CompTIA

CompTIA CASP+ (CAS-003)

(CAS-003)/ISBN:978-1-64459-085-0

This course includes
Lessons
TestPrep
Hand-on Lab
Instructor Led (Add-on)
CompTIA CASP+ (CAS-003)

Kick start your prep for the CAS-003 exam with the CompTIA CASP CAS-003 Study Guide. The course has labs that provide a hands-on learning experience in a safe, online environment. The CASP training course provides complete coverage of the CAS-003 exam objectives and includes topics such as risk management, enterprise security architecture, enterprise security operations, technical integration of enterprise security, and research, development, and collaboration.

Here's what you will get

The CompTIA CASP certification is a globally recognized widely-trusted vendor-neutral credential. CompTIA CASP CAS-003 is the latest updated version of the CAS-003 exam and it is required for the candidates to earn the CompTIA CASP certification. The certification proves a candidate's expertise and skills in conceptualizing, engineering, integrating, and implementing secure solutions across complex environments to support a resilient enterprise.

Lessons

12+ Lessons | 217+ Quizzes | 191+ Flashcards | 192+ Glossary of terms

TestPrep

90+ Pre Assessment Questions | 2+ Full Length Tests | 90+ Post Assessment Questions | 180+ Practice Test Questions

Hand on lab

35+ LiveLab | 35+ Video tutorials | 23+ Minutes

Need guidance and support? Click here to check our Instructor Led Course.

Here's what you will learn

Download Course Outline

Lessons 1: Introduction

  • Before You Begin the CompTIA CASP+ Certification Exam
  • Who Should Read This Course
  • What You Will Learn
  • How This Course Is Organized
  • How to Use This Course
  • Tips for Taking the CASP+ Exam
  • The CASP+ (2018 Edition) Exam Objective Map

Lessons 2: Cryptographic Tools and Techniques

  • The History of Cryptography
  • Cryptographic Services
  • Symmetric Encryption
  • Asymmetric Encryption
  • Hybrid Encryption
  • Hashing
  • Digital Signatures
  • Public Key Infrastructure
  • Implementation of Cryptographic Solutions
  • Cryptographic Attacks
  • Exam Essentials
  • Summary

Lessons 3: Comprehensive Security Solutions

  • Advanced Network Design
  • TCP/IP
  • Secure Communication Solutions
  • Secure Facility Solutions
  • Secure Network Infrastructure Design
  • Summary
  • Exam Essentials

Lessons 4: Securing Virtualized, Distributed, and Shared Computing

  • Enterprise Security
  • Cloud Computing
  • Virtualization
  • Virtual LANs
  • Virtual Networking and Security Components
  • Enterprise Storage
  • Summary
  • Exam Essentials

Lessons 5: Host Security

  • Firewalls and Network Access Control
  • Host-Based Firewalls
  • Persistent Agent
  • Non-Persistent Agent
  • Agent-Based Technology
  • Agentless-Based Technology
  • Trusted Operating Systems
  • Endpoint Security Solutions
  • Anti-Malware
  • Host Hardening
  • Asset Management
  • Data Exfiltration
  • Intrusion Detection and Prevention
  • Network Management, Monitoring, and Security Tools
  • Summary
  • Exam Essentials

Lessons 6: Application Security and Penetration Testing

  • Application Security Design Considerations
  • Specific Application Issues
  • Application Sandboxing
  • Application Security Frameworks
  • Software Assurance
  • Development Approaches
  • Secure Coding Standards
  • Documentation
  • Validation and Acceptance Testing
  • Application Exploits
  • Privilege Escalation
  • Improper Storage of Sensitive Data
  • Secure Cookie Storage and Transmission
  • Context-Aware Management
  • Malware Sandboxing
  • Pivoting
  • Open-Source Intelligence
  • Memory Dumping
  • Client-Side Processing vs. Server-Side Processing
  • Security Assessments and Penetration Testing
  • Red, Blue, and White Teaming
  • Vulnerability Assessment Areas
  • Security Assessment and Penetration Test Tools
  • Summary
  • Exam Essentials

Lessons 7: Risk Management

  • Risk Terminology
  • Identifying Vulnerabilities
  • Operational Risks
  • The Risk Assessment Process
  • Best Practices for Risk Assessments
  • Summary
  • Exam Essentials
  • Resources

Lessons 8: Policies, Procedures, and Incident Response

  • A High-Level View of Documentation
  • Business Documents Used to Support Security
  • Documents and Controls Used for Sensitive Information
  • Training and Awareness for Users
  • Auditing Requirements and Frequency
  • The Incident Response Framework
  • Incident and Emergency Response
  • Summary
  • Exam Essentials

Lessons 9: Security Research and Analysis

  • Applying Research Methods to Determine Industry Trends and Their Impact on the Enterprise
  • Analyze Scenarios to Secure the Enterprise
  • Summary
  • Exam Essentials

Lessons 10: Enterprise Security Integration

  • Integrate Enterprise Disciplines to Achieve Secure Solutions
  • Integrate Hosts, Storage, Networks, and Applications into a Secure Enterprise Architecture
  • Integrate Mobility Management
  • Summary
  • Exam Essentials

Lessons 11: Security Controls for Communication and Collaboration

  • Selecting the Appropriate Control to Secure Communications and Collaboration Solutions
  • Integrate Advanced Authentication and Authorization Technologies to Support Enterprise Objectives
  • Implement Security Activities across the Technology Life Cycle
  • Physical Security Tools for Security Assessment
  • Summary
  • Exam Essentials

Appendix: 3D Avatar-based Simulation

Hands-on LAB Activities

Cryptographic Tools and Techniques

  • Using the MD Series Algorithm
  • Using the SHA Series Algorithm
  • Connecting to an SSH Server
  • Using Steganography
  • Installing Remote Access Server (RAS)
  • Observe an SHA256-Generated Hash Value
  • Spoofing MAC Address

Comprehensive Security Solutions

  • Using Packet Filtering to Restrict Sites
  • Capturing the ICMP Packets with Wireshark
  • Attempting a Zone Transfer
  • Installing and Configuring AD DS

Securing Virtualized, Distributed, and Shared Computing

  • Creating a Virtual Switch
  • Installing a Virtual Machine

Host Security

  • Creating a Firewall Rule
  • Configuring Iptables
  • Testing an Antivirus Program
  • Using PuTTY
  • Running a Security Scanner to Identify Vulnerabilities
  • Bypassing Command Shell Restrictions
  • Using Netcat for Reverse Shell

Application Security and Penetration Testing

  • Attacking a Website using XSS Injection
  • Conducting Cross-site Request Forgery (CSRF or XSRF) Attacks
  • Using Exiftool
  • Using Burpsuite
  • Exploiting a Website Using SQL Injection
  • Performing ARP Poisoning
  • Scanning TCP Ports
  • Cracking a Linux Password using the John the Ripper Tool

Risk Management

  • Tracking Vulnerabilities in Software
  • Reviewing Security Policy

Policies, Procedures, and Incident Response

  • Using Netstat
  • Using TCPdump
  • Cracking Windows Password using Ophcrack

Security Controls for Communication and Collaboration

  • Using the NetBus Application
  • Using Social Engineering Toolkit

Exam FAQs

A minimum of ten years of experience in IT administration, including at least five years of hands-on technical security experience.

USD 466

Pricing and taxes may vary from country to country.

Multiple choice and performance-based questions

The exam contains 90 questions.

165 minutes

This test has no scaled score; it’s pass/fail only.

In the event that you fail your first attempt at passing the CASP examination, CompTIA's retake policies are:

  • If a Candidate has passed an exam (or multiple exams) and achieved a certification, he/she cannot take the exam again, using the same exam code, without prior consent from CompTIA.
  • CompTIA beta examinations may only be taken one time by each candidate.
  • A test found to be in violation of the retake policy will be invalidated and the candidate may be subject to a suspension period. Repeat violators will be permanently banned from participation in the CompTIA Certification Program.
  • Candidates must pay the exam price each time they attempt the exam. CompTIA does not offer any free re-tests or discounts on retakes.

CompTIA CASP+ certification expires after three years from the date of issue, after which the certification holder will need to renew their certification via CompTIA's Continuing Education Program.

Customer Review

In uCertify-CASP course, you will expand on your knowledge of information security to apply more advanced principles that will keep your organization safe from the many ways it can be threatened. Today's IT climate demands individuals with demonstrable skills, and the information and activities in this course can help you develop the skill set you need to confidently perform your duties as an advanced security professional.

Alireza Ghahrood
Alireza Ghahrood
Cyber Security Solutions Senior Consultant & Instructor