CompTIA CySA+ / CASP+/ PenTest+ Certification Training

Guaranteed to Run

Upcoming Dates	Class Times	Class Format	Quote
6/10 - 6/24, 2024	10:00 AM - 6:00 PM ET 9:00 AM - 5:00 PM CT 7:00 AM - 3:00 PM PT 4:00 AM - 12:00 PM HT	Instructor-Led	Instant Quote

Instructor-Led

• Certified Instructor
• Includes all course materials

Can't travel or you want to stay with your family or business. No problem!

Stay in your own city and save the additional expenses of roundtrip airfare, lodging, transportation, and meals and receive the same great instruction live from our instructors in our Live Instructor-Led Remote Classroom Training.

Remote Classroom Training

Our Remote Classroom Training is a live class with students observing the instructor and listening through your computer speakers.

You will see the instructor's computer, slides, notes, etc., just like in the classroom. You will be following along, doing work, labs, and individual assignments.

CompTIA Cybersecurity Analyst (CySA+) is an international, vendor-neutral cybersecurity certification that applies behavioral analytics to improve the overall state of IT security. CySA+ validates critical knowledge and skills that are required to prevent, detect and combat cybersecurity threats.

The CompTIA Advanced Security Practitioner (CASP) Certification is a vendor-neutral credential. The CASP exam is an internationally targeted validation of advanced-level security skills and knowledge. While there is no required prerequisite, the CASP certification is intended to follow CompTIA Security+ or equivalent experience and has a technical, "hands-on" focus at the enterprise level.

CompTIA PenTest+ is the most comprehensive exam covering all penetration testing stages. Unlike other penetration testing exams that only cover a portion of stages with essay questions and hands-on, PenTest+ uses both performance-based and knowledge-based questions to ensure all stages are addressed.

• CompTIA Cybersecurity Analyst (CySA+)
• CompTIA Advanced Security Practitioner (CASP)
• CompTIA PenTest+

CompTIA Cybersecurity Analyst (CySA+)

CompTIA Cybersecurity Analyst (CySA+) is an international, vendor-neutral cybersecurity certification that applies behavioral analytics to improve the overall state of IT security. CySA+ validates critical knowledge and skills that are required to prevent, detect and combat cybersecurity threats.

Overview

As attackers have learned to evade traditional signature-based solutions such as firewalls, an analytics-based approach within the IT security industry is increasingly important for most organizations. The behavioral analytics skills covered by CySA+ identify and combat malware, and advanced persistent threats (APTs), resulting in enhanced threat visibility across a broad attack surface. CompTIA CySA+ is for IT professionals looking to gain the following security analyst skills:

• Configure and use threat detection tools.
• Perform data analysis.
• Interpret the results to identify vulnerabilities, threats and risks to an organization.

CySA+ certified skills are in-demand

Properly trained IT security staff who can analyze, monitor and protect cybersecurity resources are in high demand. The U.S. Bureau of Labor Statistics (BLS) predicts that information security analysts will be the fastest growing overall job category, with 37 percent overall growth between 2012 and 2022.

CySA+ is globally recognized

CompTIA CySA+ is ISO/ANSI 17024 accredited and is awaiting approval by the U.S. Department of Defense (DoD) for directive 8140/8570.01-M requirements.

CySA+ provides substantial earnings potential

A career in information security analysis ranked seventh on U.S. News and World Report's list of the 100 best technology jobs for 2017. According to the Bureau of Labor Statistics, the median pay for an information security analyst is $90,120 per year.

Target Student

The CompTIA CySA+ examination is designed for IT security analysts, vulnerability analysts or threat intelligence analysts. The exam will certify that the successful candidate has the knowledge and skills required to configure and use threat detection tools, perform data analysis and interpret the results to identify vulnerabilities, threats and risks to an organization with the end goal of securing and protecting applications and systems within an organization.

Prerequisite

The CompTIA CySA+ exam is an internationally targeted validation of intermediate-level security skills and knowledge. While there is no required prerequisite, the CompTIA CySA+ certification is intended to follow CompTIA Security+ or equivalent experience and has a technical, "hands-on" focus on IT security analytics.

