CompTIA Advanced Security Practitioner (CASP+) CAS-004 Cert Guide, 3rd Edition
- Length: 864 pages
- Edition: 3
- Language: English
- Publisher: Pearson IT Certification
- Publication Date: 2022-07-25
- ISBN-10: 0137348959
- ISBN-13: 9780137348954
- Sales Rank: #1869299 (See Top 100 Books)
CompTIA Advanced Security Practitioner (CASP+) CAS-004 Cert Guide presents you with an organized test preparation routine through the use of proven series elements and techniques. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly.
CompTIA Advanced Security Practitioner (CASP+) CAS-004 Cert Guide focuses specifically on the objectives for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam. Leading expert Troy McMillan shares preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.
This complete study package includes
- A test-preparation routine proven to help you pass the exams
- Chapter-ending exercises, which help you drill on key concepts you must know thoroughly
- An online interactive Flash Cards application to help you drill on Key Terms by chapter
- A final preparation chapter, which guides you through tools and resources to help you craft your review and test-taking strategies
- Study plan suggestions and templates to help you organize and optimize your study time
Well regarded for its level of detail, assessment features, and challenging review questions and exercises, this official study guide helps you master the concepts and techniques that ensure your exam success.
This study guide helps you master all the topics on the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam, including
- Ensuring a secure network architecture
- Determining the proper infrastructure security design
- Implementing secure cloud and virtualization solutions
- Performing threat and vulnerability management activities
- Implementing appropriate incident response
- Applying secure configurations to enterprise mobility
- Configuring and implementing endpoint security controls
- Troubleshooting issues with cryptographic implementations
- Applying appropriate risk strategies
Cover Page About This eBook Title Page Copyright Page Pearson’s Commitment to Diversity, Equity, and Inclusion Contents at a Glance Table of Contents About the Author Dedication Acknowledgments About the Technical Reviewer We Want to Hear from You! Reader Services Introduction Who Should Read This Book? Strategies for Exam Preparation How This Book Is Organized Companion Website Pearson Test Prep Practice Test Software Accessing the Pearson Test Prep Software Online Accessing the Pearson Test Prep Software Offline Customizing Your Exams Updating Your Exams Premium Edition eBook and Practice Tests Credits Part I: Security Architecture Chapter 1 Ensuring a Secure Network Architecture Services Segmentation De-perimeterization/Zero Trust Merging of Networks from Various Organizations Software-Defined Networking (SDN) Exam Preparation Tasks Review All Key Topics Define Key Terms Complete Tables and Lists from Memory Review Questions Chapter 2 Determining the Proper Infrastructure Security Design Scalability Resiliency Automation Performance Containerization Virtualization Content Delivery Network Caching Exam Preparation Tasks Review All Key Topics Define Key Terms Complete Tables and Lists from Memory Review Questions Chapter 3 Securely Integrating Software Applications Baseline and Templates Software Assurance Considerations of Integrating Enterprise Applications Integrating Security into Development Life Cycle Exam Preparation Tasks Review All Key Topics Define Key Terms Complete Tables and Lists from Memory Review Questions Chapter 4 Securing the Enterprise Architecture by Implementing Data Security Techniques Data Loss Prevention Data Loss Detection Data Classification, Labeling, and Tagging Obfuscation Anonymization Encrypted vs. Unencrypted Data Life Cycle Data Inventory and Mapping Data Integrity Management Data Storage, Backup, and Recovery Exam Preparation Tasks Review All Key Topics Define Key Terms Complete Tables and Lists from Memory Review Questions Chapter 5 Providing the Appropriate Authentication and Authorization Controls Credential Management Password Policies Federation Access Control Protocols Multifactor Authentication (MFA) One-Time Password (OTP) Hardware Root of Trust Single Sign-On (SSO) JavaScript Object Notation (JSON) Web Token (JWT) Attestation and Identity Proofing Exam Preparation Tasks Review All Key Topics Define Key Terms Review Questions Chapter 6 Implementing Secure Cloud and Virtualization Solutions Virtualization Strategies Provisioning and Deprovisioning Middleware Metadata and Tags Deployment Models and Considerations Hosting Models Service Models Cloud Provider Limitations Extending Appropriate On-premises Controls Storage Models Exam Preparation Tasks Review All Key Topics Define Key Terms Complete Tables and Lists from Memory Review Questions Chapter 7 Supporting Security Objectives and Requirements with Cryptography and Public Key Infrastructure (PKI) Privacy and Confidentiality Requirements Integrity Requirements Non-repudiation Compliance and Policy Requirements Common Cryptography Use Cases Common PKI Use Cases Exam Preparation Tasks Review All Key Topics Define Key Terms Complete Tables and Lists from Memory Review Questions Chapter 8 Managing the Impact of Emerging Technologies on Enterprise Security and Privacy Artificial Intelligence Machine Learning Quantum Computing Blockchain Homomorphic Encryption Secure Multiparty Computation Distributed Consensus Big Data Virtual/Augmented Reality 3-D Printing Passwordless Authentication Nano Technology Deep Learning Biometric Impersonation Exam Preparation Tasks Review All Key Topics Define Key Terms Complete Tables and Lists from Memory Review Questions Part II: Security Operations Chapter 9 Performing Threat Management Activities Intelligence Types Actor Types Threat Actor Properties Intelligence Collection Methods Frameworks Exam Preparation Tasks Review All Key Topics Define Key Terms Complete Tables and Lists from Memory Review Questions Chapter 10 Analyzing Indicators of Compromise and Formulating an Appropriate Response Indicators of Compromise Response Exam Preparation Tasks Review All Key Topics Define Key Terms Complete Tables and Lists from Memory Review Questions Chapter 11 Performing Vulnerability Management Activities Vulnerability Scans Security Content Automation Protocol (SCAP) Self-assessment vs. Third-Party Vendor Assessment Patch Management Information Sources Exam Preparation Tasks Review All Key Topics Define Key Terms Complete Tables and Lists from Memory Review Questions Chapter 12 Using the Appropriate Vulnerability Assessment and Penetration Testing Methods and Tools Methods Tools Dependency Management Requirements Exam Preparation Tasks Review All Key Topics Define Key Terms Complete Tables and Lists from Memory Review Questions Chapter 13 Analyzing Vulnerabilities and Recommending Risk Mitigations Vulnerabilities Inherently Vulnerable System/Application Attacks Exam Preparation Tasks Review All Key Topics Define Key Terms Complete Tables and Lists from Memory Review Questions Chapter 14 Using Processes to Reduce Risk Proactive and Detection Security Data Analytics Preventive Application Control Security Automation Physical Security Exam Preparation Tasks Review All Key Topics Define Key Terms Complete Tables and Lists from Memory Review Questions Chapter 15 Implementing the Appropriate Incident Response Event Classifications Triage Event Preescalation Tasks Incident Response Process Specific Response Playbooks/Processes Communication Plan Stakeholder Management Exam Preparation Tasks Review All Key Topics Define Key Terms Review Questions Chapter 16 Forensic Concepts Legal vs. Internal Corporate Purposes Forensic Process Integrity Preservation Cryptanalysis Steganalysis Exam Preparation Tasks Review All Key Topics Define Key Terms Complete Tables and Lists from Memory Review Questions Chapter 17 Forensic Analysis Tools File Carving Tools Binary Analysis Tools Analysis Tools Imaging Tools Hashing Utilities Live Collection vs. Post-mortem Tools Exam Preparation Tasks Review All Key Topics Define Key Terms Complete Tables and Lists from Memory Review Questions Part III: Security Engineering and Cryptography Chapter 18 Applying Secure Configurations to Enterprise Mobility Managed Configurations Deployment Scenarios Exam Preparation Tasks Review All Key Topics Define Key Terms Complete Tables and Lists from Memory Review