CompTIA Advanced Security Practitioner (CASP+) Training & Certification Course
Overview
CompTIA Advanced Security Practitioner (CASP+) is the ideal certification for technical professionals who wish to remain immersed in technology as opposed to strictly managing.
CASP+ is the only hands-on, performance-based certification for practitioners – not managers – at the advanced skill level of cybersecurity. While cybersecurity managers help identify what cybersecurity policies and frameworks could be implemented, CASP+ certified professionals figure out how to implement solutions within those policies and frameworks.
About the exam
The CASP+ certification validates advanced-level competency in risk management; enterprise security operations and architecture; research and collaboration; and integration of enterprise security. Successful candidates will have the knowledge required to:
- Enterprise Security domain expanded to include operations and architecture concepts, techniques, and requirements
- More emphasis on analyzing risk through interpreting trend data and anticipating cyber-defence needs to meet business goals
- Expanding security control topics to include Mobile and small form factor devices, as well as software vulnerability
- Broader coverage of integrating cloud and virtualization technologies into a secure enterprise architecture
- Inclusion of implementing cryptographic techniques, such as Blockchain- Cryptocurrency and Mobile device encryption
What Skills Will You Learn?
- RISK MANAGEMENT
- ENTERPRISE SECURITY ARCHITECTURE
- ENTERPRISE SECURITY OPERATIONS
- TECHNICAL INTEGRATION OF ENTERPRISE SECURITY
- RESEARCH, DEVELOPMENT & COLLABORATION
Prerequisite
A minimum of ten years of experience in IT administration, including at least five years of hands-on technical security experience.
Recommended Course
Full Description
Module1. Enterprise Security
A. Identifying security concerns in scenarios
- Exploring cryptographic techniques
- Advanced PKI concepts
B. Distinguishing between cryptographic concepts
- Entropy
- Confusion and diffusion
- Chain of trust
C. Securing enterprise storage
- Examining storage types and protocols
- Secure storage management
D. Analyzing network security architectures
- Designing secure networks
- Employing virtual networking solutions
E. Troubleshooting security controls for hosts
- Host security: trusted OS, end-point, host hardening
- Vulnerabilities in co-mingling of hosts
F. Differentiating application vulnerabilities
- Web application security
- Application security concerns
- Mitigating client-side vs. server-side processing
Module 2. Risk Management and Incident Response.
Interpreting business and industry influences and risks
- Analyzing risk scenarios
- Identifying the impact of de-parameterization
A. Executing risk mitigation planning, strategies and control
- Assessing the CIA aggregate scores
- Making risk determination
B. Privacy policies and procedures
- Developing policies to support business objectives
- Safeguarding Personally Identifiable Information (PII)
C. Conduct incident response and recovery procedures
- Constructing a data inventory with e-discovery
- Minimizing the severity of data breaches
Module 3. Research, Analysis and Assessment.
Determining industry trends impact to the enterprise
- Performing ongoing research to support best practices
- Researching security requirement for contracts
A. Appropriate security document usage
- Request for Information (RFI)
- Request for Quote (RFQ)
- Request for Proposal (RFP)
B. Evaluating scenarios to determine how to secure the enterprise
- Conducting cost-benefit and security solution analysis
- Reviewing the effectiveness of existing security controls
C. Conducting an assessment and analyzing the results
- Determining appropriate tools for data gathering
- Identifying methods to perform assessments
Module 4. Integrating Computing, Communications and Business Disciplines.
Collaborating across diverse business units to achieve security goals
- Communicating with stakeholders
- Interpreting security requirements and providing guidance
- Identifying secure communications goals
A. Selecting controls for secure communications
- Utilizing unified collaboration tools
- Mobile devices
- Applying over the air technologies
B. Implementing security across the technology life cycle
- Selecting security controls
- Developing Security Requirements Traceability Matrices
Module 5. Technical Integration of Enterprise Components.
Integrate devices into a secure enterprise architecture
- Securing data following existing security standards
- Applying technical deployment models
- Integrating storage and applications into the enterprise
A. Integrating advanced authentication and authorization technologies
- Implementing certificate-based and SSO authentication
- Applying federation solutions
Fees & Schedule
| Delivery Mode | Course Duration | Fees |
|---|---|---|
| Live Virtual Training | 5 Days | Ask for Quote |
| Onsite Classroom Training | 5 Days | Ask for Quote |
| Customized Training | 5 Days | Ask for Quote |
spiretecsolutions (skype)