CompTIA Advanced Security Practitioner (CASP) (Exam CAS-001)

Similar documents
CompTIA Advanced Security Practitioner (CASP) (Exam CAS-002)

CASP CompTIA Advanced Security Practitioner Study Guide: (Exam CAS-001)

CompTIA CASP (Advanced Security Practitioner)

"Charting the Course... Certified Information Systems Auditor (CISA) Course Summary

CompTIA Security+ (Exam SY0-401)

Security+ SY0-501 Study Guide Table of Contents

CCISO Blueprint v1. EC-Council

Software Development & Education Center Security+ Certification

Certified Information Systems Auditor (CISA)

E-guide Getting your CISSP Certification

CND Exam Blueprint v2.0

Course overview. CompTIA Security+ Certification (Exam SY0-501) Study Guide (G635eng v107)

CompTIA Exam CAS-002 CompTIA Advanced Security Practitioner (CASP) Version: 6.0 [ Total Questions: 532 ]

Business continuity management and cyber resiliency

EC-Council Certified Network Defender (CND) Duration: 5 Days Method: Instructor-Led

Cybersecurity Auditing in an Unsecure World

Course Outline. Pearson: CompTIA Advanced Security Practitioner (Course & Lab)

CompTIA Security+ Study Guide (SY0-501)

The Common Controls Framework BY ADOBE

CompTIA CSA+ Cybersecurity Analyst

Syllabus: The syllabus is broadly structured as follows:

CompTIA Cybersecurity Analyst+

Hacker Academy Ltd COURSES CATALOGUE. Hacker Academy Ltd. LONDON UK

Disaster Recovery and Business Continuity Planning (Mile2)

CISA Training.

IT SECURITY RISK ANALYSIS FOR MEANINGFUL USE STAGE I

Certification Exam Outline Effective Date: April 2018

ISSMP is in compliance with the stringent requirements of ANSI/ISO/IEC Standard

2017 Annual Meeting of Members and Board of Directors Meeting

locuz.com SOC Services

SECURITY & PRIVACY DOCUMENTATION

Unit 3 Cyber security

20413B: Designing and Implementing a Server Infrastructure

Security Issues and Best Practices for Water Facilities

TestOut Network Pro - English 4.1.x COURSE OUTLINE. Modified

COURSE BROCHURE CISA TRAINING

Cybersecurity Risk Mitigation: Protect Your Member Data. Introduction

Certified Cyber Security Specialist

Security Monitoring Engineer / (NY or NC) Director, Information Security. New York, NY or Winston-Salem, NC. Location:

No Country for Old Security Compliance in the Cloud. Joel Sloss, CDSA Board of Directors May 2017

FRONT RUNNER DIPLOMA PROGRAM Version 8.0 INFORMATION SECURITY Detailed Course Curriculum Course Duration: 6 months

Bachelor of Information Technology (Network Security)

Position Description IT Auditor

Ingram Micro Cyber Security Portfolio

CompTIA Mobility+ Certification

No IT Audit Staff? How to Hack an IT Audit. Presenters. Mark Bednarz, Partner-In-Charge, Risk Advisory PKF O Connor Davies, LLP

Required Textbook and Materials. Course Objectives. Course Outline

TSC Business Continuity & Disaster Recovery Session

Cybersecurity Session IIA Conference 2018

TEL2813/IS2820 Security Management

Technology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited

Sample Exam Privacy & Data Protection Foundation

How to Prepare a Response to Cyber Attack for a Multinational Company.

University of Pittsburgh Security Assessment Questionnaire (v1.7)

Certified Information Security Manager (CISM) Course Overview

BraindumpsVCE. Best vce braindumps-exam vce pdf free download

K12 Cybersecurity Roadmap

OVERVIEW OF SUBJECT REQUIREMENTS

Security Incident Management in Microsoft Dynamics 365

Designing and Building a Cybersecurity Program

Online Services Security v2.1

Integrating Cyber Security with Business Continuity Management to Build the Resilient Enterprise

SOC-2 Requirement Solution Brief. EventTracker 8815 Centre Park Drive, Columbia MD SOC-2

