Video description
18+ Hours of Video InstructionMore than 18 hours of video instruction to prepare you for the new CASP CAS-003 exam.
Overview
The CompTIA Advanced Security Practitioner (CASP) CAS-003 Complete Video Course is an engaging, self-paced video training solution that provides learners with 18 hours of personal, visual instruction from expert trainer Michael J. Shannon. Through the use of topic-focused instructional videos, you will gain an in-depth understanding of each objective in the CompTIA CASP CAS-300 exam as well as a deeper understanding of advanced security principles.
This title covers every key topic in the exam, including risk management, enterprise security architecture, enterprise security operations, technical integration of enterprise security, research, development, and collaboration. Michael Shannon also includes demos throughout the training so you can see first hand how to approach real-world security problems. This is the perfect training solution to learn all of the advanced security topics that appear on the test and real security knowledge and skills to help you do your work as a security practitioner. Full of live trainer discussions, hands-on demos, lightboard elaborations, and deep-dive discussions, this course covers security in a way that is easy to access and even fun.
In addition to covering every objective in the CompTIA CASP CAS-003 exam this title includes a full practice exam, module quizzes so you can test yourself throughout your training, and hands-on performance-based exercises so you have everything you need.
About the Instructor
Michael J. Shannon began his IT career when he transitioned from recording studio engineer to network technician for a major telecommunications company in the early 1990s. He soon began to focus on security, and was one of the first 10 people to attain the HIPAA Certified Security Specialist. Throughout his 30 years in IT he has worked as an employee, contractor, and consultant for several companies including Platinum Technologies, Fujitsu, IBM, State Farm, MindSharp, and Skillsoft, among others. Mr. Shannon has authored several books, training manuals, published articles, and CBT modules over the years as well. He has attained the CISSP, PCNSE7, CCNP Security, ITIL Intermediate SO and RCV, and Security+ certifications in the security field.
Skill LevelCompTIA requires that anyone taking the CASP exam have 10 years of experience in IT administration, including at least 5 years of hands-on technical security experience.
Learn How To
- Integrate network and security components, concepts, and architectures
- Integrate security controls for host devices
- Integrate controls for mobile and small form factor devices
- Select software security controls
- Conduct security assessments
- Select the proper security assessment tools
- Implement incident response and recovery
- Integrate hosts, storage, and applications in the enterprise
- Integrate cloud and virtualization technologies in the enterprise
- Integrate and troubleshoot advanced AAA technologies
- Implement cryptographic techniques
- Secure communication and collaboration solutions
- Apply research methods for trend and impact analysis
- Implement security activities across the technology lifecycle
- Interact across diverse business units
- IT security professionals who have a minimum of 10 years of experience in IT administration, including at least 5 years of hands-on technical security experience
- Systems/network/application security professionals who are preparing for the CASP exam
- Any IT professional who wants to gain an advanced understanding of how to secure modern enterprises beyond the Security+ or SSCP certifications
Recommended prerequisites: CompTIA Network+, Security+, CSA+, or equivalent experience
Lesson descriptions
Lesson 1, "Business and Industry Influences and Risks," covers risk management of new products, new technologies, and user behaviors as well as risks involved with new or changing business models and strategies.
Lesson 2, "Organizational Security Privacy Policies and Procedures," explores advanced organizational security and privacy policies.
Lesson 3, "Risk Mitigation Strategies and Controls," delves into advanced decisions based on confidentiality, integrity, and availability along with system-specific risk worst-case scenario analysis.
Lesson 4, "Risk Metric Scenarios for Enterprise Security," presents risk metric scenarios for enterprise security.
Lesson 5, "Integrating Network and Security Components, Concepts, and Architectures," reviews physical and virtual network and security devices along with application and protocol-aware technologies.
Lesson 6, "Integrating Security Controls for Host Devices," reviews trusted operating systems and endpoint security software.
Lesson 7, "Integrating Controls for Mobile and Small Form Factor Devices," covers enterprise mobility management, security implications, and privacy concerns of a wide array of mobile and cloud-connected devices, plus a survey of wearable technology.
Lesson 8, "Selecting Software Security Controls," examines application security design considerations along with specific application issues.
