About the Book

The CompTIA Advanced Security Practitioner (CASP) certification is a popular certification for those in the security field. Although many vendor-specific networking certifications are popular in the industry, the CompTIA CASP certification is unique in that it is vendor neutral. The CompTIA CASP certification often acts as a stepping-stone to more specialized and vendor-specific certifications, such as those offered by ISC2.

In the CompTIA CASP exam, the topics are mostly generic in that they can apply to many security devices and technologies, regardless of vendor. Although the CompTIA CASP is vendor neutral, devices and technologies are implemented by multiple independent vendors. In that light, several of the examples associated with this book include using particular vendors’ configurations and technologies. More detailed training regarding a specific vendor’s software and hardware can be found in books and training specific to that vendor.

Goals and Methods

The goal of this book is to assist you in learning and understanding the technologies covered in the CASP CAS-003 blueprint from CompTIA. This book also helps you demonstrate your knowledge by passing the CAS-003 version of the CompTIA CASP exam.

To aid you in mastering and understanding the CASP + certification objectives, this book provides the following tools:

  • Opening topics list: This list defines the topics that are covered in the chapter.

  • Key Topics icons: These icons indicate important figures, tables, and lists of information that you need to know for the exam. They are sprinkled throughout each chapter and are summarized in table format at the end of each chapter.

  • Memory tables: These can be found on the companion website and in Appendix B, “Memory Tables,” and Appendix C, “Memory Tables Answer Key.” Use them to help memorize important information.

  • Key terms: Key terms without definitions are listed at the end of each chapter. Write down the definition of each term and check your work against the Glossary.

For current information about the CompTIA CASP certification exam, visit https://certification.comptia.org/certifications/comptia-advanced-security-practitioner.

Who Should Read This Book?

Readers of this book will range from people who are attempting to attain a position in the IT security field to people who want to keep their skills sharp or perhaps retain their job when a company policy mandates that they take the new exams.

This book is also for readers who want to acquire additional certifications beyond the CASP certification (for example, the CISSP certification and beyond). The book is designed in such a way to offer easy transition to future certification studies.

Strategies for Exam Preparation

Read the chapters in this book, jotting down notes with key concepts or configurations on a separate notepad.

Download the current list of exam objectives by submitting a form at http://certification.comptia.org/examobjectives.aspx.

Use the practice exam, which is included on this book’s companion website. As you work through the practice exam, note the areas where you lack confidence and review those concepts. After you review these areas, work through the practice exam a second time and rate your skills. Keep in mind that the more you work through a practice exam, the more familiar the questions become, and the practice exam becomes a less accurate indicator of your skills.

After you work through a practice exam a second time and feel confident with your skills, schedule the real CompTIA CASP exam (CAS-003). The following website provides information about registering for the exam: www.pearsonvue.com/comptia/.

CompTIA CASP Exam Topics

Table 1 lists general exam topics (objectives) and specific topics under each general topic (subobjectives) for the CompTIA CASP CAS-003 exam. This table lists the primary chapter in which each exam topic is covered. Note that many objectives and subobjectives are interrelated and are addressed in multiple chapters.

Table 1 CompTIA CASP Exam Topics

Chapter

CAS-003 Exam Objective

CAS-003 Exam Subobjective

1

Business and Industry Influences and Associated Security Risks

1.1 Summarize business and industry influences and associated security risks.

  • Risk management of new products, new technologies and user behaviors

  • New or changing business models/strategies

  • Security concerns of integrating diverse industries

  • Internal and external influences

  • Impact of de-perimeterization (e.g., constantly changing network boundary)

2

Security, Privacy Policies, and Procedures

1.2 Compare and contrast security, privacy policies and procedures based on organizational requirements.

  • Policy and process life cycle management

  • Support legal compliance and advocacy by partnering with human resources, legal, management and other entities

  • Understand common business documents to support security

  • Research security requirements for contracts

  • Understand general privacy principles for sensitive information

  • Support the development of policies containing standard security practices

3

Risk Mitigation Strategies and Controls

1.3 Given a scenario, execute risk mitigation strategies and controls.

  • Categorize data types by impact levels based on CIA

  • Incorporate stakeholder input into CIA impact-level decisions

  • Determine minimum-required security controls based on aggregate score

  • Select and implement controls based on CIA requirements and organizational policies

