CAS-002 CASP Exam Syllabus

CASP PDF, CAS-002 Dumps, CAS-002 PDF, CASP VCE, CAS-002 Questions PDF, CompTIA CAS-002 VCE, CompTIA CASP Dumps, CompTIA CASP PDFUse this quick start guide to collect all the information about CompTIA CASP (CAS-002) Certification exam. This study guide provides a list of objectives and resources that will help you prepare for items on the CAS-002 Advanced Security Practitioner exam. The Sample Questions will help you identify the type and difficulty level of the questions and the Practice Exams will make you familiar with the format and environment of an exam. You should refer this guide carefully before attempting your actual CompTIA CASP certification exam.

The CompTIA CASP certification is mainly targeted to those candidates who want to build their career in IT Security domain. The CompTIA Advanced Security Practitioner (CASP) exam verifies that the candidate possesses the fundamental knowledge and proven skills in the area of CompTIA CASP.

CompTIA CASP Exam Summary:

Exam Name CompTIA Advanced Security Practitioner (CASP)
Exam Code CAS-002
Exam Price $439 (USD)
Duration 165 mins
Number of Questions 90
Passing Score Pass/Fail
Schedule Exam CompTIA Marketplace
Sample Questions CompTIA CASP Sample Questions
Practice Exam CompTIA CAS-002 Certification Practice Exam

CompTIA CAS-002 Exam Syllabus Topics:

Topic Details
Enterprise Security 30%
Given a scenario, select appropriate cryptographic concepts and techniques.
1. Techniques
  1. Key stretching
  2. Hashing
  3. Code signing
  4. Pseudorandom number generation
  5. Perfect forward secrecy
  6. Transport encryption
  7. Data-at-rest encryption
  8. Digital signature
2. Concepts
  1. Entropy
  2. Diffusion
  3. Confusion
  4. Non-repudiation
  5. Confidentiality
  6. Integrity
  7. Chain of trust, root of trust
  8. Cryptographic applications and proper/improper implementations
  9. Advanced PKI concepts
  10. Wild card
  11. OCSP vs. CRL
  12. Issuance to entities
  13. Users
  14. Systems
  15. Applications
  16. Key escrow
  17. Steganography
  18. Implications of cryptographic methods and design
  19. Stream
  20. Block
  21. Modes
  22. ECB
  23. CBC
  24. CFB
  25. OFB
  26. Known flaws/weaknesses
  27. Strength vs. performance vs. feasibility to implement vs. interoperability
3. Implementations
  1. DRM
  2. Watermarking
  3. GPG
  4. SSL
  5. SSH
  6. S/MIME
Explain the security implications associated with enterprise storage. 1. Storage type
  1. Virtual storage
  2. Cloud storage
  3. Data warehousing
  4. Data archiving
  5. NAS
  6. SAN
  7. vSAN
2. Storage protocols
  1. iSCSI
  2. FCoE
  3. NFS, CIFS
3. Secure storage management
  1. Multipath
  2. Snapshots
  3. Deduplication
  4. Dynamic disk pools
  5. LUN masking/mapping
  6. HBA allocation
  7. Offsite or multisite replication
  8. Encryption
  9. Disk
  10. Block
  11. File
  12. Record
  13. Port
Given a scenario, analyze network and security components, concepts and architectures
1. Advanced network design (wired/wireless)
  1. Remote access
  2. VPN
  3. SSH
  4. RDP
  5. VNC
  6. SSL
  7. IPv6 and associated transitional technologies
  8. Transport encryption
  9. Network authentication methods
  10. 802.1x
  11. Mesh networks
2. Security devices
  1. UTM
  2. NIPS
  3. NIDS
  4. INE
  5. SIEM
  6. HSM
  7. Placement of devices
  8. Application and protocol aware technologies
