Course Content
View Course Modules
0/1
CompTIA CASP+® Training
    About Lesson

    CASP+ Exam Overview

    • Examination and certification goals
    • The five domains of the exam
    • Learning techniques

    Module 1: Enterprise Security

    Identifying security concerns in scenarios

    • Exploring cryptographic techniques
    • Advanced PKI concepts

    Distinguishing between cryptographic concepts

    • Entropy
    • Confusion and diffusion
    • Chain of trust

    Securing enterprise storage

    • Examining storage types and protocols
    • Secure storage management

    Analyzing network security architectures

    • Designing secure networks
    • Employing virtual networking solutions

    Troubleshooting security controls for hosts

    • Host security: trusted OS (Operating System), endpoint, host hardening
    • Vulnerabilities in co-mingling of hosts

    Differentiating application vulnerabilities

    • Web application security
    • Application security concerns
    • Mitigating client-side vs. server-side processing

    Module 2: Risk Management and Incident Response

    Interpreting business and industry influences and risks

    • Analyzing risk scenarios
    • Identifying the impact of de-perimeterization

    Executing risk mitigation planning, strategies, and control

    • Assessing the CIA aggregate scores
    • Making risk determination

    Privacy policies and procedures

    • Developing policies to support business objectives
    • Safeguarding Personally Identifiable Information (PII)

    Conduct incident response and recovery procedures

    • Constructing a data inventory with e-discovery
    • Minimizing the severity of data breaches

    Module 3: Research, Analysis, and Assessment

    Determining industry trends impact to the enterprise

    • Performing ongoing research to support best practices
    • Researching security requirements for contracts

    Appropriate security document usage

    • Request for Information (RFI)
    • Request for Quote (RFQ)
    • Request for Proposal (RFP)

    Evaluating scenarios to determine how to secure the enterprise

    • Conducting cost-benefit and security solution analysis
    • Reviewing the effectiveness of existing security controls

    Conducting an assessment and analyzing the results

    • Determining appropriate tools for data gathering
    • Identifying methods to perform assessments

    Module 4: Integrating Computing, Communications, and Business Disciplines

    Collaborating across diverse business units to achieve security goals

    • Communicating with stakeholders
    • Interpreting security requirements and providing guidance
    • Identifying secure communications goals

    Selecting controls for secure communications

    • Utilizing unified collaboration tools
    • Mobile devices
    • Applying over-the-air technologies

    Implementing security across the technology life cycle

    • Selecting security controls
    • Developing Security Requirements Traceability Matrices

    Module 5: Technical Integration of Enterprise Components

    Integrate devices into a secure enterprise architecture

    • Securing data following existing security standards
    • Applying technical deployment models
    • Integrating storage and applications into the enterprise

    Integrating advanced authentication and authorization technologies

    • Implementing certificate-based and SSO authentication
    • Applying federation solutions