CAS-002 : CASP-Advanced Security Practitioner V2.0 (Course & Lab)

CASP-Advanced Security Practitioner V2.0 (Course & Lab)
ISBN : 978-1-61691-542-1
Gain hands-on expertise in CompTIA Advanced Security Practitioner (CASP) certification exam by CASP-Advanced Security Practitioner V2.0 course and performance-based labs. Performance-based labs simulate real-world, hardware, software & command line interface environments and can be mapped to any text-book, course & training. This course provides complete coverage of CASP certification exam and includes topics such as cryptographic tools and techniques; comprehensive security solutions; securing virtualized, distributed, and shared computing; application security and penetration testing; and much more. CASP certification is a vendor-neutral credential designed for advanced-level IT security professionals to conceptualize, design, and engineer secure solutions across complex enterprise environments.


uCertify uses content from well known publishers, instructors, and subject matter experts. They have a minimum of 15 years of experience in their fields. uCertify brings these textbooks to life. It is full of interactive activities that keep the learner engaged. uCertify brings all available learning resources for a topic in one place so that the learner can efficiently learn without going to multiple places. Challenge questions are also embedded in the chapters so learners can attempt those while they are learning about that particular topic. This helps them grasp the concepts better because they can go over it again right away which improves learning. At the end of every lesson, uCertify courses guide the learners on the path they should follow.

uCertify platform supports 50+ different types of interactive activities, connect the idea, or try it yourself lab activities embedded throughout its course. These interactive activities keep learners engaged and make learning fun.

Here's What You Get

Exercises Flashcards Quizzes Glossary

Each lesson comes with Exercises, Flashcards & Quizzes. There is no limit to the number of times learners can attempt these. Exercises come with detailed remediation, which ensures that learners are confident on the topic before proceeding. Flashcards help master the key concepts. Glossary defines the key terms.

Exercise Questions
Glossary of terms

Test Prep & Practice Questions

uCertify provides full length practice tests. These tests closely follow the exam objectives and are designed to simulate real exam conditions. Each course has a number of test sets consisting of hundreds of items to ensure that learners are prepared for the certification exam.

Here's What You Get

Pre-assessments Questions
Full Length Tests
Post-Assessments Questions


Full Remediation

Each question comes with detailed remediation explaining not only why an answer option is correct but also why the incorrect answer options are incorrect.

Unlimited Practice

Each test can be taken unlimited number of times until the learner feels they are prepared. Learner can review the test and read detailed remediation. Detailed test history is also available.

Learn, Test and Review Mode

Each test set comes with learn, test and review modes. In learn mode, learners will attempt a question and will get immediate feedback and complete remediation as they move on to the next question. In test mode, learners can take a timed test simulating the actual exam conditions. In review mode, learners can read through one item at a time without attempting it.


Online labs can be used to supplement training. uCertify labs are an inexpensive & safe way to explore and learn. uCertify labs are versatile - labs simulate real-world, hardware, software & command line interface environments and can be mapped to any text-book, course & training.

Here's What You Get

Performance based lab
Video tutorials

Hands on Activities

Cryptographic Tools and Techniques

  • Understanding cryptographic terms
  • Identifying symmetric algorithms
  • Identifying symmetric and asymmetric encryptions
  • Identifying asymmetric encryption algorithms
  • Identifying sequence of sender's process for hybrid encryption
  • Identifying hashing algorithms
  • Identifying sequence of sender's process for digital signatures
  • Identifying attributes of symmetric and asymmetric encryption
  • Identifying public key infrastructure components
  • Launching Windows certificates manager
  • Identifying encryption types
  • Identifying the handshake process for CHAP
  • Understanding steganography
  • Creating a user password
  • Identifying cryptographic attacks

