Skip Ribbon Commands
Skip to main content

CASP - CompTIA Advanced Security Practitioner (CASP)


Duration: 5 Days




Delivery Method:

Software Assurance Value:

Microsoft CPE:

Course Information

Course Description

​CASP is CompTIA's first mastery-level certification for enterprise technical security leads.

CASP certification is an international, vendor-neutral certification that designates IT professionals with advanced-level security skills and knowledge. Achieving CASP certification proves your competency in enterprise security, risk management, research and analysis, and integrating computing, communications, and business disciplines.  Becoming CASP certified confirms that you have the technical knowledge and skills required to conceptualize, design, and engineer secure solutions across complex enterprise environments. CASP certifies that you can apply critical thinking and judgment across a broad spectrum of security disciplines to propose and implement solutions that map to enterprise drivers.

Learn advanced security administration tools and techniques while preparing for the CASP exam in this hands-on course.

In this course, you will focus on enterprise security risk management, policies and procedures, legalities research, and analysis integration of computing. We will also cover communications and business disciplines. You will prepare for the CASP exam with confidence through a combination of hands-on labs and lectures by a seasoned security practitioner.

Course Objectives

​What You’ll Learn:

Advanced defensive controls such as web application firewalls

Address threats such as cross-site scripting (XSS) and cross-site request forgery (XSRF)

Perform advanced port scanning techniques used to avoid detection

Best practices in intrusion detection system (IDS) design and signature development

Stop hackers before they access your network

Course Audience

​IT professionals with a minimum of 10 years of experience in IT administration and at least 5 years of hands-on security in an enterprise environment

Technical security leads in large, multi-location organizations

Network security engineer, information systems security engineer, security architect, security consultant, and information systems security officer

Course Outline

​Enterprise Security Architecture

Basics of Enterprise Security

Enterprise Structure

Enterprise Security Requirements

Enterprise Security Technology

Common Network Security Components and Technologies

Communications and Collaboration Security

Cryptographic Tools and Techniques

Advanced Authentication

Enterprise Resource Technology

Enterprise Storage Security Issues

Distributed, Shared, and Virtualized Computing

Cloud Computing and Security

Security Design and Solutions

Network Security Design

Conduct a Security Assessment

Host Security

Application Security Design

Application Security Basics

Web Application Security

Managing Risk, Security Policies, and Security Procedures

Analyze Security Risk

Implement Risk Mitigation Strategies and Controls

Implement Enterprise-Level Security Policies and Procedures

Prepare for Incident Response and Recovery

Enterprise Security Integration

Technology Lifecycle

Interorganizational Change

Integrate Enterprise Disciplines to Achieve Secure Solutions

Security Research and Analysis

Perform an Industry Trends and Impact Analysis

Perform an Enterprise Security Analysis


Lab 1: Install and Verify the Lab Environment

Lab 2: Explore and Test the Lab Network

Lab 3: Protocol Analyzers

Lab 4: Capture and Analyze VoIP Traffic

Lab 5: Use Network Diagramming Tools

Lab 6: Intrusion Detection and Prevention

Lab 7: Use MD5 and SHA for Hashing and File Integrity

Lab 8: Identify and Assess Threats to Cloud and Remote Computing

Lab 9: Implement Encryption to Secure Enterprise and Personal Storage

Lab 10: Attack Insecure Networks and Target Vulnerable Applications

Lab 11: Perform Network Vulnerability Scans

Lab 12: Hands-On Penetration Testing (Port Scanning and Fingerprinting)

Lab 13: Hands-On Social Engineering

Lab 14: Identify Root Kits Used to Maintain Access and Cover Tracks

Lab 15: Identify Vulnerable Web Servers

Lab 16: Install and Use a Virtual Browser

Lab 17: Secure Coding and Threat Modeling

Lab 18: Test Application Security with Metasploit

Lab 19: Security Baselines and Configurations

Lab 20: Manage Risk by Configuring Strong Authentication

Lab 21: Basic Forensics

Lab 22: Use Helix for Forensic Analysis

Lab 23: SDLC Code Review

Lab 24: Route and Switch Security

Lab 25: Advanced Network Traffic Analysis

Lab 26: Cost Benefit Analysis

Course Prerequisites

​CASP certification is ideal for IT security professionals who have at least 10 years of experience in IT administration, including at least five years of hands-on technical security experience.

While there is no required prerequisite, CASP certification is intended to follow CompTIA Security+ or equivalent experience and has a technical, hands-on focus at the enterprise level.

Course Schedule
This course is not scheduled yet.