CompTIA® Advanced Security Practitioner (CASP) (Exam CAS-001)

Course length: 5 days

Course Description

Course Objective: You will examine advanced security concepts, principles, and implementations that pertain to enterprise-level security. Target Student: This course is targeted toward an IT professional that has the technical knowledge and skills required to conceptualize, design, and engineer secure solutions across complex enterprise environments. Students aspiring to CASP certification should have a minimum of 10 years experience including at least five years of hands-on technical security experience. Prerequisites: While there are no strict prerequisites, CompTIA intends the CASP certification to serve as an add-on to the CompTIA® Security+® certification, or equivalent technical experience.

Recommended courses (or the equivalent certifications):

  • CompTIA® Security+® is strongly recommended.
  • CompTIA® A+® Certification: A Comprehensive Approach for All 2009 Exam Objectives (Windows 7) and CompTIA® Network+® will also be helpful.

Course Objectives

Upon successful completion of this course, students will be able to:

  • identify enterprise security fundamentals.
  • apply enterprise security technology solutions.
  • identify enterprise resource technologies and the potential security implications for these resources.
  • design security solutions.
  • identify application security design issues such as best practices for development and testing as well as threat mitigation techniques.
  • manage risk, security policies, and security procedures within an enterprise.
  • integrate security solutions within an enterprise.
  • conduct security research and analysis.

Course Content

Lesson 1: The Enterprise Security Architecture

Topic 1A: The Basics of Enterprise Security

Topic 1B: The Enterprise Structure

Topic 1C: Enterprise Security Requirements


Lesson 2: Enterprise Security Technology

Topic 2A: Common Network Security Components and Technologies

Topic 2B: Communications and Collaboration Security

Topic 2C: Cryptographic Tools and Techniques

Topic 2D: Advanced Authentication


Lesson 3: Enterprise Resource Technology

Topic 3A: Enterprise Storage Security Issues

Topic 3B: Distributed, Shared, and Virtualized Computing

Topic 3C: Cloud Computing and Security


Lesson 4: Security Design and Solutions

Topic 4A: Network Security Design

Topic 4B: Conduct a Security Assessment

Topic 4C: Host Security


Lesson 5: Application Security Design

Topic 5A: Application Security Basics

Topic 5B: Web Application Security


Lesson 6: Managing Risk, Security Policies, and Security Procedures

Topic 6A: Analyze Security Risk

Topic 6B: Implement Risk Mitigation Strategies and Controls

Topic 6C: Implement Enterprise-Level Security Policies and Procedures

Topic 6D: Prepare for Incident Response and Recovery


Lesson 7: Enterprise Security Integration

Topic 7A: The Technology Life Cycle

Topic 7B: Inter-Organizational Change

Topic 7C: Integrate Enterprise Disciplines to Achieve Secure Solutions


Lesson 8: Security Research and Analysis

Topic 8A: Perform an Industry Trends and Impact Analysis

Topic 8B: Perform an Enterprise Security Analysis


Appendix A: Mapping Course Content to the CompTIA® Advanced Security Practitioner (Exam CAS-001) Objectives

Appendix B: CompTIA Acronyms

Appendix C: Disaster Recovery and Business Continuity

Appendix D: Managing Risk in Projects

Appendix E: Legal lssues

Appendix F: Judgment and Decision-Making