  • Extreme scenario planning/worst-case scenario

  • Conduct system-specific risk analysis

  • Make risk determination based upon known metrics

  • Translate technical risks in business terms

  • Recommend which strategy should be applied based on risk appetite

  • Risk management processes

  • Continuous improvement/monitoring

  • Business continuity planning

  • IT governance

  • Enterprise resilience

4

Risk Metric Scenarios to Secure the Enterprise

1.4 Analyze risk metric scenarios to secure the enterprise.

  • Review effectiveness of existing security controls

  • Reverse engineer/deconstruct existing solutions

  • Creation, collection and analysis of metrics

  • Prototype and test multiple solutions

  • Create benchmarks and compare to baselines

  • Analyze and interpret trend data to anticipate cyber defense needs

  • Analyze security solution metrics and attributes to ensure they meet business needs

  • Use judgment to solve problems where the most secure solution is not feasible

5

Network and Security Components, Concepts, and Architectures

2.1 Analyze a scenario and integrate network and security components, concepts and architectures to meet security requirements.

  • Physical and virtual network and security devices

  • Application and protocol-aware technologies

  • Advanced network design (wired/wireless)

  • Complex network security solutions for data flow

  • Secure configuration and baselining of networking and security components

  • Software-defined networking

  • Network management and monitoring tools

  • Advanced configuration of routers, switches and other network devices

  • Security zones

  • Network access control

  • Network-enabled devices

  • Critical infrastructure

6

Security Controls for Host Devices

2.2 Analyze a scenario to integrate security controls for host devices to meet security requirements.

  • Trusted OS (e.g., how and when to use it)

  • Endpoint security software

  • Host hardening

  • Boot loader protections

  • Vulnerabilities associated with hardware

  • Terminal services/application delivery services

7

Security Controls for Mobile and Small Form Factor Devices

2.3 Analyze a scenario to integrate security controls for mobile and small form factor devices to meet security requirements.

  • Enterprise mobility management

  • Security implications/privacy concerns

  • Wearable technology

8

Software Vulnerability Security Controls

2.4 Given software vulnerability scenarios, select appropriate security controls.

  • Application security design considerations

  • Specific application issues

  • Application sandboxing

  • Secure encrypted enclaves

  • Database activity monitor

  • Web application firewalls

  • Client-side processing vs. server-side processing

  • Operating system vulnerabilities

  • Firmware vulnerabilities

9

Security Assessments

3.1 Given a scenario, conduct a security assessment using the appropriate methods.

  • Methods

  • Types

10

Select the Appropriate Security Assessment Tool

3.2 Analyze a scenario or output, and select the appropriate tool for a security assessment.

  • Network tool types

  • Host tool types

  • Physical security tools

11

Incident Response and Recovery

3.3 Given a scenario, implement incident response and recovery procedures.

  • E-discovery

  • Data breach

  • Facilitate incident detection and response

  • Incident and emergency response

  • Incident response support tools

  • Severity of incident or breach

  • Post-incident response

12

Host, Storage, Network, and Application Integration

4.1 Given a scenario, integrate hosts, storage, networks and applications into a secure enterprise architecture.

  • Adapt data flow security to meet changing business needs

  • Standards

  • Interoperability issues

  • Resilience issues

  • Data security considerations

  • Resources provisioning and deprovisioning

  • Design considerations during mergers, acquisitions and demergers/divestitures

  • Network secure segmentation and delegation

  • Logical deployment diagram and corresponding physical deployment diagram of all relevant devices

  • Security and privacy considerations of storage integration

  • Security implications of integrating enterprise applications

13

Cloud and Virtualization Technology Integration

4.2 Given a scenario, integrate cloud and virtualization technologies into a secure enterprise architecture.

  • Technical deployment models (outsourcing/insourcing/managed services/partnership)

  • Security advantages and disadvantages of virtualization

  • Cloud augmented security services

  • Vulnerabilities associated with comingling of hosts with different security requirements

  • Data security considerations

  • Resources provisioning and deprovisioning

14

Authentication and Authorization Technology Integration

4.3 Given a scenario, integrate and troubleshoot advanced authentication and authorization technologies to support enterprise security objectives.

