ebook img

CompTIA Advanced Security Practitioner (CASP) CAS-003 Cert Guide CompTIA A PDF

1190 Pages·2017·16.83 MB·English
by  
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview CompTIA Advanced Security Practitioner (CASP) CAS-003 Cert Guide CompTIA A

About This eBook EPUB is an open, industry-standard format for e-books. However, support for EPUB and its many features varies across reading devices and applications. Use your device or app settings to customize the presentation to your liking. Settings that you can customize often include font, font size, single or double column, landscape or portrait mode, and figures that you can click or tap to enlarge. For additional information about the settings and features on your reading device or app, visit the device manufacturer’s Web site. Many titles include programming code or configuration examples. To optimize the presentation of these elements, view the e-book in single- column, landscape mode and adjust the font size to the smallest setting. In addition to presenting code and configurations in the reflowable text format, we have included images of the code that mimic the presentation found in the print book; therefore, where the reflowable format may compromise the presentation of the code listing, you will see a “Click here to view code image” link. Click the link to view the print-fidelity code image. To return to the previous page viewed, click the Back button on your device or app. 2 ® CompTIA Advanced Security Practitioner (CASP) CAS-003 Cert Guide Robin Abernathy Troy McMillan 800 East 96th Street Indianapolis, Indiana 46240 USA 3 ® CompTIA Advanced Security Practitioner (CASP) CAS-003 Cert Guide Copyright © 2018 by Pearson Education, Inc. All rights reserved. No part of this book shall be reproduced, stored in a retrieval system, or transmitted by any means, electronic, mechanical, photocopying, recording, or otherwise, without written permission from the publisher. No patent liability is assumed with respect to the use of the information contained herein. Although every precaution has been taken in the preparation of this book, the publisher and author assume no responsibility for errors or omissions. Nor is any liability assumed for damages resulting from the use of the information contained herein. ISBN-13: 978-0-7897-5944-3 ISBN-10: 0-7897-5944-6 Library of Congress Control Number: 2018932405 01 18 Trademarks All terms mentioned in this book that are known to be trademarks or service marks have been appropriately capitalized. Pearson IT Certification cannot attest to the accuracy of this information. Use of a term in this book should not be regarded as affecting the validity of any trademark or service mark. Windows is a registered trademark of Microsoft Corporation. Warning and Disclaimer Every effort has been made to make this book as complete and as accurate as possible, but no warranty or fitness is implied. The information provided is on an “as is” basis. The author and the publisher shall have neither liability nor responsibility to any person or entity with respect to any loss or damages arising from the information contained in this book. Special Sales For information about buying this title in bulk quantities, or for special 4 sales opportunities (which may include electronic versions; custom cover designs; and content particular to your business, training goals, marketing focus, or branding interests), please contact our corporate sales department at Tricia Bronkella 6 Contents at a Glance INTRODUCTION The CASP Exam CHAPTER 1 Business and Industry Influences and Associated Security Risks CHAPTER 2 Security, Privacy Policies, and Procedures CHAPTER 3 Risk Mitigation Strategies and Controls CHAPTER 4 Risk Metric Scenarios to Secure the Enterprise CHAPTER 5 Network and Security Components, Concepts, and Architectures CHAPTER 6 Security Controls for Host Devices CHAPTER 7 Security Controls for Mobile and Small Form Factor Devices CHAPTER 8 Software Vulnerability Security Controls CHAPTER 9 Security Assessments CHAPTER 10 Select the Appropriate Security Assessment Tool CHAPTER 11 Incident Response and Recovery CHAPTER 12 Host, Storage, Network, and Application Integration CHAPTER 13 Cloud and Virtualization Technology Integration CHAPTER 14 Authentication and Authorization Technology Integration CHAPTER 15 Cryptographic Techniques CHAPTER 16 Secure Communication and Collaboration CHAPTER 17 Industry Trends and Their Impact to the Enterprise CHAPTER 18 Security Activities Across the Technology Life Cycle 7 CHAPTER 19 Business Unit Interaction APPENDIX A Answers Glossary Index Online-only Elements: Appendix B Memory Tables Appendix C Memory Table Answers Appendix D Study Planner 8 Table of Contents Introduction The CASP Exam The Goals of the CASP Certification Sponsoring Bodies Other Security Exams Stated Goals The Value of the CASP Certification To the Security Professional Department of Defense Directive 8140 and 8570 (DoDD 8140 and 8570) To the Enterprise CASP Exam Objectives 1.0 Risk Management 1.1 Summarize business and industry influences and associated security risks. 1.2 Compare and contrast security, privacy policies and procedures based on organizational requirements. 1.3 Given a scenario, execute risk mitigation strategies and controls. 1.4 Analyze risk metric scenarios to secure the enterprise. 2.0 Enterprise Security Architecture 2.1 Analyze a scenario and integrate network and security components, concepts and architectures to meet security requirements. 2.2 Analyze a scenario to integrate security controls for host devices to meet security requirements. 2.3 Analyze a scenario to integrate security controls for mobile and small form factor devices to meet security requirements. 2.4 Given software vulnerability scenarios, select 9 appropriate security controls. 3.0 Enterprise Security Operations 3.1 Given a scenario, conduct a security assessment using the appropriate methods. 3.2 Analyze a scenario or output, and select the appropriate tool for a security assessment. 3.3 Given a scenario, implement incident response and recovery procedures. 4.0 Technical Integration of Enterprise Security 4.1 Given a scenario, integrate hosts, storage, networks and applications into a secure enterprise architecture. 4.2 Given a scenario, integrate cloud and virtualization technologies into a secure enterprise architecture. 4.3 Given a scenario, integrate and troubleshoot advanced authentication and authorization technologies to support enterprise security objectives. 4.4 Given a scenario, implement cryptographic techniques. 4.5 Given a scenario, select the appropriate control to secure communications and collaboration solutions. 5.0 Research, Development and Collaboration 5.1 Given a scenario, apply research methods to determine industry trends and their impact to the enterprise. 5.2 Given a scenario, implement security activities across the technology life cycle. 5.3 Explain the importance of interaction across diverse business units to achieve security goals. Steps to Becoming a CASP Qualifying for the Exam Signing Up for the Exam About the Exam 10

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.