Comprehensive Security Solutions

  • Creating and configuring a network
  • Identifying network authentication methods
  • Identifying 802.11 standards
  • Identifying the network topology
  • Identifying remote access methods
  • Configuring NPS network policy
  • Configuring NPS to provide RADIUS authentication
  • Creating a remote access VPN connection
  • Arranging the VoIP protocols in the protocol stack
  • Performing a wireless site survey
  • Using Windows remote access
  • Configuring a VPN client
  • Spoofing MAC addresses with SMAC
  • Identifying TCP/IP protocol layers
  • Identifying TCP/IP layers
  • Identifying IPV4 and IPV6 differences
  • Configuring IPv4 address
  • Configuring and testing IPv6 addresses
  • Understanding the ipconfig command
  • Analyzing the TCP/IP configuration with netstat
  • Identifying IPv4 classful address ranges
  • Identifying IPv4 header
  • Identifying IPv6 header
  • Identifying protocols security issues
  • Analyzing network paths with tracert
  • Using the netsh command
  • Releasing and renewing an IP address
  • Testing the existence of other hosts
  • Identifying drawbacks of Kerberos authentication
  • Filtering entries in Event Viewer
  • Configuring Internet settings on a router
  • Setting up a DMZ on a SOHO router

Securing Virtualized, Distributed, and Shared Computing

  • Understanding software-defined networking
  • Identifying cloud services model
  • Identifying cloud-augmented security services
  • Identifying virtual network components
  • Creating a virtual PC machine
  • Setting VLAN ID on a network adapter
  • Working with a host-based IDS

Host Security

  • Identifying traffic command syntax formats
  • Identifying Information models
  • Identifying evaluation assurance levels
  • Identifying endpoint security solutions
  • Installing security software
  • Installing MBSA
  • Running the MBSA tool
  • Running a security scanner to identify vulnerabilities
  • Using the Windows command-line interface (CLI)
  • Identifying the change management process
  • Identifying data exfiltration methods
  • Identifying IDS components
  • Identifying Intrusion detection key terms
  • Identifying sequence in which the IDS instructs the TCP to reset connections

Application Security and Penetration Testing

  • Identifying application test types
  • Understanding cross-site scripting
  • Understanding application sandboxing
  • Understanding SDLC activities
  • Identifying secure coding tests
  • Viewing cookies and temporary files in IE
  • Identifying DoS tools
  • Identifying password cracking ways
  • Identifying penetration testing steps
  • Identifying port scanning techniques
  • Identifying fuzzing tools

Risk Management

  • Identifying tracking vulnerabilities in software
  • Identifying information security laws
  • Identifying quantitative analysis

Policies, Procedures, and Incident Response

  • Identifying information security policy components
  • Identifying employee controls
  • Understanding incident response plan
  • Identifying incident responses models

Security Research and Analysis

  • Identifying XSS vulnerabilities
  • Identifying biometric systems
  • Cracking encrypted passwords
  • Exploring the Nagios tool
  • Identifying security solution performances

Enterprise Security Integration

  • Identifying stages of building security controls
  • Identifying security governance plan
  • Identifying employee controls uses
  • Identifying risk tests

Security Controls for Communication and Collaboration

  • Using TeamViewer to connect two computers
  • Understanding SOAP
  • Identifying TCSEC divisions levels

Exam Information

The CompTIA Advanced Security Practitioner is a standalone certification from CompTIA with the exam code CAS-002. This certification validates advanced-level security skills and knowledge internationally. The CASP exam will certify that the successful candidate has the technical knowledge and skills required to conceptualize, design, and engineer secure solutions across complex enterprise environments. It involves applying critical thinking and judgment across a broad spectrum of security disciplines to propose and implement solutions that map to enterprise drivers, while managing risk.

Prepare for the following certification

Career Prospects
  • Cyber Security / IS Professional
  • Information Security Analyst
  • Security Architect
  • IT Specialist INFOSEC
  • Cybersecurity Risk Manager
  • Cybersecurity Risk Analyst
Exam FAQs
What are the prerequisites for this exam?
While there are no official prerequisites for the CAS-002 exam, both CompTIA and uCertify strongly recommend candidates to have 10 years' experience in IT administration, including at least 5 years' of hands-on technical security experience.
What is the exam registration fee?
USD 402

Pricing and taxes may vary from country to country.

Where do I take the exam?
The CAS-002 exam is administered by Pearson VUE at testing centers worldwide. Click here to find a testing center near you.
What is the format of the exam?
  • Multiple choice
  • Drag and drop
  • Scenario-based
  • Simulation
How many questions are asked in the exam?
The exam contains 80 questions.
What is the duration of the exam?
165 minutes
What is the passing score?
Pass/Fail only. No scaled score is provided.
What is the exam's retake policy?