NW NATURAL CYBER SECURITY 2016.JUNE.16

CSWAE Certified Secure Web Application Engineer

Canada Life Cyber Security Statement 2018

Certified Secure Web Application Engineer

Changing face of endpoint security

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

Security Management Models And Practices Feb 5, 2008

Objectives of the Security Policy Project for the University of Cyprus

Data Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle

TestOut Network Pro - English 5.0.x COURSE OUTLINE. Modified

COMPUTER AND NETWORK SUPPORT TECHNICIAN PROGRAM

Cloud Computing. Faculty of Information Systems. Duc.NHM. nhmduc.wordpress.com

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Virus Outbreak

ISC2. Exam Questions CISSP. Certified Information Systems Security Professional (CISSP) Version:Demo

Computer Information Systems (CIS) CIS 105 Current Operating Systems/Security CIS 101 Introduction to Computers

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Malware Outbreak

The NIST Cybersecurity Framework

IT Foundations Networking Specialist Certification with Exam

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Data Theft

Course Outline Topic 1: Current State Assessment, Security Operations Centers, and Security Architecture

Advanced IT Risk, Security management and Cybercrime Prevention

Introduction to Business continuity Planning

Financial CISM. Certified Information Security Manager (CISM) Download Full Version :

Stephanie Zierten Associate Counsel Federal Reserve Bank of Boston

Cyber Resilience. Think18. Felicity March IBM Corporation

L E C T U R E N O T E S : C O N T R O L T Y P E S A N D R I S K C A L C U L A T I O N

Information Security in Corporation

Criminal Justice Information Security (CJIS) Guide for ShareBase in the Hyland Cloud

Table of Contents (CISSP 2012 Edition)

Bringing cyber to the Board of Directors & C-level and keeping it there. Dirk Lybaert, Proximus September 9 th 2016

CERT Development EFFECTIVE RESPONSE

Security and Architecture SUZANNE GRAHAM

Cybersecurity for Health Care Providers

Surprisingly Successful: What Really Works in Cyber Defense. John Pescatore, SANS

DFARS Compliance. SLAIT Consulting SECURITY SERVICES. Mike D Arezzo Director of Security Services. SLAITCONSULTING.com

Contingency Planning

Cybersecurity: Considerations for Internal Audit. Gina Gondron Senior Manager Frazier & Deeter Geek Week August 10, 2016

Transcription:

CompTIA Advanced Security Practitioner (CASP) (Exam CAS-001) Course Outline Course Introduction Course Introduction Lesson 01 - The Enterprise Security Architecture Topic A: The Basics of Enterprise Security The Enterprise Enterprise Security Business Goals and Security Common Enterprise Security Principles Enterprise Threat Intelligence What to Protect? Defense in Depth Common Components of an Enterprise Security Solutions Policies, Standards, and Procedures Enterprise Policy Types Topic B: The Enterprise Structure Organizational Structures The Management Team Network Administrator The DBA Programmers Stakeholders Finance Human Resources Physical Security and Facilities Roles Discipline Collaboration Topic C: Enterprise Security Requirements Legal Compliance PII Privacy Requirements Organizational Security Requirements Lesson 01 Review Lesson 02 - The Enterprise Security Technology Topic A: Common Network Security Components and Technologies Common Enterprise Security Components 3m 1h 29m 2h 45m

VoIP Integration IPv6 Migration and Integration VLAN Integration DNS Security Techniques Secure Directory Services NIDS NIPS The NIPS Process ESB The ESB Process DAM Topic B: Communications and Collaboration Security UC Security UC Attacks UC Components Traffic Prioritization (QoS) Security Solutions for Data Flow VoIP Security The VoIP Implementation Process VoIP Implementation Considerations Remote Access Security VPN Solutions External Communications Security Collaboration Platform Security Issues Demo - Least Privilege Common Mobile Devices Enterprise Security Methods for Mobile Devices Topic C: Cryptographic Tools and Techniques Cryptography in the Enterprise Considerations for Cryptography in the Enterprise Demo - File Encryption Cryptographic Methods and Design Basic Approaches to Encryption Transport Encryption Methods Security Implications for Encryption Digital Signature Techniques Advanced PKI Components Code Signing Attestation Entropy PRNG

PFS Confusion and Diffusion Topic D: Advanced Authentication Advanced Authentication Within the Enterprise Certificate-Based Authentication SAML SPML XACML SOAP WSS Lesson 02 Review Lesson 03 - Enterprise Resource Technology Topic A: Enterprise Storage Security Issues Common Enterprise Storage Technologies NAS Security Implications SAN Security Implications vsan Security Implications iscsi Security Implications FCoE Security Implications LUN LUN Masking in the Security Architecture Redundancy Additional Storage Security Implications Topic B: Distributed, Shared, and Virtualized Computing Why Virtualization? Advantages of Virtualization VLANs VMs VDI Terminal Services Virtualization Vulnerabilities Vulnerabilities of Hosting VMs for Multiple Companies Virtual Environment Security Methods Topic C: Cloud Computing and Security Cloud Computing Cloud Computing Service Models Cloud Storage Considerations Security Vulnerabilities of Cloud Computing Secure Use of Cloud Computing Within the Enterprise Lesson 03 Review 1h 2m