  • Authentication

  • Authorization

  • Attestation

  • Identity proofing

  • Identity propagation

  • Federation

  • Trust models

15

Cryptographic Techniques

4.4 Given a scenario, implement cryptographic techniques.

  • Techniques

  • Implementations

16

Secure Communication and Collaboration

4.5 Given a scenario, select the appropriate control to secure communications and collaboration solutions.

  • Remote access

  • Unified collaboration tools

17

Industry Trends and Their Impact to the Enterprise

5.1 Given a scenario, apply research methods to determine industry trends and their impact to the enterprise.

  • Perform ongoing research

  • Threat intelligence

  • Research security implications of emerging business tools

  • Global IA industry/community

18

Security Activities Across the Technology Life Cycle

5.2 Given a scenario, implement security activities across the technology life cycle.

  • Systems development life cycle

  • Software development life cycle

  • Adapt solutions to address: emerging threats, disruptive technologies, and security trends

  • Asset management (inventory control)

19

Business Unit Interaction

5.3 Explain the importance of interaction across diverse business units to achieve security goals.

  • Interpreting security requirements and goals to communicate with stakeholders from other disciplines

  • Provide objective guidance and impartial recommendations to staff and senior management on security processes and controls

  • Establish effective collaboration within teams to implement secure solutions

  • Governance, risk and compliance committee

How This Book Is Organized

Although this book could be read cover-to-cover, it is designed to be flexible and allow you to easily move between chapters and sections of chapters to cover just the material that you need more work with. However, if you do intend to read all the chapters, the order in the book is an excellent sequence to use.

In addition to the 19 main chapters, this book includes tools to help you verify that you are prepared to take the exam. The companion website also includes a practice test and memory tables that you can work through to verify your knowledge of the subject matter.

Companion Website

Register this book to get access to the Pearson Test Prep practice test software and other study materials plus additional bonus content. Check this site regularly for new and updated postings written by the author that provide further insight into the more troublesome topics on the exam. Be sure to check the box that you would like to hear from us to receive updates and exclusive discounts on future editions of this product or related products.

To access this companion website, follow these steps:

  1. Go to www.pearsonITcertification.com/register and log in or create a new account.

  2. Enter the ISBN: 9780789759443.

  3. Answer the challenge question as proof of purchase.

  4. Click the Access Bonus Content link in the Registered Products section of your account page, to be taken to the page where your downloadable content is available.

Please note that many of our companion content files can be very large, especially image and video files.

If you are unable to locate the files for this title by following the steps just listed, please visit www.pearsonITcertification.com/contact and select the Site Problems/Comments option. Our customer service representatives will assist you.

Pearson Test Prep Practice Test Software

As noted previously, this book comes complete with the Pearson Test Prep practice test software, containing two full exams. These practice tests are available to you either online or as an offline Windows application. To access the practice exams that were developed with this book, please see the instructions in the card inserted in the sleeve in the back of the book. This card includes a unique access code that enables you to activate your exams in the Pearson Test Prep software.

Note

The cardboard sleeve in the back of this book includes a piece of paper. The paper lists the activation code for the practice exams associated with this book. Do not lose the activation code. On the opposite side of the paper from the activation code is a unique, one-time-use coupon code for the purchase of the Premium Edition eBook and Practice Test.

Accessing the Pearson Test Prep Software Online

The online version of the Pearson Test Prep software can be used on any device with a browser and connectivity to the Internet, including desktop machines, tablets, and smartphones. To start using your practice exams online, simply follow these steps:

  1. Go to http://www.PearsonTestPrep.com.

  2. Select Pearson IT Certification as your product group.

  3. Enter the email/password for your account. If you don’t have an account on PearsonITCertification.com or CiscoPress.com, you need to establish one by going to PearsonITCertification.com/join.

  4. In the My Products tab, click the Activate New Product button.

  5. Enter the access code printed on the insert card in the back of your book to activate your product. The product is now listed in your My Products page.

  6. Click the Exams button to launch the exam settings screen and start your exam.

Accessing the Pearson Test Prep Software Offline

If you wish to study offline, you can download and install the Windows version of the Pearson Test Prep software. There is a download link for this software on the book’s companion website, or you can just enter this link in your browser: http://www.pearsonitcertification.com/content/downloads/pcpt/engine.zip.

