CAS-002 : CASP-Advanced Security Practitioner V2.0 (Course & Lab)

CASP-Advanced Security Practitioner V2.0 (Course & Lab)
ISBN : 978-1-61691-542-1
Gain hands-on expertise in CompTIA Advanced Security Practitioner (CASP) certification exam by CASP-Advanced Security Practitioner V2.0 course and performance-based labs. Performance-based labs simulate real-world, hardware, software & command line interface environments and can be mapped to any text-book, course & training. This course provides complete coverage of CASP certification exam and includes topics such as cryptographic tools and techniques; comprehensive security solutions; securing virtualized, distributed, and shared computing; application security and penetration testing; and much more. CASP certification is a vendor-neutral credential designed for advanced-level IT security professionals to conceptualize, design, and engineer secure solutions across complex enterprise environments.

Here's what you will get

The CompTIA Advanced Security Practitioner is a standalone certification from CompTIA with the exam code CAS-002. This certification validates advanced-level security skills and knowledge internationally. The CASP exam will certify that the successful candidate has the technical knowledge and skills required to conceptualize, design, and engineer secure solutions across complex enterprise environments. It involves applying critical thinking and judgment across a broad spectrum of security disciplines to propose and implement solutions that map to enterprise drivers, while managing risk.

Glossary of terms
Pre-assessment Questions
Full Length Tests
Post-Assessment Questions
Performance based lab
Video tutorials
Exam FAQs
What are the prerequisites for this exam? While there are no official prerequisites for the CAS-002 exam, both CompTIA and uCertify strongly recommend candidates to have 10 years' experience in IT administration, including at least 5 years' of hands-on technical security experience.
What is the exam registration fee? USD 402
Where do I take the exam? The CAS-002 exam is administered by Pearson VUE at testing centers worldwide. Click here to find a testing center near you.
What is the format of the exam?
  • Multiple choice
  • Drag and drop
  • Scenario-based
  • Simulation
How many questions are asked in the exam? The exam contains 80 questions.
What is the duration of the exam? 165 minutes
What is the passing score? Pass/Fail only. No scaled score is provided.
What is the exam's retake policy?

CAS-002 examination, CompTIA's retake policy is:

  • CompTIA does not require a waiting period between the first and second attempt to pass such examination. However, if you need a third or subsequent attempt to pass the examination, you shall be required to wait for a period of at least fourteen calendar days from the date of your last attempt before you can retake the exam.
  • If a candidate has passed an exam, he/she cannot take it again without prior consent from CompTIA.
  • A test result found to be in violation of the retake policy will not be processed, which will result in no credit awarded for the test taken. Repeat violators will be banned from participation in the CompTIA Certification Program.
  • Candidates must pay the exam price each time they attempt the exam. CompTIA does not offer free re-tests or discounts on retakes.
What is the validity of the certification? CompTIA CASP certification are valid for three years from the date the candidate is certified, after which the certification holder will need to renew their certification via CompTIA's Continuing Education Program.
Where can I find more information about this exam? To know more about the CAS-002-complete, click here.
Which certification covers this exam?
What are the career opportunities after passing this exam?
  • Cyber Security / IS Professional
  • Information Security Analyst
  • Security Architect
  • IT Specialist INFOSEC
  • Cybersecurity Risk Manager
  • Cybersecurity Risk Analyst

Here's what you will learn

  • The History of Cryptography
  • Cryptographic Services
  • Symmetric Encryption
  • Asymmetric Encryption
  • Hybrid Encryption
  • Hashing
  • Digital Signatures
  • Public Key Infrastructure
  • Implementation of Cryptographic Solutions
  • Cryptographic Attacks
  • Summary
  • Exam Essentials
  • Advanced Network Design
  • TCP/IP
  • Secure Communication Solutions
  • Secure Facility Solutions and Network Infrastructure Design
  • Summary
  • Exam Essentials
  • Enterprise Security
  • Cloud Computing
  • Virtualization
  • Virtual LANs
  • Virtual Networking and Security Components
  • Enterprise Storage
  • Summary
  • Exam Essentials
  • Firewalls and Network Access Control Lists
  • Trusted Operating System
  • Endpoint Security Software
  • Anti-malware
  • Host Hardening
  • Asset Management
  • Data Exfiltration
  • Intrusion Detection and Prevention
  • Network Management, Monitoring, and Security Tools
  • Summary
  • Exam Essentials
  • Application Security Testing
  • Specific Application Issues
  • Application Sandboxing and Application Security Framework
  • Secure Coding Standards
  • Application Exploits
  • Cookie Storage and Transmission
  • Malware Sandboxing
  • Process Handling at the Client and Server
  • Security Assessments and Penetration Testing
  • Summary
  • Exam Essentials
  • Risk Terminology
  • Identifying Vulnerabilities
  • Operational Risks
  • The Risk Assessment Process
  • Summary
  • Exam Essentials
  • A High-Level View of Documentation
  • Business Documents Used to Support Security
  • Documents and Controls Used for Sensitive Information
  • Auditing Requirements and Frequency
  • The Incident Response Framework
  • Incident and Emergency Response
  • Summary
  • Exam Essentials
  • Apply Research Methods to Determine Industry Trends and Impact to the Enterprise
  • Analyze Scenarios to Secure the Enterprise
  • Summary
  • Exam Essentials
  • Integrate Enterprise Disciplines to Achieve Secure Solutions
  • Integrate Hosts, Storage, Networks, and Applications into a Secure Enterprise Architecture
  • Summary
  • Exam Essentials
  • Selecting the Appropriate Control to Secure Communications and Collaboration Solutions
  • Integrate Advanced Authentication and Authorization Technologies to Support Enterprise Objectives
  • Implement Security Activities across the Technology Life Cycle
  • Summary
  • Exam Essentials

