Changes
  • Support Legal Compliance and Advocacy by Partnering with HR, Legal, Management, and Other Entities
  • Use Common Business Documents to Support Security
  • Use General Privacy Principles for Sensitive Information (PII)
  • Support the Development of Various Policies
  • Review All Key Topics
  • E-Discovery
  • Data Breach
  • Design Systems to Facilitate Incident Response
  • Incident and Emergency Response
  • Review All Key Topics
  • Perform Ongoing Research
  • Situational Awareness
  • Vulnerability Management Systems
  • Advanced Persistent Threats
  • Zero-Day Mitigating Controls and Remediation
  • Emergent Threats and Issues
  • Research Security Implications of New Business Tools
  • Global IA Industry/Community
  • Research Security Requirements for Contracts
  • Review All Key Topics
  • Create Benchmarks and Compare to Baselines
  • Prototype and Test Multiple Solutions
  • Cost/Benefit Analysis
  • Metrics Collection and Analysis
  • Analyze and Interpret Trend Data to Anticipate Cyber Defense Needs
  • Review Effectiveness of Existing Security Controls
  • Reverse Engineer/Deconstruct Existing Solutions
  • Analyze Security Solution Attributes to Ensure They Meet Business Needs
  • Conduct a Lessons-Learned/After-Action Report
  • Use Judgment to Solve Difficult Problems That Do Not Have a Best Solution
  • Review All Key Topics
  • Assessment Tool Types
  • Assessment Methods
  • Review All Key Topics
  • Interpreting Security Requirements and Goals to Communicate with Stakeholders from Other Disciplines
  • Provide Objective Guidance and Impartial Recomme...or Management on Security Processes and Controls
  • Establish Effective Collaboration within Teams to Implement Secure Solutions
  • IT Governance
  • Review All Key Topics
  • Security of Unified Collaboration Tools
  • Remote Access
  • Mobile Device Management
  • Over-the-Air Technologies Concerns
  • Review All Key Topics
  • End-to-End Solution Ownership
  • Systems Development Life Cycle (SDLC)
  • Adapt Solutions to Address Emerging Threats and Security Trends
  • Asset Management (Inventory Control)
  • Review All Key Topics
  • Secure Data Flows to Meet Changing Business Needs
  • Standards
  • Interoperability Issues
  • Technical Deployment Models
  • Logical and Physical Deployment Diagrams of Relevant Devices
  • Secure Infrastructure Design
  • Storage Integration (Security Considerations)
  • Enterprise Application Integration Enablers
  • Review All Key Topics
  • Authentication
  • Authorization
  • Attestation
  • Identity Propagation
  • Federation
  • Advanced Trust Models
  • Review All Key Topics

Hands on Activities (Labs)

  • Understanding cryptographic terms
  • Identifying symmetric algorithms
  • Identifying sequence of sender's process for hybrid encryption
  • Identifying sequence of sender's process for digital signatures
  • Identifying cryptographic attacks
  • Understanding steganography
  • Launching Windows certificates manager
  • Identifying password cracking ways
  • Identifying symmetric and asymmetric encryptions
  • Identifying asymmetric encryption algorithms
  • Identifying public key infrastructure components
  • Identifying encryption types
  • Identifying virtual network components
  • Creating a user password
  • Identifying remote access methods
  • Configuring IPv4 address
  • Using Windows remote access
  • Configuring and testing IPv6 addresses
  • Identifying IPV4 and IPV6 differences
  • Identifying IPv4 classful address ranges
  • Identifying IPv4 header
  • Identifying IPv6 header
  • Identifying IDS components
  • Identifying sequence in which the IDS instructs the TCP to reset connections
  • Working with a host-based IDS
  • Identifying the change management process
  • Using the Windows command-line interface (CLI)
  • Understanding software-defined networking
  • Identifying cloud services model
  • Identifying Intrusion detection key terms
  • Configuring NPS to provide RADIUS authentication
  • Configuring NPS network policy
  • Identifying TCSEC divisions levels
  • Identifying endpoint security solutions
  • Creating a virtual PC machine
  • Identifying hashing algorithms
  • Identifying cloud-augmented security services
  • Identifying tracking vulnerabilities in software
  • Understanding cross-site scripting
  • Identifying XSS vulnerabilities
  • Viewing cookies and temporary files in IE
  • Understanding application sandboxing
  • Identifying secure coding tests
  • Understanding SOAP
  • Identifying attributes of symmetric and asymmetric encryption
  • Identifying quantitative analysis
  • Identifying employee controls uses
  • Identifying security governance plan
  • Identifying information security policy components
  • Identifying information security laws
  • Understanding incident response plan
  • Identifying incident responses models
  • Identifying employee controls
  • Identifying stages of building security controls
  • Identifying data backup types
  • Understanding facets of an investigation
  • Identifying security solution performances
  • Identifying fuzzing tools
  • Identifying the handshake process for CHAP
  • Running a security scanner to identify vulnerabilities
  • Identifying port scanning techniques
  • Cracking encrypted passwords
  • Identifying penetration testing steps
  • Identifying protocols security issues
  • Arranging the VoIP protocols in the protocol stack
  • Identifying 802.11 standards
  • Creating and configuring a network
  • Understanding SDLC activities
  • Identifying biometric systems
  • Creating a remote access VPN connection
  • Identifying drawbacks of Kerberos authentication

Copyright © 2002-2017 uCertify / All Rights Reserved.