Scroll to top button

CompTIA CASP+ Study Guide CAS-003

ISBN : 9781644590850

Gain hands-on expertise in the CompTIA CASP+ CAS-003 certification exam with the CompTIA CASP+ Study Guide CAS-003 course and lab. The lab simulates real-world, hardware, software and command line interface environments and can be mapped to any text-book, course or training. The course provides complete coverage of the CAS-003 exam objectives and includes topics such as risk management; enterprise security architecture; enterprise security operations; technical integration of enterprise security, and research, development, and collaboration.

The CompTIA CASP+ certification is a globally-recognized widely-trusted vendor-neutral credential. CompTIA CASP+ CAS-003 is the latest updated version of CAS-002 exam. It is required for the candidates to the CAS-003 exam to earn the CompTIA CASP+ certification. The certification proves expertise and skills required to conceptualize, engineer, integrate and implement secure solutions across complex environments to support a resilient enterprise.

Glossary of terms
Pre Assessment Questions
Post Assessment Questions
Performance lab
Learn the real world skills using LiveLab.
Video tutorials
Get interactive learning videos with transcripts and voice-over.
Signify the duration of video tutorials in labs.
Exam related FAQs
What are the prerequisites for this exam?
  • Minimum ten years of experience in IT administration
  • Minimum five years of hands-on technical security experience
What is the exam registration fee? USD 439
Where do I take the exam? Pearson VUE
What is the format of the exam? Multiple choice and performance-based questions
How many questions are asked in the exam? The exam contains 90 questions.
What is the duration of the exam? 165 minutes
What is the passing score? Pass/Fail only. No scaled score is provided.
What is the exam's retake policy?

CompTIA CAS-003 exam's retake policies are:

  • If a Candidate has passed an exam (or multiple exams) and achieved a certification, he/she cannot take the exam again, using the same exam code, without prior consent from CompTIA.
  • CompTIA beta examinations may only be taken one time by each candidate.
  • A test found to be in violation of the retake policy will be invalidated and the candidate may be subject to a suspension period. Repeat violators will be permanently banned from participation in the CompTIA Certification Program.
  • Candidates must pay the exam price each time they attempt the exam. CompTIA does not offer any free re-tests or discounts on retakes.
What is the validity of the certification? CompTIA CASP certification are valid for three years from the date the candidate is certified, after which the certification holder will need to renew their certification via CompTIA's Continuing Education Program.
Where can I find more information about this exam? To know more about the CAS-003, click here.
Which certification covers this exam?
What are the career opportunities after passing this exam?
  • Security Architect
  • IT Specialist, Cybersecurity
  • Information Security Analyst
  • Cybersecurity / IS Professional
  • Before You Begin the CompTIA CASP+ Certification Exam
  • Who Should Read This Course
  • What You Will Learn
  • How This Course Is Organized
  • How to Use This Course
  • Tips for Taking the CASP+ Exam
  • The CASP+ (2018 Edition) Exam Objective Map
  • The History of Cryptography
  • Cryptographic Services
  • Symmetric Encryption
  • Asymmetric Encryption
  • Hybrid Encryption
  • Hashing
  • Digital Signatures
  • Public Key Infrastructure
  • Implementation of Cryptographic Solutions
  • Cryptographic Attacks
  • Exam Essentials
  • Summary
  • Advanced Network Design
  • TCP/IP
  • Secure Communication Solutions
  • Secure Facility Solutions
  • Secure Network Infrastructure Design
  • Summary
  • Exam Essentials
  • Enterprise Security
  • Cloud Computing
  • Virtualization
  • Virtual LANs
  • Virtual Networking and Security Components
  • Enterprise Storage
  • Summary
  • Exam Essentials
  • Firewalls and Network Access Control
  • Host-Based Firewalls
  • Persistent Agent
  • Non-Persistent Agent
  • Agent-Based Technology
  • Agentless-Based Technology
  • Trusted Operating Systems
  • Endpoint Security Solutions
  • Anti-Malware
  • Host Hardening
  • Asset Management
  • Data Exfiltration
  • Intrusion Detection and Prevention
  • Network Management, Monitoring, and Security Tools
  • Summary
  • Exam Essentials
  • Application Security Design Considerations
  • Specific Application Issues
  • Application Sandboxing
  • Application Security Frameworks
  • Software Assurance
  • Development Approaches
  • Secure Coding Standards
  • Documentation
  • Validation and Acceptance Testing
  • Application Exploits
  • Privilege Escalation
  • Improper Storage of Sensitive Data
  • Secure Cookie Storage and Transmission
  • Context-Aware Management
  • Malware Sandboxing
  • Pivoting
  • Open-Source Intelligence
  • Memory Dumping
  • Client-Side Processing vs. Server-Side Processing
  • Security Assessments and Penetration Testing
  • Red, Blue, and White Teaming
  • Vulnerability Assessment Areas
  • Security Assessment and Penetration Test Tools
  • Summary
  • Exam Essentials
  • Risk Terminology
  • Identifying Vulnerabilities
  • Operational Risks
  • The Risk Assessment Process
  • Best Practices for Risk Assessments
  • Summary
  • Exam Essentials
  • Resources
  • A High-Level View of Documentation
  • Business Documents Used to Support Security
  • Documents and Controls Used for Sensitive Information
  • Training and Awareness for Users
  • Auditing Requirements and Frequency
  • The Incident Response Framework
  • Incident and Emergency Response
  • Summary
  • Exam Essentials
  • Applying Research Methods to Determine Industry Trends and Their Impact on the Enterprise
  • Analyze Scenarios to Secure the Enterprise
  • Summary
  • Exam Essentials
  • Integrate Enterprise Disciplines to Achieve Secure Solutions
  • Integrate Hosts, Storage, Networks, and Applications into a Secure Enterprise Architecture
  • Integrate Mobility Management
  • Summary
  • Exam Essentials
  • Selecting the Appropriate Control to Secure Communications and Collaboration Solutions
  • Integrate Advanced Authentication and Authorization Technologies to Support Enterprise Objectives
  • Implement Security Activities across the Technology Life Cycle
  • Physical Security Tools for Security Assessment
  • Summary
  • Exam Essentials

