CompTIA Advanced Security Practitioner (CASP+)
CAS-004 CompTIA Advanced Security Practitioner (CASP+)
CompTIA CASP+ (CAS-004): Assessing & Managing Risk
it_cscasp2021_01_enus
CompTIA CASP+ (CAS-004): Authentication & Authorization
it_cscasp2021_06_enus
CompTIA CASP+ (CAS-004): Business Continuity
it_cscasp2021_14_enus
CompTIA CASP+ (CAS-004): Cryptography & PKI
it_cscasp2021_04_enus
CompTIA CASP+ (CAS-004): Digital Forensics
it_cscasp2021_13_enus
CompTIA CASP+ (CAS-004): Emerging Technologies & SecDevOps
it_cscasp2021_10_enus
CompTIA CASP+ (CAS-004): Industrial Computing Environments
it_cscasp2021_09_enus
CompTIA CASP+ (CAS-004): IT Governance & Security Compliance
it_cscasp2021_07_enus
CompTIA CASP+ (CAS-004): Mobile & Embedded Devices
it_cscasp2021_08_enus
CompTIA CASP+ (CAS-004): Monitoring & Incident Response
it_cscasp2021_11_enus
CompTIA CASP+ (CAS-004): Secure Cloud Computing
it_cscasp2021_03_enus
CompTIA CASP+ (CAS-004): Storage & Network Security
it_cscasp2021_05_enus
CompTIA CASP+ (CAS-004): Virtualization Security
it_cscasp2021_02_enus
CompTIA CASP+ (CAS-004): Vulnerabilities & Hardening
it_cscasp2021_12_enus
CompTIA CASP+ (CAS-004): Assessing & Managing Risk
Lesson Objectives
CompTIA CASP+ (CAS-004): Assessing & Managing Risk
- discover the key concepts covered in this course
- recognize factors that influence conducting a risk assessment as part of risk management
- recognize how to apply risk management frameworks
- identify various types of threat actors
- recognize physical risks
- take steps to minimize HR risks
- recognize how deception techniques are used by attackers
- analyze e-mail messages to identify phishing attempts
- perform a quantitative risk analysis
- perform a qualitative risk analysis
- correlate security solutions to security requirements
- describe how IT security must apply to internal networks
- determine how to reduce the risk related to third-party dependency chains
- identify multiple sources of threat intelligence
- summarize the key concepts covered in this course
Overview/Description
Recognizing threats and managing risk are key to hardening an organization's security posture. In this course, you'll explore how to apply risk management frameworks to assess and mitigate risk, as well as how to identify threat actors and physical risks. Next, you'll learn how to mitigate risks related to human resources and social engineering techniques. You'll then move on to examine how to work with qualitative and quantitative risk analysis. Lastly, you'll learn about insider threats, supply chain dependencies, and sources of threat intelligence. This course is one of a collection of courses that prepares learners for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam.
Recognizing threats and managing risk are key to hardening an organization's security posture. In this course, you'll explore how to apply risk management frameworks to assess and mitigate risk, as well as how to identify threat actors and physical risks. Next, you'll learn how to mitigate risks related to human resources and social engineering techniques. You'll then move on to examine how to work with qualitative and quantitative risk analysis. Lastly, you'll learn about insider threats, supply chain dependencies, and sources of threat intelligence. This course is one of a collection of courses that prepares learners for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam.
Target
Prerequisites: none
CompTIA CASP+ (CAS-004): Authentication & Authorization
Lesson Objectives
CompTIA CASP+ (CAS-004): Authentication & Authorization
- discover the key concepts covered in this course
- differentiate between authentication and authorization
- secure authentication with MFA
- secure authentication with 2FA
- configure RADIUS authentication for a Wi-Fi network
- configure attribute-based ACLs in Windows
- use Group Policy to enable password policy settings
- crack Linux passwords using the Johnny tool
- brute-force RDP using Hydra
- configure role-based access control for cloud admin delegation
- summarize the key concepts covered in this course
Overview/Description
Securing user and device logins, as well as access to IT resources, relates to authentication and authorization. In this course, you'll learn how to differentiate between authentication and authorization and also ow to enable 2FA and MFA user authentication. Next, you'll explore how to enable Wi-Fi RADIUS authentication, configure SELinux, and enable attribute-based control in Windows. Lastly, you'll examine how to use Group Policy to configure password policy settings, crack passwords using freely available tools like the Johnny tool, brute-force RDP using Hydra, and limit cloud admin access using role-based access control. This course is one of a collection of courses that prepares learners for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam.
