• Successfully prepare for the CompTIA Advanced Security Practitioner (CASP+) Certification Exam
• Investigate enterprise storage requirements
• Examine risk management security policies and procedures
• Research potential threats and identify appropriate countermeasures
• Evaluate collaboration methodologies for security communications

CASP+ Exam Overview

• Examination and certification goals
• The five domains of the exam
• Learning techniques

Enterprise Security

Identifying security concerns in scenarios

• Exploring cryptographic techniques
• Advanced PKI concepts

Distinguishing between cryptographic concepts

• Entropy
• Confusion and diffusion
• Chain of trust

Securing enterprise storage

• Examining storage types and protocols
• Secure storage management

Analysing network security architectures

• Designing secure networks
• Employing virtual networking solutions

Troubleshooting security controls for hosts

• Host security: trusted OS, end-point, host hardening
• Vulnerabilities in co-mingling of hosts

Differentiating application vulnerabilities

• Web application security
• Application security concerns
• Mitigating client-side vs. server-side processing

Risk Management and Incident Response

Interpreting business and industry influences and risks

• Analysing risk scenarios
• Identifying the impact of de-perimeterization

Executing risk mitigation planning, strategies and control

• Assessing the CIA aggregate scores
• Making risk determination

Privacy policies and procedures

• Developing policies to support business objectives
• Safeguarding Personally Identifiable Information (PII)

Conduct incident response and recovery procedures

• Constructing a data inventory with e-discovery
• Minimising the severity of data breaches

Research, Analysis and Assessment

Determining industry trends impact to the enterprise

• Performing ongoing research to support best practises
• Researching security requirement for contracts

Appropriate security document usage

• Request for Information (RFI)
• Request for Quote (RFQ)
• Request for Proposal (RFP)

Evaluating scenarios to determine how to secure the enterprise

• Conducting cost benefit and security solution analysis
• Reviewing effectiveness of existing security controls

Conducting an assessment and analysing the results

• Determining appropriate tools for data gathering
• Identifying methods to perform assessments

Integrating Computing, Communications and Business Disciplines

Collaborating across diverse business units to achieve security goals

• Communicating with stakeholders
• Interpreting security requirements and providing guidance
• Identifying secure communications goals

Selecting controls for secure communications

• Utilising unified collaboration tools
• Mobile devices
• Applying over the air technologies

Implementing security across technology life cycle

• Selecting security controls
• Developing Security Requirements Traceability Matrices

Technical Integration of Enterprise Components

Integrate devices into a secure enterprise architecture

• Securing data following existing security standards
• Applying technical deployment models
• Integrating storage and applications into the enterprise

Integrating advanced authentication and authorisation technologies

• Implementing certificate-based and SSO authentication
• Applying federation solutions

This course is designed for IT professionals in the cybersecurity industry whose primary job responsibility is to secure complex enterprise environments.

• CompTIA Security + Certification or equivalent experience
• Ten years of IT administration experience, including at least five years of hands-on technical security experience