Hands on Activities (Labs)

  • Using the MD Series Algorithm
  • Using the SHA Series Algorithm
  • Connecting to an SSH Server
  • Using Steganography
  • Installing Remote Access Server (RAS)
  • Observe an SHA256-Generated Hash Value
  • Spoofing MAC Address
  • Using Packet Filtering to Restrict Sites
  • Capturing the ICMP Packets with Wireshark
  • Attempting a Zone Transfer
  • Installing and Configuring AD DS
  • Creating a Virtual Switch
  • Installing a Virtual Machine
  • Creating a Firewall Rule
  • Configuring Iptables
  • Testing an Antivirus Program
  • Using PuTTY
  • Running a Security Scanner to Identify Vulnerabilities
  • Bypassing Command Shell Restrictions
  • Using Netcat for Reverse Shell
  • Attacking a Website using XSS Injection
  • Conducting Cross-site Request Forgery (CSRF or XSRF) Attacks
  • Using Exiftool
  • Using Burpsuite
  • Exploiting a Website Using SQL Injection
  • Performing ARP Poisoning
  • Scanning TCP Ports
  • Cracking a Linux Password Using John the Ripper Tool
  • Tracking Vulnerabilities in Software
  • Reviewing Security Policy
  • Using Netstat
  • Using TCPdump
  •  Cracking Windows Password using Ophcrack
  • Using the NetBus Application
  • Using Social Engineering Toolkit

Customer Testimonials

Alireza Ghahrood
In uCertify-CASP course, you will expand on your knowledge of information security to apply more advanced principles that will keep your organization safe from the many ways it can be threatened. Today's IT climate demands individuals with demonstrable skills, and the information and activities in this course can help you develop the skill set you need to confidently perform your duties as an advanced security professional.