Securing user and device logins, as well as access to IT resources, relates to authentication and authorization. In this course, you'll learn how to differentiate between authentication and authorization and also ow to enable 2FA and MFA user authentication. Next, you'll explore how to enable Wi-Fi RADIUS authentication, configure SELinux, and enable attribute-based control in Windows. Lastly, you'll examine how to use Group Policy to configure password policy settings, crack passwords using freely available tools like the Johnny tool, brute-force RDP using Hydra, and limit cloud admin access using role-based access control. This course is one of a collection of courses that prepares learners for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam.
Target
Prerequisites: none
CompTIA CASP+ (CAS-004): Business Continuity
Lesson Objectives
CompTIA CASP+ (CAS-004): Business Continuity
- discover the key concepts covered in this course
- plan how to respond to business disruptions
- identify where redundancy can minimize downtime
- recognize how load balancing increases application availability
- configure a cloud-based load balancer
- configure cloud-based backup
- summarize the key concepts covered in this course
Overview/Description
Business continuity measures ensure that business operations continue during disruptions. In this course, you'll learn how to identify common disaster recovery terms and techniques and plan how to respond to business disruptions. Next, you'll learn to identify how to use physical and logical redundancy, clustering and load balancing to increase system and application availability. Lastly, you'll explore cloud-based load balancing and backups including learning how to configure and deploy a Microsoft Azure Load Balancer as well as back up data using Microsoft Azure. This course is one of a collection of courses that prepares learners for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam.
Business continuity measures ensure that business operations continue during disruptions. In this course, you'll learn how to identify common disaster recovery terms and techniques and plan how to respond to business disruptions. Next, you'll learn to identify how to use physical and logical redundancy, clustering and load balancing to increase system and application availability. Lastly, you'll explore cloud-based load balancing and backups including learning how to configure and deploy a Microsoft Azure Load Balancer as well as back up data using Microsoft Azure. This course is one of a collection of courses that prepares learners for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam.
Target
Prerequisites: none
CompTIA CASP+ (CAS-004): Cryptography & PKI
Lesson Objectives
CompTIA CASP+ (CAS-004): Cryptography & PKI
- discover the key concepts covered in this course
- recognize how cryptography addresses security concerns
- differentiate between symmetric and asymmetric encryption
- recognize the purpose of hashing and digital signatures
- recognize how to protect data at rest with cryptography
- enable EFS to protect data at rest
- enable BitLocker to protect data at rest
- identify methods by which cryptography can protect data in transit
- configure network security via IPsec
- recognize the role that PKI plays in security
- identify how PKI certificates are used in security
- create a private Certificate Authority
- configure custom PKI certificate templates
- issue PKI certificates for users and devices
- generate a certificate in an Azure cloud-based key vault
- use common operating system commands to generate file system hashes
- summarize the key concepts covered in this course
Overview/Description
Cryptography has long played a role in securing sensitive information. In this course, you'll begin with an overview of cryptography and how it can secure data at rest and data in motion. You値l then learn how to enable EFS and BitLocker to protect data at rest. You値l explore how to identify methods by which cryptography can protect data in transit and configure network security via IPsec. Finally, you'll examine how PKI uses certificates to secure IT systems through HTTPS, SSH remote management, and generating file system hashes. This course is one of a collection of courses that prepares learners for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam.
Cryptography has long played a role in securing sensitive information. In this course, you'll begin with an overview of cryptography and how it can secure data at rest and data in motion. You値l then learn how to enable EFS and BitLocker to protect data at rest. You値l explore how to identify methods by which cryptography can protect data in transit and configure network security via IPsec. Finally, you'll examine how PKI uses certificates to secure IT systems through HTTPS, SSH remote management, and generating file system hashes. This course is one of a collection of courses that prepares learners for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam.
