Scroll to top button

CASP-Advanced Security Practitioner V2.0 (Course & Lab)

ISBN : 9781616915421

Gain hands-on expertise in the CompTIA CASP certification exam with CASP Advanced Security Practitioner V2.0 course and performance-based labs. Performance-based labs simulate real-world, hardware, software & command line interface environments and can be mapped to any text-book, course & training. The study guide provides complete coverage of the CompTIA CASP CAS-002 exam objectives and includes topics such as risk impact analysis, responding to security incidents, translating business needs into security requirements, and many more. The CompTIA CASP course is designed for advanced-level IT security professionals to conceptualize, design, and engineer secure solutions across complex enterprise environments.

The CompTIA CASP certification is a globally-recognized widely-trusted vendor-neutral credential. This certification validates your expertise in the field of enterprise security; risk management and incident response; technical integration of enterprise components; integration of computing; communications and business disciplines. This certification exam can take you the to dignified group of professionals that will enhance your career prospects.

Glossary of terms
Pre Assessment Questions
Full Length Tests
Post Assessment Questions
Performance lab
Video tutorials
Exam related FAQs
What are the prerequisites for this exam?
  • Minimum ten years of experience in IT administration
  • Minimum five years of hands-on technical security experience
What is the exam registration fee? USD 439
Where do I take the exam? Pearson VUE
What is the format of the exam? Multiple choice and performance-based questions
How many questions are asked in the exam? The exam contains 90 questions.
What is the duration of the exam? 165 minutes
What is the passing score? Pass/Fail only. No scaled score is provided.
What is the exam's retake policy?

CAS-002 examination, CompTIA's retake policies are:

  1. If a Candidate has passed an exam (or multiple exams) and achieved a certification, he/she cannot take the exam again, using the same exam code, without prior consent from CompTIA.
  2. CompTIA beta examinations may only be taken one time by each candidate.
  3. A test found to be in violation of the retake policy will be invalidated and the candidate may be subject to a suspension period. Repeat violators will be permanently banned from participation in the CompTIA Certification Program.
  4. Candidates must pay the exam price each time they attempt the exam. CompTIA does not offer any free re-tests or discounts on retakes.
What is the validity of the certification? CompTIA CASP certification are valid for three years from the date the candidate is certified, after which the certification holder will need to renew their certification via CompTIA's Continuing Education Program.
Where can I find more information about this exam? To know more about the CAS-002-complete, click here.
Which certification covers this exam?
What are the career opportunities after passing this exam?
  • IT Specialist
  • Security Architect
  • IT Specialist, Cybersecurity
  • Information Security Analyst
  • Cyber Security / IS Professional
  • The History of Cryptography
  • Cryptographic Services
  • Symmetric Encryption
  • Asymmetric Encryption
  • Hybrid Encryption
  • Hashing
  • Digital Signatures
  • Public Key Infrastructure
  • Implementation of Cryptographic Solutions
  • Cryptographic Attacks
  • Summary
  • Exam Essentials
  • Advanced Network Design
  • TCP/IP
  • Secure Communication Solutions
  • Secure Facility Solutions and Network Infrastructure Design
  • Summary
  • Exam Essentials
  • Enterprise Security
  • Cloud Computing
  • Virtualization
  • Virtual LANs
  • Virtual Networking and Security Components
  • Enterprise Storage
  • Summary
  • Exam Essentials
  • Firewalls and Network Access Control Lists
  • Trusted Operating System
  • Endpoint Security Software
  • Anti-malware
  • Host Hardening
  • Asset Management
  • Data Exfiltration
  • Intrusion Detection and Prevention
  • Network Management, Monitoring, and Security Tools
  • Summary
  • Exam Essentials
  • Application Security Testing
  • Specific Application Issues
  • Application Sandboxing and Application Security Framework
  • Secure Coding Standards
  • Application Exploits
  • Cookie Storage and Transmission
  • Malware Sandboxing
  • Process Handling at the Client and Server
  • Security Assessments and Penetration Testing
  • Summary
  • Exam Essentials
  • Risk Terminology
  • Identifying Vulnerabilities
  • Operational Risks
  • The Risk Assessment Process
  • Summary
  • Exam Essentials
  • A High-Level View of Documentation
  • Business Documents Used to Support Security
  • Documents and Controls Used for Sensitive Information
  • Auditing Requirements and Frequency
  • The Incident Response Framework
  • Incident and Emergency Response
  • Summary
  • Exam Essentials
  • Apply Research Methods to Determine Industry Trends and Impact to the Enterprise
  • Analyze Scenarios to Secure the Enterprise
  • Summary
  • Exam Essentials
  • Integrate Enterprise Disciplines to Achieve Secure Solutions
  • Integrate Hosts, Storage, Networks, and Applications into a Secure Enterprise Architecture
  • Summary
  • Exam Essentials
  • Selecting the Appropriate Control to Secure Communications and Collaboration Solutions
  • Integrate Advanced Authentication and Authorization Technologies to Support Enterprise Objectives
  • Implement Security Activities across the Technology Life Cycle
  • Summary
  • Exam Essentials