Lesson 9, "Conducting Security Assessments," examines a wide number of security assessments and types, including reconnaissance, fingerprinting, white-black-and-gray box testing as well as red and blue team penetration testing.
Lesson 10, "Selecting the Proper Security Assessment Tools," reviews network tool types like various scanners and host tool types, such as file integrity monitoring and log analysis tools along with physical security tools.
Lesson 11, "Implementing Incident Response and Recovery," covers e-discovery and data breaches along with facilitating incident detection and response.
Lesson 12, "Integrating Hosts, Storage, and Applications in the Enterprise," shows the concepts of adapting data flow security to meet changing business needs and different types of standards.
Lesson 13, "Integrating Cloud and Virtualization Technologies in the Enterprise," examines technical deployment models like outsourcing/insourcing/managed services/and partnership.
Lesson 14, "Integrating and Troubleshooting Advanced AAA Technologies," covers the topics of authentication and authorization, attestation, identity proofing and propagation, federations, and trust models.
Lesson 15, "Implementing Cryptographic Techniques," explores advanced cryptographic techniques such as digital signatures, code signing, and perfect forward secrecy.
Lesson 16, "Secure Communication and Collaboration Solutions," covers remote access and unified collaboration tools, unified communication, presence, telephony and VOIP integration, and social media.
Lesson 17, "Applying Research Methods for Trend and Impact Analysis," looks at performing ongoing research, threat intelligence investigation, researching security implications of emerging business tools, and global information assurance industry and communities.
Lesson 18, "Implementing Security Activities Across the Technology Life Cycle," reviews the systems development life cycle and software development life cycle.
Lesson 19, "Interacting Across Diverse Business Units," interprets security requirements and goals to communicate with stakeholders from other disciplines, such as sales staff, HR, and legal.
About Pearson Video Training
Pearson publishes expert-led video tutorials covering a wide selection of technology topics designed to teach you the skills you need to succeed. These professional and personal technology videos feature world-leading author instructors published by your trusted technology brands: Addison-Wesley, Cisco Press, Pearson IT Certification, Prentice Hall, Sams, and Que Topics include IT Certification, Network Security, Cisco Technology, Programming, Web Development, Mobile Development, and more. Learn more about Pearson Video training at http://www.informit.com/video.
Table of contents
- Introduction
- Module 1: Risk Management
- Lesson 1: Business and Industry Influences and Risks
- Lesson 2: Organizational Security Privacy Policies and Procedures
-
Lesson 3: Risk Mitigation Strategies and Controls
- Learning objectives
- 3.1 CIA-based Decisions for the Organization
- 3.2 System-specific Worst-case Analysis
- 3.3 Risk Determination
- 3.4 Translating Risk into Business Terms
- 3.5 Risk Treatment
- 3.6 Risk Management Proces: Overview
- 3.7 Risk Management Process: OCTAVE and ISO/IEC 31000:2009 Methodologies
- 3.8 Risk Management Process: Key Terminology
- 3.9 Business Continuity Planning
- 3.10 IT Governance and Frameworks
- 3.11 Enterprise Resilience and Continual Improvement
-
Lesson 4: Risk Metric Scenarios for Enterprise Security
- Learning objectives
- 4.1 Reviewing Control Effectiveness
- 4.2 Reverse Engineering and Deconstruction
- 4.3 Collecting and Analyzing Metrics
- 4.4 Prototypes, Benchmarks, and Baselines
- 4.5 Analyzing Cyber Defense Trends
- 4.6 Analyzing Solution Metrics for Business Needs
- 4.7 Analyzing Solution Metrics for Business Needs: Cisco and Palo Alto Solutions
- Module 2: Enterprise Security Architecture
-
Lesson 5: Integrating Network and Security Components, Concepts, and Architectures
- Learning objectives
- 5.1 Physical and Virtual Network and Security Devices: Switches, Routers, and Firewalls
