In this course, you will focus on enterprise security risk management, policies and procedures, legalities research, and analysis integration of computing. You will also cover communications and business disciplines. You will prepare for the CASP exam with confidence through a combination of hands-on labs and lectures by seasoned security practitioners.

Our CASP Prep Course uses CompTIA Approved Quality Curriculum (CAQC). The CompTIA CAQC symbol assures you that all test objectives are covered in the training material.

What You'll Learn

• Advanced defensive controls such as web application firewalls
• Address threats such as cross-site scripting (XSS) and cross-site request forgery (XSRF)
• Perform advanced port scanning techniques used to avoid detection
• Best practices in intrusion detection system (IDS) design and signature development
• Stop hackers before they access your network

Who Needs to Attend

• IT professionals with a minimum of 10 years of experience in IT administration and at least 5 years of hands-on security in an enterprise environment
• Technical security leads in large, multi-location organizations
• Network security engineer, information systems security engineer, security architect, security consultant, and information systems security officer

Prerequisites

• Security+ Prep Course (SYO-301)

Follow-On Courses

• CISM Prep Course
• CISSP Prep Course

Certification Programs and Certificate Tracks

This course is part of the following programs or tracks:

• CompTIA Advanced Security Practitioner (CASP) Certification

Course Outline

1. Enterprise Security Architecture

• Basics of Enterprise Security
• Enterprise Structure
• Enterprise Security Requirements

2. Enterprise Security Technology

• Common Network Security Components and Technologies
• Communications and Collaboration Security
• Cryptographic Tools and Techniques
• Advanced Authentication

3. Enterprise Resource Technology

• Enterprise Storage Security Issues
• Distributed, Shared, and Virtualized Computing
• Cloud Computing and Security

4. Security Design and Solutions

• Network Security Design
• Conduct a Security Assessment
• Host Security

5. Application Security Design

• Application Security Basics
• Web Application Security

6. Managing Risk, Security Policies, and Security Procedures

• Analyze Security Risk
• Implement Risk Mitigation Strategies and Controls
• Implement Enterprise-Level Security Policies and Procedures
• Prepare for Incident Response and Recovery

7. Enterprise Security Integration

• Technology Lifecycle
• Interorganizational Change
• Integrate Enterprise Disciplines to Achieve Secure Solutions

8. Security Research and Analysis

• Perform an Industry Trends and Impact Analysis
• Perform an Enterprise Security Analysis

Labs

Lab 1: Install and Verify the Lab Environment

Lab 2: Explore and Test the Lab Network

Lab 3: Protocol Analyzers

Lab 4: Capture and Analyze VoIP Traffic

Lab 5: Use Network Diagramming Tools

Lab 6: Intrusion Detection and Prevention

Lab 7: Use MD5 and SHA for Hashing and File Integrity

Lab 8: Identify and Assess Threats to Cloud and Remote Computing

Lab 9: Implement Encryption to Secure Enterprise and Personal Storage

Lab 10: Attack Insecure Networks and Target Vulnerable Applications

Lab 11: Perform Network Vulnerability Scans

Lab 12: Hands-On Penetration Testing (Port Scanning and Fingerprinting)

Lab 13: Hands-On Social Engineering

Lab 14: Identify Root Kits Used to Maintain Access and Cover Tracks

Lab 15: Identify Vulnerable Web Servers

Lab 16: Install and Use a Virtual Browser

Lab 17: Secure Coding and Threat Modeling

Lab 18: Test Application Security with Metasploit

Lab 19: Security Baselines and Configurations

Lab 20: Manage Risk by Configuring Strong Authentication

Lab 21: Basic Forensics

Lab 22: Use Helix for Forensic Analysis

Lab 23: SDLC Code Review

Lab 24: Route and Switch Security

Lab 25: Advanced Network Traffic Analysis

Lab 26: Cost Benefit Analysis