ebook img

CompTIA CASP Advanced Security Practitioner Study Guide (Exam CAS-002) PDF

725 Pages·2014·7.15 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview CompTIA CASP Advanced Security Practitioner Study Guide (Exam CAS-002)

Table of Contents Title Page Copyright Publisher's Note Dedication Acknowledgments About the Author About the Contributor Foreword Introduction Before You Begin the CompTIA CASP Certification Exam How to Become a CASP Certified Professional Who Should Read This Book? How This Book Is Organized Exam Strategy How to Use This Book and Companion Website The CASP (2014 Edition) Exam Objectives Assessment Test Answers to Assessment Test Chapter 1: Cryptographic Tools and Techniques The History of Cryptography Cryptographic Services Symmetric Encryption Asymmetric Encryption Hybrid Encryption Hashing Digital Signatures Public Key Infrastructure Implementation of Cryptographic Solutions Cryptographic Attacks Summary Exam Essentials Review Questions Chapter 2: Comprehensive Security Solutions Advanced Network Design TCP/IP Secure Communication Solutions Secure Facility Solutions Secure Network Infrastructure Design Summary Exam Essentials Review Questions Chapter 3: Securing Virtualized, Distributed, and Shared Computing Enterprise Security Cloud Computing Virtualization Virtual LANs Virtual Networking and Security Components Enterprise Storage Summary Exam Essentials Review Questions Chapter 4: Host Security Firewalls and Network Access Control Host-Based Firewalls Trusted Operating Systems Endpoint Security Solutions Anti-malware Host Hardening Asset Management Data Exfiltration Intrusion Detection and Prevention Network Management, Monitoring, and Security Tools Summary Exam Essentials Review Questions Chapter 5: Application Security and Penetration Testing Application Security Testing Specific Application Issues Application Sandboxing Application Security Frameworks Secure Coding Standards Application Exploits Escalation of Privilege Improper Storage of Sensitive Data Cookie Storage and Transmission Malware Sandboxing Memory Dumping Process Handling at the Client and Server Security Assessments and Penetration Testing Summary Exam Essentials Review Questions Chapter 6: Risk Management Risk Terminology Identifying Vulnerabilities Operational Risks The Risk Assessment Process Best Practices for Risk Assessments Summary Exam Essentials Review Questions Chapter 7: Policies, Procedures, and Incident Response A High-Level View of Documentation Business Documents Used to Support Security Documents and Controls Used for Sensitive Information Training and Awareness for Users Auditing Requirements and Frequency The Incident Response Framework Incident and Emergency Response Summary Exam Essentials Review Questions Chapter 8: Security Research and Analysis Apply Research Methods to Determine Industry Trends and Impact to the Enterprise Analyze Scenarios to Secure the Enterprise Summary Exam Essentials Review Questions Chapter 9: Enterprise Security Integration Integrate Enterprise Disciplines to Achieve Secure Solutions Integrate Hosts, Storage, Networks, and Applications into a Secure Enterprise Architecture Summary Exam Essentials Review Questions Chapter 10: Security Controls for Communication and Collaboration Selecting the Appropriate Control to Secure Communications and Collaboration Solutions Integrate Advanced Authentication and Authorization Technologies to Support Enterprise Objectives Implement Security Activities across the Technology Life Cycle Summary Exam Essentials Review Questions Appendix A: CASP Lab Manual What You'll Need Lab A1: Verifying a Baseline Security Configuration Lab A2: Introduction to a Protocol Analyzer Lab A3: Performing a Wireless Site Survey Lab A4: Using Windows Remote Access Lab A5: Configuring a VPN Client Lab A6: Using the Windows Command-Line Interface (CLI) Lab A7: Cisco IOS Command-Line Basics Lab A8: Shopping for Wi-Fi Antennas Lab A9: Cloud Provisioning Lab A10: Introduction to Windows Command-Line