- 5.2 Physical and Virtual Network and Security Devices: Zone-based Policy Firewall Demo
- 5.3 Application and Protocol-aware Technologies: PAN, WAF, DAM, NIDS/NIPS
- 5.4 Application and Protocol-aware Technologies: WLAN Controllers, UTM, NAP/NAC, SIEM, Load Balancers, HAIPE/INE Devices, HSMs
- 5.5 Advanced Network Design: Cryptographic Solutions
- 5.6 Advanced Network Design: Clientless SSL VPN Demo
- 5.7 Advanced Network Design: Networking Solutions
- 5.8 Complex Solutions for Data Flow
- 5.9 Secure Configuration and SDN
- 5.10 Network Management and Montioring Tools
- 5.11 Advanced Configuration of Infrastucture Devices: Configuration and Zoning
- 5.12 Advanced Configuration of Infrastructure Devices: Routing Protocol Security Exercise
- 5.13 Advanced Configuration of Infrastructure Devices: Network-enabled Service and System Security Concerns
- Lesson 6: Integrating Security Controls for Host Devices
- Lesson 7: Integrating Controls for Mobile and Small Form Factor Devices
-
Lesson 8: Selecting Software Security Controls
- Learning objectives
- 8.1 Application Security Design Considerations
- 8.2 Specific Application Issues: Attacks and Exploits
- 8.3 Specific Application Issues: Common Vulnerabilities
- 8.4 Specific Application Issues: Sandboxing and Firewalls
- 8.5 Client-side Processing vs. Server-side Processing
- 8.6 O/S and Firmware Vulnerabilities
- Module 3: Enterprise Security Operations
- Lesson 9: Conducting Security Assessments
- Lesson 10: Selecting the Proper Security Assessment Tools
- Lesson 11: Implementing Incident Response and Recovery
- Module 4: Technical Integration of Enterprise Security
-
Lesson 12: Integrating Hosts, Storage, and Applications in the Enterprise
- Learning objectives
- 12.1 Adapting Data Flow Security
- 12.2 Data Flow Security Standards
- 12.3 Interoperability Issues
- 12.4 Resilience Issues
- 12.5 Data Security Considerations
- 12.6 Resource Provisioning and De-provisioning
- 12.7 Merger and Acquisition Design Considerations
- 12.8 Logical Network Segmentation and Diagramming
- 12.9 Security Issues with Enterprise Application Integration
-
Lesson 13: Integrating Cloud and Virtualization Technologies in the Enterprise
- Learning objectives
- 13.1 Technical Deployment Models: Cloud/Virtualization Considerations and Hosting Options
- 13.2 Technical Deployment Models: Cloud Service Models
- 13.3 Pros and Cons of Virtualization
- 13.4 Cloud Augmented Security Services
- 13.5 Host Comingling Vulnerabilities
- 13.6 Data Security Considerations
- Lesson 14: Integrating and Troubleshooting Advanced AAA Technologies
-
Lesson 15: Implementing Cryptographic Techniques
- Learning objectives
- 15.1 Cryptographic Techniques: Hashing and Signing
- 15.2 Cryptographic Techniques: Data Protection
- 15.3 Cryptographic Techniques: Encryption in Action
- 15.4 Implementing Cryptography: SSH and SSL/TLS
- 15.5 Implementing Cryptography: Application and Implementation
- 15.6 Implementing Crytography: Certificate Services
- Lesson 16: Secure Communication and Collaboration Solutions
- Module 5 Research, Development and Collaboration
- Lesson 17: Applying Research Methods for Trend and Impact Analysis
- Lesson 18: Implementing Security Activities Across the Technology Life Cycle
- Lesson 19: Interacting Across Diverse Business Units
- Summary
Product information
- Title: CompTIA Advanced Security Practitioner (CASP) CAS-003
- Author(s):
- Release date: January 2018
- Publisher(s): Pearson
- ISBN: 0134855612
You might also like
book
CompTIA Advanced Security Practitioner (CASP) CAS-003 Cert Guide, Second Edition
Learn, prepare, and practice for CompTIA Advanced Security Practitioner (CASP) CAS-003 exam success with this CompTIA …
video
CompTIA Security+ SY0-701
27+ Hours of Video Instruction Get the edge you need to successfully study for the CompTIA …
video
CompTIA Cybersecurity Analyst (CySA+) CS0-002
20 Hours of Video Instruction 20 hours of deep-dive training covering every objective in the CompTIA …
book
CCNP and CCIE Enterprise Core ENCOR 350-401 Official Cert Guide
Trust the best-selling Official Cert Guide series from Cisco Press to help you learn, prepare, and …