Lesson 04 - Security Design and Solutions Topic A: Network Security Design Network Design Types and Techniques Network Design Considerations Data Network Types A Data Network Topology Data Network Topology Types A Network Diagram Data Network Media Types Network Transmission Methodologies Physical Security Building Layout Facilities Management Hardware Attacks Environmental Threats and Vulnerabilities Network Attacks SCADA Secure Infrastructure Design Storage Integration Considerations Topic B: Conduct a Security Assessment Vulnerability Assessment Penetration Testing Hacking Steps Penetration Testing Techniques Fingerprinting Code Review Methods A Social Engineering Test Security Assessment Tools How to Conduct a Security Assessment Topic C: Host Security Host-Based Security Controls Host-Based Firewalls Firewall Rules Demo - Firewalls Trusted OS Endpoint Security Anti-Malware Software Host Hardening Operating System Security Host Hardening Action Steps Asset Management 2h 4m

HIDS HIPS Host Monitoring Lesson 04 Review Lesson 05 - Application Security Design Topic A: Application Security Basics Application Security Design Application Design Considerations Application Security Design Best Practices Application Security Vulnerabilities Vulnerability Testing Methods Application Sandboxing Application Security Frameworks Third-Party Applications The Application Life Cycle Secure Coding Standards Secure Coding Guidelines SOA Topic B: Web Application Security Cookie Security Hijacked Cookies Cookie Poisoning Cookies and XSRF XSRF Security Client Side vs. Server Side Processing Methods State Management State Management Vulnerabilities Client-Side Scripting Languages Common Application Based Security Threats and Controls Lesson 05 Review Lesson 06 - Managing Risk, Security Policies, and Security Procedures Topic A: Analyze Security Risk Risk Exposure ERM Risk Management Strategies Common Business Models and Strategies Business Model Types Internal and External Considerations De-perimeterization 51m 1h 22m

Risk Analysis Methods How to Analyze Security Risk Topic B: Implement Risk Mitigation Strategies and Controls Risk Scoring Risk Likelihood and Impact Risk Determination Elements of Risk Determination Risk Response Techniques Mitigation Strategies A Sample ESA Framework Continuous Monitoring How to Implement Risk Mitigation Strategies and Controls Topic C: Implement Enterprise-Level Security Policies and Procedures Security Policy Development Principles Security Policy Development Methods Security Procedures Security Procedure Development Methods Common Business Documents Common Security Policy Components Security Policy Collaboration Security Policy Collaboration Partners How to Implement Enterprise-Level Security Policies and Procedures Topic D: Prepare for Incident Response and Recovery Incident and Emergency Response The Emergency Response Team A Security Incident Data Breach Data Breach Types The Data Breach Response Process The E-Discovery Process E-Discovery Policies E-Discovery Components and Techniques SIEM Computer Forensics Incident Response System Design Considerations Incident Response Components How to Prepare for Incident Response and Recovery Lesson 06 Review Lesson 07 - Enterprise Security Integration Topic A: The Technology Life Cycle 44m

Technology Life Cycle Considerations Technology Life Cycle Phases End-to-End Solutions SDLC SDLC Phases SDLC Models SSDLC SRTM Topic B: Inter-Organizational Change Security and Organizational Change Change Management in the Enterprise Security Design Considerations Network Secure Segmentation Network Secure Delegation Product and Service Integration Third-Party Products Topic C: Integrate Enterprise Disciplines to Achieve Secure Solutions Enterprise Security Integration Strategies Security Process and Controls Support Security Process and Control Mechanisms Effective Collaboration Techniques Collaboration Across Disciplines How to Integrate Enterprise Disciplines to Achieve Secure Solutions Lesson 07 Review Lesson 08 - Security Research and Analysis Topic A: Perform an Industry Trends and Impact Analysis Industry Best Practices Demo - Security Research Research Methods Technology Evolution New Technologies, Security Systems, and Services New Security Technology Types Situational Awareness Situational Awareness Considerations Emerging Business Tools Social Media as an Emerging Business Tool Mobile Devices as Emerging Business Tools Emerging Security Issues The Global Impact Analysis Industry Security Requirements for Business Contracts 48m