  9. WAF
  10. NextGen firewalls
  11. IPS
  12. Passive vulnerability scanners
  13. DAM
3. Virtual networking and security components
  1. Switches
  2. Firewalls
  3. Wireless controllers
  4. Routers
  5. Proxies
4. Complex network security solutions for data flow
  1. SSL inspection
  2. Network flow data
5.  Secure configuration and baselining of networking and security components
  1. ACLs
  2. Change monitoring
  3. Configuration lockdown
  4. Availability controls
6. Software-defined networking
7. Cloud-managed networks
8. Network management and monitoring tools
9. Advanced configuration of routers, switches and other network devices
  1. Transport security
  2. Trunking security
  3. Route protection
10. Security zones
  1. Data flow enforcement
  2. DMZ
  3. Separation of critical assets
11. Network access control
  1. Quarantine/remediation
12. Operational and consumer network-enabled devices
  1. Building automation systems
  2. IP video
  3. HVAC controllers
  4. Sensors
  5. Physical access control systems
  6. A/V systems
  7. Scientific/industrial equipment
13. Critical infrastructure/Supervisory Control and Data Acquisition (SCADA)/ Industrial Control Systems (ICS)
Given a scenario, select and troubleshoot security controls for hosts. 1. Trusted OS (e.g., how and when to use it)
2.  Endpoint security software
  1. Anti-malware
  2. Antivirus
  3. Anti-spyware
  4. Spam filters
  5. Patch management
  6. HIPS/HIDS
  7. Data loss prevention
  8. Host-based firewalls
  9. Log monitoring
3. Host hardening
  1. Standard operating environment/
  2. configuration baselining
  3. Application whitelisting and blacklisting
  4. Security/group policy implementation
  5. Command shell restrictions
  6. Patch management
  7. Configuring dedicated interfaces
  8. Out-of-band NICs
  9. ACLs
  10. Management interface
  11. Data interface
  12. Peripheral restrictions
  13. USB
  14. Bluetooth
  15. Firewire
  16. Full disk encryption
4.  Security advantages and disadvantages of virtualizing servers
  1. Type I
  2. Type II
  3. Container-based
5. Cloud augmented security services
  1. Hash matching
  2. Antivirus
  3. Anti-spam
  4. Vulnerability scanning
  5. Sandboxing
  6. Content filtering
6. Boot loader protections
  1. Secure boot
  2. Measured launch
  3. Integrity Measurement
  4. Architecture (IMA)
  5. BIOS/UEFI
7. Vulnerabilities associated with co-mingling of hosts with different security requirements
  1. VM escape
  2. Privilege elevation
  3. Live VM migration
  4. Data remnants
8. Virtual Desktop Infrastructure (VDI)
9. Terminal services/application delivery services
10. TPM
​11. VTPM
12. HSM
Differentiate application vulnerabilities and select appropriate security controls.
1.  Web application security design considerations
  1. Secure: by design, by default, by deployment
2. Specific application issues
  1. Cross-Site Request Forgery (CSRF)
  2. Click-jacking
  3. Session management
  4. Input validation
  5. SQL injection
  6. Improper error and exception handling
  7. Privilege escalation
  8. Improper storage of sensitive data
  9. Fuzzing/fault injection
  10. Secure cookie storage and transmission
  11. Buffer overflow
  12. Memory leaks
  13. Integer overflows
  14. Race conditions
  15. Time of check
  16. Time of use
  17. Resource exhaustion
  18. Geo-tagging
  19. Data remnants

