CASP : CompTIA Advanced Security Practitioner Study Guide Authorized Courseware:Exam CAS-001.
Title:
CASP : CompTIA Advanced Security Practitioner Study Guide Authorized Courseware:Exam CAS-001.
Author:
Gregg, Michael.
ISBN:
9781118222720
Personal Author:
Edition:
1st ed.
Physical Description:
1 online resource (558 pages)
Contents:
CASP CompTIA Advanced Security Practitioner Study Guide -- Contents -- Foreword -- Introduction -- Before You Begin the CompTIA CASP Certification Exam -- How to Become a CASP Certified Professional -- Who Should Read This Book? -- How This Book Is Organized -- Exam Strategy -- How to Use This Book and Companion Website -- The CASP (2011 Edition) Exam Objectives -- Chapter 1: Cryptographic Tools and Techniques -- The History of Cryptography -- Cryptographic Services -- Symmetric Encryption -- Asymmetric Encryption -- Hybrid Encryption -- Hashing -- Digital Signatures -- Public Key Infrastructure -- Cryptographic Solutions -- Cryptographic Attacks -- Summary -- Exam Essentials -- Review Questions -- Chapter 2: Comprehensive Security Solutions -- Advanced Network Design -- TCP/IP -- Secure Communication Solutions -- Secure Facility Solutions -- Secure Network Infrastructure Design -- Summary -- Exam Essentials -- Review Questions -- Chapter 3: Securing Virtualized, Distributed, and Shared Computing -- Enterprise Security -- Cloud Computing -- Virtualization -- Virtual LANs -- Enterprise Storage -- Summary -- Exam Essentials -- Review Questions -- Chapter 4: Host Security -- Firewalls and Access Control Lists -- Host-Based Firewalls -- Trusted Operating System -- Endpoint Security Software -- Anti-malware -- Host Hardening -- Asset Management -- Data Exfiltration -- Intrusion Detection and Prevention -- Summary -- Exam Essentials -- Review Questions -- Chapter 5: Application Security and Penetration Testing -- Application Security -- Specific Application Issues -- Application Sandboxing -- Application Security Framework -- Standard Libraries -- Secure Coding Standards -- Application Exploits -- Escalation of Privilege -- Improper Storage of Sensitive Data -- Cookie Storage and Transmission -- Process Handling at the Client and Server.
Security Assessments and Penetration Testing -- Summary -- Exam Essentials -- Review Questions -- Chapter 6: Risk Management -- Risk Terminology -- Identifying Vulnerabilities -- Operational Risks -- The Risk Assessment Process -- Best Practices for Risk Assessments -- Summary -- Exam Essentials -- Review Questions -- Chapter 7: Policies, Procedures, and Incident Response -- A High-Level View of Documentation -- Business Documents Used to Support Security -- Documents and Controls Used for Sensitive Information -- Auditing Requirements and Frequency -- The Incident Response Framework -- Digital Forensics -- The Role of Training and Employee Awareness -- Summary -- Exam Essentials -- Review Questions -- Chapter 8: Security Research and Analysis -- Analyzing Industry Trends and Outlining Potential Impact -- Carrying Out Relevant Analysis to Secure the Enterprise -- Summary -- Exam Essentials -- Review Questions -- Chapter 9: Enterprise Security Integration -- Integrate Enterprise Disciplines to Achieve Secure Solutions -- Explain the Security Impact of Interorganizational Change -- Summary -- Exam Essentials -- Review Questions -- Chapter 10: Security Controls for Communication and Collaboration -- Selecting and Distinguishing the Appropriate Security Controls -- Advanced Authentication Tools, Techniques, and Concepts -- Carrying Out Security Activities across the Technology Life Cycle -- Summary -- Exam Essentials -- Review Questions -- Appendix A: CASP Lab Manual -- What You'll Need -- Lab A1: Download, Verify, and Install a Virtual Environment -- Lab A2: Explore Your Virtual Network -- Lab A3: Port Scanning -- Lab A4: Introduction to a Protocol Analyzer -- Lab A5: Web Vulnerabilities -- Lab A6: Introduction to the Nessus Vulnerability Scanner -- Lab A7: Verify a Baseline Security Configuration -- Lab A8: Basic Introduction to Windows Forensic Tools.
Lab A9: Introduction to Helix -- Lab A10: Introduction to Hashing -- Lab A11: File Encryption -- Lab A12: Cracking Encrypted Files -- Lab A13: Intrusion Detection -- Lab A14: An Introduction to Signature-Based Scanning -- Lab A15: Rootkit Detection -- Lab A16: Threat Modeling -- Lab A17: Introduction to the Metasploit Framework -- Lab A18: Social Engineering -- Lab A19: Routing, Switching, and Security -- Lab A20: Further Exploration -- Appendix B: Answers to Review Questions -- Chapter 1: Cryptographic Tools and Techniques -- Chapter 2: Comprehensive Security Solutions -- Chapter 3: Securing Virtualized, Distributed, and Shared Computing -- Chapter 4: Host Security -- Chapter 5: Application Security and Penetration Testing -- Chapter 6: Risk Management -- Chapter 7: Policies, Procedures, and Incident Response -- Chapter 8: Security Research and Analysis -- Chapter 9: Enterprise Security Integration -- Chapter 10: Security Controls for Communication and Collaboration -- Appendix C: About the Additional Study Tools -- Additional Study Tools -- System Requirements -- Using the Study Tools -- Troubleshooting -- Index -- About the Online Study Tool Package -- Perf Card / Objectives Map.
Abstract:
Get Prepared for CompTIA Advanced Security Practitioner (CASP) Exam Targeting security professionals who either have their CompTIA Security+ certification or are looking to achieve a more advanced security certification, this CompTIA Authorized study guide is focused on the new CompTIA Advanced Security Practitioner (CASP) Exam CAS-001. Veteran IT security expert and author Michael Gregg details the technical knowledge and skills you need to conceptualize, design, and engineer secure solutions across complex enterprise environments. He prepares you for aspects of the certification test that assess how well you apply critical thinking and judgment across a broad spectrum of security disciplines. Featuring clear and concise information on crucial security topics, this study guide includes examples and insights drawn from real-world experience to help you not only prepare for the exam, but also your career. You will get complete coverage of exam objectives for all topic areas including: Securing Enterprise-level Infrastructures Conducting Risk Management Assessment Implementing Security Policies and Procedures Researching and Analyzing Industry Trends Integrating Computing, Communications and Business Disciplines Additionally, you can download a suite of study tools to help you prepare including an assessment test, two practice exams, electronic flashcards, and a glossary of key terms. Go to www.sybex.com/go/casp and download the full set of electronic test prep tools.
Local Note:
Electronic reproduction. Ann Arbor, Michigan : ProQuest Ebook Central, 2017. Available via World Wide Web. Access may be limited to ProQuest Ebook Central affiliated libraries.
Genre:
Added Author:
Electronic Access:
Click to View