Forensic Tools Lab A11: Introduction to Hashing Using a GUI Lab A12: Hashing from the Command Line Lab A13: Cracking Encrypted Passwords Lab A14: Threat Modeling Lab A15: Social Engineering Lab A16: Downloading, Verifying, and Installing a Virtual Environment Lab A17: Exploring Your Virtual Network Lab A18: Port Scanning Lab A19: Introduction to the Metasploit Framework Lab A20: Sniffing NETinVM Traffic with Wireshark Suggestions for Further Exploration of Security Topics Appendix B: Answers to Review Questions Chapter 1: Cryptographic Tools and Techniques Chapter 2: Comprehensive Security Solutions Chapter 3: Securing Virtualized, Distributed, and Shared Computing Chapter 4: Host Security Chapter 5: Application Security and Penetration Testing Chapter 6: Risk Management Chapter 7: Policies, Procedures, and Incident Response Chapter 8: Security Research and Analysis Chapter 9: Enterprise Security Integration Chapter 10: Security Controls for Communication and Collaboration Appendix C: About the Additional Study Tools Additional Study Tools System Requirements Using the Study Tools Troubleshooting Free Online Study Tools End User License Agreement List of Illustrations Figure 1.1 A rail-fence cipher (an example of a transposition cipher) Figure 1.2 Symmetric encryption Figure 1.3 Asymmetric encryption Figure 1.4 Hybrid encryption Figure 1.5 Hashing process Figure 1.6 An example of a cryptographic hash on a software product Figure 1.7 Digital signature creation Figure 1.8 Hierarchical trust model Figure 1.9 An example of an X.509 certificate Figure 1.10 An example of a chain of trust Figure 2.1 CHAP authentication Figure 2.2 Packet filter firewall Figure 2.3 Screened host firewall Figure 2.4 DMZ firewall design Figure 2.5 Defense-in-depth firewall design Figure 2.6 Basic SCADA system Figure 2.7 VoIP in the protocol stack Figure 2.8 TCP/IP protocol stack Figure 2.9 MAC address capture Figure 2.10 IPv4 header Figure 2.11 IPv6 header Figure 2.12 TCP startup Figure 2.13 UDP header Figure 3.1 Some of the components of enterprise security Figure 3.2 Some of the components of enterprise security Figure 3.3 Evolution of cloud services Figure 3.4 VDI infrastructure Figure 3.5 Type 1 hypervisor Figure 3.6 Type 2 hypervisor Figure 3.7 Enterprise storage Figure 3.8 Files.com uploaded file browse Figure 4.1 Firewall placement and design Figure 4.2 Basic network with firewall Figure 4.3 Defense in depth and multiple layers of protection Figure 4.4 Spam filter operation Figure 4.5 Network-based IDS placement Figure 4.6 HIDS placement Figure 5.1 Burp Proxy cookie capture Figure 5.2 Input validation error Figure 5.3 Rings of protection Figure 5.4 Buffer overflow Figure 5.5 Integer overflow example Figure 5.6 Wireshark Figure 6.1 Vulnerability window Figure 6.2 Cloud-based service providers Figure 6.3 Sample qualitative aggregate score findings Figure 6.4 Risk-ranking matrix Figure 7.1 Components of a good information security policy Figure 7.2 Policy and subdocument structure Figure 7.3 Computer forensics and incident responses model Figure 8.1 National Institute of Standards and Technology's National Vulnerability Database website Figure 8.2 Cain & Abel Figure 8.3 Wireshark IPv4 Figure 8.4 Wireshark IPv6 Figure 8.5 Policy structure Figure 8.6 Facebook.js, used by Firesheep to capture cookies Figure 8.7 Botnet command and control structure Figure 8.8 Corporate Facebook Like page Figure 8.9 DefCon home page Figure 8.10 LulzSec Figure 9.1 The security triad Figure 9.2 Building security controls Figure 9.3 Security governance Figure 9.4 Basic security controls Figure 9.5 OODA model Figure 9.6 Typical organizational chart Figure 9.7 Drivers of change Figure 9.8 Layered access control Figure 10.1 Back Orifice Figure 10.2 TSweb remote connection Figure 10.3 Structure of a PPP header Figure 10.4 SOAP layers Figure 10.5 X.509 digital certificate Figure 10.6 SDLC processes Figure 10.7 Security requirements traceability matrix

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.