Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • CompTIA CASP+ CAS-004 Certification Guide
  • Toc
  • feedback
CompTIA CASP+ CAS-004 Certification Guide

CompTIA CASP+ CAS-004 Certification Guide

By : Mark Birch
4.6 (64)
close
CompTIA CASP+ CAS-004 Certification Guide

CompTIA CASP+ CAS-004 Certification Guide

4.6 (64)
By: Mark Birch

Overview of this book

CompTIA Advanced Security Practitioner (CASP+) ensures that security practitioners stay on top of the ever-changing security landscape. The CompTIA CASP+ CAS-004 Certification Guide offers complete, up-to-date coverage of the CompTIA CAS-004 exam so you can take it with confidence, fully equipped to pass on the first attempt. Written in a clear, succinct way with self-assessment questions, exam tips, and mock exams with detailed explanations, this book covers security architecture, security operations, security engineering, cryptography, governance, risk, and compliance. You'll begin by developing the skills to architect, engineer, integrate, and implement secure solutions across complex environments to support a resilient enterprise. Moving on, you'll discover how to monitor and detect security incidents, implement incident response, and use automation to proactively support ongoing security operations. The book also shows you how to apply security practices in the cloud, on-premises, to endpoints, and to mobile infrastructure. Finally, you'll understand the impact of governance, risk, and compliance requirements throughout the enterprise. By the end of this CASP study guide, you'll have covered everything you need to pass the CompTIA CASP+ CAS-004 certification exam and have a handy reference guide.
Table of Contents (23 chapters)
close
close
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the color images
Conventions used
Get in touch
Share Your Thoughts
1
Section 1: Security Architecture
Section 1: Security Architecture
Free Chapter
2
Chapter 1: Designing a Secure Network Architecture
chevron up
Chapter 1: Designing a Secure Network Architecture
Physical and virtual network and security devices
Application- and protocol-aware technologies
Advanced network design
Network management and monitoring tools
Advanced configuration of network devices
Security zones
Summary
Questions
Case study
Answers
Case study answer
3
Chapter 2: Integrating Software Applications into the Enterprise
Chapter 2: Integrating Software Applications into the Enterprise
Integrating security into the development life cycle
Software assurance
Baseline and templates
Considerations when integrating enterprise applications
Integration enablers
Summary
Questions
Answers
4
Chapter 3: Enterprise Data Security, Including Secure Cloud and Virtualization Solutions
Chapter 3: Enterprise Data Security, Including Secure Cloud and Virtualization Solutions
Implementing data loss prevention
Implementing data loss detection
Enabling data protection
Implementing secure cloud and virtualization solutions
Investigating cloud deployment models
Extending appropriate on-premises controls
Examining cloud storage models
Summary
Questions
Answers
5
Chapter 4: Deploying Enterprise Authentication and Authorization Controls
Chapter 4: Deploying Enterprise Authentication and Authorization Controls
Credential management
Identity federation
Access control
Authentication and authorization protocols
Multi-Factor Authentication (MFA)
Summary
Questions
Answers
6
Section 2: Security Operations
Section 2: Security Operations
7
Chapter 5: Threat and Vulnerability Management
Chapter 5: Threat and Vulnerability Management
Intelligence types
Actor types
Threat actor properties
Intelligence collection methods
Frameworks
Indicators of compromise
Responses
Summary
Questions
Answers
8
Chapter 6: Vulnerability Assessment and Penetration Testing Methods and Tools
Chapter 6: Vulnerability Assessment and Penetration Testing Methods and Tools
Vulnerability scans
Security Content Automation Protocol (SCAP)
Information sources
Testing methods
Penetration testing
Security tools
Summary
Questions
Answers
9
Chapter 7: Risk Mitigation Controls
Chapter 7: Risk Mitigation Controls
Understanding application vulnerabilities
Assessing inherently vulnerable systems and applications
Recognizing common attacks
Proactive and detective risk reduction
Hunts
Applying preventative risk reduction
Summary
Questions
Answers
10
Chapter 8: Implementing Incident Response and Forensics Procedures
Chapter 8: Implementing Incident Response and Forensics Procedures
Understanding incident response planning
Understanding the incident response process