Hands on Activities (Labs)

  • Understanding cryptographic terms
  • Identifying symmetric algorithms
  • Identifying symmetric and asymmetric encryptions
  • Identifying asymmetric encryption algorithms
  • Identifying sequence of sender's process for hybrid encryption
  • Identifying hashing algorithms
  • Identifying sequence of sender's process for digital signatures
  • Identifying attributes of symmetric and asymmetric encryption
  • Identifying public key infrastructure components
  • Launching Windows certificates manager
  • Identifying encryption types
  • Identifying the handshake process for CHAP
  • Understanding steganography
  • Creating a user password
  • Identifying cryptographic attacks
  • Creating and configuring a network
  • Identifying network authentication methods
  • Identifying 802.11 standards
  • Identifying the network topology
  • Identifying remote access methods
  • Configuring NPS network policy
  • Configuring NPS to provide RADIUS authentication
  • Creating a remote access VPN connection
  • Arranging the VoIP protocols in the protocol stack
  • Performing a wireless site survey
  • Using Windows remote access
  • Configuring a VPN client
  • Spoofing MAC addresses with SMAC
  • Identifying TCP/IP protocol layers
  • Identifying TCP/IP layers
  • Identifying IPV4 and IPV6 differences
  • Configuring IPv4 address
  • Configuring and testing IPv6 addresses
  • Understanding the ipconfig command
  • Analyzing the TCP/IP configuration with netstat
  • Identifying IPv4 classful address ranges
  • Identifying IPv4 header
  • Identifying IPv6 header
  • Identifying protocols security issues
  • Analyzing network paths with tracert
  • Using the netsh command
  • Releasing and renewing an IP address
  • Testing the existence of other hosts
  • Identifying drawbacks of Kerberos authentication
  • Filtering entries in Event Viewer
  • Configuring Internet settings on a router
  • Setting up a DMZ on a SOHO router
  • Understanding software-defined networking
  • Identifying cloud services model
  • Identifying cloud-augmented security services
  • Identifying virtual network components
  • Creating a virtual PC machine
  • Setting VLAN ID on a network adapter
  • Working with a host-based IDS
  • Identifying traffic command syntax formats
  • Identifying Information models
  • Identifying evaluation assurance levels
  • Identifying endpoint security solutions
  • Installing security software
  • Installing MBSA
  • Running the MBSA tool
  • Running a security scanner to identify vulnerabilities
  • Using the Windows command-line interface (CLI)
  • Identifying the change management process
  • Identifying data exfiltration methods
  • Identifying IDS components
  • Identifying Intrusion detection key terms
  • Identifying sequence in which the IDS instructs the TCP to reset connections
  • Identifying application test types
  • Understanding cross-site scripting
  • Understanding application sandboxing
  • Understanding SDLC activities
  • Identifying secure coding tests
  • Viewing cookies and temporary files in IE
  • Identifying DoS tools
  • Identifying password cracking ways
  • Identifying penetration testing steps
  • Identifying port scanning techniques
  • Identifying fuzzing tools
  • Identifying tracking vulnerabilities in software
  • Identifying information security laws
  • Identifying quantitative analysis
  • Identifying information security policy components
  • Identifying employee controls
  • Understanding incident response plan
  • Identifying incident responses models
  • Identifying XSS vulnerabilities
  • Identifying biometric systems
  • Cracking encrypted passwords
  • Exploring the Nagios tool
  • Identifying security solution performances
  • Identifying stages of building security controls
  • Identifying security governance plan
  • Identifying employee controls uses
  • Identifying risk tests
  • Using TeamViewer to connect two computers
  • Understanding SOAP
  • Identifying TCSEC divisions levels

uCertify provides courses, simulator, labs, test prep kits for IT certifications including Microsoft, Oracle, Cisco, CompTIA, CIW, PMI, ISC2, Linux, Zend, Google, IC3 , Adobe and many more.

© 2002-2017 uCertify. All Rights Reserved