- Security Architect
- Senior Security Engineer
- SOC Manager
- Security Analyst
CompTIA Advanced Security Practitioner (CASP+) CAS-004 is an advanced-level cybersecurity certification for security architects and senior security engineers charged with leading and improving an enterprise’s cybersecurity readiness.
20 in stock (can be backordered)
Before attending this course, students must have:
Basic understanding of network and cyber security
Understand the concepts covered by the Network+ and Security+ exams
• General understanding of Microsoft Azure and Microsoft 365.
After completing this course, participants will be able to work with:
Expanded coverage to analyze security requirements in hybrid networks to work toward an enterprise-wide, zero trust security architecture with advanced secure cloud and virtualization solutions.
Expanded emphasis on newer techniques addressing advanced threat management, vulnerability management, risk mitigation, incident response tactics, and digital forensics analysis.
Governance, Risk, and Compliance
Expanded to support advanced techniques to prove an organization’s overall cybersecurity resiliency metric and compliance to regulations, such as CMMC, PCI-DSS, SOX, HIPAA, GDPR, FISMA, NIST, and CCPA.
Security Engineering and Cryptography
Expanded to focus on advanced cybersecurity configurations for endpoint security controls, enterprise mobility, cloud/hybrid environments, and enterprise-wide PKI and cryptographic solutions.
Part 1: Security Architecture
Given a scenario, analyze the security requirements and objectives to ensure an appropriate, secure network architecture for a new or existing network.
• Deperimeterization/zero trust
• Merging of networks from various organizations
• Software-defined networking (SDN)
Given a scenario, analyze the organizational requirements to determine the proper infrastructure security design.
• Content delivery network
Given a scenario, integrate software applications securely into an enterprise architecture.
• Baseline and templates
• Software assurance
• Considerations of integrating enterprise applications
• Integrating security into development life cycle
Given a scenario, implement data security techniques for securing enterprise architecture.
• Data loss prevention
• Data loss detection
• Data classification, labeling, and tagging
• Encrypted vs. unencrypted
• Data life cycle
• Data inventory and mapping
• Data integrity management
• Data storage, backup, and recovery
Given a scenario, analyze the security requirements and objectives to provide the appropriate authentication and authorization controls.
• Credential management
• Password policies
• Access control
• Multifactor authentication (MFA)
• One-time password (OTP)
• Hardware root of trust
• Single sign-on (SSO)
• Attestation and identity proofing
Given a set of requirements, implement secure cloud and virtualization solutions
• Virtualization strategies
• Provisioning and deprovisioning
• Metadata and tags
• Deployment models and considerations
• Hosting models
• Service models
• Cloud provider limitations
• Extending appropriate on-premises controls
• Storage models
Explain how cryptography and public key infrastructure (PKI) support security objectives and requirements.
• Privacy and confidentiality requirements
• Integrity requirements
• Compliance and policy requirements
• Common cryptography use cases
• Common PKI use cases
Explain the impact of emerging technologies on enterprise security and privacy.
• Artificial intelligence
• Machine learning
• Quantum computing
• Homomorphic encryption
• Secure multiparty computation
• Distributed consensus
• Big Data
• Virtual/augmented reality
• 3-D printing
• Passwordless authentication
• Nano technology
• Deep learning
• Biometric impersonation
Part 2: Security Operations
Given a scenario, perform threat management activities.
• Intelligence types
• Actor types
• Threat actor properties
• Intelligence collection methods
Given a scenario, analyze indicators of compromise and formulate an appropriate response.
• Indicators of compromise
Given a scenario, perform vulnerability management activities.
• Vulnerability scans
• Security Content Automation Protocol (SCAP)
• Self-assessment vs. third- party vendor assessment
• Patch management
• Information sources
Given a scenario, use the appropriate vulnerability assessment and penetration testing methods and tools.
• Dependency management
Given a scenario, analyze vulnerabilities and recommend risk mitigations.
• Inherently vulnerable system/application
Given a scenario, use processes to reduce risk.
• Proactive and detection
• Security data analytics
• Application control
• Security automation
• Physical security
Given an incident, implement the appropriate response.
