CompTIA CASP+ (CAS-003)
(CAS-003) / ISBN : 978-1-64459-085-0
About This Course
Kick start your prep for the CAS-003 exam with the CompTIA CASP CAS-003 Study Guide. The course has labs that provide a hands-on learning experience in a safe, online environment. The CASP training course provides complete coverage of the CAS-003 exam objectives and includes topics such as risk management, enterprise security architecture, enterprise security operations, technical integration of enterprise security, and research, development, and collaboration.
Skills You’ll Get
The CompTIA CASP certification is a globally recognized widely-trusted vendor-neutral credential. CompTIA CASP CAS-003 is the latest updated version of the CAS-003 exam and it is required for the candidates to earn the CompTIA CASP certification. The certification proves a candidate's expertise and skills in conceptualizing, engineering, integrating, and implementing secure solutions across complex environments to support a resilient enterprise.
Get the support you need. Enroll in our Instructor-Led Course.
Interactive Lessons
12+ Interactive Lessons | 217+ Quizzes | 191+ Flashcards | 192+ Glossary of terms
Gamified TestPrep
90+ Pre Assessment Questions | 2+ Full Length Tests | 90+ Post Assessment Questions | 180+ Practice Test Questions
Hands-On Labs
35+ LiveLab | 35+ Video tutorials | 23+ Minutes
Introduction
- Before You Begin the CompTIA CASP+ Certification Exam
- Who Should Read This Course
- What You Will Learn
- How This Course Is Organized
- How to Use This Course
- Tips for Taking the CASP+ Exam
- The CASP+ (2018 Edition) Exam Objective Map
Cryptographic Tools and Techniques
- The History of Cryptography
- Cryptographic Services
- Symmetric Encryption
- Asymmetric Encryption
- Hybrid Encryption
- Hashing
- Digital Signatures
- Public Key Infrastructure
- Implementation of Cryptographic Solutions
- Cryptographic Attacks
- Exam Essentials
- Summary
Comprehensive Security Solutions
- Advanced Network Design
- TCP/IP
- Secure Communication Solutions
- Secure Facility Solutions
- Secure Network Infrastructure Design
- Summary
- Exam Essentials
Securing Virtualized, Distributed, and Shared Computing
- Enterprise Security
- Cloud Computing
- Virtualization
- Virtual LANs
- Virtual Networking and Security Components
- Enterprise Storage
- Summary
- Exam Essentials
Host Security
- Firewalls and Network Access Control
- Host-Based Firewalls
- Persistent Agent
- Non-Persistent Agent
- Agent-Based Technology
- Agentless-Based Technology
- Trusted Operating Systems
- Endpoint Security Solutions
- Anti-Malware
- Host Hardening
- Asset Management
- Data Exfiltration
- Intrusion Detection and Prevention
- Network Management, Monitoring, and Security Tools
- Summary
- Exam Essentials
Application Security and Penetration Testing
- Application Security Design Considerations
- Specific Application Issues
- Application Sandboxing
- Application Security Frameworks
- Software Assurance
- Development Approaches
- Secure Coding Standards
- Documentation
- Validation and Acceptance Testing
- Application Exploits
- Privilege Escalation
- Improper Storage of Sensitive Data
- Secure Cookie Storage and Transmission
- Context-Aware Management
- Malware Sandboxing
- Pivoting
- Open-Source Intelligence
- Memory Dumping
- Client-Side Processing vs. Server-Side Processing
- Security Assessments and Penetration Testing
- Red, Blue, and White Teaming
- Vulnerability Assessment Areas
- Security Assessment and Penetration Test Tools
- Summary
- Exam Essentials
Risk Management
- Risk Terminology
- Identifying Vulnerabilities
- Operational Risks
- The Risk Assessment Process
- Best Practices for Risk Assessments
- Summary
- Exam Essentials
- Resources
Policies, Procedures, and Incident Response
- A High-Level View of Documentation
- Business Documents Used to Support Security
- Documents and Controls Used for Sensitive Information
- Training and Awareness for Users
- Auditing Requirements and Frequency
- The Incident Response Framework
- Incident and Emergency Response
- Summary
- Exam Essentials
Security Research and Analysis
- Applying Research Methods to Determine Industry Trends and Their Impact on the Enterprise
- Analyze Scenarios to Secure the Enterprise
- Summary
- Exam Essentials
Enterprise Security Integration
- Integrate Enterprise Disciplines to Achieve Secure Solutions
- Integrate Hosts, Storage, Networks, and Applications into a Secure Enterprise Architecture
- Integrate Mobility Management
- Summary
- Exam Essentials
Security Controls for Communication and Collaboration
- Selecting the Appropriate Control to Secure Communications and Collaboration Solutions
- Integrate Advanced Authentication and Authorization Technologies to Support Enterprise Objectives
- Implement Security Activities across the Technology Life Cycle
- Physical Security Tools for Security Assessment
- Summary
- Exam Essentials
Appendix: 3D Avatar-based Simulation
Cryptographic Tools and Techniques
- Using the MD Series Algorithm
- Using the SHA Series Algorithm
- Connecting to an SSH Server
- Using Steganography
- Installing Remote Access Server (RAS)
- Observe an SHA256-Generated Hash Value
- Spoofing MAC Address
Comprehensive Security Solutions
- Using Packet Filtering to Restrict Sites
- Capturing the ICMP Packets with Wireshark
- Attempting a Zone Transfer
- Installing and Configuring AD DS
Securing Virtualized, Distributed, and Shared Computing
- Creating a Virtual Switch
- Installing a Virtual Machine
Host Security
- Creating a Firewall Rule
- Configuring Iptables
- Testing an Antivirus Program
- Using PuTTY
- Running a Security Scanner to Identify Vulnerabilities
- Bypassing Command Shell Restrictions
- Using Netcat for Reverse Shell
Application Security and Penetration Testing
- Attacking a Website using XSS Injection
- Conducting Cross-site Request Forgery (CSRF or XSRF) Attacks
- Using Exiftool
- Using Burpsuite
- Exploiting a Website Using SQL Injection
- Performing ARP Poisoning
- Scanning TCP Ports
- Cracking a Password Using the John the Ripper Tool
Risk Management
- Tracking Vulnerabilities in Software
- Reviewing Security Policy
Policies, Procedures, and Incident Response
- Using Netstat
- Using TCPdump
- Cracking Windows Password using Ophcrack
Security Controls for Communication and Collaboration
- Using the NetBus Application
- Using Social Engineering Toolkit
Why Do Learners Love This Course?
Any questions?Check out the FAQs
Still have unanswered questions and need to get in touch?
Contact Us NowA minimum of ten years of experience in IT administration, including at least five years of hands-on technical security experience.
USD 466
Pricing and taxes may vary from country to country.
Multiple choice and performance-based questions
The exam contains 90 questions.
165 minutes
This test has no scaled score; it’s pass/fail only.
In the event that you fail your first attempt at passing the CASP examination, CompTIA's retake policies are:
- If a Candidate has passed an exam (or multiple exams) and achieved a certification, he/she cannot take the exam again, using the same exam code, without prior consent from CompTIA.
- CompTIA beta examinations may only be taken one time by each candidate.
- A test found to be in violation of the retake policy will be invalidated and the candidate may be subject to a suspension period. Repeat violators will be permanently banned from participation in the CompTIA Certification Program.
- Candidates must pay the exam price each time they attempt the exam. CompTIA does not offer any free re-tests or discounts on retakes.
CompTIA CASP+ certification expires after three years from the date of issue, after which the certification holder will need to renew their certification via CompTIA's Continuing Education Program.