Target
Prerequisites: none
CompTIA CASP+ (CAS-004): Digital Forensics
Lesson Objectives
CompTIA CASP+ (CAS-004): Digital Forensics
- discover the key concepts covered in this course
- describe the correct process by which digital forensic evidence is acquired and handled
- list common digital forensic tools
- create and hash a Linux disk image
- use FTK imager to acquire a forensic disk image
- retrieve Android device information through Android Debug Bridge (ADB)
- hide messages using steganography
- summarize the key concepts covered in this course
Overview/Description
Gathering digital evidence for use in a court of law is done using very specific techniques. In this course, you'll learn to recognize the process by which hardware and software digital forensic tools are used to acquire and analyze evidence. Next, you'll learn to work with file system hashing and forensic disk image acquisition including creating and hashing a Linux disk image. You値l also explore how to use FTK imager to acquire a forensic disk image. Lastly, you'll explore how to retrieve Android device information using the Android Debug Bridge and hide messages using steganography. This course is one of a collection of courses that prepares learners for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam.
Gathering digital evidence for use in a court of law is done using very specific techniques. In this course, you'll learn to recognize the process by which hardware and software digital forensic tools are used to acquire and analyze evidence. Next, you'll learn to work with file system hashing and forensic disk image acquisition including creating and hashing a Linux disk image. You値l also explore how to use FTK imager to acquire a forensic disk image. Lastly, you'll explore how to retrieve Android device information using the Android Debug Bridge and hide messages using steganography. This course is one of a collection of courses that prepares learners for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam.
Target
Prerequisites: none
CompTIA CASP+ (CAS-004): Emerging Technologies & SecDevOps
Lesson Objectives
CompTIA CASP+ (CAS-004): Emerging Technologies & SecDevOps
- discover the key concepts covered in this course
- provide examples of how artificial intelligence and machine learning are used
- describe security risks associated with 3-D printing, blockchain, and quantum computing
- recognize the principles of a secure software development life cycle
- identify the top 10 web app threats
- use the OWASP ZAP tool to identify web app vulnerabilities
- differentiate between various types of testing
- summarize the key concepts covered in this course
Overview/Description
Emerging technologies present unique security risks in that the technology is not yet mature. Software developers must adhere to secure development practices to minimize threat impacts. In this course, you'll learn how to identify security risks associated with emerging technologies such as machine learning, artificial intelligence, blockchain, quantum computing, and 3-D printing. You値l also learn to identify the top 10 web app threats and use the OWASP ZAP tool to identify web app vulnerabilities. Next, you'll explore how to securely develop and deploy software solutions. Lastly, you learn to distinguish between various testing techniques. This course is one of a collection of courses that prepares learners for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam.
Emerging technologies present unique security risks in that the technology is not yet mature. Software developers must adhere to secure development practices to minimize threat impacts. In this course, you'll learn how to identify security risks associated with emerging technologies such as machine learning, artificial intelligence, blockchain, quantum computing, and 3-D printing. You値l also learn to identify the top 10 web app threats and use the OWASP ZAP tool to identify web app vulnerabilities. Next, you'll explore how to securely develop and deploy software solutions. Lastly, you learn to distinguish between various testing techniques. This course is one of a collection of courses that prepares learners for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam.
Target
Prerequisites: none
CompTIA CASP+ (CAS-004): Industrial Computing Environments
Lesson Objectives
CompTIA CASP+ (CAS-004): Industrial Computing Environments
- discover the key concepts covered in this course
- recognize security risks associated with industrial computing environments
- identify common ICS protocols
- recognize how Supervisory Control and Data Acquisition (SCADA) relates to industrial control systems (ICS)
- apply NIST ICS security controls
- compile and start an S7 PLC emulator in Linux
- attack an S7 PLC emulator using Metasploit
- summarize the key concepts covered in this course
Overview/Description
Industrial control systems present a unique security risk when it comes to public services such as power, water, and other industrial processes. In this course, you'll learn how to recognize common industrial network protocols and terminology. Next, you値l learn how Supervisory Control and Data Acquisition relates to industrial control systems. You'll explore NIST ICS security control documentation. Lastly, you'll learn how to configure an S7 PLC emulator and use Metasploit to stop the device. This course is one of a collection of courses that prepares learners for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam.
Industrial control systems present a unique security risk when it comes to public services such as power, water, and other industrial processes. In this course, you'll learn how to recognize common industrial network protocols and terminology. Next, you値l learn how Supervisory Control and Data Acquisition relates to industrial control systems. You'll explore NIST ICS security control documentation. Lastly, you'll learn how to configure an S7 PLC emulator and use Metasploit to stop the device. This course is one of a collection of courses that prepares learners for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam.