3.  Application sandboxing
4.  Application security frameworks

  1. Standard libraries
  2. Industry-accepted approaches
  3. Web services security (WS-security)
5. Secure coding standards
6. Database Activity Monitor (DAM)
7. Web Application Firewalls (WAF)
8.  Client-side processing vs.server-side processing
  1. JSON/REST
  2. Browser extensions
  3. ActiveX
  4. Java Applets
  5. Flash
  6. HTML5
  7. AJAX
  8. SOAP
  9. State management
  10. JavaScript
Risk Management and Incident Response 20%
Interpret business and industry influences and explain associated security risks.
1.  Risk management of new products, new technologies and user behaviors
2. New or changing business models/strategies
  1. Partnerships
  2. Outsourcing
  3. Cloud
  4. Merger and demerger/divestiture
3. Security concerns of integrating diverse industries
  1. Rules
  2. Policies
  3. Regulations
  4. Geography
4.  Ensuring third-party providers have requisite levels of information security
5.  Internal and external influences
  1. Competitors
  2. Auditors/audit findings
  3. Regulatory entities
  4. Internal and external
  5. client requirements
  6. Top level management
6.  Impact of de-perimeterization (e.g., constantly changing network boundary)
  1. Telecommuting
  2. Cloud
  3. BYOD
  4. Outsourcing
Given a scenario, execute risk mitigation planning, strategies and controls.
1.  Classify information types into levels of CIA based on organization/industry
2.  Incorporate stakeholder input into CIA decisions
3.  Implement technical controls based on CIA requirements and policies of the organization
4. Determine aggregate score of CIA
5. Extreme scenario planning/worst case scenario
6. Determine minimum required security controls based on aggregate score
7. Conduct system specific risk analysis
8. Make risk determination
  1. Magnitude of impact
  2. ALE
  3. SLE
  4. Likelihood of threat
  5. Motivation
  6. Source
  7. ARO
  8. Trend analysis
  9. Return On Investment (ROI)
  10. Total cost of ownership
9.  Recommend which strategy should be applied based on risk appetite
  1. Avoid
  2. Transfer
  3. Mitigate
  4. Accept
10. Risk management processes
  1. Exemptions
  2. Deterrance
  3. Inherent
  4. Residual
11.  Enterprise security architecture frameworks
12.  Continuous improvement/monitoring
13.  Business continuity planning
14. IT governance
Compare and contrast security, privacy policies and procedures based on organizational requirements.
1. Policy development and updates in light of new business, technology, risks and environment changes
2.  Process/procedure development and updates in light of policy, environment and business changes
3.  Support legal compliance and advocacy by partnering with HR, legal, management and other entities
4.  Use common business documents to support security
  1. Risk assessment (RA)/
  2. Statement Of Applicability (SOA)
  3. Business Impact Analysis (BIA)
  4. Interoperability Agreement (IA)
  5. Interconnection Security
  6. Agreement (ISA)
  7. Memorandum Of Understanding (MOU)
  8. Service Level Agreement (SLA)
  9. Operating Level Agreement (OLA)
  10. Non-Disclosure Agreement (NDA)
  11. Business Partnership Agreement (BPA)
5. Use general privacy principles for sensitive information (PII)
6. Support the development of policies that contain
  1. Separation of duties
  2. Job rotation
  3. Mandatory vacation
  4. Least privilege
  5. Incident response
  6. Forensic tasks
  7. Employment and
  8. termination procedures
  9. Continuous monitoring
  10. Training and awareness for users
  11. Auditing requirements and frequency
Given a scenario, conduct incident response and recovery procedures. 1.  E-discovery
  1. Electronic inventory and asset control
  2. Data retention policies
  3. Data recovery and storage
  4. Data ownership
  5. Data handling
  6. Legal holds
2.  Data breach
  1. Detection and collection
  2. Data analytics
  3. Mitigation
  4. Minimize
  5. Isolate
  6. Recovery/reconstitution
  7. Response
  8. Disclosure
3.  Design systems to facilitate incident response
  1. Internal and external violations
  2. Privacy policy violations
  3. Criminal actions
  4. Insider threat
  5. Non-malicious threats/misconfigurations
  6. Establish and review system, audit and security logs
4.  Incident and emergency response
  1. Chain of custody
  2. Forensic analysis of compromised system
  3. Continuity Of Operation Plan (COOP)
  4. Order of volatility
Research and Analysis 18%
Apply research methods to determine industry
trends and impact to the enterprise.
1. Perform ongoing research
  1. Best practices
  2. New technologies
  3. New security systems and services
  4. Technology evolution (e.g., RFCs, ISO)
2. Situational awareness
  1. Latest client-side attacks
  2. Knowledge of current vulnerabilities and threats
  3. Zero-day mitigating controls and remediation
  4. Emergent threats and issues
3.  Research security implications of new business tools
  1. Social media/networking
  2. End user cloud storage
  3. Integration within the business
4. Global IA industry/community
  1. Computer Emergency Response Team (CERT)
  2. Conventions/conferences
  3. Threat actors
  4. Emerging threat sources/ threat intelligence
5. Research security requirements for contracts
  1. Request For Proposal (RFP)
  2. Request For Quote (RFQ)
  3. Request For Information (RFI)
  4. Agreements
Analyze scenarios to secure the enterprise. 1. Create benchmarks and compare to baselines
2. Prototype and test multiple solutions
3. Cost benefit analysis
  1. ROI
  2. TCO
​4. Metrics collection and analysis
