Book Image

CompTIA CASP+ CAS-004 Certification Guide

By : Mark Birch

Book Image

CompTIA CASP+ CAS-004 Certification Guide

By: Mark Birch

Overview of this book

CompTIA Advanced Security Practitioner (CASP+) ensures that security practitioners stay on top of the ever-changing security landscape. The CompTIA CASP+ CAS-004 Certification Guide offers complete, up-to-date coverage of the CompTIA CAS-004 exam so you can take it with confidence, fully equipped to pass on the first attempt. Written in a clear, succinct way with self-assessment questions, exam tips, and mock exams with detailed explanations, this book covers security architecture, security operations, security engineering, cryptography, governance, risk, and compliance. You'll begin by developing the skills to architect, engineer, integrate, and implement secure solutions across complex environments to support a resilient enterprise. Moving on, you'll discover how to monitor and detect security incidents, implement incident response, and use automation to proactively support ongoing security operations. The book also shows you how to apply security practices in the cloud, on-premises, to endpoints, and to mobile infrastructure. Finally, you'll understand the impact of governance, risk, and compliance requirements throughout the enterprise. By the end of this CASP study guide, you'll have covered everything you need to pass the CompTIA CASP+ CAS-004 certification exam and have a handy reference guide.

Preface

Who this book is for

What this book covers

To get the most out of this book

Download the color images

Conventions used

Share Your Thoughts

Section 1: Security Architecture

Section 1: Security Architecture

Free Chapter

Chapter 1: Designing a Secure Network Architecture

Chapter 1: Designing a Secure Network Architecture

Physical and virtual network and security devices

Application- and protocol-aware technologies

Advanced network design

Network management and monitoring tools

Advanced configuration of network devices

Case study answer

Chapter 2: Integrating Software Applications into the Enterprise

Chapter 2: Integrating Software Applications into the Enterprise

Integrating security into the development life cycle

Software assurance

Baseline and templates

Considerations when integrating enterprise applications

Integration enablers

Chapter 3: Enterprise Data Security, Including Secure Cloud and Virtualization Solutions

Chapter 3: Enterprise Data Security, Including Secure Cloud and Virtualization Solutions

Implementing data loss prevention

Implementing data loss detection

Enabling data protection

Implementing secure cloud and virtualization solutions

Investigating cloud deployment models

Extending appropriate on-premises controls

Examining cloud storage models

Chapter 4: Deploying Enterprise Authentication and Authorization Controls

Chapter 4: Deploying Enterprise Authentication and Authorization Controls

Credential management

Identity federation

Authentication and authorization protocols

Multi-Factor Authentication (MFA)

Section 2: Security Operations

Section 2: Security Operations

Chapter 5: Threat and Vulnerability Management

Chapter 5: Threat and Vulnerability Management

Intelligence types

Threat actor properties

Intelligence collection methods

Indicators of compromise

Chapter 6: Vulnerability Assessment and Penetration Testing Methods and Tools

Chapter 6: Vulnerability Assessment and Penetration Testing Methods and Tools

Vulnerability scans

Security Content Automation Protocol (SCAP)

Information sources

Testing methods

Penetration testing

Chapter 7: Risk Mitigation Controls

Chapter 7: Risk Mitigation Controls

Understanding application vulnerabilities

Assessing inherently vulnerable systems and applications

Recognizing common attacks

Proactive and detective risk reduction

Applying preventative risk reduction

Chapter 8: Implementing Incident Response and Forensics Procedures

Chapter 8: Implementing Incident Response and Forensics Procedures

Understanding incident response planning

Understanding the incident response process

Understanding forensic concepts

Using forensic analysis tools

Section 3: Security Engineering and Cryptography

Section 3: Security Engineering and Cryptography

Chapter 9: Enterprise Mobility and Endpoint Security Controls

Chapter 9: Enterprise Mobility and Endpoint Security Controls

Implementing enterprise mobility management

Security considerations for mobility management

Implementing endpoint security controls

Chapter 10: Security Considerations Impacting Specific Sectors and Operational Technologies

Chapter 10: Security Considerations Impacting Specific Sectors and Operational Technologies

Identifying regulated business sectors

Understanding embedded systems

Understanding ICS/SCADA

Understanding OT protocols

Chapter 11: Implementing Cryptographic Protocols and Algorithms

Chapter 11: Implementing Cryptographic Protocols and Algorithms

Understanding hashing algorithms

Understanding symmetric encryption algorithms

Understanding asymmetric encryption algorithms

Understanding encryption protocols

Understanding emerging security technologies

Chapter 12: Implementing Appropriate PKI Solutions, Cryptographic Protocols, and Algorithms for Business Needs