Target
Prerequisites: none
CompTIA CASP+ (CAS-004): IT Governance & Security Compliance
Lesson Objectives
CompTIA CASP+ (CAS-004): IT Governance & Security Compliance
- discover the key concepts covered in this course
- identify common data privacy standards
- recognize various types of business agreement documents
- determine what constitutes PII
- use Macie for data discovery and classification
- use Azure Information Protection to enable DLP
- tag cloud resources to facilitate resource management
- recognize various data security techniques such as tokenization and obfuscation
- use software wiping tools to securely remove data
- identify common organizational security policies
- differentiate between data roles
- summarize the key concepts covered in this course
Overview/Description
IT governance involves ensuring that business and regulatory compliance needs are met by IT solutions. In this course, you'll learn to identify common data privacy standards and regulations, as well as various types of business agreements. Next, you'll learn to classify personally identifiable information using various methods including Macie for data discovery and classification. You値l explore how to use Azure Information Protection to enable DLP and tag cloud resources to facilitate resource management. You値l then examine how to securely wipe a storage device and identify common organization security policies. Lastly, you'll learn how to identify data roles and configure cloud data retention. This course is one of a collection of courses that prepares learners for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam.
IT governance involves ensuring that business and regulatory compliance needs are met by IT solutions. In this course, you'll learn to identify common data privacy standards and regulations, as well as various types of business agreements. Next, you'll learn to classify personally identifiable information using various methods including Macie for data discovery and classification. You値l explore how to use Azure Information Protection to enable DLP and tag cloud resources to facilitate resource management. You値l then examine how to securely wipe a storage device and identify common organization security policies. Lastly, you'll learn how to identify data roles and configure cloud data retention. This course is one of a collection of courses that prepares learners for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam.
Target
Prerequisites: none
CompTIA CASP+ (CAS-004): Mobile & Embedded Devices
Lesson Objectives
CompTIA CASP+ (CAS-004): Mobile & Embedded Devices
- discover the key concepts covered in this course
- recognize how mobile devices are used and their related security risks
- recognize how IoT, drone, and embedded devices are used and their related security risks
- query the Shodan web site for vulnerable devices
- apply hardening techniques to an Android smartphone
- register an Android smartphone with a Mobile Device Management (MDM) solution
- manage an Android smartphone with a MDM solution
- summarize the key concepts covered in this course
Overview/Description
Mobile devices have become ubiquitous and as a result deserve the attention of cybersecurity specialists. In this course, you'll explore how mobile, embedded, drones, and IoT devices are used and their related security risks. Next, you'll learn how to search for vulnerable devices using the Shodan web site. Moving on, you'll explore how to secure remote network connectivity with a VPN and examine smartphone hardening techniques. Lastly, you'll learn how to register and manage an Android device using a Mobile Device Management solution. This course is one of a collection of courses that prepares learners for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam.
Mobile devices have become ubiquitous and as a result deserve the attention of cybersecurity specialists. In this course, you'll explore how mobile, embedded, drones, and IoT devices are used and their related security risks. Next, you'll learn how to search for vulnerable devices using the Shodan web site. Moving on, you'll explore how to secure remote network connectivity with a VPN and examine smartphone hardening techniques. Lastly, you'll learn how to register and manage an Android device using a Mobile Device Management solution. This course is one of a collection of courses that prepares learners for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam.
Target
Prerequisites: none
CompTIA CASP+ (CAS-004): Monitoring & Incident Response
Lesson Objectives
CompTIA CASP+ (CAS-004): Monitoring & Incident Response
- discover the key concepts covered in this course
- identify the various levels of IT monitoring
- enable syslog forwarding in Linux
- manage Windows logs using the GUI
- manage cloud-based logging
- differentiate between honeynets, honeypots, and honeyfiles
- describe how IDS and IPS are used to secure a network
- install Snort IDS
- test Snort IDS rules
- recognize reasons for using SIEM and SOAR solutions
- use tcpdump to capture network traffic
- use Wireshark to filter captured network traffic
- use nmap to discover hosts and network services
- use packettotal.com to analyze packets
- summarize the key concepts covered in this course
Overview/Description
Enterprise IT monitoring is crucial in detecting potential security incidents. In this course, you'll explore various monitoring methods for hosts, devices, and networks. Next, you'll learn to configure log forwarding and work with logs through PowerShell. Moving on, you'll learn to recognize when to use honeyfiles, honeypots, and honeynets, as well as SIEM and SOAR solutions. You値l then examine intrusion detection and prevention and how they are used to secure a network. Lastly, you'll explore the use of tools such as Snort, tcpdump, nmap, and Wireshark for analyzing networks and network traffic. This course is one of a collection of courses that prepares learners for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam.
