Home Page Icon
Home Page
Table of Contents for
Cover Page
Close
Cover Page
by Dwayne Williams, Gregory White, Arthur Conklin
CASP CompTIA Advanced Security Practitioner Certification Study Guide (Exam CAS-001)
Cover Page
CASP™ CompTIA® Advanced Security Practitioner Certification Study Guide (Exam CAS-001)
Copyright Page
Dedication
About the Authors
Contents
Preface
Acknowledgments
Introduction
Part I Enterprise Security
1 Cryptographic Tools
Determine Appropriate Tools and Techniques
Symmetric Key Encryption Methods
Asymmetric or Public Key Encryption Methods
Advanced PKI Concepts
Systems
Hashing
Hashing Algorithms
Cryptographic Applications
Practical Application of Cryptographic Functions
Digital Signatures
Code Signing
Nonrepudiation
Transport Encryption
Implications of Cryptographic Methods and Design
Strength
Performance
Feasibility to Implement
Interoperability
Entropy
Pseudorandom Number Generation
Perfect Forward Secrecy
Confusion
Diffusion
✔ Two-Minute Drill
Q&A Self Test
Lab Question
Self Test Answers
Lab Answer
2 Computing Platforms
Advantages and Disadvantages of Virtualizing Servers and Minimizing Physical Space Requirements
Advantages of Virtualizing
Disadvantages of Virtualizing
VLAN
VLAN Usage
VLAN Vulnerabilities
Securing Virtual Environments, Appliances, and Equipment
Vulnerabilities Associated with a Single Physical Server Hosting Multiple Companies’ Virtual Machines
Vulnerabilities Associated with a Single Platform Hosting Multiple Companies’ Virtual Machines
Secure Use of On-demand/Elastic Cloud Computing
Advantages Associated with Cloud Computing
Issues Associated with Cloud Computing
Making Cloud Services More Secure
Vulnerabilities Associated with Co-mingling of Hosts with Different Security Requirements
Virtual Desktop Infrastructure (VDI)
Three Models of VDI
Advantages of VDI
Disadvantages of VDI
Terminal Services
✔ Two-Minute Drill
Q&A Self Test
Lab Question
Self Test Answers
Lab Answer
3 Enterprise Storage
Explain the Security Implications of Enterprise Storage
Virtual Storage
NAS—Network Attached Storage
SAN—Storage Area Network
VSAN
iSCSI
FCOE
LUN Masking
HBA Allocation
Redundancy (Location)
Secure Storage Management
Multipath
Snapshots
Deduplication
✔ Two-Minute Drill
Q&A Self Test
Lab Question
Self Test Answers
Lab Answer
4 Infrastructure
Advanced Network Design
Remote Access
Placement of Security Devices
Critical Infrastructure / Supervisory Control and Data Acquisition (SCADA)
VoIP
IPv6
Complex Network Security Solutions for Data Flow
Secure Data Flows to Meet Changing Business Needs
Emerging Technologies
Secure DNS
Securing Zone Transfer
TSIG
DNSSEC
Secure Directory Services
LDAP
AD
Federated Identity
Single Sign On
Network Design Consideration
Building Layouts
Facilities Management
Multitier Networking Data Design Considerations
Logical Deployment Diagram and Corresponding Physical Deployment Diagram of All Relevant Devices
Secure Infrastructure Design
Storage Integration
Advanced Configuration of Routers, Switches, and Other Network Devices
Transport Security
Trunking Security
Route Protection
ESB
SOA
SIEM
Database Access Monitor (DAM)
Service Enabled
WS-Security
✔ Two-Minute Drill
Q&A Self Test
Lab Question
Self Test Answers
Lab Answer
5 Host Security Controls
Host-based Firewalls
Trusted OS
Endpoint Security Software
Antivirus
Anti-spyware
Anti-malware
Spam Filters
Host Hardening
Standard Operating Environment
Security/Group Policy Implementation
Command Shell Restrictions
Warning Banners
Restricted Interfaces
Asset Management (Inventory Control)
Data Exfiltration
Covert Channels
Steganography
HIPS/HIDS
NIPS/NIDS
✔ Two-Minute Drill
Q&A Self Test
Lab Question
Self Test Answers
Lab Answer
6 Application Security
Web Application Security Design Considerations
Secure by Design
Secure by Default
Secure by Deployment
Specific Application Issues
Input Validation
Cross-Site Scripting (XSS)
Clickjacking
Session Management
SQL Injection
Application Sandboxing
Application Security Frameworks
Standard Libraries
Industry-Accepted Approaches
Secure Coding Standards
Exploits Resulting from Improper Error and Exception Handling
Error and Exception Handling
Privilege Escalation
Improper Storage of Sensitive Data
Fuzzing/False Injection
Secure Cookie Storage and Transmission
Client-Side Processing vs. Server-Side Processing
State Management
JavaScript
AJAX
Buffer Overflow
Integer Overflows
Memory Leaks
Race Conditions
Time of Check
Time of Use
Resource Exhaustion
✔ Two-Minute Drill
Q&A Self Test
Lab Question
Self Test Answers
Lab Answer
7 Security Assessments
Tool Types
Port Scanners
Vulnerability Scanners
Protocol Analyzer
Switch Port Analyzer
Network Enumerator
Password Cracker
Fuzzer
HTTP Interceptor
Attacking Tools/Frameworks
Methods
Vulnerability Assessment
Penetration Testing
Black Box
White Box
Gray Box
Fingerprinting
Code Review
Social Engineering
✔ Two-Minute Drill
Q&A Self Test
Lab Question
Self Test Answers
Lab Answer
Part II Risk Management, Policy/Procedure, and Legal
8 Analyze Risk Implications
Risk Management of New Products, New Technologies, and User Behaviors
New or Changing Business Models/Strategies
Risk Management Process
Partnerships
Outsourcing
Managed Security Services
Mergers and Acquisitions
Internal and External Influences
Compliance
Audit Findings
Client Requirements
Top-level Management
Impact of De-perimeterization
Enterprise Standard Operating Environment
Personally Managed Devices
BYOD
Merging SOE and Personal Device Networks
✔ Two-Minute Drill
Q&A Self Test
Lab Question
Self Test Answers
Lab Answer
9 Risk Management Strategy and Controls
Classify Information Types into Levels of CIA Based on Organization/Industry
Confidentiality
Integrity
Availability
CIA Tradeoffs
Determine the Aggregate Score of CIA
Nomenclature
Determine the Minimum Required Security Controls Based on Aggregate Score
Conduct System-Specific Risk Analysis
Qualitative Risk Analysis
Quantitative Risk Analysis
Make Risk Determination
Magnitude of Impact
Likelihood of Threat
Decide Which Security Controls Should Be Applied Based on Minimum Requirements
Avoid
Transfer
Mitigate
Accept
Implement Controls
Security Requirements Traceability Matrix (SRTM)
Enterprise Security Architecture (ESA) Frameworks
Continuous Monitoring
✔ Two-Minute Drill
Q&A Self Test
Lab Question
Self Test Answers
Lab Answer
10 E-discovery, Data Breaches, and Incident Response
E-discovery
Digital Forensics
Digital Forensics Process
Electronic Inventory and Asset Control
Data Retention Policies
Data Recovery and Storage
Data Ownership and Handling
Data Breach
Recovery
Minimization
Mitigation and Response
System Design to Facilitate Incident Response, Taking into Account Types of Violations
Internal and External
Privacy Policy Violations
Criminal Actions
Establish and Review System Event and Security Logs
Incident and Emergency Response
Incident Response Teams
✔ Two-Minute Drill
Q&A Self Test
Lab Question
Self Test Answers
Lab Answer
11 Security and Privacy Policies
Policy Development and Updates in Light of New Business, Technology, and Environment Changes
Process/Procedure Development and Updates in Light of Policy, Environment, and Business Changes
Support Legal Compliance and Advocacy by Partnering with HR, Legal, Management, and Other Entities
Use Common Business Documents to Support Security
Interconnection Security Agreement (ISA)
Memorandum of Understanding (MOU)
Service Level Agreement (SLA)
Operating Level Agreement (OLA)
Non-Disclosure Agreement (NDA)
Business Partnership Agreement (BPA)
Use General Privacy Principles for PII/Sensitive PII
Support the Development of Policies
Separation of Duties
Job Rotation
Mandatory Vacation
Least Privilege
Incident Response
Forensic Tasks
On-going Security
Training and Awareness for Users
Auditing Requirements and Frequency
✔ Two-Minute Drill
Q&A Self Test
Lab Question
Self Test Answers
Lab Answer
Part III Research and Analysis
12 Industry Trends
Ongoing Security Research
Best Practices
New Technologies
New Security Systems and Services
Technology Evolution
Situational Awareness
Latest Client-Side Attacks
Threats
Counter Zero Day
Emergent Issues
Research Security Implications of New Business Tools
Social Media/Networking
Integration within the Business
Global Information Assurance Industry/Community
Conventions
Attackers
Emerging Threat Sources
Security Requirements for Contracts
