Book Image

CompTIA CASP+ CAS-004 Certification Guide

By : Mark Birch
Book Image

CompTIA CASP+ CAS-004 Certification Guide

By: Mark Birch

Overview of this book

CompTIA Advanced Security Practitioner (CASP+) ensures that security practitioners stay on top of the ever-changing security landscape. The CompTIA CASP+ CAS-004 Certification Guide offers complete, up-to-date coverage of the CompTIA CAS-004 exam so you can take it with confidence, fully equipped to pass on the first attempt. Written in a clear, succinct way with self-assessment questions, exam tips, and mock exams with detailed explanations, this book covers security architecture, security operations, security engineering, cryptography, governance, risk, and compliance. You'll begin by developing the skills to architect, engineer, integrate, and implement secure solutions across complex environments to support a resilient enterprise. Moving on, you'll discover how to monitor and detect security incidents, implement incident response, and use automation to proactively support ongoing security operations. The book also shows you how to apply security practices in the cloud, on-premises, to endpoints, and to mobile infrastructure. Finally, you'll understand the impact of governance, risk, and compliance requirements throughout the enterprise. By the end of this CASP study guide, you'll have covered everything you need to pass the CompTIA CASP+ CAS-004 certification exam and have a handy reference guide.
Table of Contents (23 chapters)
1
Section 1: Security Architecture
6
Section 2: Security Operations
11
Section 3: Security Engineering and Cryptography
16
Section 4: Governance, Risk, and Compliance

Summary

In this chapter, we learned about the protocols and technologies that are used to protect data in many different states, primarily at rest, in transit, and in use. We gained an understanding of hashing algorithms, primarily to support integrity. These hashing algorithms include SHA, SHA-2, SHA-3, MD, and RIPE. We also looked at message integrity using HMAC and AEAD.

We then studied the options for ensuring confidentiality using symmetric encryption, including block ciphers such as AES and 3DES. We also identified cipher block modes, including GCM, ECB, CBC, CTR, and OFB. We then looked at common stream ciphers such as ChaCha and Salsa20, where real-time applications must be considered.

After that, we looked at asymmetric encryption, which is used for S/MIME, digital signatures, and key exchange. These asymmetric algorithms include ECC, ECHDE, RSA, and DSA.

We now understand how to deploy secure protocols, including SSL, TLS, S/MIME, IPSec, and SSH.

We also gained...