CompTIA Advanced Security Practitioner (CASP) CAS-003 Cert Guide

Description: Robin Abernathy, CASP, is a product developer and technical editor for Kaplan IT training. She has developed and reviewed certification preparation materials in a variety of product lines, including Microsoft, CompTIA, Cisco, ITIL, (ISC)2, and PMI, and holds multiple certifications from these vendors. Her work with Kaplan IT Training includes practice tests and study guides for the Transcender brands. Robin most recently co-authored Pearson's CISSP Cert Guide with Troy McMillan and Sari Green and authored Pearson's Project+ Cert Guide. She provides training on computer hardware, software, networking, security, and project management. Robin also presents at technical conferences and hosts webinars on IT certification topics. More recently, Robin has recorded videos for CyberVista's IT certification training courses. Troy McMillan, CASP, is a product developer and technical editor for Kaplan IT Training as well as a full-time trainer. He became a professional trainer more than 15 years ago, teaching Cisco, Microsoft, CompTIA, and wireless classes. His recent work includes:Contributing subject matter expert for CCNA Cisco Certified Network Associate Certification Exam Preparation Guide (Kaplan)Prep test question writer for Network+ Study Guide (Sybex)Technical editor for Windows 7 Study Guide (Sybex)Contributing author for CCNA-Wireless Study Guide (Sybex)Technical editor for CCNA Study Guide, Revision 7 (Sybex)Author of VCP VMware Certified Professional on vSphere 4 Review Guide: Exam VCP-410 and associated instructional materials (Sybex)Author of Cisco Essentials (Sybex)Co-author of CISSP Cert Guide (Pearson)Prep test question writer for CCNA Wireless 640-722 (Cisco Press) He also has appeared in the following training videos for OnCourse Learning: Security+; Network+; Microsoft 70-410, 411, and 412 exam prep; ICND 1; ICND 2; and Cloud+. He now creates certification practice tests and study guides for the Transcender brands. Troy lives in both Sugarloaf Key, Florida, and Pfafftown, North Carolina, with his wife, Heike. Introduction The CASP Exam 2 The Goals of the CASP Certification 3 The Value of the CASP Certification 5 CASP Exam Objectives 7 Steps to Becoming a CASP 35 CompTIA Authorized Materials Use Policy 35 Chapter 1 Business and Industry Influences and Associated Security Risks 38 Risk Management of New Products, New Technologies, and User Behaviors 39 New or Changing Business Models/Strategies 40 Security Concerns of Integrating Diverse Industries 44 Internal and External Influences 52 Impact of De-perimeterization (e.g., Constantly Changing Network Boundary) 54 Exam Preparation Tasks 60 Review All Key Topics 60 Define Key Terms 60 Review Questions 61 Chapter 2 Security, Privacy Policies, and Procedures 64 Policy and Process Life Cycle Management 65 Support Legal Compliance and Advocacy 70 Common Business Documents to Support Security 71 Security Requirements for Contracts 75 General Privacy Principles for Sensitive Information 77 Support the Development of Policies Containing Standard Security Practices 78 Exam Preparation Tasks 91 Review All Key Topics 91 Define Key Terms 92 Review Questions 92 Chapter 3 Risk Mitigation Strategies and Controls 96 Categorize Data Types by Impact Levels Based on CIA 98 Incorporate Stakeholder Input into CIA Impact-Level Decisions 100 Determine the Aggregate CIA Score 101 Determine Minimum Required Security Controls Based on Aggregate Score 102 Select and Implement Controls Based on CIA Requirements and Organizational Policies 102 Extreme Scenario Planning/Worst-Case Scenario 123 Conduct System-Specific Risk Analysis 125 Make Risk Determination Based upon Known Metrics 126 Translate Technical Risks in Business Terms 134 Recommend Which Strategy Should Be Applied Based on Risk Appetite 135 Risk Management Processes 137 Continuous Improvement/Monitoring 141 Business Continuity Planning 141 IT Governance 148 Enterprise Resilience 168 Exam Preparation Tasks 170 Review All Key Topics 170 Define Key Terms 171 Review Questions 171 Chapter 4 Risk Metric Scenarios to Secure the Enterprise 174 Review Effectiveness of Existing Security Controls 175 Reverse Engineer/Deconstruct Existing Solutions 177 Creation, Collection, and Analysis of Metrics 177 Prototype and Test Multiple Solutions 180 Create Benchmarks and Compare to Baselines 181 Analyze and Interpret Trend Data to Anticipate Cyber Defense Needs 182 Analyze Security Solution Metrics and Attributes to Ensure They Meet Business Needs 183 Use Judgment to Solve Problems Where the Most Secure Solution Is Not Feasible 187 Exam Preparation Tasks 187 Review All Key Topics 187 Define Key Terms 188 Review Questions 189 Chapter 5 Network and Security Components, Concepts, and Architectures 192 Physical and Virtual Network and Security Devices 194 Application and Protocol-Aware Technologies 212 Advanced Network Design (Wired/Wireless) 215 Complex Network Security Solutions for Data Flow 241 Secure Configuration and Baselining of Networking and Security Components 246 Software-Defined Networking 254 Network Management and Monitoring Tools 255 Advanced Configuration of Routers, Switches, and Other Network Devices 260 Security Zones 