CompTIA Advanced Security Practitioner (CAS-002)

Teacher

Chairman

About Course

CompTIA Advanced Security Practitioner (CAS-002) is the course that teaches the students on securing complex enterprise environments. In this course, the students will expand their knowledge of IT security and learn about the more advanced tools and techniques to keep any organization safe and secure.

The CompTIA Advanced Security Practitioner (CAS-002) course will enable the students to meet the growing demands of today’s IT environment. The course helps the students to develop their skills and perform their jobs as an advanced security professional in their organizations. The course is designed for IT security professionals who want to acquire the technical knowledge and skills needed to conceptualize, engineer, integrate, and implement secure solutions across complex enterprise environments.

Course Curriculum

Introduction
StartCourse Introduction (0:21)
Business Influences and Associated Security Risks
StartIntroduction (0:17)
StartRisk Management (1:40)
StartBusiness Model Strategies (2:00)
StartIntegrating Diverse Industries (1:02)
StartThird Party Information Security and Providers (2:23)
StartInternal and External Influences (3:00)
StartImpact of De-Perimeterization (1:22)
Risk Mitigation Planning – Strategies and Controls
StartIntroduction (0:14)
StartCIA Triad (2:29)
StartBusiness Classifications (2:12)
StartInformation Life Cycle and Steak-Holder Input (1:59)
StartImplementing Technical Controls (4:44)
StartDetermine Aggregate CIA Score (1:39)
StartWorst Case Scenario Planning (3:34)
StartCalculation Tools and Attacker Motivation (2:55)
StartReturn Of Investment (3:07)
StartTotal Cost of Ownership and Risk Strategies (2:24)
StartRisk Management Process (1:26)
StartIdentifying Vulnerabilities and Threats (1:41)
StartSecurity Architecture Frameworks (2:36)
StartBusiness Continuity Planning (1:46)
StartIT Governance (1:38)
StartSecurity Policies (2:42)
Security-Privacy Policies and Procedures
StartIntroduction (0:15)
StartSecurity-Privacy Policies and Procedures (0:26)
StartPolicy Development Updates (3:36)
StartDeveloping Processes and Procedures (1:49)
StartLegal Compliance Part1 (4:02)
StartLegal Compliance Part2 (4:16)
StartSecurity Policy Business Documents (5:04)
StartOutage Impact and Estimating Downtime Terms (7:11)
StartSensitive Information-Internal Security Policies (3:53)
StartIncident Response Process (3:45)
StartForensic Tasks (2:34)
StartEmployment and Termination Procedures (2:58)
StartNetwork Auditing (1:55)
Incident Response and Recovery Procedures
StartIntroduction (0:11)
StartE-Discovery and Data Retention Policies (5:30)
StartData Recovery-Storage and Backup Schemes (8:41)
StartData Owner and Data Handling (1:45)
StartDisposal Terms and Concepts (1:18)
StartData Breach and Data Analysis (1:16)
StartIncident Response Guidelines (4:50)
StartIncident and Emergency Response (2:10)
StartMedia-Software and Network Analysis (3:20)
StartOrder of Volatility (1:03)
Industry Trends
StartIntroduction (0:18)
StartPerforming Ongoing Research (1:14)
StartSecurity Practices (2:32)
StartEvolution of Technology (0:54)
StartSituational Awareness and Vulnerability Assessments (3:45)
StartResearching Security Implications (2:16)
StartGlobal Industry Security Response (1:01)
StartThreat Actors (1:49)
StartContract Security Requirements (0:55)
StartContract Documents (1:07)
Securing the Enterprise
StartIntroduction (0:14)
StartBenchmarks and Baselines (2:06)
StartPrototyping and Testing Multiple Solutions (1:34)
StartCost/Benefit Analysis (1:00)
StartMetrics Collection and Trend Data (2:03)
StartSecurity Controls-Reverse Engineering and Deconstructing (1:39)
StartSecurity Solutions Business Needs (1:28)
StartLesson Learned- After Action Report (1:22)
Assessment Tools and Methods
StartIntroduction (0:19)
StartPort Scanners and Vulnerability Scanners (3:15)
StartProtocol Analyzer- Network Enumerator-Password Cracker (2:42)
StartFuzzers and HTTP Interceptors (2:10)
StartExploitation Tools (1:44)
StartPassive Reconnaissance Tools (5:27)
StartVulnerability Assessments and Malware Sandboxing (2:03)
StartMemory Dumping and Penetration Testing (3:49)
StartReconnaissance and Fingerprinting (1:52)
StartCode Review (1:10)
StartSocial Engineering (1:58)
Social Cryptographic Concepts and Techniques
StartIntroduction (0:15)
StartCryptographic Benefits and Techniques (3:02)
StartHashing Algorithms (5:46)
StartMessage Authentication Code (1:11)
StartCryptographic Concepts (4:15)
StartTransport Encryption Protocol (2:08)
StartSymmetric Algorithms (5:21)
StartAsymmetric Algorithms (2:54)
StartHybrid Encryption and Digital Signatures (3:15)
StartPublic Key Infrastructure (5:12)
StartDigital Certificate Classes and Cypher Types (1:27)
StartDes Modes (4:54)