How to Perform an Industry Trends Impact Analysis Topic B: Perform an Enterprise Security Analysis Benchmarking Network Traffic Analysis Types of Network Traffic Analysis Prototyping and Testing Cost-Benefit Analysis Security Analysis Strategies Security Solution Analysis Lessons Learned Review How to Perform an Enterprise Security Analysis Lesson 08 Review Lesson 09 - Disaster Recovery and Business Continuity Topic A: BCP Fundamentals BCPs BCP Development Phases NIST Contingency Planning Steps NFPA Business Planning Framework Disruptive Events BIA BIA Organizational Goals BIA Process Critical Business Process Vulnerability Assessments MTD RPO RTO RPO/RTO Optimization Topic B: BCP Implementation Program Coordinators Advisory Committee-BCP Team BCP Team Responsibilities BCP Contents Business Plan Evaluations Business Plan Testing Business Plan Maintenance Business Continuity Process Topic C: DRP Fundamentals DRP Disaster Recovery Strategy 54m

Disaster Recovery Priority Levels Disaster Recovery Response Approaches Backup Strategies Data Restoration Strategies Alternate Sites Topic D: DRP Implementation Recovery Team Salvage Team Disaster Recovery Evaluation and Maintenance Disaster Recovery Testing Disaster Recovery Process Lesson 09 Review Lesson 10 - Managing Risk in Projects Topic A: Create a Risk Management Plan Risk Project Buffer Classification of Risks Business Risk vs. Insurable Risk Risk Tolerance Probability Scale Impact Scale RBS Risk Management The Risk Management Plan Components of a Risk Management Plan How to Create a Risk Management Plan Topic B: Identify Risks and Their Causes Triggers Information Gathering Techniques Documentation Reviews SWOT Analysis Risk Analysis Risk Register Components of a Risk Register Risk Categories How to Identify Risks and Their Causes Topic C: Analyze Risks Qualitative Risk Analysis Quantitative Risk Analysis Risk Probability and Impact Assessment 54m

The Probability and Impact Risk Rating Matrix The Ongoing Risk Assessment Process Project Risk Ranking Data Collection and Representation Techniques Basics of Probability Probability Distribution Quantitative Analysis Methods Qualitative Analysis Methods Risk Data Quality Assessment Risk Urgency Assessment Simulation Monte Carlo Analysis How to Analyze Risks Topic D: Develop a Risk Response Plan Negative Risks Negative Risk Strategies Positive Risks Positive Risk Strategies Contingency Plan The BCP DRP Contingency Reserve Risk-Related Contract Decisions How to Develop a Risk Response Plan Lesson 10 Review Lesson 11 - Legal Issues Topic A: Computer Crime Laws and Regulations Common Law Statutory Law Types of Statutory Offenses Administrative Law Intellectual Property Law Information Privacy Law Computer Crime Law Compliance Liability Internal and External Audits Governmental Oversight Resources Topic B: Computer Crime Incident Response Computer Crime 35m

The Computer Criminal Incident Response Process The Evidence Life Cycle Evidence Collection Techniques Evidence Types Chain of Evidence Rules of Evidence Surveillance Techniques Search and Seizure Computer Forensics Lesson 11 Review Lesson 12 - Judgment and Decision-Making Topic A: Develop Critical Thinking Skills Intellectual Autonomy Humility Objectivity Focus on the Argument Clarity Defining Your Argument Intellectual Honesty Logical Fallacies Assessing Arguments Logically How to Employ Critical Thinking Skills Topic B: Determine the Root of a Problem Obstacles to Analysis Occam's Razor Techniques for Applying Occam's Razor Theme Analysis The Four Guidelines Technique How to Determine the Root of a Problem Topic C: Use Judgment to Make Sound Decisions Analyzing Problems Analytical vs. Creative Thinking Barriers to Creative Thinking Brainstorming Rules of Brainstorming Evaluating Brainstorming Ideas A Fishbone Diagram A Pareto Chart A Histogram A Cost-Benefit Analysis 40m

Phases in Cost-Benefit Analysis A Prioritization Matrix A Trade-Off Method A Decision Tree An Ease and Effect Matrix A PMI Analysis Table How to Use Judgment to Make Sound Decisions Lesson 12 Review Course Closure Total Duration: 14h 11m

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback