CASP+ (CAS-004) Cert Prep: 2 Security Operations
7h 50mIntermediate2022-05-05
Authors

Jason Dion
Cybersecurity Trainer at Dion Training Solutions
Course details
The CASP+ (CompTIA Advanced Security Practitioner+) (CAS-004) certification is a vendor-neutral certification that validates your knowledge and ability to conduct advanced-level cybersecurity skills. Designed for the advanced-level technical cybersecurity professional certification, the certification exam tests your ability to implement solutions within cybersecurity policies and frameworks. This second course in the series from information technology and cybersecurity expert Jason Dion focuses on the security operations topics covered in the exam. He covers aspects of threat management like threat hunting and intelligence collection. He then shows many different methods to assess vulnerabilities, including penetration tests and code analysis, and describes the risk reduction techniques you need to know for the exam. Jason shows how to analyze and attack vulnerabilities, how to recognize and respond to risk indicators, and wraps up with a look at digital forensic techniques and tools.
Skills covered
Incident ResponseCybersecurityCert Prep
Concepts
0. Introduction
- 01 - Welcome
- 02 - About the exam
1. Threat and Vulnerability Management
- 03 - Threat and vulnerability management
- 04 - Threat intelligence
- 05 - Threat hunting
- 06 - Intelligence collection
- 07 - Threat actors
- 08 - Threat management frameworks
- 09 - Vulnerability management activities
- 10 - Security Content Automation Protocol
2. Vulnerability Assessments
- 11 - Vulnerability assessments
- 12 - Penetration test
- 13 - Pen test steps
- 14 - Pen test requirements
- 15 - Code analysis
- 16 - Protocol analysis
- 17 - Analysis utilities
3. Risk Reduction
- 18 - Risk reduction
- 19 - Deceptive technologies
- 20 - Security data analytics
- 21 - Preventative controls
- 22 - Application controls
- 23 - Security automation
- 24 - Physical security
4. Analyzing Vulnerabilities
- 25 - Analyzing vulnerabilities
- 26 - Race conditions
- 27 - Buffer overflows
- 28 - Authentication and references
- 29 - Ciphers and certificates
- 30 - Improper headers
- 31 - Software composition
- 32 - Vulnerable web applications
5. Attacking Vulnerabilities
- 33 - Attacking vulnerabilities
- 34 - Directory traversals
- 35 - Cross-Site Scripting (XSS)
- 36 - Cross-site request forgery (CSRF)
- 37 - SQL injections
- 38 - XML injections
- 39 - Other injection attacks
- 40 - Authentication bypass
- 41 - VM attacks
- 42 - Network attacks
- 43 - Social engineering
6. Indicators of Compromise
- 44 - Indicators of compromise
- 45 - Types of IoCs
- 46 - PCAP files
- 47 - NetFlow
- 48 - Logs
- 49 - IoC notifications
- 50 - Response to IoCs
7. Incident Response
- 51 - Incident response
- 52 - Triage
- 53 - Communication plan
- 54 - Stakeholder management
- 55 - Incident response process
- 56 - Playbooks
8. Digital Forensics
- 57 - Digital forensics
- 58 - Forensic process
- 59 - Chain of custody
- 60 - Order of volatility
- 61 - Forensic analysis
9. Digital Forensic Tools
- 62 - Digital forensic tools
- 63 - Forensic workstations
- 64 - File carving tools
- 65 - Binary analysis tools
- 66 - Forensic analysis tools
- 67 - Imaging tools
- 68 - Collection tools
Conclusion
- 69 - Conclusion
Related courses
- CASP+ (CAS-004) Cert Prep: 1 Security Architecture
- CASP+ (CAS-004) Cert Prep: 3 Security Engineering and Cryptography
- CASP+ (CAS-004) Cert Prep: 4 Governance, Risk, and Compliance
- CompTIA Advanced Security Practitioner (CASP+) (CAS-004) Cert Prep
- CompTIA SecurityX (CAS-005) Cert Prep
- ASP.NET Core: Test-Driven Development