It is recommended for CompTIA CySA+ certification candidates to have the following:

• 3-4 years of hands-on information security or related experience
• Network+, Security+ or equivalent knowledge

Course Content

Threat Management

• Given a scenario, apply environmental reconnaissance techniques using appropriate tools and processes.
• Given a scenario, analyze the results of a network reconnaissance.
• Given a network-based threat, implement or recommend the appropriate response and countermeasure.
• Explain the purpose of practices used to secure a corporate environment.

Vulnerability Management

• Given a scenario, implement an information security vulnerability management process.
• Given a scenario, analyze the output resulting from a vulnerability scan.
• Compare and contrast common vulnerabilities found in the following targets within an organization.

Cyber Incident Response

• Given a scenario, distinguish threat data or behavior to determine the impact of an incident.
• Given a scenario, prepare a toolkit and use appropriate forensics tools during an investigation.
• Explain the importance of communication during the incident response process.
• Given a scenario, analyze common symptoms to select the best course of action to support incident response.
• Summarize the incident recovery and post-incident response process.

Security Architecture and Tool Sets

• Explain the relationship between frameworks, common policies, controls, and procedures.
• Given a scenario, use data to recommend remediation of security issues related to identity and access management.
• Given a scenario, review security architecture and make recommendations to implement compensating controls.
• Given a scenario, use application security best practices while participating in the Software Development Life Cycle (SDLC).
• Compare and contrast the general purpose and reasons for using various cybersecurity tools and technologies.

[ back to top ]

CompTIA Advanced Security Practitioner (CASP)

CompTIA Advanced Security Practitioner (CASP+) CAS-004 is an advanced-level cybersecurity certification for security architects and senior security engineers charged with leading and improving an enterprise's cybersecurity readiness.

Why is CASP+ Different?

CASP+ is the only hands-on, performance-based certification for advanced practitioners - not managers - at the advanced skill level of cybersecurity. While cybersecurity managers help identify what cybersecurity policies and frameworks could be implemented, CASP+ certified professionals figure out how to implement solutions within those policies and frameworks.

Unlike other certifications, CASP+ covers both security architecture and engineering - CASP+ is the only certification on the market that qualifies technical leaders to assess cyber readiness within an enterprise, and design and implement the proper solutions to ensure the organization is ready for the next attack.

What Skills Will You Learn?

Security Architecture

Expanded coverage to analyze security requirements in hybrid networks to work toward an enterprise-wide, zero trust security architecture with advanced secure cloud and virtualization solutions.

Security Operations

Expanded emphasis on newer techniques addressing advanced threat management, vulnerability management, risk mitigation, incident response tactics, and digital forensics analysis.

Governance, Risk, and Compliance

Expanded to support advanced techniques to prove an organization's overall cybersecurity resiliency metric and compliance to regulations, such as CMMC, PCI-DSS, SOX, HIPAA, GDPR, FISMA, NIST, and CCPA.

Security Engineering and Cryptography

Expanded to focus on advanced cybersecurity configurations for endpoint security controls, enterprise mobility, cloud/hybrid environments, and enterprise-wide PKI and cryptographic solutions.

Jobs That Use CASP+

• Security Architect
• Senior Security Engineer
• SOC Manager
• Security Analyst

Class Outline

1.0 Security Architecture

Given a scenario, analyze the security requirements and objectives to ensure an appropriate, secure network architecture for a new or existing network.

• Services
• Segmentation
• Deperimeterization/zero trust
• Merging of networks from various organizations
• Software-defined networking (SDN)

Given a scenario, analyze the organizational requirements to determine the proper infrastructure security design.

• Scalability
• Resiliency
• Performance
• Automation
• Containerization
• Virtualization
• Content delivery network
• Caching

Given a scenario, integrate software applications securely into an enterprise architecture.

• Baseline and templates
• Software assurance
• Considerations of integrating enterprise applications
• Integrating security into development life cycle

Given a scenario, implement data security techniques for securing enterprise architecture.

• Data loss prevention
• Data loss detection
• Data classification, labeling, and tagging
• Obfuscation
• Anonymization
• Encrypted vs. unencrypted
• Data life cycle
• Data inventory and mapping
• Data integrity management
• Data storage, backup, and recovery

Given a scenario, analyze the security requirements and objectives to provide the appropriate authentication and authorization controls.

