CompTIA Advanced Security Practitioner (CASP)
CAS-003 CompTIA Advanced Security Practitioner (CASP)
CompTIA CASP CAS-003: Business and Industry Influences and Risks
CompTIA CASP CAS-003: Conducting Security Assessments
CompTIA CASP CAS-003: Implementing Incident Response and Recovery
CompTIA CASP CAS-003: Integrating Controls for Mobile and Small Form Factor Devices
CompTIA CASP CAS-003: Integrating Hosts, Storage, and Applications in the Enterprise
CompTIA CASP CAS-003: Integrating Network and Security Components, Concepts, and Architectures
CompTIA CASP CAS-003: Integrating Security Controls for Host Devices
CompTIA CASP CAS-003: Organizational Security and Privacy Policies
CompTIA CASP CAS-003: Risk Metric Scenarios for Enterprise Security
CompTIA CASP CAS-003: Selecting Software Security Controls
Risk Mitigation Strategies and Controls
Mentoring CompTIA Advanced Security Practitioner (CASP)

CompTIA CASP CAS-003: Business and Industry Influences and Risks

Course Number:
cs_casp_a01_it_enus
Lesson Objectives

CompTIA CASP CAS-003: Business and Industry Influences and Risks

  • start the course
  • manage risks of new initiatives
  • describe new or changing business models and strategies
  • define security concerns of diverse industries
  • recognize and apply business and industry policies
  • recognize and apply business and industry policies
  • describe internal influences
  • describe external influences
  • specify the impacts of deperimeterization
  • specify the impacts of deperimeterization
  • describe industry influences and risks

Overview/Description
In this course you will explore various business and industry influences along with their associated security risks. This course maps to section 1.1 of CASP Module 1: Risk Management

Target Audience
The target audience for this course consists of systems/network/application security professionals that are preparing for the CASP Exam. The CASP certification exam is also accredited by ANSI to show compliance with the ISO 17024 standard for individuals who need it. Another audience consists of any IT professional who wants to gain an advanced understanding of how to secure modern enterprises beyond the Security+ or SSCP certifications.

CompTIA CASP CAS-003: Conducting Security Assessments

Course Number:
cs_casp_a09_it_enus
Lesson Objectives

CompTIA CASP CAS-003: Conducting Security Assessments

  • start the course
  • describe security assessment methods
  • describe reconnaissance, fingerprinting, and social engineering
  • describe open-source intelligence
  • describe routing tables, DNS records, and search engines
  • describe security assessment types
  • describe penetration testing and assessments
  • define exercises and audits
  • describe scanners
  • define additional security assessment tools
  • describe types of host tools
  • specify physical security tools
  • describe how to conduct security assessments

Overview/Description
In this course, you'll learn about enterprise security operations and explore numerous methods for conducting effective security assessments.

Target Audience
The target audience for this course includes IT security professionals who have a minimum of ten years of experience in IT administration, including at least five years of hands-on technical security experience. The target audience consists of systems, network, and application security professionals that are preparing for the CASP Exam. The CASP certification exam is also accredited by ANSI to show compliance with the ISO 17024 standard for individuals who need it. Another audience consists of any IT professional who wants to gain an advanced understanding of how to secure modern enterprises beyond the Security+ or SSCP certifications

CompTIA CASP CAS-003: Implementing Incident Response and Recovery

Course Number:
cs_casp_a10_it_enus
Lesson Objectives

CompTIA CASP CAS-003: Implementing Incident Response and Recovery

  • start the course
  • describe e-discovery
  • specify data breach detection, collection, and analytics
  • specify data breach isolation, recovery, and response
  • facilitate incident detection and response
  • describe incident and emergency response
  • describe disaster recovery and order of volatility
  • define incident response support tools
  • specify incident or breach severity
  • describe post-incident response
  • describe incident response and recovery

Overview/Description
In this course, representing the final section of Module 3: Enterprise Security operations, you will implement incident response and recovery procedures in various scenarios.

Target Audience
The CASP certification is designed for IT security professionals who have a minimum of ten years of experience in IT administration, including at least five years of hands-on technical security experience. The target audience for this course consists of systems/network/application security professionals that are preparing for the CASP Exam. The CASP certification exam is also accredited by ANSI to show compliance with the ISO 17024 standard for individuals who need it. Another audience consists of any IT professional who wants to gain an advanced understanding of how to secure modern enterprises beyond the Security+ or SSCP certifications.

CompTIA CASP CAS-003: Integrating Controls for Mobile and Small Form Factor Devices

Course Number:
cs_casp_a07_it_enus
Lesson Objectives

CompTIA CASP CAS-003: Integrating Controls for Mobile and Small Form Factor Devices

  • start the course
  • manage enterprise mobility
  • describe application, content, and data management
  • describe mobility security and privacy issues
  • describe mobility security and privacy concerns
  • describe rooting, jailbreaking, and sideloading
  • describe tokenization and TPM
  • describe tethering, Bluetooth, and gestures
  • describe mobility biometrics
  • list types and characteristics of wearable technology
  • integrate controls for mobile devices

Overview/Description
In this course, you will analyze ways to integrate security controls for mobile and small form factor devices to meet security requirements. You'll also prepare for the CAS-003 exam.

