This course prepares a student to take the CompTIA Advanced Security Practitioner (CASP) CAS-004 national certification exam.

On course completion, you will be able to achieve the following:

• Perform risk management activities.
• Summarize governance and compliance strategies.
• Implement business continuity and disaster recovery.
• Identify infrastructure services.
• Perform software integration.
• Explain virtualization, cloud, and emerging technology.
• Explore secure configurations and system hardening.
• Understand security considerations of cloud and specialized platforms.
• Implement cryptography and public key infrastructure.
• Understand threat and vulnerability management activities.
• Develop incident response capabilities.

Course Outline:

Lesson 1: Performing Risk Management Activities

Risk is all around us. Sometimes risk is obvious and easy to identify, but many times it is less obvious and demands careful analysis to properly identify. As organizations grow and adapt to changing needs and strategic objectives, these adaptations present new and evolving risk challenges. It is imperative to understand how to identify and measure risk in order to formulate prioritized approaches for managing it. In this lesson, we will frame risk from the viewpoint of an advanced security practitioner and explore various mechanisms designed to assist us in the identification and evaluation of risk and the essential components of a risk management strategy.

Lesson 2: Summarizing Governance & Compliance Strategies

It is essential that risks are formally identified and documented so that they can be properly analyzed and prioritized by leadership teams. There are many risks to consider but only a finite set of resources available to address them. Through the clear identification, analysis, and prioritization of risk, the most pressing risk items can be addressed and, by focusing the work effort on the most pressing items, the organization’s overall risk level can be more effectively reduced.

Risk management describes the set of policies and processes used by an organization to help it locate, describe, prioritize, and mitigate risks in a consistent and repeatable way. Put another way, risk management formalizes the identification and control of risks. Formalizing the risk management process ensures that all stakeholders are aware of existing risks, the potential impacts these risks may impose, and also the agreed upon methods used to mitigate them.

Lesson 3: Implementing Business Continuity & Disaster Recovery

Business Continuity and Disaster Recovery (BCDR) plans are critically important to establish but also complicated and time-consuming to test and maintain. Senior leadership participation and oversight into the ongoing upkeep of these important plans is essential. In this lesson, we will describe the important components of BCDR planning and testing.

Lesson 4: Identifying Infrastructure Services

Information technology infrastructure is rapidly evolving, and the boundaries between software and hardware are becoming increasingly difficult to identify. In this lesson, we will explore both traditional infrastructure and the software and cloud-based counterparts that are rapidly replacing them.

Lesson 5: Performing Software Integration

Oftentimes, the term software evokes the image of a simple, single-purpose app. The reality is that software reflects simple apps such as these but also database management systems, hypervisors, operating systems, enterprise application suites, security orchestration tools, firmware, web servers, software-defined networks, and a wide range of other architecture. Software is at the very core of the information technology used everyday across the globe. It is easy to identify that modern architectures are highly integrated, simply remove the network interface from a computing device and it becomes practically useless!

Therefore, it becomes immensely important to develop methods that validate the security of software not only regarding how it is developed, but also how it operates. In addition, software must safely integrate with other applications and platforms. To validate this, it is essential to understand the methods used to authenticate software integrations andsoftware users as well as the necessary protections for the data being processed by software at any given point in time.

Lesson 6: Explain Virtualization, Cloud, and Emerging Technology

Virtualization and cloud platforms have been in use for many years and continue to grow and adapt with time. As cloud platforms increase in features, capacity, and power, the pace of scientific discoveries and technological breakthroughs increases as well.

Emerging technologies are at a pivotal stage of development. Computing power and software tools have matured to a point where virtual reality and true reality are practically indistinguishable. These advances produce some fun and exciting products, such as immersive video games and personal assistive technology e.g., Siri, Alexa, and the Google Assistant. In the other extreme, adversaries use the same tools to spread misinformation, uncover previously unknown technological weaknesses, and break encryption. A technological arms race is underway as advanced industrial nations pump billions of dollars into research to develop a fully operational quantum computer, which will undoubtedly usherin a new era of technological advancements.

Lesson 7: Exploring Secure Configurations and System Hardening

This lesson will explore ways to harden individual devices and equipment in order to protect them from common threats. A great deal of device hardening efforts are focused on securing the operating system. It is important to understand these techniques but also to understand the software and tools available to centrally manage secure configurations and support the ongoing need to identify, protect, detect, respond, and recover from threats targeting device hardware and software.

Lesson 8: Understanding Security Considerations of Cloud and Specialized Platforms

This lesson explores some of the unique considerations inherent to securing specialized platforms. The two specialized platforms covered in this lesson include cloud and industrial computers. Cloud platforms and industrial computers each have configuration and management risks that set them apart from traditional computing. Sometimes cloud platforms are integrated with industrial computers, increasing complexity and cybersecurity risk if important configuration and management tactics for both of these platforms is not fully understood.

Lesson 9: Implementing Cryptography

Understanding cryptography is more important than ever as its use expands and techniques to exploit it evolve. Understanding cryptography from the viewpoint of the practitioner is as much about knowing what to avoid as it is about how algorithms operate. This lesson will review some of the essential fundamental concepts of cryptography while also identifying some practical examples of its use.

Lesson 10: Implementing Public Key Infrastructure (PKI)

Public Key Infrastructure describes a collection of infrastructure, software, and services designed to help manage the storage, protection, issuance, and use of digital certificates. The range of uses and applications is wide and the elements involved in its configuration and use are quite detailed. This lesson will explore the role of PKI at a high level initially and then delve into more details regarding the critical components of the infrastructure and practical applications of digital certificates. Additionally, the lesson will explore some of the potential problems associated with PKI and digital certificates.

Lesson 11: Understanding Threat and Vulnerability Management Activities

Building defensible architectures requires a comprehensive understanding of the threats the architecture faces and the vulnerabilities contained within it. Fortunately, there has been much work done to help in this endeavor, and this lesson seeks to explore the technologies, strategies, and frameworks available to help assess and design cyber defenses.

Although many organizations face the same broadattacks, some organizations face attacks from very specific groups. Compounding this, the nature of work performed by an organization deeply influences the types of threat groups they face. Analyzing threat groups helps to identify the types of attacks common to each and the types of vulnerabilities most likely to be exploited. This in turn provides information that frames the assessment of vulnerabilities to help define a prioritized approach to vulnerability remediation and the required elements of defensive cyber operations. In short, defensive operations look different from one organization to another based on the nature of their work and the skills and motivation of the groups looking to attack them.

All necessary course materials are included.

Certification(s):

This course prepares a student to take the CompTIA Advanced Security Practitioner (CASP) CAS-004 national certification exam.