CompTIA Advanced Security Practitioner (CASP+) (CAS-004) Cert Prep

سرفصل های دوره

The CASP+ (CompTIA Advanced Security Practitioner+) (CAS-004) certification is a vendor-neutral certification that validates your knowledge and ability to conduct advanced-level cybersecurity skills. This certification tests your ability to implement solutions within cybersecurity policies and frameworks. CASP+ (CAS-004) is an advanced-level cybersecurity certification covering technical skills in security architecture and senior security engineering. The CompTIA Advanced Security Practitioner+ exam focuses on security architecture and engineering, to validate a technical leader's ability to assess cyber readiness and design and implement the proper solutions. In this comprehensive course, expert cybersecurity trainer Jason Dion helps you prepare to earn this certification, covering in depth each topic you will need to understand for the exam.

This course was created by Dion Training Solutions and Jason Dion. We are pleased to host this training in our library.

01 - Introduction

01 - Welcome

02 - About the exam

02 - 1. Securing Networks

01 - Securing networks

02 - Switches

03 - Routers

04 - Wireless and mesh

05 - Firewalls

06 - Proxies

07 - Gateways

08 - IDS and IPS

09 - Network access control

10 - Remote access

11 - Unified communication

12 - Cloud vs. on-premises

13 - DNSSEC

14 - Load balancer

03 - 2. Securing Architectures

01 - Securing architectures

02 - Traffic mirroring

03 - Network sensors

04 - Host sensors

05 - Layer 2 segmentation

06 - Network segmentation

07 - Server segmentation

08 - Zero trust

09 - Merging networks

10 - Software-defined networking

04 - 3. Infrastructure Design

01 - Infrastructure design

02 - Scalability

03 - Resiliency issues

04 - Automation

05 - Performance design

06 - Virtualization

07 - Containerization

05 - 4. Cloud and Virtualization

01 - Cloud and virtualization

02 - Cloud deployment models

03 - Cloud service models

04 - Deployment considerations

05 - Provider limitations

06 - Extending controls

07 - Provisioning and deprovision

08 - Storage models

09 - Virtualization

06 - 5. Software Applications

01 - Software applications

02 - Systems development lifecycle

03 - Software development lifecycle

04 - Development approaches

05 - Software assurance

06 - Baselines and templates

07 - Best practices

08 - Integrating applications

07 - 6. Data Security

01 - Data security

02 - Data lifecycle

03 - Data classification

04 - Labeling and tagging

05 - Deidentification

06 - Data encryption

07 - Data loss prevention (DLP)

08 - DLP detection

09 - Data loss detection

08 - 7. Authentication and Authorization

01 - Authentication and authorization

02 - Access control

03 - Credential management

04 - Password policies

05 - Multifactor authentication

06 - Authentication protocols

07 - Federation

08 - Root of trust

09 - Attestation

10 - Identity proofing

09 - 8. Cryptography

01 - Cryptography

02 - Privacy and confidentiality

03 - Integrity

04 - Compliance and policy

05 - Data states

06 - Cryptographic use cases

07 - PKI use cases

10 - 9. Emerging Technology

01 - Emerging technology

02 - Artificial intelligence and machine learning

03 - Deep learning

04 - Big data

05 - Blockchain distributed consensus

06 - Passwordless authentication

07 - Homomorphic encryption

08 - Virtual and augmented reality

09 - 3D printing

10 - Quantum computing

11 - 10. Threat and Vulnerability Management

01 - Threat and vulnerability management

02 - Threat intelligence

03 - Threat hunting

04 - Intelligence collection

05 - Threat actors

06 - Threat management frameworks

07 - Vulnerability management activities

08 - Security Content Automation Protocol

12 - 11. Vulnerability Assessments

01 - Vulnerability assessments

02 - Penetration test

03 - Pen test steps

04 - Pen test requirements

05 - Code analysis

06 - Protocol analysis

07 - Analysis utilities

13 - 12. Risk Reduction

01 - Risk reduction

02 - Deceptive technologies

03 - Security data analytics

04 - Preventative controls

05 - Application controls

06 - Security automation

07 - Physical security

14 - 13. Analyzing Vulnerabilities

01 - Analyzing vulnerabilities

02 - Race conditions

03 - Buffer overflows

04 - Authentication and references

05 - Ciphers and certificates

06 - Improper headers

07 - Software composition

08 - Vulnerable web applications

15 - 14. Attacking Vulnerabilities

01 - Attacking vulnerabilities

02 - Directory traversals

03 - Cross-Site Scripting (XSS)

