CompTIA Advanced Security Practitioner Online Course

CompTIA Advanced Security Practitioner Online Courses in South Africa

2KO Africa, based in Cape Town, offers you the most effective way to earn your CompTIA Advanced Security Practitioner certification, online. CompTIA has released a new Certification course called CASP - CompTIA Advanced Security Practitioner. This is a vendor-neutral certification that validates IT professionals with advanced-level security skills and knowledge. This certification course covers the technical knowledge and skills required to conceptualize, design, and engineer secure solutions across complex enterprise environments. It involves applying critical thinking and judgment across a broad spectrum of security disciplines to propose and implement solutions that map to enterprise drivers, while managing risk.

 

As a prerequisite, CompTIA Security+ or equivalent knowledge and technical, hands-on experience on an enterprise level is recommended. This CASP training course follows the CompTIA authorized objectives, ensuring you receive the training and knowledge needed to succeed. 2KO's online courses are also available as full-time instructor led courses in Cape Town, giving our students hands on skills to help prepare for International IT certification exams. 2KO International Group provides IT & business training courses for learners of all levels, and is also a top-rated, certified supplier of online IT courses from the comfort of home or work.

 

Course Curriculum

 

Module 1 - Business Influences and Associated Security Risks

Risk Management

Business Model Strategies

Integrating Diverse Industries

Third Party Information Security and Providers

Internal and External Influences

Impact of De-Perimeterization

 

Module 2 - Risk Mitigation Planning - Strategies and Controls

CIA Triad

Business Classifications

Information Life Cycle and Steak-Holder Input

Implementing Technical Controls

Determine Aggregate CIA Score

Worst Case Scenario Planning

Calculation Tools and Attacker Motivation

Return Of Investment

Total Cost of Ownership and Risk Strategies

Risk Management Process

Identifying Vulnerabilities and Threats

Security Architecture Frameworks

Business Continuity Planning

IT Governance

Security Policies

 

Module 3 - Security-Privacy Policies and Procedures

Policy Development Updates

Developing Processes and Procedures

Legal Compliance

Security Policy Business Documents

Outage Impact and Estimating Downtime Terms

Sensitive Information-Internal Security Policies

Incident Response Process

Forensic Tasks

Employment and Termination Procedures

Network Auditing

 

Module 4 - Incident Response and Recovery Procedures

E-Discovery and Data Retention Policies

Data Recovery-Storage and Backup Schemes

Data Owner and Data Handling

Disposal Terms and Concepts

Data Breach and Data Analysis

Incident Response Guidelines

Incident and Emergency Response

Media-Software and Network Analysis

Order of Volatility

 

Module 5 - Industry Trends

Performing Ongoing Research

Security Practices

Evolution of Technology

Situational Awareness and Vulnerability Assessments

Researching Security Implications

Global Industry Security Response

Threat Actors

Contract Security Requirements

Contract Documents

 

Module 6 - Securing the Enterprise

Benchmarks and Baselines

Prototyping and Testing Multiple Solutions

Cost/Benefit Analysis

Metrics Collection and Trend Data

Security Controls-Reverse Engineering and Deconstructing

Security Solutions Business Needs

Lesson Learned- After Action Report

 

Module 7 - Assessment Tools and Methods

Port Scanners and Vulnerability Scanners

Protocol Analyzer- Network Enumerator-Password Cracker

Fuzzers and HTTP Interceptors

Exploitation Tools

Passive Reconnaissance Tools

Vulnerability Assessments and Malware Sandboxing

Memory Dumping and Penetration Testing

Reconnaissance and Fingerprinting

Code Review

Social Engineering

 

Module 8 - Social Cryptographic Concepts and Techniques

Cryptographic Benefits and Techniques

Hashing Algorithms

Message Authentication Code

Cryptographic Concepts

Transport Encryption Protocol

Symmetric Algorithms

Asymmetric Algorithms

Hybrid Encryption and Digital Signatures

Public Key Infrastructure

Digital Certificate Classes and Cypher Types

Des Modes

Cryptographic Attacks

Strength vs Performance and Cryptographic Implementations

 

Module 9 - Enterprise Storage

Virtual Storage Types and Challenges

Cloud Storage

Data Warehousing

Data Archiving

Storage Area Networks (SANs) and (VSANs)

Network Attached Storage (NAS)

Storage Protocols and Fiber Channel over Ethernet (FCoE)

Storage Network File Systems

Secure Storage Management Techniques

LUN Masking/Mapping and HBA Allocation

Replication and Encryption Methods

 

Module 10 - Network and Security Components-Concepts-Security Architectures

Remote Access Protocols

IPv6 and Transport Encryption

Network Authentication Methods

802.1x and Mesh Networks

Security Devices

Network Devices

Firewalls

Wireless Controllers

Router Security and Port Numbers

Network Security Solutions

Availability Controls-Terms and Techniques

Advanced Router and Switch Configuration

Data Flow Enforcement of Applications and Networks

Network Device Accessibility and Security

 

Module 11 - Security Controls for Hosts

Trusted Operation Systems

Endpoint Security Software and Data Loss Prevention

Host Based Firewalls

Log Monitoring and Host Hardening

Standard Operating Environment and Group Policy Security

Command Shell Restrictions

Configuring and Managing Interface Security

USB-Bluetooth-Firewire Restrictions and Security

Full Disk Encryption

Virtualization Security

Cloud Security Services

Boot Loader Protections

Virtual Host Vulnerabilities

Virtual Desktop Infrastructure

Terminal Services

Virtual TPM

 

Module 12 - Application Vulnerabilities and Security Controls

Web Application Security Design

Specific Application Issues

Session Management

Input Validation

Web Vulnerabilities and Input Mitigation Issues

Buffer Overflow and other Application Issues

Application Security Framework

Web Service Security and Secure Coding Standards

Software Development Methods

Monitoring Mechanisms and Client-Server Side Processing

Browser Extensions and Other Web Development Techniques

 

Module 13 - Host-Storage-Network and Application Integration

Securing Data Flows

Standards Concepts

Interoperability Issues

In House Commercial and Customized Applications

Cloud and Virtualization Models

Logical and Physical Deployment Diagrams

Secure Infrastructure Design

Storage Integration Security

Enterprise Application Integration Enablers

 

Module 14 - Authentication and Authorization Technologies

Authentication and Identity Management

Password Types-Management and Policies

Authentication Factors

Biometrics

Dual-Multi Factor and Certificate Authentication

Single Sign On Issues

Access Control Models and Open Authorization

Extensible Access Control Markup Language (XACML)

Service Provisioning Markup Language (SPML)

Attestation and Identity Propagation

Federation and Security Assertion Markup Language (SAML)

OpenID-Shibboleth and WAYF

Advanced Trust Models

 

Module 15 - Business Unit Collaboration

Identifying and Communicating Security Requirements

Security Controls Recommendations

Secure Solutions Collaboration

 

Module 16 - Secure Communication and Collaboration

Web-Video Conferencing-Instant Messaging

Desktop Sharing

Presence Guidelines

Email Messaging Protocol

Telephony-VoIP and Social Media

Cloud Based Collaboration

Remote Access and IPsec

Mobile and Personal Device Management

Over Air Technology Concerns

WLAN Concepts-Terms-Standards

WLAN Security and Attacks

 

Module 17 - Security Across the Technology Life Cycle

End to End Solution Ownership

System Development Life Cycle

Security Implications of Software Development Methodologies

Asset Management