• Credential management
• Password policies
• Federation
• Access control
• Protocols
• Multifactor authentication (MFA)
• One-time password (OTP)
• Hardware root of trust
• Single sign-on (SSO)
• JavaScript Object Notation (JSON) web token (JWT)
• Attestation and identity proofing

Given a set of requirements, implement secure cloud and virtualization solutions

• Virtualization strategies
• Provisioning and deprovisioning
• Middleware
• Metadata and tags
• Deployment models and considerations
• Hosting models
• Service models
• Cloud provider limitations
• Extending appropriate on-premises controls
• Storage models

Explain how cryptography and public key infrastructure (PKI) support security objectives and requirements.

• Privacy and confidentiality requirements
• Integrity requirements
• Non-repudiation
• Compliance and policy requirements
• Common cryptography use cases
• Common PKI use cases

Explain the impact of emerging technologies on enterprise security and privacy.

• Artificial intelligence
• Machine learning
• Quantum computing
• Blockchain
• Homomorphic encryption
• Secure multiparty computation
• Distributed consensus
• Big Data
• Virtual/augmented reality
• 3-D printing
• Passwordless authentication
• Nano technology
• Deep learning
• Biometric impersonation

2.0 Security Operations

Given a scenario, perform threat management activities.

• Intelligence types
• Actor types
• Threat actor properties
• Intelligence collection methods
• Frameworks

Given a scenario, analyze indicators of compromise and formulate an appropriate response.

• Indicators of compromise
• Response

Given a scenario, perform vulnerability management activities.

• Vulnerability scans
• Security Content Automation Protocol (SCAP)
• Self-assessment vs. third- party vendor assessment
• Patch management
• Information sources

Given a scenario, use the appropriate vulnerability assessment and penetration testing methods and tools.

• Methods
• Tools
• Dependency management
• Requirements

Given a scenario, analyze vulnerabilities and recommend risk mitigations.

• Vulnerabilities
• Inherently vulnerable system/application
• Attacks

Given a scenario, use processes to reduce risk.

• Proactive and detection
• Security data analytics
• Preventive
• Application control
• Security automation
• Physical security

Given an incident, implement the appropriate response.

• Event classifications
• Triage event
• Preescalation tasks
• Incident response process
• Specific response playbooks/processes
• Communication plan
• Stakeholder management

Explain the importance of forensic concepts.

• Legal vs. internal corporate purposes
• Forensic process
• Integrity preservation
• Cryptanalysis
• Steganalysis

Given a scenario, use forensic analysis tools.

• File carving tools
• Binary analysis tools
• Analysis tools
• Imaging tools
• Hashing utilities
• Live collection vs. post-mortem tools

3.0 Security Engineering and Cryptography

Given a scenario, apply secure configurations to enterprise mobility.

• Managed configurations
• Deployment scenarios
• Security considerations

Given a scenario, configure and implement endpoint security controls.

• Hardening techniques
• Processes
• Mandatory access control
• Trustworthy computing
• Compensating controls

Explain security considerations impacting specific sectors and operational technologies.

• Embedded
• ICS/supervisory control and data acquisition (SCADA)
• Protocols
• Sectors

Explain how cloud technology adoption impacts organizational security.

• Automation and orchestration
• Encryption configuration
• Logs
• Monitoring configurations
• Key ownership and location
• Key life-cycle management
• Backup and recovery methods
• Infrastructure vs. serverless computing
• Application virtualization
• Software-defined networking
• Misconfigurations
• Collaboration tools
• Storage configurations
• Cloud access security broker (CASB)

Given a business requirement, implement the appropriate PKI solution.

• PKI hierarchy
• Certificate types
• Certificate usages/profiles/templates
• Extensions
• Trusted providers
• Trust model
• Cross-certification
• Configure profiles
• Life-cycle management
• Public and private keys
• Digital signature
• Certificate pinning
• Certificate stapling
• Certificate signing requests (CSRs)
• Online Certificate Status Protocol (OCSP) vs. certificate revocation list (CRL)
• HTTP Strict Transport Security (HSTS)

Given a business requirement, implement the appropriate cryptographic protocols and algorithms.

• Hashing
• Symmetric algorithms
• Asymmetric algorithms
• Protocols
• Elliptic curve cryptography
• Forward secrecy
• Authenticated encryption with associated data
• Key stretching

Given a scenario, troubleshoot issues with cryptographic implementations.

• Implementation and configuration issues
• Keys

4.0 Governance, Risk, and Compliance

Given a set of requirements, apply the appropriate risk strategies.

• Risk assessment
• Risk handling techniques
• Risk types
• Risk management life cycle
• Risk tracking
• Risk appetite vs. risk tolerance
• Policies and security practices

Explain the importance of managing and mitigating vendor risk.

• Shared responsibility model (roles/responsibilities)
• Vendor lock-in and vendor lockout
• Vendor viability
• Meeting client requirements
• Support availability
• Geographical considerations
• Supply chain visibility
• Incident reporting requirements
• Source code escrows
• Ongoing vendor assessment tools
• Third-party dependencies
• Technical considerations

Explain compliance frameworks and legal considerations, and their organizational impact.

• Security concerns of integrating diverse industries
• Data considerations
• Geographic considerations
• Third-party attestation of compliance
• Regulations, accreditations, and standards
• Legal considerations
• Contract and agreement types

Explain the importance of business continuity and disaster recovery concepts.

• Business impact analysis
• Privacy impact assessment
• Disaster recovery plan (DRP)/ business continuity plan (BCP)
• Incident response plan
• Testing plans

[ back to top ]

CompTIA PenTest+

CompTIA PenTest+ (PT0-002) is for cybersecurity professionals tasked with penetration testing and vulnerability management.

Why is it different?

CompTIA PenTest+ is the most comprehensive exam covering all penetration testing stages. Unlike other penetration testing exams that only cover a portion of stages with essay questions and hands-on, PenTest+ uses both performance-based and knowledge-based questions to ensure all stages are addressed.

PenTest+ is the only exam on the market to include all aspects of vulnerability management. It not only covers hands-on vulnerability assessment, scanning, and analysis, but also includes planning, scoping, and managing weaknesses, not just exploiting them.

PenTest+ is the most current penetration testing exam covering the latest techniques against expanded attack surfaces. It is a unique exam that requires a candidate to demonstrate the most relevant pen testing skills for the cloud, hybrid environments, web applications, Internet of Things (IoT), and traditional on-premises.

What Skills Will You Learn?

Planning and Scoping

Includes updated techniques emphasizing governance, risk, and compliance concepts, scoping and organizational/customer requirements, and demonstrating an ethical hacking mindset.

Information Gathering and Vulnerability Scanning

Includes updated skills on performing vulnerability scanning and passive/active reconnaissance, vulnerability management, as well as analyzing the results of the reconnaissance exercise.

Attacks and Exploits

Includes updated approaches to expanded attack surfaces, researching social engineering techniques, performing network attacks, wireless attacks, application-based attacks and attacks on cloud technologies, and performing post-exploitation techniques.

Reporting and Communication

Expanded to focus on the importance of reporting and communication in an increased regulatory environment during the pen testing process through analyzing findings and recommending appropriate remediation within a report.

Tools and Code Analysis

Includes updated concepts of identifying scripts in various software deployments, analyzing a script or code sample, and explaining use cases of various tools used during the phases of a penetration test. It is important to note that no scripting and coding is required.

Jobs that use CompTIA PenTest+

• Penetration Tester
• Security Consultant
• Cloud Penetration Tester
• Web App Penetration Tester
• Cloud Security Specialist
• Network & Security Specialist

Class Outline

1.0 Planning and Scoping

Compare and contrast governance, risk, and compliance concepts.

• Regulatory compliance considerations
• Location restrictions
• Legal concepts
• Permission to attack

Explain the importance of scoping and organizational/customer requirements.

• Standards and methodologies
• Rules of engagement
• Environmental considerations
• Target list/in-scope assets
• Validate scope of engagement

Given a scenario, demonstrate an ethical hacking mindset by maintaining professionalism and integrity.

• Background checks of penetration testing team
• Adhere to specific scope of engagement
• Identify criminal activity
• Immediately report breaches/ criminal activity
• Limit the use of tools to a particular engagement
• Limit invasiveness based on scope
• Maintain confidentiality of data/information
• Risks to the professional

2.0 Information Gathering and Vulnerability Scanning

Given a scenario, perform passive reconnaissance.