04 - Cross-site request forgery (CSRF)

05 - SQL injections

06 - XML injections

07 - Other injection attacks

08 - Authentication bypass

09 - VM attacks

10 - Network Attacks

11 - Social engineering

16 - 15. Indicators of Compromise

01 - Indicators of compromise

02 - Types of IoCs

03 - PCAP files

04 - NetFlow

05 - Logs

06 - IoC notifications

07 - Response to IoCs

17 - 16. Incident Response

01 - Incident response

02 - Triage

03 - Communication plan

04 - Stakeholder management

05 - Incident response process

06 - Playbooks

18 - 17. Digital Forensics

01 - Digital forensics

02 - Forensic process

03 - Chain of custody

04 - Order of volatility

05 - Forensic analysis

19 - 18. Digital Forensic Tools

01 - Digital forensic tools

02 - Forensic workstations

03 - File carving tools

04 - Binary analysis tools

05 - Forensic analysis tools

06 - Imaging tools

07 - Collection tools

20 - 19. Enterprise Mobility

01 - Enterprise mobility

02 - Enterprise mobility management

03 - WPA3

04 - Connectivity options

05 - Security configurations

06 - DNS protection

07 - Deployment options

08 - Reconnaissance concerns

09 - Mobile security

21 - 20. Endpoint Security Controls

01 - Endpoint security controls

02 - Device hardening

03 - Patching

04 - Security settings

05 - Mandatory access controls (MAC)

06 - Secure boot

07 - Hardware encryption

08 - Endpoint protections

09 - Logging and monitoring

10 - Resiliency

22 - 21. Cloud Technologies

01 - Cloud technologies

02 - Business continuity and disaster recovery

03 - Cloud encryption

04 - Serverless computing

05 - Software-defined networking (SDN)

06 - Log collection and analysis

07 - Cloud application security broker

08 - Cloud misconfigurations

23 - 22. Operational Technologies

01 - Operational technologies

02 - Embedded systems

03 - ICS and SCADA

04 - ICS protocols

05 - Industries and sectors

24 - 23. Hashing and Symmetric Algorithms

01 - Hashing and symmetric algorithms

02 - Hashing

03 - Message authentication

04 - Symmetric algorithms

05 - Stream ciphers

06 - Block ciphers

25 - 24. Asymmetric Algorithms

01 - Asymmetric algorithms

02 - Using asymmetric algorithms

03 - SSL, TLS, and cipher suites

04 - SMIME and SSH

05 - EAP

06 - IPSec

07 - Elliptic curve cryptography (ECC)

08 - Forward secrecy

09 - Authenticated encryption with associated data (AEAD)

10 - Key stretching

26 - 25. Public Key Infrastructure

01 - Public key infrastructure

02 - PKI components

03 - Digital certificates

04 - Using digital certificates

05 - Trust models

06 - Certificate management

07 - Certificate validity CRL and OCSP

08 - Protecting web traffic

09 - Troubleshooting certificates

10 - Troubleshooting keys

27 - 26. Data Considerations

01 - Data considerations

02 - Data security

03 - Data classification

04 - Data types

05 - Data retention

06 - Data destruction

07 - Data ownership

08 - Data sovereignty

28 - 27. Risk Management

01 - Risk management

02 - Risk strategies

03 - Risk management lifecycle

04 - Risk types

05 - Risk handling

06 - Risk tracking

07 - Risk assessment

08 - When risk management fails

29 - 28. Policies and Frameworks

01 - Policies and frameworks

02 - Policies

03 - Frameworks

04 - Regulations

05 - Standards

06 - Contracts and agreements

07 - Legal considerations

08 - Integrating industries

30 - 29. Business Continuity

01 - Business continuity

02 - Business continuity plan

03 - Business impact analysis

04 - Privacy impact analysis

05 - Incident response plan

06 - Testing plans

31 - 30. Risk Strategies

01 - Risk strategies

02 - Asset value

03 - Access control

04 - Aggregating risk

05 - Scenario planning

06 - Security controls

07 - Security solutions

08 - Cost of a data breach

32 - 31. Vendor Risk

01 - Vendor risk

02 - Business models

03 - Influences

04 - Organizational changes

05 - Shared responsibility model

06 - Viability and support

07 - Dependencies

08 - Considerations

09 - Supply chain

139,000 تومان

خرید اشتراک افزودن به سبد خرید

خرید دانلودی فوری

در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

تولید کننده: LinkedIn Learning (Lynda)