CompTIA CASP+ Study Guide CAS-003

Name: CompTIA CASP+ Study Guide CAS-003
Brand: uCertify
Rating: 4.1 (16 reviews)

ISBN : 9781644590850

Gain hands-on expertise in the CompTIA CASP+ CAS-003 certification exam with the CompTIA CASP+ Study Guide CAS-003 course and lab. The lab simulates real-world, hardware, software and command line interface environments and can be mapped to any text-book, course or training. The course provides complete coverage of the CAS-003 exam objectives and includes topics such as risk management; enterprise security architecture; enterprise security operations; technical integration of enterprise security, and research, development, and collaboration.

5 average from 1 customer rating

Try This Course

The CompTIA CASP+ certification is a globally-recognized widely-trusted vendor-neutral credential. CompTIA CASP+ CAS-003 is the latest updated version of CAS-002 exam. It is required for the candidates to the CAS-003 exam to earn the CompTIA CASP+ certification. The certification proves expertise and skills required to conceptualize, engineer, integrate and implement secure solutions across complex environments to support a resilient enterprise.

Lessons

                            
Lessons

                                12+
                            
Quizzes

                                217+
                            
Flashcards

                                191+
                            
Glossary of terms

                                192+

TestPrep

                            
Pre Assessment Questions

                                90+
                            
Full Length Tests

                                2+
                            
Post Assessment Questions

                                90+

Lab

                            
Performance lab
Learn the real world skills using LiveLab.

                                35+
                            
Video tutorials
Get interactive learning videos with transcripts and voice-over.

                                35+
                            
Minutes
Signify the duration of video tutorials in labs.

                                23+

Exam related FAQs
What are the prerequisites for this exam?	Minimum ten years of experience in IT administration Minimum five years of hands-on technical security experience
What is the exam registration fee?	USD 439
Where do I take the exam?	Pearson VUE
What is the format of the exam?	Multiple choice and performance-based questions
How many questions are asked in the exam?	The exam contains 90 questions.
What is the duration of the exam?	165 minutes
What is the passing score?	Pass/Fail only. No scaled score is provided.
What is the exam's retake policy?	CompTIA CAS-003 exam's retake policies are: If a Candidate has passed an exam (or multiple exams) and achieved a certification, he/she cannot take the exam again, using the same exam code, without prior consent from CompTIA. CompTIA beta examinations may only be taken one time by each candidate. A test found to be in violation of the retake policy will be invalidated and the candidate may be subject to a suspension period. Repeat violators will be permanently banned from participation in the CompTIA Certification Program. Candidates must pay the exam price each time they attempt the exam. CompTIA does not offer any free re-tests or discounts on retakes.
What is the validity of the certification?	CompTIA CASP certification are valid for three years from the date the candidate is certified, after which the certification holder will need to renew their certification via CompTIA's Continuing Education Program.
Where can I find more information about this exam?	To know more about the CAS-003, click here.
Which certification covers this exam?	CompTIA Advanced Security Practitioner (CASP)
What are the career opportunities after passing this exam?	Security Architect IT Specialist, Cybersecurity Information Security Analyst Cybersecurity / IS Professional

Lesson 1: Introduction

Before You Begin the CompTIA CASP+ Certification Exam
Who Should Read This Course
What You Will Learn
How This Course Is Organized
How to Use This Course
Tips for Taking the CASP+ Exam
The CASP+ (2018 Edition) Exam Objective Map

Lesson 2: Cryptographic Tools and Techniques

The History of Cryptography
Cryptographic Services
Symmetric Encryption
Asymmetric Encryption
Hybrid Encryption
Hashing
Digital Signatures
Public Key Infrastructure
Implementation of Cryptographic Solutions
Cryptographic Attacks
Exam Essentials
Summary

Lesson 3: Comprehensive Security Solutions

Advanced Network Design
TCP/IP
Secure Communication Solutions
Secure Facility Solutions
Secure Network Infrastructure Design
Summary
Exam Essentials

Lesson 4: Securing Virtualized, Distributed, and Shared Computing

Enterprise Security
Cloud Computing
Virtualization
Virtual LANs
Virtual Networking and Security Components
Enterprise Storage
Summary
Exam Essentials

