CompTIA CASP CAS-002: Research, Analysis and Assessment

This course is included in our On-demand training solution.


Research and testing are the backbone of introducing new technologies and devices into your network. It is important to make sure none of the new changes will compromise network security. In this course, you’ll learn about research methods to determine industry trends and their impact to the enterprise.You will also explore methods of securing an enterprise environment, and you will select methods or tools appropriate to conduct an assessment and analyze the results. This course is one of a series in the Skillsoft learning path that covers the objectives for the CompTIA Advanced Security Practitioner (CAS-002) certification exam.

Target Audience

Security candidates looking to certify their technical knowledge and skills required to conceptualize, engineer, integrate, and implement secure solutions across complex environments



Expected Duration

150 min.

Course Objectives

Course Introduction

Best Practices & New Technologies for Security Systems

  • identify the best practices and new technologies for dealing with new systems
  • Client-side Attacks, Vulnerabilities, and Threats

  • identify how client-side attacks, vulnerabilities, and threats affect network security
  • Zero Day Mitigation and Emergent Threats

  • define how zero-day and emergent threats can affect network security
  • End-user Cloud Storage and Business Integration

  • define how end-user cloud storage and business integration can affect network security
  • Computer Emergency Response Team

  • identify the role of the CERT team and what members should be on it
  • Conventions, Threat Actors, & Threat Intelligence

  • define how conventions, threats actors, and threat intelligence are used to create network security
  • RFPs, RFQs, FRIs, and Agreements

  • define the role RFPs, RFQs, FRIs, and agreements play in network security
  • Benchmarks and Baselines

  • identify how benchmarks and baselines are used to create network security
  • Prototypes and Testing

  • define how prototypes and testing are used to create network security
  • Cost Benefit Analysis

  • define how cost benefit analysis is used when creating network security plans
  • Metrics Collection and Analysis

  • identify how metrics collection and analysis is used when creating network security plans
  • Trend Data and Cyber Defense

  • identify how trend data and cyber defense are used when creating network security
  • Existing Security Controls

  • define the role existing security controls play when creating network security
  • Reverse Engineering Solutions

  • identify how reverse engineering can be used in order to create network security
  • Performance, Latency, Scalability, and Capability

  • define how performance, latency, scalability, and capability affect network security
  • Usability, Maintainability, Availability, and Recovery

  • define how usability, maintainability, availability, and recovery affect network security
  • Lessons Learned and After-action Reports

  • identify how lessons learned and after-action reports are used to reinforce network security
  • Judgment Calls

  • define how judgment calls are used when network security issues arise
  • Network Analysis Tools

  • define how network analysis tools are used when securing network environments
  • Exploitation Tools

  • identify how exploitation tools can be used both to test and exploit network environments
  • Passive Reconnaissance & Intelligence Gathering Tools

  • define how passive reconnaissance and intelligence gathering tools can be used to test network environments
  • Assessment, Sandboxing, and Debugging

  • define how assessment, sandboxing, and debugging can be used to test the security of network environments
  • Penetration Testing

  • identify how penetration testing can be used to ensure security in network environments
  • Black Box, White Box, and Gray Box Testing

  • identify the differences between black box, white box, and gray box testing techniques
  • Reconnaissance, Fingerprinting, and Social Engineering

  • define how reconnaissance, fingerprinting, and social engineering can be used to test the security of network environments
  • Exercise: Risk Mitigation Planning and Controls