CompTIA CASP Study Guide CAS-003

(AU-CAS-003)
Lessons
Lab
TestPrep
AI Tutor (Add-on)
Get A Free Trial

Skills You’ll Get

1

Introduction

  • Before You Begin the CompTIA CASP+ Certification Exam
  • Who Should Read This Course
  • What You Will Learn
  • How This Course Is Organized
  • How to Use This Course
  • Tips for Taking the CASP+ Exam
  • The CASP+ (2018 Edition) Exam Objective Map
2

Cryptographic Tools and Techniques

  • The History of Cryptography
  • Cryptographic Services
  • Symmetric Encryption
  • Asymmetric Encryption
  • Hybrid Encryption
  • Hashing
  • Digital Signatures
  • Public Key Infrastructure
  • Implementation of Cryptographic Solutions
  • Cryptographic Attacks
  • Exam Essentials
  • Summary
3

Comprehensive Security Solutions

  • Advanced Network Design
  • TCP/IP
  • Secure Communication Solutions
  • Secure Facility Solutions
  • Secure Network Infrastructure Design
  • Summary
  • Exam Essentials
4

Securing Virtualized, Distributed, and Shared Computing

  • Enterprise Security
  • Cloud Computing
  • Virtualization
  • Virtual LANs
  • Virtual Networking and Security Components
  • Enterprise Storage
  • Summary
  • Exam Essentials
5

Host Security

  • Firewalls and Network Access Control
  • Host-Based Firewalls
  • Persistent Agent
  • Non-Persistent Agent
  • Agent-Based Technology
  • Agentless-Based Technology
  • Trusted Operating Systems
  • Endpoint Security Solutions
  • Anti-Malware
  • Host Hardening
  • Asset Management
  • Data Exfiltration
  • Intrusion Detection and Prevention
  • Network Management, Monitoring, and Security Tools
  • Summary
  • Exam Essentials
6

Application Security and Penetration Testing

  • Application Security Design Considerations
  • Specific Application Issues
  • Application Sandboxing
  • Application Security Frameworks
  • Software Assurance
  • Development Approaches
  • Secure Coding Standards
  • Documentation
  • Validation and Acceptance Testing
  • Application Exploits
  • Privilege Escalation
  • Improper Storage of Sensitive Data
  • Secure Cookie Storage and Transmission
  • Context-Aware Management
  • Malware Sandboxing
  • Pivoting
  • Open-Source Intelligence
  • Memory Dumping
  • Client-Side Processing vs. Server-Side Processing
  • Security Assessments and Penetration Testing
  • Red, Blue, and White Teaming
  • Vulnerability Assessment Areas
  • Security Assessment and Penetration Test Tools
  • Summary
  • Exam Essentials
7

Risk Management

  • Risk Terminology
  • Identifying Vulnerabilities
  • Operational Risks
  • The Risk Assessment Process
  • Best Practices for Risk Assessments
  • Summary
  • Exam Essentials
  • Resources
8

Policies, Procedures, and Incident Response

  • A High-Level View of Documentation
  • Business Documents Used to Support Security
  • Documents and Controls Used for Sensitive Information
  • Training and Awareness for Users
  • Auditing Requirements and Frequency
  • The Incident Response Framework
  • Incident and Emergency Response
  • Summary
  • Exam Essentials
9

Security Research and Analysis

  • Applying Research Methods to Determine Industry Trends and Their Impact on the Enterprise
  • Analyze Scenarios to Secure the Enterprise
  • Summary
  • Exam Essentials
10

Enterprise Security Integration

  • Integrate Enterprise Disciplines to Achieve Secure Solutions
  • Integrate Hosts, Storage, Networks, and Applications into a Secure Enterprise Architecture
  • Integrate Mobility Management
  • Summary
  • Exam Essentials
11

Security Controls for Communication and Collaboration

  • Selecting the Appropriate Control to Secure Communications and Collaboration Solutions
  • Integrate Advanced Authentication and Authorization Technologies to Support Enterprise Objectives
  • Implement Security Activities across the Technology Life Cycle
  • Physical Security Tools for Security Assessment
  • Summary
  • Exam Essentials
A

Appendix: 3D Avatar-based Simulation

1

Cryptographic Tools and Techniques

  • Using the MD Series Algorithm
  • Using the SHA Series Algorithm
  • Connecting to an SSH Server
  • Using Steganography
  • Installing Remote Access Server (RAS)
  • Observe an SHA256-Generated Hash Value
  • Spoofing MAC Address
2

Comprehensive Security Solutions

  • Using Packet Filtering to Restrict Sites
  • Capturing the ICMP Packets with Wireshark
  • Attempting a Zone Transfer
  • Installing and Configuring AD DS
3

Securing Virtualized, Distributed, and Shared Computing

  • Creating a Virtual Switch
  • Installing a Virtual Machine
4

Host Security

  • Creating a Firewall Rule
  • Configuring Iptables
  • Testing an Antivirus Program
  • Using PuTTY
  • Running a Security Scanner to Identify Vulnerabilities
  • Bypassing Command Shell Restrictions
  • Using Netcat for Reverse Shell
5

Application Security and Penetration Testing

  • Attacking a Website using XSS Injection
  • Conducting Cross-site Request Forgery (CSRF or XSRF) Attacks
  • Using Exiftool
  • Using Burpsuite
  • Exploiting a Website Using SQL Injection
  • Performing ARP Poisoning
  • Scanning TCP Ports
  • Cracking a Password Using the John the Ripper Tool
6

Risk Management

  • Tracking Vulnerabilities in Software
  • Reviewing Security Policy
7

Policies, Procedures, and Incident Response

  • Using Netstat
  • Using TCPdump
  • Cracking Windows Password using Ophcrack
8

Security Controls for Communication and Collaboration

  • Using the NetBus Application
  • Using Social Engineering Toolkit

CompTIA CASP Study Guide CAS-003

$239.99

Buy Now

Related Courses

All Course
scroll to top