Questions Chapter 19 Configuring and Implementing Endpoint Security Controls Hardening Techniques Processes Mandatory Access Control Trustworthy Computing Compensating Controls Exam Preparation Tasks Review All Key Topics Define Key Terms Complete Tables and Lists from Memory Review Questions Chapter 20 Security Considerations Impacting Specific Sectors and Operational Technologies Embedded ICS/Supervisory Control and Data Acquisition (SCADA) Protocols Sectors Exam Preparation Tasks Review All Key Topics Define Key Terms Complete Tables and Lists from Memory Review Questions Chapter 21 Cloud Technology’s Impact on Organizational Security Automation and Orchestration Encryption Configuration Logs Monitoring Configurations Key Ownership and Location Key Life-Cycle Management Backup and Recovery Methods Infrastructure vs. Serverless Computing Application Virtualization Software-Defined Networking Misconfigurations Collaboration Tools Storage Configurations Cloud Access Security Broker (CASB) Exam Preparation Tasks Review All Key Topics Define Key Terms Review Questions Chapter 22 Implementing the Appropriate PKI Solution PKI Hierarchy Certificate Types Certificate Usages/Profiles/Templates Extensions Trusted Providers Trust Model Cross-certification Configure Profiles Life-Cycle Management Public and Private Keys Digital Signature Certificate Pinning Certificate Stapling Certificate Signing Requests (CSRs) Online Certificate Status Protocol (OCSP) vs. Certificate Revocation List (CRL) HTTP Strict Transport Security (HSTS) Exam Preparation Tasks Review All Key Topics Define Key Terms Review Questions Chapter 23 Implementing the Appropriate Cryptographic Protocols and Algorithms Hashing Symmetric Algorithms Asymmetric Algorithms Protocols Elliptic-Curve Cryptography Forward Secrecy Authenticated Encryption with Associated Data Key Stretching Exam Preparation Tasks Review All Key Topics Define Key Terms Complete Tables and Lists from Memory Chapter 24 Troubleshooting Issues with Cryptographic Implementations Implementation and Configuration Issues Keys Exam Preparation Tasks Review All Key Topics Define Key Terms Complete Tables and Lists from Memory Review Questions Part IV: Governance, Risk, and Compliance Chapter 25 Applying Appropriate Risk Strategies Risk Assessment Risk Handling Techniques Risk Types Risk Management Life Cycle Risk Tracking Risk Appetite vs. Risk Tolerance Policies and Security Practices Exam Preparation Tasks Review All Key Topics Define Key Terms Complete Tables and Lists from Memory Review Questions Chapter 26 Managing and Mitigating Vendor Risk Shared Responsibility Model (Roles/Responsibilities) Vendor Lock-in and Vendor Lock-out Vendor Viability Meeting Client Requirements Support Availability Geographical Consideration Supply Chain Visibility Incident Reporting Requirements Source Code Escrows Ongoing Vendor Assessment Tools Third-Party Dependencies Technical Considerations Exam Preparation Tasks Review All Key Topics Define Key Terms Complete Tables and Lists from Memory Review Questions Chapter 27 The Organizational Impact of Compliance Frameworks and Legal Considerations Security Concerns of Integrating Diverse Industries Data Considerations Geographic Considerations Third-Party Attestation of Compliance Regulations, Accreditations, and Standards Legal Considerations Contract and Agreement Types Exam Preparation Tasks Review All Key Topics Define Key Terms Complete Tables and Lists from Memory Chapter 28 Business Continuity and Disaster Recovery Concepts Business Impact Analysis Privacy Impact Assessment Disaster Recovery Plan (DRP)/Business Continuity Plan (BCP) Incident Response Plan Testing Plans Exam Preparation Tasks Review All Key Topics Define Key Terms Complete Tables and Lists from Memory Chapter 29 Final Preparation Tools for Final Preparation Suggested Plan for Final Review/Study Summary Appendix A Answers to the Review Questions Glossary Index Appendix B Memory Tables Appendix C Memory Tables Answer Key Where are the companion content files? - Register Inside Front Cover Inside Back Cover Code Snippets
1. Disable the AdBlock plugin. Otherwise, you may not get any links.
2. Solve the CAPTCHA.
3. Click download link.
4. Lead to download server to download.