• Event classifications
• Triage event
• Preescalation tasks
• Incident response process
• Specific response playbooks/processes
• Communication plan
• Stakeholder management
Explain the importance of forensic concepts.
• Legal vs. internal corporate purposes
• Forensic process
• Integrity preservation
Given a scenario, use forensic analysis tools.
• File carving tools
• Binary analysis tools
• Analysis tools
• Imaging tools
• Hashing utilities
• Live collection vs. post-mortem tools
Part 3: Security Engineering and Cryptography
Given a scenario, apply secure configurations to enterprise mobility.
• Managed configurations
• Deployment scenarios
• Security considerations
Given a scenario, configure and implement endpoint security controls.
• Hardening techniques
• Mandatory access control
• Trustworthy computing
• Compensating controls
Explain security considerations impacting specific sectors and operational technologies.
• ICS/supervisory control and data acquisition (SCADA)
Explain how cloud technology adoption impacts organizational security.
• Automation and orchestration
• Encryption configuration
• Monitoring configurations
• Key ownership and location
• Key life-cycle management
• Backup and recovery methods
• Infrastructure vs. serverless computing
• Application virtualization
• Software-defined networking
• Collaboration tools
• Storage configurations
• Cloud access security broker (CASB)
Given a business requirement, implement the appropriate PKI solution.
• PKI hierarchy
• Certificate types
• Certificate usages/profiles/templates
• Trusted providers
• Trust model
• Configure profiles
• Life-cycle management
• Public and private keys
• Digital signature
• Certificate pinning
• Certificate stapling
• Certificate signing requests (CSRs)
• Online Certificate Status Protocol (OCSP) vs. certificate revocation list (CRL)
• HTTP Strict Transport Security (HSTS)
Given a business requirement, implement the appropriate cryptographic protocols and algorithms.
• Symmetric algorithms
• Asymmetric algorithms
• Elliptic curve cryptography
• Forward secrecy
• Authenticated encryption with associated data
• Key stretching
Given a scenario, troubleshoot issues with cryptographic implementations.
• Implementation and configuration issues
Part 4: Governance, Risk, and Compliance
Given a set of requirements, apply the appropriate risk strategies.
• Risk assessment
• Risk handling techniques
• Risk types
• Risk management life cycle
• Risk tracking
• Risk appetite vs. risk tolerance
• Policies and security practices
Explain the importance of managing and mitigating vendor risk.
• Shared responsibility model (roles/responsibilities)
• Vendor lock-in and vendor lockout
• Vendor viability
• Meeting client requirements
• Support availability
• Geographical considerations
• Supply chain visibility
• Incident reporting requirements
• Source code escrows
• Ongoing vendor assessment tools
• Third-party dependencies
• Technical considerations
Explain compliance frameworks and legal considerations, and their organizational impact.
• Security concerns of integrating diverse industries
• Data considerations
• Geographic considerations
• Third-party attestation of compliance
• Regulations, accreditations, and standards
• Legal considerations
• Contract and agreement types
Explain the importance of business continuity and disaster recovery concepts.
• Business impact analysis
• Privacy impact assessment
• Disaster recovery plan (DRP)/ business continuity plan (BCP)
• Incident response plan
Click on the following link to see the current Course Schedule
Our minimum class-size is 3 for this course.
If there are no scheduled dates for this course, it can be customized to suit the time and skill needs of clients and it can be held online, at a rented location or at your premises.
Click on the following link below to arrange for a custom course: Enquire about a course date
CERTFICATE OF COMPLETION: Participants will receive a certificate of completion at the end of a course. This is not an official certification for the product and/or software. Our courses do indicate the appropriate certification exam(s) that the participant can sit. Data Vision Systems does not provide certification or deliver the certification exams. Participants are responsible for arranging and paying for the certification exams on the appropriate certification body.
CANCELLATION POLICY: There is never a fee for cancelling seven business days before a class for any reason. Data Vision Systems reserves the right to cancel any course due to insufficient registration or other extenuating circumstances. Participants will be advised prior to doing so
There are no reviews yet.