5. Analyze and interpret trend data to anticipate cyber defense needs
6.  Review effectiveness of existing security controls
7.  Reverse engineer/deconstruct existing solutions
8.  Analyze security solution attributes to ensure they meet business needs
  1. Performance
  2. Latency
  3. Scalability
  4. Capability
  5. Usability
  6. Maintainability
  7. Availability
  8. Recoverability
9. Conduct a lessons-learned/after-action report
10. Use judgment to solve difficult problems that do not have a best solution
Given a scenario, select methods or tools appropriate
to conduct an assessment and analyze results
1. Tool type
  1. Port scanners
  2. Vulnerability scanners
  3. Protocol analyzer
  4. Network enumerator
  5. Password cracker
  6. Fuzzer
  7. HTTP interceptor
  8. Exploitation tools/frameworks
  9. Passive reconnaissance and intelligence gathering tools
  10. Social media
  11. Whois
  12. Routing tables
2. Methods
  1. Vulnerability assessment
  2. Malware sandboxing
  3. Memory dumping, runtime debugging
  4. Penetration testing
  5. Black box
  6. White box
  7. Grey box
  8. Reconnaissance
  9. Fingerprinting
  10. Code review
  11. Social engineering
Integration of Computing, Communications and Business Disciplines 16%
Given a scenario, facilitate collaboration across diverse
business units to achieve security goals.
1.  Interpreting security requirements and goals to communicate with stakeholders from other disciplines
  1. Sales staff
  2. Programmer
  3. Database administrator
  4. Network administrator
  5. Management/executive management
  6. Financial
  7. Human resources
  8. Emergency response team
  9. Facilities manager
  10. Physical security manager
2.  Provide objective guidance and impartial recommendations to staff and senior management on security processes and controls
3. Establish effective collaboration within teams to implement secure solutions
4.  IT governance
Given a scenario, select the appropriate control to secure
communications and collaboration solutions.
1. Security of unified collaboration tools
  1. Web conferencing
  2. Video conferencing
  3. Instant messaging
  4. Desktop sharing
  5. Remote assistance
  6. Presence
  7. Email
  8. Telephony
  9.  VoIP
  10. Collaboration sites
  11. Social media
  12. Cloud-based
2.  Remote access
3. Mobile device management
  1. BYOD
​4. Over-the-air technologies concerns
Implement security activities across the technology life cycle. 1.  End-to-end solution ownership
  1. Operational activities
  2. Maintenance
  3. Commissioning/decommissioning
  4. Asset disposal
  5. Asset/object reuse
  6. General change management
2. Systems development life cycle
  1. Security System DevelopmentLife Cycle (SSDLC)/Security Development Lifecycle (SDL)
  2. Security Requirements Traceability Matrix (SRTM)
  3. Validation and acceptance testing
  4. Security implications of agile, waterfall and spiral software development methodologies
3.  Adapt solutions to address emerging threats and security trends
4. Asset management (inventory control)
  1. Device tracking technologies
  2. Geo-location/GPS location
  3. Object tracking and containment technologies
  4. Geo-tagging/geo-fencing
  5. RFID
Technical Integration of Enterprise Components 16%
Given a scenario, integrate hosts, storage, networks and
applications into a secure enterprise architecture.
1.  Secure data flows to meet changing business needs
2. Standards
  1. Open standards
  2. Adherence to standards
  3. Competing standards
  4. Lack of standards
  5. De facto standards
3.  Interoperability issues
  1. Legacy systems/current systems
  2. Application requirements
  3. In-house developed vs. commercial vs. commercial customized
4.  Technical deployment models (outsourcing/insourcing/managed services/partnership)
  1. Cloud and virtualization considerations and hosting options
  2. Public
  3. Private 
  4. Hybrid
  5. Community
  6. Multi-tenancy
  7. Single tenancy
  8. Vulnerabilities associated with a single physical server hosting multiple companies’ virtual machines
  9. Vulnerabilities associated with a single platform hosting multiple companies’ virtual machines
  10. Secure use of on-demand/ elastic cloud computing
  11. Data remnants
  12. Data aggregation
  13. Data isolation
  14. Resources provisioning and deprovisioning
  15. Users
  16. Servers
  17. Virtual devices
  18. Applications
  19. Securing virtual environments, services, applications, appliances and equipment
  20. Design considerations during mergers, acquisitions and demergers/divestitures
  21. Network secure segmentation and delegation
5. Logical deployment diagram and corresponding physical deployment diagram of all relevant devices
6.  Secure infrastructure design (e.g., decide where to place certain devices/applications)
7. Storage integration (security considerations)
8. Enterprise application integration enablers
  1. CRM
  2. ERP
  3. GRC
  4. ESB
  5. SOA
  6. Directory services
  7. DNS
  8. CMDB
  9. CMS
Given a scenario, integrate advanced authentication and
authorization technologies to support enterprise objectives.
1. Authentication
  1. Certificate-based authentication
  2. Single sign-on
2. Authorization
  1. OAUTH
  2. XACML
  3. SPML
​3. Attestation
4. Identity propagation
5. Federation
  1. SAML
  2. OpenID
  3. Shibboleth
  4. WAYF
6.  Advanced trust models
  1. RADIUS configurations
  2. LDAP
  3. AD

To ensure success in CompTIA CASP certification exam, we recommend authorized training course, practice test and hands-on experience to prepare for Advanced Security Practitioner (CAS-002) exam.

Rating: 5 / 5 (20 votes)