CompTIA Advanced Security Practitioner (CASP+) Course



-13% Off
Cyber security

Course Curriculum

Learning Objective: To know what the CASP certification course is about and what all sections and topics will it cover.

Learning objective: To learn more about risk management, identify risk, and respond to it using different strategies. 


  • Understanding Business and industry influences 

  • Ongoing risk management 

  • New products and user behavior

  • Business Models and Strategies

  • Cloud Technologies

  • Acquisitions and Mergers

  • Due Diligence Team

  • Data Ownership

  • Data Reclassification

  • Integrating Diverse Industries

  • Common Regulations

  • Geographic Differences

  • Data Sovereignty

  • Internal and External Influences

  • De-parameterization

  • Understand Changes in Network Boundaries

  • Topic B: Policies and Procedures

  • Understanding Policies and Procedures

  • Policy Life Cycle

  • Process Life Cycle

  • Reviewing Policies and Processes

  • Common Business Documents

  • Security for Contracts

  • Contract Requirements

  • General Privacy Principles

  • Standard Security Practices

  • Demo - Examining Security Policies

  • Topic C: Risk Mitigation and Control

  • Introduction to Risk Mitigation

  • Categorizing Data

  • Incorporating Stakeholder Input

  • Aggregate CIA Scores

  • Selecting and Implementing Controls

  • Security Control Frameworks

  • Options for Frameworks

  • Extreme Scenario Planning

  • System-Specific Risk Analysis

  • Qualitative Risk Analysis

  • Quantitative Risk Analysis

  • Risk Impact

  • Likelihood of Threat

  • Return on Investment

  • Understanding Payback

  • Total Cost of Ownership

  • TCO Guidelines

  • Translate to Business Terms

  • Risk Management Strategies

  • Risk Management Processes

  • Information and Asset Value and Costs

  • Vulnerabilities and Threat Identification

  • Additional Factors

  • Topic D: Business Continuity Planning

  • Continuity Planning

  • BCP Components

  • BCP Steps

  • Additional Plans

  • Conducting Business Impact Analysis

Learning Objective: Learn about the different network and security components and their architecture. 


  • About Physical and Virtual Network Security Devices

  • Unified Threat Management

  • Analyzing UTM

  • Intrusion Detection and Prevention

  • In-Line Network Encryptor

  • Network Access Control

  • SIEM

  • Firewalls

  • Firewall Architecture

  • Wireless Controller

  • Routers and Switches

  • Proxy Servers

  • About Application and Protocol Level Security

  • Web Application Firewalls

  • Hardware Security Modules

  • Vulnerability Scanners

  • Topic C: Advanced Network Design

  • Virtual Private Networks

  • VPN Protocols

  • IP Security (IPSec)

  • IPSec Modes

  • Demo - Examining IPSec Policies

  • Secure Sockets Layer (SSL)

  • Transport Layer Security (TLS

  • Additional Security Protocols

  • Authentication Protocols

  • Topic D: Network Solutions for Data Flow

  • Data Loss Prevention

  • Data Flow Enforcement

  • Network Flow

  • Topic E: Secure Baselines of Networking and Security Components

  • Securing Device Configurations

  • Access Control Lists (ACLs)

  • ACL Rule Sets

  • Change Monitoring

  • Configuration Lockdown

  • Availability Controls

  • Disk Availability

  • Key Availability Terms

  • Topic F: Advanced Configuration of Network Devices

  • Additional Configurations

  • Transport Security

  • Trunking Security

  • Port Security

  • Ports and Sockets

  • Security Zones

  • Network Segmentation

  • Network Access Control

  • NAC Concepts

  • Network Enabled Devices

  • Automation Systems

  • Physical Security

  • Chapter 02 Review

Learning Objectives: How to implement advanced authentication features to your data storage activities. 


  • Understanding Authentication and Authorization Concepts

  • Authentication

  • The Importance of Identity

  • Additional Password Options

  • Demo - Enforcing Strong Passwords

  • Biometric Authentication

  • Biometric Considerations

  • Beyond Single Factor

  • Certificate Authentication

  • Authorization

  • Open Authorization


  • SPML

  • Authorization Concepts

  • Trust Models

  • Topic B: Cryptographic Techniques

  • Introduction to Cryptography

  • Cryptographic Techniques

  • Key Stretching

  • Hashing

  • Message Digest (MD) Algorithms

  • Secure Hash Algorithm (SHA)

  • Digital Signatures

  • Message Authentication

  • Code Signing

  • Additional Concepts

  • Protecting Data in Transit

  • Protecting Data in Memory

  • Protecting Data at Rest

  • Symmetric Algorithms

  • Asymmetric Algorithms

  • Encryption Methods

  • Topic C: Cryptographic Implementations

  • Crypto Options

  • Additional Crypto Options

  • Cryptographic Applications

  • Crypto Considerations

  • Stream vs. Block Ciphers

  • Block Cipher Modes

  • Public Key Infrastructure

  • Primary PKI Functions

  • Additional PKI Concepts

  • Chapter 03 Review

Learning Objectives: This section covers security-related aspects for systems, applications, and data storage. 


