CompTIA

CASP+ CompTIA Advanced Security Practitioner (CAS-004)

Take our hands-on exam prep course for CASP+ CompTIA Advanced Security Practitioner (CAS-004) certification to improve your cyber readiness within the organization.

(CAS-004.AE1) / ISBN : 978-1-64459-392-9
Lessons
Lab
TestPrep
AI Tutor (Add-on)
Instructor-Led (Add-on)
280 Reviews
Get A Free Trial

About This Course

To pass the CompTIA CASP+ (CAS-004) exam, this interactive course perfectly aligned with the exam outline. It teaches you about security architectures, operations, cryptography, cybersecurity resilience metrics & compliance, and social engineering. You’ll also gain practical insights from hands-on labs based on real-world applications, improving your technical and decision-making skills.

Skills You’ll Get

  • Identify, assess, and mitigate security risks.
  • Implement security operations best practices including threat management and incident response.
  • Apply cryptographic solutions using encryption, decryption, and PKI.
  • Navigate compliance requirements and understand vendor security risks.
  • Design secure network architectures that integrate applications and data securely.
  • Understand the security implications of emerging technologies like cloud, virtualization, and mobile devices.

Get the support you need. Enroll in our Instructor-Led Course.

Download Course Outline

1

Introduction

  • Before You Begin the CompTIA CASP+ Certification Exam
  • Who Should Read This Course
  • What You Will Learn
  • How This Course Is Organized
  • How to Use This Course
  • Tips for Taking the CASP+ Exam
  • CompTIA CASP+ Study Guide Exam Objectives
  • The CASP+ Exam Objective Map
2

Risk Management

  • Risk Terminology
  • The Risk Assessment Process
  • Policies Used to Manage Employees
  • Cost-Benefit Analysis
  • Continuous Monitoring
  • Enterprise Security Architecture Frameworks and Governance
  • Training and Awareness for Users
  • Best Practices for Risk Assessments
  • Business Continuity Planning and Disaster Recovery
  • Reviewing the Effectiveness of Existing Security Controls
  • Conducting Lessons Learned and After-Action Reviews
  • Creation, Collection, and Analysis of Metrics
  • Analyzing Security Solutions to Ensure They Meet Business Needs
  • Testing Plans
  • Internal and External Audits
  • Using Judgment to Solve Difficult Problems
  • Summary
  • Exam Essentials
3

Configure and Implement Endpoint Security Controls

  • Hardening Techniques
  • Trusted Operating Systems
  • Compensating Controls
  • Summary
  • Exam Essentials
4

Security Operations Scenarios

  • Threat Management
  • Actor Types
  • Intelligence Collection Methods
  • Frameworks
  • Indicators of Compromise
  • Response
  • Summary
  • Exam Essentials
5

Security Ops: Vulnerability Assessments and Operational Risk

  • Terminology
  • Vulnerability Management
  • Vulnerabilities
  • Inherently Vulnerable System/Application
  • Proactive Detection
  • Summary
  • Exam Essentials
6

Compliance and Vendor Risk

  • Shared Responsibility in Cloud Computing
  • Security Concerns of Integrating Diverse Industries
  • Regulations, Accreditations, and Standards
  • Contract and Agreement Types
  • Third-Party Attestation of Compliance
  • Legal Considerations
  • Summary
  • Exam Essentials
7

Cryptography and PKI

  • The History of Cryptography
  • Cryptographic Goals and Requirements
  • Supporting Security Requirements
  • Risks with Data
  • Hashing
  • Symmetric Algorithms
  • Asymmetric Encryption
  • Public Key Infrastructure Hierarchy
  • Digital Certificates
  • Implementation of Cryptographic Solutions
  • Recognizing Cryptographic Attacks
  • Troubleshooting Cryptographic Implementations
  • Summary
  • Exam Essentials
8

Incident Response and Forensics

  • The Incident Response Framework
  • Forensic Concepts
  • Forensic Analysis Tools
  • Summary
  • Exam Essentials
9

Security Architecture

  • Security Requirements and Objectives for a Secure Network Architecture
  • Organizational Requirements for Infrastructure Security Design
  • Integrating Applications Securely into an Enterprise Architecture
  • Data Security Techniques for Securing Enterprise Architecture
  • Security Requirements and Objectives for Authentication and Authorization Controls
  • Summary
  • Exam Essentials
10

Secure Cloud and Virtualization

  • Implement Secure Cloud and Virtualization Solutions
  • How Cloud Technology Adoption Impacts Organization Security
  • Summary
  • Exam Essentials
11

Mobility and Emerging Technologies

  • Emerging Technologies and Their Impact on Enterprise Security and Privacy
  • Secure Enterprise Mobility Configurations
  • Security Considerations for Technologies, Protocols, and Sectors
  • Summary
  • Exam Essentials

1

Configure and Implement Endpoint Security Controls

  • Running a Security Scanner to Identify Vulnerabilities
  • Bypassing Command Shell Restrictions
2

Security Operations Scenarios

  • Using the Social Engineering Toolkit
  • Using WinDump
  • Configuring a Standard ACL
3

Security Ops: Vulnerability Assessments and Operational Risk

  • Using Burpsuite
  • Simulating a DoS Attack
  • Tracking Vulnerabilities in Software
  • Performing Passive Reconnaissance
  • Cracking Passwords using Pwdump7 and Cain and Abel
  • Conducting Vulnerability Scanning Using Nessus
  • Performing Nmap Port Scanning
  • Cracking a Password Using the John the Ripper Tool
  • Using PuTTY
  • Exploiting a Website using SQL Injection
  • Conducting Cross-Site Request Forgery Attacks
  • Attacking a Website using XSS Injection
4

Cryptography and PKI

  • Observing an MD5-Generated Hash Value
  • Using the SHA Series Algorithm
5

Incident Response and Forensics

  • Using Steganography
  • Observing an SHA256-Generated Hash Value
  • Using TCPdump
  • Using Netstat
  • Using ExifTool
6

Security Architecture

  • Configuring Iptables
  • Testing an Antivirus Program
  • Creating a Firewall Rule
  • Attempting a Zone Transfer
  • Installing and Configuring AD DS
7

Secure Cloud and Virtualization

  • Installing a Virtual Machine
  • Capturing Packets using Wireshark

Why Do Learners Love This Course?

Any questions?
Check out the FAQs

Still have unanswered questions and need to get in touch?

Contact Us Now

CompTIA CASP+ is an advanced-level cybersecurity certification that validates a professional's ability to design, implement, and manage security solutions across complex hybrid and on-premises environments.

The CASP+ exam is known for being challenging. It requires a strong understanding of various security concepts and the ability to apply them in real-world scenarios.

As of 2024, the average annual salary of a CompTIA Advanced Security Practitioner in the United States is $130,295.  It will be approximately $62.64/hour, $2,505/week, or $10,857/month. 

A CASP+ certification is valid for three years.

Related Courses

All Courses