CAS-002 examination, CompTIA's retake policy is:

  • CompTIA does not require a waiting period between the first and second attempt to pass such examination. However, if you need a third or subsequent attempt to pass the examination, you shall be required to wait for a period of at least fourteen calendar days from the date of your last attempt before you can retake the exam.
  • If a candidate has passed an exam, he/she cannot take it again without prior consent from CompTIA.
  • A test result found to be in violation of the retake policy will not be processed, which will result in no credit awarded for the test taken. Repeat violators will be banned from participation in the CompTIA Certification Program.
  • Candidates must pay the exam price each time they attempt the exam. CompTIA does not offer free re-tests or discounts on retakes.
What is the validity of the certification?
CompTIA CASP certification are valid for three years from the date the candidate is certified, after which the certification holder will need to renew their certification via CompTIA's Continuing Education Program.
Where can I find more information about this exam?
To know more about the CAS-002-complete, click here.

Table of Content

Here's What you will Learn

Lesson 1: Cryptographic Tools and Techniques

  • The History of Cryptography
  • Cryptographic Services
  • Symmetric Encryption
  • Asymmetric Encryption
  • Hybrid Encryption
  • Hashing
  • Digital Signatures
  • Public Key Infrastructure
  • Implementation of Cryptographic Solutions
  • Cryptographic Attacks
  • Summary
  • Exam Essentials

Lesson 2: Comprehensive Security Solutions

  • Advanced Network Design
  • TCP/IP
  • Secure Communication Solutions
  • Secure Facility Solutions and Network Infrastructure Design
  • Summary
  • Exam Essentials

Lesson 3: Securing Virtualized, Distributed, and Shared Computing

  • Enterprise Security
  • Cloud Computing
  • Virtualization
  • Virtual LANs
  • Virtual Networking and Security Components
  • Enterprise Storage
  • Summary
  • Exam Essentials

Lesson 4: Host Security

  • Firewalls and Network Access Control Lists
  • Trusted Operating System
  • Endpoint Security Software
  • Anti-malware
  • Host Hardening
  • Asset Management
  • Data Exfiltration
  • Intrusion Detection and Prevention
  • Network Management, Monitoring, and Security Tools
  • Summary
  • Exam Essentials

Lesson 5: Application Security and Penetration Testing

  • Application Security Testing
  • Specific Application Issues
  • Application Sandboxing and Application Security Framework
  • Secure Coding Standards
  • Application Exploits
  • Cookie Storage and Transmission
  • Malware Sandboxing
  • Process Handling at the Client and Server
  • Security Assessments and Penetration Testing
  • Summary
  • Exam Essentials

Lesson 6: Risk Management

  • Risk Terminology
  • Identifying Vulnerabilities
  • Operational Risks
  • The Risk Assessment Process
  • Summary
  • Exam Essentials

Lesson 7: Policies, Procedures, and Incident Response

  • A High-Level View of Documentation
  • Business Documents Used to Support Security
  • Documents and Controls Used for Sensitive Information
  • Auditing Requirements and Frequency
  • The Incident Response Framework
  • Incident and Emergency Response
  • Summary
  • Exam Essentials

Lesson 8: Security Research and Analysis

  • Apply Research Methods to Determine Industry Trends and Impact to the Enterprise
  • Analyze Scenarios to Secure the Enterprise
  • Summary
  • Exam Essentials

Lesson 9: Enterprise Security Integration

  • Integrate Enterprise Disciplines to Achieve Secure Solutions
  • Integrate Hosts, Storage, Networks, and Applications into a Secure Enterprise Architecture
  • Summary
  • Exam Essentials

Lesson 10: Security Controls for Communication and Collaboration

  • Selecting the Appropriate Control to Secure Communications and Collaboration Solutions
  • Integrate Advanced Authentication and Authorization Technologies to Support Enterprise Objectives
  • Implement Security Activities across the Technology Life Cycle
  • Summary
  • Exam Essentials

uCertify provides courses, simulator, labs, test prep kits for IT certifications including Microsoft, Oracle, Cisco, CompTIA, CIW, PMI, ISC2, Linux, Zend, Google, IC3 , Adobe and many more.

© 2002-2017 uCertify. All Rights Reserved