StartCryptographic Attacks (4:55)
StartStrength vs Performance and Cryptographic Implementations (1:55)
Enterprise Storage
StartIntroduction (0:16)
StartVirtual Storage Types and Challenges (2:23)
StartCloud Storage (4:38)
StartData Warehousing (1:54)
StartData Archiving (2:13)
StartStorage Area Networks (SANs) and (VSANs) (2:31)
StartNetwork Attached Storage (NAS) (1:38)
StartStorage Protocols and Fiber Channel over Ethernet (FCoE) (2:55)
StartStorage Network File Systems (1:48)
StartSecure Storage Management Techniques (5:03)
StartLUN Masking/Mapping and HBA Allocation (1:59)
StartReplication and Encryption Methods (2:49)
Network and Security Components-Concepts-Security Architectures
StartIntroduction (0:16)
StartRemote Access Protocols (5:36)
StartIPv6 and Transport Encryption (4:14)
StartNetwork Authentication Methods (4:23)
Start802.1x and Mesh Networks (2:49)
StartSecurity Devices (5:54)
StartNetwork Devices (5:08)
StartFirewalls (3:30)
StartWireless Controllers (1:51)
StartRouter Security and Port Numbers (1:52)
StartNetwork Security Solutions (3:31)
StartAvailability Controls-Terms and Techniques (6:26)
StartAdvanced Router and Switch Configuration (3:27)
StartData Flow Enforcement of Applications and Networks (1:09)
StartNetwork Device Accessibility and Security (6:57)
Security Controls for Hosts
StartIntroduction (0:17)
StartTrusted Operation Systems (1:54)
StartEndpoint Security Software and Data Loss Prevention (4:00)
StartHost Based Firewalls (1:03)
StartLog Monitoring and Host Hardening (2:00)
StartStandard Operating Environment and Group Policy Security (4:00)
StartCommand Shell Restrictions (1:06)
StartConfiguring and Managing Interface Security (3:24)
StartUSB-Bluetooth-Firewire Restrictions and Security (3:16)
StartFull Disk Encryption (1:53)
StartVirtualization Security (2:37)
StartCloud Security Services (3:26)
StartBoot Loader Protections (2:29)
StartVirtual Host Vulnerabilities (1:31)
StartVirtual Desktop Infrastructure (1:40)
StartTerminal Services (0:27)
StartVirtual TPM (1:33)
Application Vulnerabilities and Security Controls
StartIntroduction (0:19)
StartWeb Application Security Design (1:08)
StartSpecific Application Issues (2:36)
StartSession Management (1:21)
StartInput Validation (2:34)
StartWeb Vulnerabilities and Input Mitigation Issues (2:22)
StartBuffer Overflow and other Application Issues (3:25)
StartApplication Security Framework (1:44)
StartWeb Service Security and Secure Coding Standards (1:11)
StartSoftware Development Methods (4:31)
StartMonitoring Mechanisms and Client-Server Side Processing (2:04)
StartBrowser Extensions and Other Web Development Techniques (2:45)
Host-Storage-Network and Application Integration
StartIntroduction (0:13)
StartSecuring Data Flows (1:52)
StartStandards Concepts (1:24)
StartInteroperability Issues (1:39)
StartIn House Commercial and Customized Applications (0:48)
StartCloud and Virtualization Models (3:24)
StartLogical and Physical Deployment Diagrams (1:04)
StartSecure Infrastructure Design (3:19)
StartStorage Integration Security (0:47)
StartEnterprise Application Integration Enablers (3:14)
Authentication and Authorization Technologies
StartIntroduction (0:13)
StartAuthentication and Identity Management (2:02)
StartPassword Types-Management and Policies (3:47)
StartAuthentication Factors (1:10)
StartBiometrics (3:02)
StartDual-Multi Factor and Certificate Authentication (1:40)
StartSingle Sign On Issues (1:05)
StartAccess Control Models and Open Authorization (3:31)
StartExtensible Access Control Markup Language (XACML) (1:38)
StartService Provisioning Markup Language (SPML) (0:52)
StartAttestation and Identity Propagation (1:53)
StartFederation and Security Assertion Markup Language (SAML) (1:37)
StartOpenID-Shibboleth and WAYF (2:09)
StartAdvanced Trust Models (1:29)
Business Unit Collaboration
StartIntroduction (0:12)
StartIdentifying and Communicating Security Requirements (7:45)
StartSecurity Controls Recommendations (0:47)
StartSecure Solutions Collaboration (0:35)
Secure Communication and Collaboration
StartIntroduction (0:15)
StartWeb-Video Conferencing-Instant Messaging (6:09)
StartDesktop Sharing (2:36)
StartPresence Guidelines (1:44)
StartEmail Messaging Protocol (2:32)
StartTelephony-VoIP and Social Media (3:17)
StartCloud Based Collaboration (2:33)
StartRemote Access and IPsec (4:04)
StartMobile and Personal Device Management (2:31)
StartOver Air Technology Concerns (2:23)
StartWLAN Concepts-Terms-Standards (3:56)
StartWLAN Security and Attacks (5:05)
Security Across the Technology Life Cycle
StartIntroduction (0:14)
StartEnd to End Solution Ownership (5:09)
StartSystem Development Life Cycle (5:42)
StartSecurity Implications of Software Development Methodologies (2:20)
StartCourse End (1:19)
StartAsset Management (0:05)