Target Audience
The CASP certification is designed for IT security professionals who have a minimum of ten years of experience in IT administration, including at least five years of hands-on technical security experience. The target audience for this course consists of systems/network/application security professionals that are preparing for the CASP Exam. The CASP certification exam is also accredited by ANSI to show compliance with the ISO 17024 standard for individuals who need it. Another audience consists of any IT professional who wants to gain an advanced understanding of how to secure modern enterprises beyond the Security+ or SSCP certifications

CompTIA CASP CAS-003: Integrating Hosts, Storage, and Applications in the Enterprise

Course Number:
cs_casp_a11_it_enus
Lesson Objectives

CompTIA CASP CAS-003: Integrating Hosts, Storage, and Applications in the Enterprise

  • start the course
  • adapt data flow security
  • describe data flow security standards
  • define interoperability issues
  • specify resilience issues
  • describe data security considerations
  • define resource provisioning and de-provisioning
  • consider merger and acquisition design
  • diagram and segment the logical network
  • describe security issues with application integration
  • describe enterprise integration

Overview/Description
In this course, you will explore how to integrate hosts, storage, networks, and applications into a secure enterprise. You will also prepare for exam CASE-003.

Target Audience
The CASP certification is designed for IT security professionals who have a minimum of ten years of experience in IT administration, including at least five years of hands-on technical security experience. The target audience for this course consists of systems/network/application security professionals that are preparing for the CASP Exam. The CASP certification exam is also accredited by ANSI to show compliance with the ISO 17024 standard for individuals who need it. Another audience consists of any IT professional who wants to gain an advanced understanding of how to secure modern enterprises beyond the Security+ or SSCP certifications.

CompTIA CASP CAS-003: Integrating Network and Security Components, Concepts, and Architectures

Course Number:
cs_casp_a05_it_enus
Lesson Objectives

CompTIA CASP CAS-003: Integrating Network and Security Components, Concepts, and Architectures

  • start the course
  • describe physical and virtual network and security devices including security switches, routers, and firewalls
  • describe physical and virtual network and security devices including WAPs, WLCs, NIDS, NIPS, and NAC
  • define application and protocol-aware technologies
  • design advanced networking
  • design additional advanced networking
  • specify complex solutions for data flow
  • describe secure configuration and software-defined networking
  • compare network management and monitoring tools
  • define advanced device configuration
  • define additional advanced device configuration
  • describe advanced device configurations, port filtering with CEF, and IoT/IoE security
  • describe network and security architectures

Overview/Description
This course is the first of the content from CASP Module 2: Enterprise Security Architecture. The course covers the integration of network and security components, concepts, and architectures and prepares you for exam CAS-003.

Target Audience
The CASP certification is designed for IT security professionals who have a minimum of ten years of experience in IT administration, including at least five years of hands-on technical security experience. The target audience for this course consists of systems/network/application security professionals that are preparing for the CASP Exam. The CASP certification exam is also accredited by ANSI to show compliance with the ISO 17024 standard for individuals who need it. Another audience consists of any IT professional who wants to gain an advanced understanding of how to secure modern enterprises beyond the Security+ or SSCP certifications

CompTIA CASP CAS-003: Integrating Security Controls for Host Devices

Course Number:
cs_casp_a06_it_enus
Lesson Objectives

CompTIA CASP CAS-003: Integrating Security Controls for Host Devices

  • start the course
  • implement trusted operating systems
  • define least functionality
  • describe endpoint security software
  • describe host-based IDS and IPS
  • harden host systems
  • define scripting and replication
  • harden wireless peripherals
  • secure physical host peripherals
  • protect the boot loader programs
  • describe terminal services and application delivery services
  • describe integrating controls for host devices

Overview/Description
This course covers enterprise security architecture, examining integration of security controls for host devices to meet security requirements. It will also prepare you for exam CAS-003.

Target Audience
The CASP certification is designed for IT security professionals who have a minimum of ten years of experience in IT administration, including at least five years of hands-on technical security experience. The target audience for this course consists of systems/network/application security professionals that are preparing for the CASP Exam. The CASP certification exam is also accredited by ANSI to show compliance with the ISO 17024 standard for individuals who need it. Another audience consists of any IT professional who wants to gain an advanced understanding of how to secure modern enterprises beyond the Security+ or SSCP certifications.

CompTIA CASP CAS-003: Organizational Security and Privacy Policies

Course Number:
cs_casp_a02_it_enus
Lesson Objectives

CompTIA CASP CAS-003: Organizational Security and Privacy Policies

  • start the course
  • describe process and policy life cycle management
  • describe process and policy life cycle management
  • work closely with human resources, legal, and executives
  • define common business documentation
  • define common business documentation
  • describe security requirements for contracts
  • specify general principles for sensitive information
  • develop standard policies and procedures
  • develop standard policies and procedures
  • describe security and privacy policies

Overview/Description
In this course, you will learn to compare various critical security and privacy policies and procedures that represent the organizational requirements. You will also prepare for exam CAS-003.