RFP, RFQ, and RFI
Agreements
✔ Two-Minute Drill
Q&A Self Test
Lab Question
Self Test Answers
Lab Answer
13 Enterprise Security
Benchmark
Prototype and Test Multiple Solutions
Cost Benefit Analysis (ROI, TCO)
Analyze and Interpret Trend Data to Anticipate Cyber Defense Aids
Review Effectiveness of Existing Security
Reverse-Engineer/Deconstruct Existing Solutions
Analyze Security Solutions to Ensure They Meet Business Needs
Specify the Performance
Latency
Scalability
Capability
Usability
Maintainability
Availability
Conduct a Lessons-Learned/After-Action Review
Use Judgment to Solve Difficult Problems That Do Not Have a Best Solution
Conduct Network Traffic Analysis
✔ Two-Minute Drill
Q&A Self Test
Lab Question
Self Test Answers
Lab Question
Part IV Integration of Computing, Communications and Business Disciplines
14 People and Security
Interpreting Security Requirements to Communicate with Others
Programmers
Network Engineers
Sales Staff
Providing Guidance to Staff and Senior Management
Establishing Effective Collaboration within Teams
Disciplines
Programmer
Database Administrator
Network Administrator
Management
Stakeholders
Financial Personnel
Human Resources
Emergency Response Team
Facilities Manager
Physical Security Manager
✔ Two-Minute Drill
Q&A Self Test
Lab Question
Self Test Answers
Lab Answer
15 Change Control
Security Concerns of Interconnecting Multiple Industries
Rules, Policies, and Regulations
Design Consideration During Mergers, Acquisitions, and Demergers
Assuring Third-Party Products Only Introduce Acceptable Risk
Custom Developed
COTS
Network Secure Segmentation and Delegation
Integration of Products and Services
✔ Two-Minute Drill
Q&A Self Test
Lab Question
Self Test Answers
Lab Answer
16 Security Controls for Communication and Collaboration
Unified Communications Security
Web Conferencing
Video Conferencing
Instant Messaging (IM)
Desktop Sharing
Remote Assistance
Presence
E-mail
Telephony
VoIP Security
VoIP Implementation
Remote Access
Enterprise Configuration Management of Mobile Devices
Secure External Communications
Secure Implementation of Collaboration Platforms
Prioritizing Traffic (QoS)
Mobile Devices
Laptops, IP Cameras, IP-based Devices
✔ Two-Minute Drill
Q&A Self Test
Lab Question
Self Test Answers
Lab Answer
17 Advanced Authentication Tools, Techniques, and Concepts
Federated Identity Management
eXtensible Access Control Markup Language (XACML)
Simple Object Access Protocol (SOAP)
Single Sign On (SSO)
OpenID
Service Provisioning Markup Language (SPML)
Certificate-based Authentication
SSL/TLS Certificate-based Authentication
Attestation
✔ Two-Minute Drill
Q&A Self Test
Lab Question
Self Test Answers
Lab Answer
18 Security Activities Across the Technology Life Cycle
End-to-End Solution Ownership
Understanding the Results of Solutions in Advance
Operational Activities
Maintenance
Decommissioning
General Change Management
Systems Development Life Cycle
Security System Development Life Cycle (SSDLC) and Security Development Life Cycle (SDLC)
Security Requirements Traceability Matrix (SRTM)
Adapt Solutions to Address Emerging Threats and Security Trends
Validate the System Design
Common Criteria
Federal Information Processing Standards (FIPS)
✔ Two-Minute Drill
Q&A Self Test
Lab Question
Self Test Answers
Lab Answer
Appendix About the Download
Downloading the ISO File
System Requirements
Installing and Running MasterExam
MasterExam
LearnKey Online Training
Help
Removing Installations
Technical Support
LearnKey Technical Support
Glossary
Index
Search in book...
Toggle Font Controls
Playlists
Add To
Create new playlist
Name your new playlist
Playlist description (optional)
Cancel
Create playlist
Sign In
Email address
Password
Forgot Password?
Create account
Login
or
Continue with Facebook
Continue with Google
Sign Up
Full Name
Email address
Confirm Email Address
Password
Login
Create account
or
Continue with Facebook
Continue with Google
Next
Next Chapter
CASP™ CompTIA® Advanced Security Practitioner Certification Study Guide (Exam CAS-001)
Add Highlight
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click
here
login for view all page.
Day Mode
Cloud Mode
Night Mode
Reset