Understanding forensic concepts
Using forensic analysis tools
Summary
Questions
Answers
11
Section 3: Security Engineering and Cryptography
Section 3: Security Engineering and Cryptography
12
Chapter 9: Enterprise Mobility and Endpoint Security Controls
Chapter 9: Enterprise Mobility and Endpoint Security Controls
Implementing enterprise mobility management
Security considerations for mobility management
Implementing endpoint security controls
Summary
Questions
Answers
13
Chapter 10: Security Considerations Impacting Specific Sectors and Operational Technologies
Chapter 10: Security Considerations Impacting Specific Sectors and Operational Technologies
Identifying regulated business sectors
Understanding embedded systems
Understanding ICS/SCADA
Understanding OT protocols
Summary
Questions
Answers
14
Chapter 11: Implementing Cryptographic Protocols and Algorithms
Chapter 11: Implementing Cryptographic Protocols and Algorithms
Understanding hashing algorithms
Understanding symmetric encryption algorithms
Understanding asymmetric encryption algorithms
Understanding encryption protocols
Understanding emerging security technologies
Summary
Questions
Answers
15
Chapter 12: Implementing Appropriate PKI Solutions, Cryptographic Protocols, and Algorithms for Business Needs
Chapter 12: Implementing Appropriate PKI Solutions, Cryptographic Protocols, and Algorithms for Business Needs
Understanding the PKI hierarchy
Understanding certificate types
Understanding PKI security and interoperability
Troubleshooting issues with cryptographic implementations
Summary
Questions
Answers
16
Section 4: Governance, Risk, and Compliance
Section 4: Governance, Risk, and Compliance
17
Chapter 13: Applying Appropriate Risk Strategies
Chapter 13: Applying Appropriate Risk Strategies
Understanding risk assessments
Implementing risk-handling techniques
Understanding the risk management life cycle
Understanding risk tracking
Managing risk with policies and security practices
Explaining the importance of managing and mitigating vendor risk
Summary
Questions
Answers
18
Chapter 14: Compliance Frameworks, Legal Considerations, and Their Organizational Impact
Chapter 14: Compliance Frameworks, Legal Considerations, and Their Organizational Impact
Security concerns associated with integrating diverse industries
Understanding regulations, accreditations, and standards
Understanding legal considerations
Application of contract and agreement types
Summary
Questions
Answers
19
Chapter 15: Business Continuity and Disaster Recovery Concepts
Chapter 15: Business Continuity and Disaster Recovery Concepts
Conducting a business impact analysis
Planning for high availability and automation
Explaining how cloud technology aids enterprise resilience
Summary
Questions
Answers
20
Chapter 16: Mock Exam 1
Chapter 16: Mock Exam 1
Questions
Assessment test answers
21
Chapter 17: Mock Exam 2
Chapter 17: Mock Exam 2
Questions
Answers
Why subscribe?
22
Other Books You May Enjoy
Other Books You May Enjoy
Packt is searching for authors like you
Share Your Thoughts

Chapter 1: Designing a Secure Network Architecture

Security professionals need to analyze security requirements and objectives to ensure an appropriate, secure network architecture for a new or existing network and to provide the appropriate authentication and authorization controls.

Designing a modern enterprise network has many practical and security challenges. De-perimeterization means that access to information systems may be made from devices outside of the enterprise network. The types of devices can range from a handheld smartphone used to access a customer record to an Internet of Things (IoT) device transmitting telemetry data to a critical monitoring dashboard.

Regulatory or industry compliance may require strict network segmentation between processes and business units (BUs).

It is important to consider all the threat actors when you plan your network—think Defense in Depth (DiD).

This first chapter is an essential building block for the following chapters. It is the information systems on our networks that provide the data and services for an enterprise.

In this chapter, we will cover the following topics:

  • Physical and virtual network and security devices
  • Application- and protocol-aware technologies
  • Advanced network design
  • Network management and monitoring tools
  • Advanced configuration of network devices
  • Security zones
End of Section 1
Next Section
bookmark search playlist font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete