CompTIA Advanced Security Practitioner Online Course

CompTIA Advanced Security Practitioner Online Courses in Namibia

 

2KO Africa, based in Windhoek, offers you the most effective way to earn your CompTIA Advanced Security Practitioner certification, online. CompTIA has released a new Certification course called CASP - CompTIA Advanced Security Practitioner. This is a vendor-neutral certification that validates IT professionals with advanced-level security skills and knowledge. This certification course covers the technical knowledge and skills required to conceptualize, design, and engineer secure solutions across complex enterprise environments. It involves applying critical thinking and judgment across a broad spectrum of security disciplines to propose and implement solutions that map to enterprise drivers, while managing risk.

 

As a prerequisite, CompTIA Security+ or equivalent knowledge and technical, hands-on experience on an enterprise level is recommended. This CASP training course follows the CompTIA authorized objectives, ensuring you receive the training and knowledge needed to succeed. 2KO's online courses are also available as full-time instructor led courses in Windhoek, giving our students hands on skills to help prepare for International IT certification exams. 2KO Africa offers IT consulting, technical IT services and top-of-the-range IT training on multiple platforms. Our best-of-breed computer courses are presented as instructor led classes or as online internet-based elearning. from the comfort of home or work.

 

Overview
 CompTIA Advanced Security Practitioner (CASP+) is the ideal certification for technical professionals who wish to remain immersed in technology as opposed to strictly managing resources. CASP+ is the only hands-on, performance-based certification for practitioners - not managers - at the advanced skill level of cybersecurity. While cybersecurity managers help identify what cybersecurity policies and frameworks could be implemented, CASP-certified professionals figure out how to implement solutions within those policies and frameworks. The CASP+ certification validates advanced-level competency in risk management; enterprise security operations and architecture; research and collaboration; and integration of enterprise security.

 Objectives
Implement cryptographic techniques.
Implement security controls for mobile devices.
Use research and analysis to secure the enterprise.
Integrate advanced authentication and authorization techniques.
Support IT governance in the enterprise with an emphasis on managing risk.
Implement security controls for hosts.
Leverage collaboration tools and technology to support enterprise security.
Implement network security.
Implement security in the systems and software development lifecycle.
Integrate hosts, storage, networks, applications, virtual environments, and cloud technologies in secure enterprise architecture.
Respond to and recover from security incidents.
Conduct security assessments.

 Prerequisites
To be fit for this advanced course, you should have at least a foundational knowledge of information security. This includes, but is not limited to:
Knowledge of computer networking concepts and implementations, such as the TCP/IP model and configuration of routers and switches.
Knowledge of cryptographic concepts and common implementations, such as Secure Sockets Layer/Transport Layer Security (SSL/TLS) and public key infrastructure (PKI).
Knowledge of identity and access management (IAM) concepts and common implementations, such as authentication factors and directory services.
Knowledge of common security technologies used to safeguard the enterprise, such as anti-malware solutions, firewalls, and VPNs.

Target Audience
 This course is designed for IT professionals who want to acquire the technical knowledge and skills needed to conceptualize, engineer, integrate, and implement secure solutions across complex enterprise environments. The target student should aspire to apply critical thinking and judgment across a broad spectrum of security disciplines to propose and implement sustainable security solutions that map to organizational strategies; translate business needs into security requirements; analyze risk impact, and respond to security incidents. This course is also designed for students who are seeking the CompTIA Advanced Security Practitioner (CASP+) certification and who want to prepare for Exam CAS-003. Students seeking CASP+ certification should have at least 10 years of experience in IT management, with at least 5 years of hands-on technical security experience.
 

To buy a course now using Credit Card, click the icon below

 

Course Curriculum
 Supporting It Governance And Risk Management
 Overview
So You Want To Setup A Lab
Begin At The Beginning - Confidentiality
Begin At The Beginning - Availability
Governance And Risk Management: Overview
Overview
So You Want To Setup A Lab
Begin At The Beginning - Confidentiality
Begin At The Beginning - Availability
Governance And Risk Management: Overview
Governance And Risk Management Risk Vocabulary
Governance And Risk Management Risk Management
Governance And Risk Management: Risk Analysis
Assess Risks: What Is A Security Framework
Assess Risks: System Specific Risk Analysis
Assess Risks: Risk Determination
Assess Risks System Specific Risk Analysis
Risk Mitigation: What Is A Aggregate CIA Score
Risk Mitigation: What Are The CVSS And CVE
Risk Mitigation: Risk Responses
Risk Management Documentation: Best Practices
Risk Management Documentation: BCP
Risk Management Documentation: What Is A BIA
Risk Management Documentation: Downtime
Risk Management Documentation: Documents
I.T. Governance And Risk Management - Key Points

 Responding To And Recovering From Incidents
 Assess Risks ESA Framework Assessment Process
Incident Response Facilitators
Incident Response Facilitators Part 2
E-Discovery
Incident Response Review Questions
What Is COOP
Csirts And Common Tools
Evidence Collection And Handling
Types Of Evidence
Five Rules Of Evidence 5 B's
Principles Of Criminalistics
Investigation Process
Forensic Analysis Of Compromised Systems
What Is The Order Of Volatility
Conducting Forensic Analysis With Autopsy
Responding To Incidents - Key Points

 Leveraging Collaboration To Support Security
 Collaboration: GRC And Controls
Collaboration: What Is An SCA
Collaboration: Solutions
Leveraging Collaboration - Key Points
Implementing Security In The Systems And Software Development Lifecycle
What About Clickjacking And Cookie Hijacking
Development Methodologies
What Are The SDLC Phases
Security Requirements Traceability Matrix SRTM
Common Software Development Approaches
Common Software Development Methods
What About Validation And Acceptance Testing
SDLC Review Questions
Secure Vs Insecure Direct Object References
Error Exception Handling Try...Catch Statements
What Is Privilege Escalation
Overflows And Canaries
Races And Exhaustion
What Is SQL Injection
What Is A Cross-Site Scripting XSS Attack
Cross-Site Request Forgery XSRF/CSRF Attack
What Is Security By
Input Validation Fuzzing Application Sandboxing
WS-Security DAM And Software Assurance Tech
Implementing Security In The SDLC - Key Points

Using Research And Analysis To Secure The Enterprise
 Research And Analysis: Industry Trends
Research And Analysis: Artificial Intelligence
Research And Analysis Requirements For Contracts
Analyze Scenarios To Secure The Enterprise
Using Research And Analysis - Key Points

 Integrating Advanced Authentication And Authorization Techniques
 Authentication And Access Control
Authentication Factors And Controls
Authentication Types
Centralized Remote Authentication Services
Deep Dive: RADIUS
Deep Dive: 802.1X
What Is Authorization/Oauth2.0
What Is XACML
Trusts Models And Kerberos
Trust Models And Kerberos Part 2
Directory Services And LDAP
Hands On: Establishing Peer Trusts
Authentication And Authorization Review Questions
Advanced Identity Concepts And Vocabulary
Identity Federation Methods
Advanced Identity Review Questions
Authentication And Authorization: Key Points

 Implementing Cryptographic Techniques
 Encryption
Hashing
Digital Signatures
Blockchain And Bitcoin
Hands On: Configuring A Blockchain
Public Key Infrastructure PKI - Design
Public Key Infrastructure PKI - Concepts
Cryptography Concepts
Stream Vs. Block Ciphers
Implement Cryptography
Implementing Cryptographic Techniques - Key Points

 Implementing Security Controls For Hosts
 Host Concepts And Vocabulary
Product Evaluation Models - TCSEC
Product Evaluation Models - ITSEC
Product Evaluation Models - Common Criteria
What Is A Trusted OS
Types Of Security Models
Bell-Lapadula
Biba
Clark-Wilson And Others
Access Control Concepts
Role-Based Access Control (RBAC)
Other Access Control Models
Endpoint Security
Host Review Questions
Hardening Hosts Concepts And Vocabulary
Peripherals
Full Disk Encryption
Hands-On: Hardening Windows Hosts, Applocker
Virtualization Concepts And Vocabulary
Common VM Vulnerabilities
Boot Loader Concepts And Vocabulary
Hands-On: Creating Securing VM Using Virtualbox
Hands-On: Protecting Boot Loaders
Implementing Security Controls Hosts Key Points

 Security Controls For Mobile Devices
 Mobile Deployment Models
MDM Concepts And Vocabulary
MDM Concepts And Vocabulary Part 2
Storage
Concepts And Vocabulary
Concepts And Vocabulary Part 2
Security Controls For Mobile Devices - Key Points
Concepts And Vocabulary

 Implementing Network Security
What Is A SIEM System
Network Security Concepts And Vocabulary
Hands-On Deploy Network Security Platform Opnsense
Soc, Bass, ICS And SCADA
Network-Enabled Devices Review Questions
Remote Access And Ipv6
Network Authentication
Network Topologies And SDN
Optimizing Resource Placement
Advanced Network Design Review Questions
Network Security Controls Concepts Vocabulary
VLANS And Network Data Flow
DPI And HTTPS Inspection
Network Device Configurations
NAC And Alerting
Hands On: Implementing Network Monitoring Ntopng
Implementing Network Security - Key Points

 Integrating Assets In A Secure Enterprise Architecture
 Integrate Best Practices In Enterprise Security
Technical Deployment Models: What Is A Model
Technical Deployment Models: What Is Cloud
Cloud Security Services In The Enterprise
Secure Design: Vocabulary And Concepts
Secure Design: Vocabulary And Concepts Part 2
Secure Design: Review Questions
Data Security: Owners, Processors And Sovereignty
Data Security: Data Flow Security
Data Security: Data Remanence
Data Security: Provisioning And Deprovisioning
Data Security: Review Questions
Enterprise Applications: What Are They
Enterprise Applications: Directory Svcs, DNS
Enterprise Applications: Directory Svsc, DNS Pt.2
Enterprise Applications: Hands On With DNS Rrs
DNSSEC, Zone Transfers And Tsigs
DNSSEC, Zone Transfers And TSIG Part 2
Integrating Assets - Key Points
DNSSEC, Zone Transfers And TSIG Part 3
Hands On With DNSSEC
Enterprise Applications: Configuration Management

 Conducting Security Assessments
 Security Assessments: Types
Security Assessments: Application Code Review
Going Deeper: Vulnerability Scanning
Going Deeper: Testing Software
Software Testing Types
Software Testing Types Part 2
Logs, Memory And Debugging
Social Engineering
OSINT, Self-Assessments And Teaming
Security Assessments - Review Questions
Vulnerability Scanner (Nikto)
Port Scanner (Zenmap)
Protocol Analyzer (Wireshark)
Network Enumerator (Zenmap)
Password Cracker (John The Ripper)
Using a Fuzzer in Kali Linux
HTTP Interceptor (Burp Suite)
Exploitation Framework (Social-Engineer Toolkit)
Log Analysis In Kali (Grep And Cut)
OpenSCAP
Reverse Engineering (Strace)
Conducting Security Assessments - Key Points

 

Details about this course
Over 23 and a half hours of learning
Includes video, presentations, workbooks, quizzes, flashcards & games
Receive a Certificate of Excellence on successful completion
Presented by highly qualified, industry leading experts
12 Months access (Unless indicated otherwise)