268 Network Access Control 269 Network-Enabled Devices 271 Critical Infrastructure 279 Exam Preparation Tasks 280 Review All Key Topics 280 Define Key Terms 282 Review Questions 282 Chapter 6 Security Controls for Host Devices 286 Trusted OS (e.g., How and When to Use It) 287 Endpoint Security Software 290 Host Hardening 298 Boot Loader Protections 316 Vulnerabilities Associated with Hardware 322 Terminal Services/Application Delivery Services 322 Exam Preparation Tasks 323 Review All Key Topics 323 Define Key Terms 324 Review Questions 324 Chapter 7 Security Controls for Mobile and Small Form Factor Devices 328 Enterprise Mobility Management 329 Security Implications/Privacy Concerns 336 Wearable Technology 345 Exam Preparation Tasks 350 Review All Key Topics 350 Define Key Terms 351 Review Questions 351 Chapter 8 Software Vulnerability Security Controls 354 Application Security Design Considerations 355 Specific Application Issues 356 Application Sandboxing 370 Secure Encrypted Enclaves 371 Database Activity Monitor 371 Web Application Firewalls 371 Client-Side Processing vs. Server-Side Processing 371 Operating System Vulnerabilities 377 Firmware Vulnerabilities 377 Exam Preparation Tasks 378 Review All Key Topics 378 Define Key Terms 378 Review Questions 379 Chapter 9 Security Assessments 382 Methods 383 Test Types 398 Exam Preparation Tasks 405 Review All Key Topics 405 Define Key Terms 406 Review Questions 407 Chapter 10 Select the Appropriate Security Assessment Tool 410 Network Tool Types 411 Host Tool Types 427 Physical Security Tools 441 Exam Preparation Tasks 444 Review All Key Topics 444 Define Key Terms 445 Review Questions 446 Chapter 11 Incident Response and Recovery 448 E-Discovery 449 Data Breach 454 Facilitate Incident Detection and Response 457 Incident and Emergency Response 461 Incident Response Support Tools 471 Severity of Incident or Breach 478 Post-incident Response 480 Exam Preparation Tasks 481 Review All Key Topics 481 Define Key Terms 482 Review Questions 483 Chapter 12 Host, Storage, Network, and Application Integration 486 Adapt Data Flow Security to Meet Changing Business Needs 487 Standards 489 Interoperability Issues 491 Resilience Issues 494 Data Security Considerations 496 Resources Provisioning and Deprovisioning 500 Design Considerations During Mergers, Acquisitions and Demergers/Divestitures 501 Network Secure Segmentation and Delegation 502 Logical Deployment Diagram and Corresponding Physical Deployment Diagram of All Relevant Devices 502 Security and Privacy Considerations of Storage Integration 504 Security Implications of Integrating Enterprise Applications 504 Exam Preparation Tasks 507 Review All Key Topics 507 Define Key Terms 508 Review Questions 508 Chapter 13 Cloud and Virtualization Technology Integration 512 Technical Deployment Models (Outsourcing/Insourcing/Managed Services/Partnership) 513 Security Advantages and Disadvantages of Virtualization 518 Cloud Augmented Security Services 521 Vulnerabilities Associated with Comingling of Hosts with Different Security Requirements 527 Data Security Considerations 529 Resources Provisioning and Deprovisioning 531 Exam Preparation Tasks 532 Review All Key Topics 532 Define Key Terms 532 Review Questions 533 Chapter 14 Authentication and Authorization Technology Integration 536 Authentication 537 Authorization 550 Attestation 557 Identity Propagation 558 Federation 559 Trust Models 563 Exam Preparation Tasks 566 Review All Key Topics 566 Define Key Terms 567 Review Questions 567 Chapter 15 Cryptographic Techniques 570 Techniques 572 Implementations 592 Exam Preparation Tasks 611 Review All Key Topics 611 Define Key Terms 612 Review Questions 613 Chapter 16 Secure Communication and Collaboration 616 Remote Access 617 Unified Collaboration Tools 621 Exam Preparation Tasks 634 Review All Key Topics 634 Define Key Terms 635 Review Questions 635 Chapter 17 Industry Trends and Their Impact to the Enterprise 638 Perform Ongoing Research 639 Threat Intelligence 643 Research Security Implications of Emerging Business Tools 649 Global IA Industry/Community 653 Exam Preparation Tasks 660 Review All Key Topics 660 Define Key Terms 661 Review Questions 661 Chapter 18 Security Activities Across the Technology Life Cycle 664 Systems Development Life Cycle 665 Software Development Life Cycle 673 Adapt Solutions 706 Asset Management (Inventory Control) 709 Exam Preparation Tasks 711 Review All Key Topics 711 Define Key Terms 712 Review Questions 713 Chapter 19 Business Unit Interaction 716 Interpreting Security Requirements and Goals to Communicate with Stakeholders from Other Disciplines 717 Provide Objective Guidance and Impartial Recommendations to Staff and Senior Management on Security Processes and Controls 724 Establish Effective Collaboration Within Teams to Implement Secure Solutions 725 Governance, Risk, and Compliance Committee 726 Exam Preparation Tasks 727 Review All Key Topics 727 Define Key Terms 728 Review Questions 729 Appendix A Answers 732 Glossary 754 Online-only Elements: Appendix B Memory Tables Appendix C Memory Table Answers Appendix D Study Planner 9780789759443, TOC, 4/16/2018

Price: 67.71 USD

Location: East Hanover, NJ

End Time: 2024-12-01T17:45:41.000Z

Shipping Cost: 0 USD