Lesson 5: Host Security

Firewalls and Network Access Control
Host-Based Firewalls
Persistent Agent
Non-Persistent Agent
Agent-Based Technology
Agentless-Based Technology
Trusted Operating Systems
Endpoint Security Solutions
Anti-Malware
Host Hardening
Asset Management
Data Exfiltration
Intrusion Detection and Prevention
Network Management, Monitoring, and Security Tools
Summary
Exam Essentials

Lesson 6: Application Security and Penetration Testing

Application Security Design Considerations
Specific Application Issues
Application Sandboxing
Application Security Frameworks
Software Assurance
Development Approaches
Secure Coding Standards
Documentation
Validation and Acceptance Testing
Application Exploits
Privilege Escalation
Improper Storage of Sensitive Data
Secure Cookie Storage and Transmission
Context-Aware Management
Malware Sandboxing
Pivoting
Open-Source Intelligence
Memory Dumping
Client-Side Processing vs. Server-Side Processing
Security Assessments and Penetration Testing
Red, Blue, and White Teaming
Vulnerability Assessment Areas
Security Assessment and Penetration Test Tools
Summary
Exam Essentials

Lesson 7: Risk Management

Risk Terminology
Identifying Vulnerabilities
Operational Risks
The Risk Assessment Process
Best Practices for Risk Assessments
Summary
Exam Essentials
Resources

Lesson 8: Policies, Procedures, and Incident Response

A High-Level View of Documentation
Business Documents Used to Support Security
Documents and Controls Used for Sensitive Information
Training and Awareness for Users
Auditing Requirements and Frequency
The Incident Response Framework
Incident and Emergency Response
Summary
Exam Essentials

Lesson 9: Security Research and Analysis

Applying Research Methods to Determine Industry Trends and Their Impact on the Enterprise
Analyze Scenarios to Secure the Enterprise
Summary
Exam Essentials

Lesson 10: Enterprise Security Integration

Integrate Enterprise Disciplines to Achieve Secure Solutions
Integrate Hosts, Storage, Networks, and Applications into a Secure Enterprise Architecture
Integrate Mobility Management
Summary
Exam Essentials

Lesson 11: Security Controls for Communication and Collaboration

Selecting the Appropriate Control to Secure Communications and Collaboration Solutions
Integrate Advanced Authentication and Authorization Technologies to Support Enterprise Objectives
Implement Security Activities across the Technology Life Cycle
Physical Security Tools for Security Assessment
Summary
Exam Essentials

Lesson 12: Appendix: 3D Avatar-based Simulation

Hands on Activities (Labs)

Introduction

Cryptographic Tools and Techniques

Using the MD Series Algorithm
Using the SHA Series Algorithm
Connecting to an SSH Server
Using Steganography
Installing Remote Access Server (RAS)
Sniffing Traffic using Cain & Abel
Spoofing MAC Address

Comprehensive Security Solutions

Using Packet Filtering to Restrict Sites
Capturing the ICMP Packets with Wireshark
Attempting a Zone Transfer
Installing and Configuring AD DS

Securing Virtualized, Distributed, and Shared Computing

Creating a Virtual Switch
Installing a Virtual Machine

Host Security

Creating a Firewall Rule
Configuring Iptables
Testing an Antivirus Program
Using PuTTY
Running a Security Scanner to Identify Vulnerabilities
Bypassing Command Shell Restrictions
Using Netcat for Reverse Shell

Application Security and Penetration Testing

Attacking a Website using XSS Injection
Conducting Cross-site Request Forgery (CSRF or XSRF) Attacks
Using Exiftool
Using Burpsuite
Exploiting a Website using SQL Injection
Performing ARP Poisoning
Scanning TCP Ports
Cracking a Linux Password using John the Ripper tool

Risk Management

Tracking Vulnerabilities in Software
Reviewing Security Policy

Policies, Procedures, and Incident Response

Using netstat
Using TCPdump
Cracking Windows Password using Ophcrack

Security Research and Analysis

Enterprise Security Integration

Security Controls for Communication and Collaboration

Using the NetBus Application
Using Social Engineering Toolkit

Appendix: 3D Avatar-based Simulation

Customer Testimonials

Alireza Ghahrood

In uCertify-CASP course, you will expand on your knowledge of information security to apply more advanced principles that will keep your organization safe from the many ways it can be threatened. Today's IT climate demands individuals with demonstrable skills, and the information and activities in this course can help you develop the skill set you need to confidently perform your duties as an advanced security professional.