Enterprise IT monitoring is crucial in detecting potential security incidents. In this course, you'll explore various monitoring methods for hosts, devices, and networks. Next, you'll learn to configure log forwarding and work with logs through PowerShell. Moving on, you'll learn to recognize when to use honeyfiles, honeypots, and honeynets, as well as SIEM and SOAR solutions. You値l then examine intrusion detection and prevention and how they are used to secure a network. Lastly, you'll explore the use of tools such as Snort, tcpdump, nmap, and Wireshark for analyzing networks and network traffic. This course is one of a collection of courses that prepares learners for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam.
Target
Prerequisites: none
CompTIA CASP+ (CAS-004): Secure Cloud Computing
Lesson Objectives
CompTIA CASP+ (CAS-004): Secure Cloud Computing
- discover the key concepts covered in this course
- describe the characteristics of cloud computing
- identify common cloud deployment models
- identify common cloud service models
- determine if IT uptime requirements are met by SLAs
- classify standard cloud security mechanisms
- download and view cloud STAR details
- deploy a cloud virtual network
- configure a network security group in Azure
- deploy a Windows virtual machine in Microsoft Azure
- deploy a Linux virtual machine in Microsoft Azure
- peer cloud virtual networks together to facilitate connectivity
- limit outbound network access using Azure Firewall
- route traffic leaving the cloud to a firewall appliance
- configure an Azure Firewall DNAT rule
- enable cloud autoscaling to improve application performance and availability
- create a centralized cloud key vault for secrets storage
- configure various security settings for cloud storage
- summarize the key concepts covered in this course
Overview/Description
Cloud computing is widely used by individuals and enterprises to outsource IT solutions. In this course, you'll begin with learning how to identify cloud deployment and service models. Next, you'll review cloud service level agreements, cloud security solutions, and how to work with cloud VNets. Moving on, you'll learn how to configure cloud autoscaling to increase application availability. You'll also explore now to deploy a cloud-based firewall, configure firewall routing, and enable RDP through cloud firewalls. Lastly, you'll learn how to create a cloud key vault and enable cloud storage security. This course is one of a collection of courses that prepares learners for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam.
Cloud computing is widely used by individuals and enterprises to outsource IT solutions. In this course, you'll begin with learning how to identify cloud deployment and service models. Next, you'll review cloud service level agreements, cloud security solutions, and how to work with cloud VNets. Moving on, you'll learn how to configure cloud autoscaling to increase application availability. You'll also explore now to deploy a cloud-based firewall, configure firewall routing, and enable RDP through cloud firewalls. Lastly, you'll learn how to create a cloud key vault and enable cloud storage security. This course is one of a collection of courses that prepares learners for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam.
Target
Prerequisites: none
CompTIA CASP+ (CAS-004): Storage & Network Security
Lesson Objectives
CompTIA CASP+ (CAS-004): Storage & Network Security
- discover the key concepts covered in this course
- differentiate between RAID levels
- configure software RAID using Windows Server
- configure software RAID using Ubuntu Linux
- identify various types of network storage solutions
- apply hardening techniques to DNS
- identify different types of firewalls
- configure the Azure Firewall
- configure firewall settings on a Windows host
- recognize how VPNs secure remote network traffic
- configure a point-to-site VPN for the Azure cloud
- summarize wired network security concerns
- summarize wireless network security concerns
- use an Azure Bastion host as a jump box for server management
- establish a reverse shell using netcat
- summarize the key concepts covered in this course
Overview/Description
On-premises and cloud-based storage security solutions are very similar in nature. In this course, you'll learn how to determine which RAID disk solution best applies in a given situation, as well as how to secure various network storage solutions and DNS. Next, you'll learn to recognize when to apply firewalls to secure networks and how to configure various firewall solutions. Moving on, you'll explore how to configure a VPN and secure wired and wireless networks. Lastly, you'll examine how to manage servers through a jump box and how attackers enable reverse shells. This course is one of a collection of courses that prepares learners for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam.