Hands on Activities (Labs)

  • Understanding cryptographic terms
  • Identifying symmetric algorithms
  • Identifying symmetric and asymmetric encryptions
  • Identifying asymmetric encryption algorithms
  • Identifying sequence of sender's process for hybrid encryption
  • Identifying hashing algorithms
  • Identifying sequence of sender's process for digital signatures
  • Identifying attributes of symmetric and asymmetric encryption
  • Identifying public key infrastructure components
  • Launching Windows certificates manager
  • Identifying encryption types
  • Identifying the handshake process for CHAP
  • Understanding steganography
  • Creating a user password
  • Identifying cryptographic attacks
  • Creating and configuring a network
  • Identifying network authentication methods
  • Identifying 802.11 standards
  • Identifying the network topology
  • Identifying remote access methods
  • Configuring NPS network policy
  • Configuring NPS to provide RADIUS authentication
  • Creating a remote access VPN connection
  • Arranging the VoIP protocols in the protocol stack
  • Performing a wireless site survey
  • Using Windows remote access
  • Configuring a VPN client
  • Spoofing MAC addresses with SMAC
  • Identifying TCP/IP protocol layers
  • Identifying TCP/IP layers
  • Identifying IPV4 and IPV6 differences
  • Configuring IPv4 address
  • Configuring and testing IPv6 addresses
  • Understanding the ipconfig command
  • Analyzing the TCP/IP configuration with netstat
  • Identifying IPv4 classful address ranges
  • Identifying IPv4 header
  • Identifying IPv6 header
  • Identifying protocols security issues
  • Analyzing network paths with tracert
  • Using the netsh command
  • Releasing and renewing an IP address
  • Testing the existence of other hosts
  • Identifying drawbacks of Kerberos authentication
  • Filtering entries in Event Viewer
  • Configuring Internet settings on a router
  • Setting up a DMZ on a SOHO router
  • Understanding software-defined networking
  • Identifying cloud services model
  • Identifying cloud-augmented security services
  • Identifying virtual network components
  • Creating a virtual PC machine
  • Setting VLAN ID on a network adapter
  • Working with a host-based IDS
  • Identifying traffic command syntax formats
  • Identifying Information models
  • Identifying evaluation assurance levels
  • Identifying endpoint security solutions
  • Installing security software
  • Installing MBSA
  • Running the MBSA tool
  • Running a security scanner to identify vulnerabilities
  • Using the Windows command-line interface (CLI)
  • Identifying the change management process
  • Identifying data exfiltration methods
  • Identifying IDS components
  • Identifying Intrusion detection key terms
  • Identifying sequence in which the IDS instructs the TCP to reset connections
  • Identifying application test types
  • Understanding cross-site scripting
  • Understanding application sandboxing
  • Understanding SDLC activities
  • Identifying secure coding tests
  • Viewing cookies and temporary files in IE
  • Identifying DoS tools
  • Identifying password cracking ways
  • Identifying penetration testing steps
  • Identifying port scanning techniques
  • Identifying fuzzing tools
  • Identifying tracking vulnerabilities in software
  • Identifying information security laws
  • Identifying quantitative analysis
  • Identifying information security policy components
  • Identifying employee controls
  • Understanding incident response plan
  • Identifying incident responses models
  • Identifying XSS vulnerabilities
  • Identifying biometric systems
  • Cracking encrypted passwords
  • Exploring the Nagios tool
  • Identifying security solution performances
  • Identifying stages of building security controls
  • Identifying security governance plan
  • Identifying employee controls uses
  • Identifying risk tests
  • Using TeamViewer to connect two computers
  • Understanding SOAP
  • Identifying TCSEC divisions levels