Course Description
In this course, which prepares you for the CompTIA Advanced Security Practitioner exam (CAS-003),you will expand on your knowledge of information security to apply more advanced principles that will keep your organization safe from the many ways it can be
COURSE OBJECTIVES:In this course, you will analyze and apply advanced security concepts, principles, and implementations that contribute to enterprise-level security.
You will:
- Support IT governance in the enterprise with an emphasis on managing risk.
- Leverage collaboration tools and technology to support enterprise security.
- Use research and analysis to secure the enterprise.
- Integrate advanced authentication and authorization techniques.
- Implement cryptographic techniques, security controls for hosts and mobile devices, network security, and security in the systems and software development lifecycle.
- Integrate hosts, storage, networks, applications, virtual environments, and cloud technologies in a secure enterprise architecture.
- Conduct security assessments; responding to and recovering from security incidents.
Agenda
Supporting IT Governance and Risk Management
- Identify the Importance of IT Governance and Risk Management
- Assess Risk
- Mitigate Risk
- Integrate Documentation into Risk Management
Leveraging Collaboration to Support Security
- Facilitate Collaboration Across Business Units
- Secure Communications and Collaboration Solutions
Using Research and Analysis to Secure the Enterprise
- Determine Industry Trends and Their Effects on the Enterprise
- Analyze Scenarios to Secure the Enterprise
Integrating Advanced Authentication and Authorization Techniques
- Implement Authentication and Authorization Technologies
- Implement Advanced Identity and Access Management
Implementing Cryptographic Techniques
- Select Cryptographic Techniques
- Implement Cryptography
Implementing Security Controls for Hosts
- Select Host Hardware and Software
- Harden Hosts
- Virtualize Servers and Desktops
- Protect Boot Loaders
Implementing Security Controls for Mobile Devices
- Implement Mobile Device Management
- Address Security and Privacy Concerns for Mobile Devices
Implementing Network Security
- Plan Deployment of Network Security Components and Devices
- Plan Deployment of Network-Enabled Devices
- Implement Advanced Network Design
- Implement Network Security Controls
Implementing Security in the Systems and Software Development Lifecycle
- Implement Security Throughout the Technology Lifecycle
- Identify General Application Vulnerabilities
- Identify Web Application Vulnerabilities
- Implement Application Security Controls
Integrating Assets in a Secure Enterprise Architecture
- Integrate Standards and Best Practices in Enterprise Security
- Select Technical Deployment Models
- Integrate Cloud-Augmented Security Services
- Secure the Design of the Enterprise Infrastructure
- Integrate Data Security in the Enterprise Architecture
- Integrate Enterprise Applications in a Secure Architecture
Conducting Security Assessments
- Select Security Assessment Methods
- Perform Security Assessments with Appropriate Tools
Responding to and Recovering from Incidents
- Prepare for Incident Response and Forensic Investigations
- Conduct Incident Response and Forensic Analysis
Audience
This course is designed for IT professionals in the cybersecurity industry whose primary job responsibility is to secure complex enterprise environments. The target student should have real-world experience with the technical administration of these enterprise environments. It is recommended for students with at least 10 years of experience in IT management, with at least 5 of those years in hands-on technical security.