CompTIA

CASP+ CompTIA Advanced Security Practitioner (CAS-004)

Take our hands-on exam prep course for CASP+ CompTIA Advanced Security Practitioner (CAS-004) certification to improve your cyber readiness within the organization.

(CAS-004.AE1) / ISBN : 978-1-64459-392-9
Lessons
Lab
TestPrep
AI Tutor (Add-on)
Instructor-Led (Add-on)
280 Reviews
Get A Free Trial

About This Course

To pass the CompTIA CASP+ (CAS-004) exam, this interactive course perfectly aligned with the exam outline. It teaches you about security architectures, operations, cryptography, cybersecurity resilience metrics & compliance, and social engineering. You’ll also gain practical insights from hands-on labs based on real-world applications, improving your technical and decision-making skills.

Skills You’ll Get

  • Identify, assess, and mitigate security risks.
  • Implement security operations best practices including threat management and incident response.
  • Apply cryptographic solutions using encryption, decryption, and PKI.
  • Navigate compliance requirements and understand vendor security risks.
  • Design secure network architectures that integrate applications and data securely.
  • Understand the security implications of emerging technologies like cloud, virtualization, and mobile devices.

Get the support you need. Enroll in our Instructor-Led Course.

Download Course Outline

1

Introduction

  • Before You Begin the CompTIA CASP+ Certification Exam
  • Who Should Read This Course
  • What You Will Learn
  • How This Course Is Organized
  • How to Use This Course
  • Tips for Taking the CASP+ Exam
  • CompTIA CASP+ Study Guide Exam Objectives
  • The CASP+ Exam Objective Map
2

Risk Management

  • Risk Terminology
  • The Risk Assessment Process
  • Policies Used to Manage Employees
  • Cost-Benefit Analysis
  • Continuous Monitoring
  • Enterprise Security Architecture Frameworks and Governance
  • Training and Awareness for Users
  • Best Practices for Risk Assessments
  • Business Continuity Planning and Disaster Recovery
  • Reviewing the Effectiveness of Existing Security Controls
  • Conducting Lessons Learned and After-Action Reviews
  • Creation, Collection, and Analysis of Metrics
  • Analyzing Security Solutions to Ensure They Meet Business Needs
  • Testing Plans
  • Internal and External Audits
  • Using Judgment to Solve Difficult Problems
  • Summary
  • Exam Essentials
3

Configure and Implement Endpoint Security Controls

  • Hardening Techniques
  • Trusted Operating Systems
  • Compensating Controls
  • Summary
  • Exam Essentials
4

Security Operations Scenarios

  • Threat Management
  • Actor Types
  • Intelligence Collection Methods
  • Frameworks
  • Indicators of Compromise
  • Response
  • Summary
  • Exam Essentials
5

Security Ops: Vulnerability Assessments and Operational Risk

  • Terminology
  • Vulnerability Management
  • Vulnerabilities
  • Inherently Vulnerable System/Application
  • Proactive Detection
  • Summary
  • Exam Essentials
6

Compliance and Vendor Risk

  • Shared Responsibility in Cloud Computing
  • Security Concerns of Integrating Diverse Industries
  • Regulations, Accreditations, and Standards
  • Contract and Agreement Types
  • Third-Party Attestation of Compliance
  • Legal Considerations
  • Summary
  • Exam Essentials
7

Cryptography and PKI

  • The History of Cryptography
  • Cryptographic Goals and Requirements
  • Supporting Security Requirements
  • Risks with Data
  • Hashing
  • Symmetric Algorithms
  • Asymmetric Encryption
  • Public Key Infrastructure Hierarchy
  • Digital Certificates
  • Implementation of Cryptographic Solutions
  • Recognizing Cryptographic Attacks
  • Troubleshooting Cryptographic Implementations
  • Summary
  • Exam Essentials
8

Incident Response and Forensics

  • The Incident Response Framework
  • Forensic Concepts
  • Forensic Analysis Tools
  • Summary
  • Exam Essentials
9

Security Architecture

  • Security Requirements and Objectives for a Secure Network Architecture
  • Organizational Requirements for Infrastructure Security Design
  • Integrating Applications Securely into an Enterprise Architecture
  • Data Security Techniques for Securing Enterprise Architecture
  • Security Requirements and Objectives for Authentication and Authorization Controls
  • Summary
  • Exam Essentials
10

Secure Cloud and Virtualization

  • Implement Secure Cloud and Virtualization Solutions
  • How Cloud Technology Adoption Impacts Organization Security
  • Summary
  • Exam Essentials
11

Mobility and Emerging Technologies

  • Emerging Technologies and Their Impact on Enterprise Security and Privacy
  • Secure Enterprise Mobility Configurations
  • Security Considerations for Technologies, Protocols, and Sectors
  • Summary
  • Exam Essentials

1

Configure and Implement Endpoint Security Controls

  • Running a Security Scanner to Identify Vulnerabilities
  • Bypassing Command Shell Restrictions
2

Security Operations Scenarios

  • Using the Social Engineering Toolkit
  • Using WinDump
  • Configuring a Standard ACL
3

Security Ops: Vulnerability Assessments and Operational Risk

  • Using Burpsuite
  • Simulating a DoS Attack
  • Tracking Vulnerabilities in Software
  • Performing Passive Reconnaissance
  • Cracking Passwords using Pwdump7 and Cain and Abel
  • Conducting Vulnerability Scanning Using Nessus
  • Performing Nmap Port Scanning
  • Cracking a Password Using the John the Ripper Tool
  • Using PuTTY
  • Exploiting a Website using SQL Injection
  • Conducting Cross-Site Request Forgery Attacks
  • Attacking a Website using XSS Injection
4

Cryptography and PKI

  • Observing an MD5-Generated Hash Value
  • Using the SHA Series Algorithm
5

Incident Response and Forensics

  • Using Steganography
  • Observing an SHA256-Generated Hash Value
  • Using TCPdump
  • Using Netstat
  • Using ExifTool
6

Security Architecture

  • Configuring Iptables
  • Testing an Antivirus Program
  • Creating a Firewall Rule
  • Attempting a Zone Transfer
  • Installing and Configuring AD DS
7

Secure Cloud and Virtualization

  • Installing a Virtual Machine
  • Capturing Packets using Wireshark

Any questions?
Check out the FAQs

Still have unanswered questions and need to get in touch?

Contact Us Now

CompTIA CASP+ is an advanced-level cybersecurity certification that validates a professional's ability to design, implement, and manage security solutions across complex hybrid and on-premises environments.

The CASP+ exam is known for being challenging. It requires a strong understanding of various security concepts and the ability to apply them in real-world scenarios.

As of 2024, the average annual salary of a CompTIA Advanced Security Practitioner in the United States is $130,295.  It will be approximately $62.64/hour, $2,505/week, or $10,857/month. 

A CASP+ certification is valid for three years.

Meets the CompTIA CASP+ Objectives and Earn The Certification

Increase your cybersecurity readiness to defend your organization against the next attack.

$279.99

Buy Now

Related Courses

All Course