• DNS lookups
• Identify technical contacts
• Administrator contacts
• Cloud vs. self-hosted
• Social media scraping
• Cryptographic flaws
• Company reputation/security posture
• Data
• Open-source intelligence (OSINT)

Given a scenario, perform active reconnaissance.

• Enumeration
• Website reconnaissance
• Packet crafting
• Defense detection
• Tokens
• Wardriving
• Network traffic
• Cloud asset discovery
• Third-party hosted services
• Detection avoidance

Given a scenario, analyze the results of a reconnaissance exercise.

• Fingerprinting
• Analyze output

Given a scenario, perform vulnerability scanning.

• Considerations of vulnerability scanning
• Scan identified targets for vulnerabilities
• Set scan settings to avoid detection
• Scanning methods
• Nmap
• Vulnerability testing tools that facilitate automation

3.0 Attacks and Exploits

Given a scenario, research attack vectors and perform network attacks.

• Stress testing for availability
• Exploit resources
• Attacks
• Tools

Given a scenario, research attack vectors and perform wireless attacks.

• Attack methods
• Attacks
• Tools

Given a scenario, research attack vectors and perform application-based attacks.

• OWASP Top 10
• Server-side request forgery
• Business logic flaws
• Injection attacks
• Application vulnerabilities
• API attacks
• Directory traversal
• Tools
• Resources

Given a scenario, research attack vectors and perform attacks on cloud technologies.

• Attacks
• Tools

Explain common attacks and vulnerabilities against specialized systems.

• Mobile
• Internet of Things (IoT) devices
• Data storage system vulnerabilities
• Management interface vulnerabilities
• Vulnerabilities related to supervisory control and data acquisition (SCADA)/ Industrial Internet of Things (IIoT)/ industrial control system (ICS)
• Vulnerabilities related to virtual environments
• Vulnerabilities related to containerized workloads

Given a scenario, perform a social engineering or physical attack.

• Pretext for an approach
• Social engineering attacks
• Physical attacks
• Impersonation
• Tools
• Methods of influence

Given a scenario, perform post-exploitation techniques.

• Post-exploitation tools
• Lateral movement
• Network segmentation testing
• Privilege escalation
• Upgrading a restrictive shell
• Creating a foothold/persistence
• Detection avoidance
• Enumeration

4.0 Reporting and Communication

Compare and contrast important components of written reports.

• Report audience
• Report contents
• Storage time for report
• Secure distribution
• Note taking
• Common themes/root causes

Given a scenario, analyze the findings and recommend the appropriate remediation within a report.

• Technical controls
• Administrative controls
• Operational controls
• Physical controls

Explain the importance of communication during the penetration testing process.

• Communication path
• Communication triggers
• Reasons for communication
• Goal reprioritization
• Presentation of findings

Explain post-report delivery activities.

• Post-engagement cleanup
• Client acceptance
• Lessons learned
• Follow-up actions/retest
• Attestation of findings
• Data destruction process

5.0 Tools and Code Analysis

Explain the basic concepts of scripting and software development.

• Logic constructs
• Data structures
• Libraries
• Classes
• Procedures
• Functions

Given a scenario, analyze a script or code sample for use in a penetration test.

• Shells
• Programming languages
• Analyze exploit code
• Opportunities for automation

Explain use cases of the following tools during the phases of a penetration test.

• Scanners
• Credential testing tools
• Debuggers
• OSINT
• Wireless
• Web application tools
• Social engineering tools
• Remote access tools
• Networking tools
• Misc.
• Steganography tools
• Cloud tools

[ back to top ]

CED Solutions is your best choice for CompTIA CySA+ CASP+ PenTest+, CompTIA CySA+ CASP+ PenTest+ training, CompTIA CySA+ CASP+ PenTest+ certification, CompTIA CySA+ CASP+ PenTest+ boot camp, CompTIA CySA+ CASP+ PenTest+ certification training, CompTIA CySA+ CASP+ PenTest+ certification course, CompTIA CySA+ CASP+ PenTest+ course, CompTIA CySA+ CASP+ PenTest+ class.