To access the book’s companion website and the software, simply follow these steps:

  1. Register your book by going to PearsonITCertification.com/register and entering the ISBN: 9780789759443.

  2. Respond to the challenge questions.

  3. Go to your account page and select the Registered Products tab.

  4. Click the Access Bonus Content link under the product listing.

  5. Click the Install Pearson Test Prep Desktop Version link under the Practice Exams section of the page to download the software.

  6. When the software finishes downloading, unzip all the files on your computer.

  7. Double-click the application file to start the installation and follow the onscreen instructions to complete the registration.

  8. When the installation is complete, launch the application and click Activate Exam button on the My Products tab.

  9. Click the Activate a Product button in the Activate Product Wizard.

  10. Enter the unique access code found on the card in the sleeve in the back of your book and click the Activate button.

  11. Click Next and then the Finish button to download the exam data to your application.

  12. You can now start using the practice exams by selecting the product and clicking the Open Exam button to open the exam settings screen.

Note that the offline and online versions will sync together, so saved exams and grade results recorded on one version will be available to you on the other as well.

Customizing Your Exams

When you are in the exam settings screen, you can choose to take exams in one of three modes:

  • Study Mode

  • Practice Exam Mode

  • Flash Card Mode

Study Mode allows you to fully customize your exams and review answers as you are taking the exam. This is typically the mode you would use first to assess your knowledge and identify information gaps. Practice Exam Mode locks certain customization options, as it is presenting a realistic exam experience. Use this mode when you are preparing to test your exam readiness. Flash Card Mode strips out the answers and presents you with only the question stem. This mode is great for late stage preparation when you really want to challenge yourself to provide answers without the benefit of seeing multiple choice options. This mode will not provide the detailed score reports that the other two modes will, so it should not be used if you are trying to identify knowledge gaps.

In addition to these three modes, you will be able to select the source of your questions. You can choose to take exams that cover all of the chapters or you can narrow your selection to just a single chapter or the chapters that make up specific parts in the book. All chapters are selected by default. If you want to narrow your focus to individual chapters, simply deselect all the chapters then select only those on which you wish to focus in the Objectives area.

You can also select the exam banks on which to focus. Each exam bank comes complete with a full exam of questions that cover topics in every chapter. The two exams printed in the book are available to you as well as two additional exams of unique questions. You can have the test engine serve up exams from all four banks or just from one individual bank by selecting the desired banks in the exam bank area.

There are several other customizations you can make to your exam from the exam settings screen, such as the time of the exam, the number of questions served up, whether to randomize questions and answers, whether to show the number of correct answers for multiple answer questions, or whether to serve up only specific types of questions. You can also create custom test banks by selecting only questions that you have marked or questions on which you have added notes.

Updating Your Exams

If you are using the online version of the Pearson Test Prep software, you should always have access to the latest version of the software as well as the exam data. If you are using the Windows desktop version, every time you launch the software, it will check to see if there are any updates to your exam data and automatically download any changes that were made since the last time you used the software. This requires that you are connected to the Internet at the time you launch the software.

Sometimes, due to many factors, the exam data may not fully download when you activate your exam. If you find that figures or exhibits are missing, you may need to manually update your exams.

To update a particular exam you have already activated and downloaded, simply select the Tools tab and select the Update Products button. Again, this is only an issue with the desktop Windows application.

If you wish to check for updates to the Pearson Test Prep exam engine software, Windows desktop version, simply select the Tools tab and select the Update Application button. This will ensure you are running the latest version of the software engine.

Assessing Exam Readiness

Exam candidates never really know whether they are adequately prepared for the exam until they have completed about 30% of the questions. At that point, if you are not prepared, it is too late. The best way to determine your readiness is to work through the chapter questions at the end of each chapter and to review the foundation and key topics. It is best to work your way through the entire book unless you can complete each subject without having to do any research or look up any answers.

Premium Edition eBook and Practice Tests

This book also includes an exclusive offer for 70% off the Premium Edition eBook and Practice Tests edition of this title. Please see the coupon code included with the cardboard sleeve for information on how to purchase the Premium Edition.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.95.231.212