Chapter 12: Implementing Appropriate PKI Solutions, Cryptographic Protocols, and Algorithms for Business Needs

Understanding the PKI hierarchy

Understanding certificate types

Understanding PKI security and interoperability

Troubleshooting issues with cryptographic implementations

Section 4: Governance, Risk, and Compliance

Section 4: Governance, Risk, and Compliance

Chapter 13: Applying Appropriate Risk Strategies

Chapter 13: Applying Appropriate Risk Strategies

Understanding risk assessments

Implementing risk-handling techniques

Understanding the risk management life cycle

Understanding risk tracking

Managing risk with policies and security practices

Explaining the importance of managing and mitigating vendor risk

Chapter 14: Compliance Frameworks, Legal Considerations, and Their Organizational Impact

Chapter 14: Compliance Frameworks, Legal Considerations, and Their Organizational Impact

Security concerns associated with integrating diverse industries

Understanding regulations, accreditations, and standards

Understanding legal considerations

Application of contract and agreement types

Chapter 15: Business Continuity and Disaster Recovery Concepts

Chapter 15: Business Continuity and Disaster Recovery Concepts

Conducting a business impact analysis

Planning for high availability and automation

Explaining how cloud technology aids enterprise resilience

Chapter 16: Mock Exam 1

Chapter 16: Mock Exam 1

Assessment test answers

Chapter 17: Mock Exam 2

Chapter 17: Mock Exam 2

Other Books You May Enjoy

Other Books You May Enjoy

Packt is searching for authors like you

Share Your Thoughts

Customer Reviews

5 star

0

4 star

0

3 star

0

2 star

0

1 star

0

Questions

Here are a few questions to test your understanding of the chapter:

Which is the security module that would store an e-commerce server's private key?
1. DLP
2. HSM
3. DPI
4. 802.1x
How can I mitigate the threat of data leakage?
1. Through DLP
2. Through HSM
3. Through DPI
4. Through 802.1x
What type of IDS would I be using if I needed to update my definition files?
1. Anomaly
2. Behavior
3. Heuristics
4. Signature
What is the purpose of iptables on a host computer?
1. Routing
2. Firewall
3. Switching
4. Encryption
Which protocol would be used to manage a router securely from a technician's laptop?
1. Telnet
2. RDP
3. SSH
4. FTP
How should I protect my management interface on a switch when I need to configure it remotely? Choose two answers.
1. OSPF
2. OOB management
3. Strong password
4. RIP v2
What is an Ethernet standard for port access protocol, used for protecting networks via authentication?
1. 802.11
2. 802.3
3. 802.1x
4. d) 802.5
What type of connectivity will allow key personnel to maintain communication with one another and key network resources when the main network is under attack?
1. Email
2. OOB
3. Teams
4. VNC
What is a disadvantage when using a virtual desktop infrastructure (VDI)?
1. Reliance on networks
2. Better use of hardware resources
3. Enhanced security
4. Standard operating environment (SOE)
What is used when my contractors use a tablet or thin client to access a Windows 10 desktop in my data center?
1. OOB
2. MDM
3. VDI
4. SSH
What type of routing will help to mitigate a DDoS attack?
1. OSPF
2. RTBH
3. RIP
4. EIGRP
What is it when SOC staff are failing to respond to alerts due to excessive levels of alerts?
1. False positive
2. Alert fatigue
3. False negative
4. True positive
What will I need to support on my network device in order to forward truncated network traffic to a network monitoring tool?
1. NetFlow
2. sFlow
3. SIEM
4. System Logging Protocol (Syslog)
What type of security would I use on my layer 2 switch to isolate the finance network from the development network?
1. VPN
2. IPsec
3. VLAN
4. RTBH
What type of servers would the security team place on the DMZ network?
1. Web Application server
2. SMTP Gateway
3. Intranet File Server
4. Finance Department Payoll Server
What type of security label would CISA assign to the chemical sector and communications sector?
1. Regulated industry
2. Protected infrastructure
3. SCADA
4. Critical infrastructure
What will protect my Wi-Fi network against common threats, including evil-twin/rogue APs and DDoS?
1. 802.1x
2. Host-based IPS (HIPS)
3. Firewall
4. WIPS
What should I configure on mobile users' laptop computers to ensure they will not be vulnerable to sniffing/eavesdropping when accessing the hotel's Wi-Fi network?
1. Anti-malware
2. Shielding
3. Cable locks
4. VPN
Which edge security appliance should be recommended for an organization that has no dedicated security team and needs multiple security protection functions?
1. Router
2. WAF
3. UTM
4. DLP
What should be used to connect a remote government agency across public networks (note that it needs to support the NSA suite of encryption protocols)?
1. VPN
2. HAIPE
3. VLAN
4. Protected distribution