Target Audience
The target audience for this course includes IT security professionals who have a minimum of ten years of experience in IT administration, including at least five years of hands-on technical security experience. The target audience consists of systems, network, and application security professionals that are preparing for the CASP Exam. The CASP certification exam is also accredited by ANSI to show compliance with the ISO 17024 standard for individuals who need it. Another audience consists of any IT professional who wants to gain an advanced understanding of how to secure modern enterprises beyond the Security+ or SSCP certifications

CompTIA CASP CAS-003: Risk Metric Scenarios for Enterprise Security

Course Number:
cs_casp_a04_it_enus
Lesson Objectives

CompTIA CASP CAS-003: Risk Metric Scenarios for Enterprise Security

  • start the course
  • review control effectiveness
  • reverse engineer and deconstruct
  • collect and analyze metrics
  • prototype and test multiple solutions
  • create benchmarks and compare to baselines
  • analyze cyber defense trends
  • analyze solution metrics for business needs
  • analyze solution metrics for business needs
  • use judgment to solve problems
  • describe risk metrics for enterprise security

Overview/Description
In this course, you will focus on the objectives for 1.4 of Module 1: Risk Management, and you'll analyze different risk metric situations for enterprise security. You will also prepare for exam CAS-003.

Target Audience
The target audience for this course includes IT security professionals who have a minimum of ten years of experience in IT administration, including at least five years of hands-on technical security experience. The target audience consists of systems, network, and application security professionals that are preparing for the CASP Exam. The CASP certification exam is also accredited by ANSI to show compliance with the ISO 17024 standard for individuals who need it. Another audience consists of any IT professional who wants to gain an advanced understanding of how to secure modern enterprises beyond the Security+ or SSCP certifications.

CompTIA CASP CAS-003: Selecting Software Security Controls

Course Number:
cs_casp_a08_it_enus
Lesson Objectives

CompTIA CASP CAS-003: Selecting Software Security Controls

  • start the course
  • describe application security design considerations
  • define specific application attacks
  • describe application vulnerabilities and issues
  • define additional application security concerns
  • describe application data issues
  • define sandboxing and enclaves
  • compare client-side processing to server-side processing
  • compare server-side processing to client-side processing
  • describe OS and firmware vulnerabilities
  • select software security controls

Overview/Description
In this course, you will choose the appropriate security controls in various application vulnerability scenarios. You'll also prepare for the CAS-003 exam.

Target Audience
The CASP certification is designed for IT security professionals who have a minimum of ten years of experience in IT administration, including at least five years of hands-on technical security experience. The target audience for this course consists of systems/network/application security professionals that are preparing for the CASP Exam. The CASP certification exam is also accredited by ANSI to show compliance with the ISO 17024 standard for individuals who need it. Another audience consists of any IT professional who wants to gain an advanced understanding of how to secure modern enterprises beyond the Security+ or SSCP certifications

Mentoring CompTIA Advanced Security Practitioner (CASP)

Lesson Objectives

Mentoring CompTIA Advanced Security Practitioner (CASP)

  • Risk Management
  • Enterprise Security Architecture
  • Enterprise Security Operations
  • Technical Integration of Enterprise Security
  • Research, Development and Collaboration

Overview/Description
Skillsoft Mentors are available to help students with their studies for the CompTIA Advanced Security Practitioner (CASP) exam. You can reach them by entering a Mentored Chat Room or by using the Email My Mentor service.

Target Audience
Individuals who are studying the associated Skillsoft content in preparation for, or to become familiar with, the skills and competencies being measured by the actual certification exam.

CompTIA CASP CAS-003: Risk Mitigation Strategies and Controls

Course Number:
cs_casp_a03_it_enus
Lesson Objectives

CompTIA CASP CAS-003: Risk Mitigation Strategies and Controls

  • start the course
  • describe confidentiality, integrity, and availability decisions
  • determine minimum required security controls
  • define system-specific worst-case analysis
  • determine risk
  • translate risk into business terms
  • treating risk
  • describe risk management processes
  • define business continuity planning
  • describe IT governance and frameworks
  • specify enterprise resilience and continual improvement
  • describe risk mitigation strategies and controls

Overview/Description
In this course, you will execute risk mitigation strategies and controls in a given scenario. This course maps to objective 1.3 of CASP Module 1: Risk Management.

Target Audience
The CASP certification is designed for IT security professionals who have a minimum of ten years of experience in IT administration, including at least five years of hands-on technical security experience. The target audience for this course consists of systems/network/application security professionals that are preparing for the CASP Exam. The CASP certification exam is also accredited by ANSI to show compliance with the ISO 17024 standard for individuals who need it. Another audience consists of any IT professional who wants to gain an advanced understanding of how to secure modern enterprises beyond the Security+ or SSCP certifications

Close Chat Live