On-premises and cloud-based storage security solutions are very similar in nature. In this course, you'll learn how to determine which RAID disk solution best applies in a given situation, as well as how to secure various network storage solutions and DNS. Next, you'll learn to recognize when to apply firewalls to secure networks and how to configure various firewall solutions. Moving on, you'll explore how to configure a VPN and secure wired and wireless networks. Lastly, you'll examine how to manage servers through a jump box and how attackers enable reverse shells. This course is one of a collection of courses that prepares learners for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam.
Target
Prerequisites: none
CompTIA CASP+ (CAS-004): Virtualization Security
Lesson Objectives
CompTIA CASP+ (CAS-004): Virtualization Security
- discover the key concepts covered in this course
- identify various types of virtualization solutions
- distinguish the difference between type 1 and type 2 hypervisors
- harden virtualization environments
- create an on-premises Windows virtual machine
- create an on-premises Linux virtual machine
- enable encryption for a VMware Workstation virtual machine
- recognize how application containers work
- download and run a simple Docker container
- deploy a container registry in the cloud
- deploy an application container in the cloud
- summarize the key concepts covered in this course
Overview/Description
Securing today's enterprise computing environments means understanding how virtualization is used. Organizations must consider how to secure virtualization solutions used both on-premises in and the cloud. In this course, you'll learn to identify various types of virtualization solutions such as network virtualization, operating system virtualization, desktop, and app virtualization. You will then learn to distinguish the difference between type 1 and type 2 hypervisors. Next, you'll focus on virtualization security and how to deploy virtual machines on-premises. Lastly, you'll learn to work with application containers. This course is one of a collection of courses that prepares learners for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam.
Securing today's enterprise computing environments means understanding how virtualization is used. Organizations must consider how to secure virtualization solutions used both on-premises in and the cloud. In this course, you'll learn to identify various types of virtualization solutions such as network virtualization, operating system virtualization, desktop, and app virtualization. You will then learn to distinguish the difference between type 1 and type 2 hypervisors. Next, you'll focus on virtualization security and how to deploy virtual machines on-premises. Lastly, you'll learn to work with application containers. This course is one of a collection of courses that prepares learners for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam.
Target
Prerequisites: none
CompTIA CASP+ (CAS-004): Vulnerabilities & Hardening
Lesson Objectives
CompTIA CASP+ (CAS-004): Vulnerabilities & Hardening
- discover the key concepts covered in this course
- describe the phases attackers execute to compromise a system
- determine when to use network segmentation
- describe how attackers use zombies and botnets
- recognize how common attacks are executed
- list ways to harden various devices
- differentiate between vulnerability scans and penetration tests
- conduct a vulnerability assessment
- navigate through the Metasploit framework
- clone a web site using the Social Engineering Toolkit (SET)
- use the BeEF tool to hack a web browser
- crack WPA2 passphrases using offline methods
- summarize the key concepts covered in this course
Overview/Description
Cybersecurity specialists must be able to identify vulnerabilities and apply security controls to mitigate threats. In this course, you'll learn how to identify the steps attackers take to gain access to resources and examine physical security issues. Next, you'll learn how network segmentation can increase security, how attackers use zombies and botnets, and how common attacks take place. Moving on, you'll explore common hardening techniques, how to scan for vulnerabilities, and how to setup up a WSUS server. Lastly, you'll learn how to use the Metasploit framework and crack WPA2 Wi-Fi passphrases. This course is one of a collection of courses that prepares learners for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam.
Cybersecurity specialists must be able to identify vulnerabilities and apply security controls to mitigate threats. In this course, you'll learn how to identify the steps attackers take to gain access to resources and examine physical security issues. Next, you'll learn how network segmentation can increase security, how attackers use zombies and botnets, and how common attacks take place. Moving on, you'll explore common hardening techniques, how to scan for vulnerabilities, and how to setup up a WSUS server. Lastly, you'll learn how to use the Metasploit framework and crack WPA2 Wi-Fi passphrases. This course is one of a collection of courses that prepares learners for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam.
Target
Prerequisites: none