  • Security for Host Devices

  • Trusted OS

  • Trusted OS Options

  • Security Software

  • Additional Host-Based Software Options

  • Demo - Configuring a Host-Based Firewall

  • Auditing

  • Demo - Configuring Audit Policies

  • Endpoint Detection Response

  • Host Hardening

  • Group Policy

  • Demo - Configuring Group Policy Security

  • Command Shell Restrictions

  • Out-of-Band Management

  • Dedicated Interfaces

  • External I/O Restrictions

  • Wireless Technologies

  • Wi-Fi Components

  • 802.11 Standards

  • Wireless Security

  • Securing Other Host Devices

  • Boot Security

  • Additional Boot Security Options

  • Topic B: Mobile Device Security

  • Enterprise Mobility Management

  • MDM Concepts

  • Management Options

  • Context-Aware Management

  • Security and Privacy

  • Physical Security Options

  • Additional Mobile Device Concepts

  • Authentication Options

  • Mobile Devices

  • Wearable Security Implications

  • Topic C: Software Security Controls

  • Application Security Design Considerations

  • Application Issues

  • Data Remnants

  • Securing Applications

  • Using JSON and REST

  • Browser Extensions

  • Application Vulnerabilities

  • Chapter 04 Review

Learning Objective: To study how to implement data security features for cloud and other virtual technologies. 


  • Cloud and Virtualization Technology

  • Cloud Computing and Virtualization

  • Cloud Options

  • Security Considerations

  • Cloud Service Models

  • Demo - Examining Cloud Service Models

  • Security and Virtualization

  • Cloud-Augmented Security Services

  • Security as a Service

  • Virtualization Vulnerabilities

  • Topic B: Securing Remote Access and Collaboration

  • Remote Access

  • Dial-Up Access

  • Virtual Private Networks

  • Remote Access Purposes

  • Security Considerations

  • Unified Collaboration Tools

  • Web Conferencing

  • Video Conferencing

  • Storage and Document Collaboration

  • Unified Communication

  • Instant Messaging

  • Presence

  • E-Mail

  • Employing Security Assessments and Incident Responses

  • Topic A: Security Assessments

  • Importance of Security Assessments

  • Malware Sandboxing

  • Memory Dumping

  • Runtime Debugging

  • Reconnaissance

  • Fingerprinting

  • Code Review

  • Social Engineering

  • Public Information

  • Demo - Accessing Public Information

  • Penetration Test

  • Vulnerability Assessment

  • Assessment Styles

  • Topic B: Security Assessment Tools

  • Network Tool Types

  • Security Content Automation Protocol (SCAP)

  • Common Vulnerability Scoring System (CVSS)

  • Fuzzing

  • Exploit Kits

  • Host Tools

  • Additional Host Tools

  • Physical Security Tools

  • Topic C: Incident Response and Recovery

  • E-discovery

  • Data Breach

Course Description

The CASP certification course is highly crucial for professionals who wish to take the next step into their level of experience. The CASP training course provides job opportunities in securing complex enterprise environments. It will expand your knowledge about information security and help you apply more advanced principles that will keep your organization safe and sound. The CASP certification course is designed for IT professionals who wish to acquire technical knowledge and skills required to conceptualize, engineer, integrate, and implement secure data storage solutions across complex organizational environments.

The CASP+ course teaches participants about the general principles of installing, configuring, and deploying secure connections to safeguard data at all times. Moreover, after completing the CASP training course, participants can participate in organizational incident response and risk mitigation. They will be able to identify cyber threats and prepare countermeasures to defend the data. 

CASP+ provides professionals with hands-on experience and performance-based certification for practitioners who wish to achieve advanced levels of skill set in cybersecurity. This CASP certification course is perfect for cybersecurity managers since it helps them identify cybersecurity policies and frameworks that haven’t been implemented in an organizational structure. 

CertOcean’s CompTIA advanced security practitioner course with CASP certification will cover the following CASP training course objectives. 

  • Security Risks and Influence on the Enterprise Business 

  • Strategies to Mitigate Risks

  • Privacy Policies and Procedures drove by Risk Factor

  • Response and Recovery Procedures during Incidents 

  • Industrial Trends and Enterprise Security

  • Toolings and Methodologies in Risk Analysis 

  • Cryptographic Toolings and Techniques 

  • Enterprise Storage Solutions 

  • Network Security Components and Architectures 

  • Security Hosts and Protocols 

  • Vulnerability Testing in Applications 

  • Authentication and Authorization Technologies 

  • Security Controls in Technology Life Cycle 

  • Secure Communication and Collaboration 

  • Business Unit Collaboration 

There are no prerequisites, required for the CASP certification course, however, the CASP training follows CompTIA Security+ or equivalent experience and has a technical, hands-on focus at the enterprise level.

We recommend that students have a minimum of ten years of experience in IT administration, including at least five years of hands-on technical security experience.


Frequently Asked Questions (FAQs):

Ten Years of IT Administration along with 5 Years of Experience in Technical Security is highly recommended before taking up this course.
With this course, you will gain the necessary IT Certification that will certify your advanced-level competency in mitigating enterprise risk and bolstering their security architecture, integration, and operations with advanced Cybersecurity Policies.
Security Engineers and Architect, Application Security Engineers and Technical Analysts (Lead) can take up this CASP certification course to improve their understanding and get a valuable IT Certification.

Course Rating