CASP CompTIA Advanced Security Practitioner Certification Study Guide (Exam CAS-001)

CASP CompTIA Advanced Security Practitioner Certification Study Guide (Exam CAS-001)

by Wm. Arthur Conklin, Gregory White, Dwayne Williams
Released October 2012
Publisher(s): McGraw-Hill
ISBN: 9780071776196

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

The Best Fully Integrated Study System Available for Exam CAS-001

With hundreds of practice questions and lab exercises, CASP CompTIA Advanced Security Practitioner Certification Study Guide covers what you need to know—and shows you how to prepare—for this challenging exam. McGraw-Hill is a Gold-Level CompTIA Authorized Partner offering Authorized CompTIA Approved Quality Content.

  • 100% complete coverage of all official objectives for the exam
  • Exam Readiness Checklist—you’re ready for the exam when all objectives on the list are checked off
  • Inside the Exam sections highlight key exam topics covered
  • Two-Minute Drills for quick review at the end of every chapter
  • Simulated exam questions match the format, tone, topics, and difficulty of the multiple-choice exam questions

Covers all the exam topics, including:
Cryptographic tools • Computing platforms • Enterprise storage • Infrastructure • Host security controls • Application security • Security assessments • Risk implications • Risk management strategy and controls • E-discovery, data breaches, and incident response • Security and privacy policies • Industry trends • Enterprise security • People and security • Change control • Security controls for communication and collaboration • Advanced authentication tools, techniques, and concepts • Security activities across the technology life cycle

Electronic content includes:

  • Complete MasterExam practice testing engine, featuring:
    -One practice exam
    -Detailed answers with explanations
    -Score Report performance assessment tool
  • One-hour segment of LearnKey video training
  • with free online registration:
    -Bonus downloadable MasterExam practice test

Table of contents

  1. Cover Page
  2. CASP™ CompTIA® Advanced Security Practitioner Certification Study Guide (Exam CAS-001)
  3. Copyright Page
  4. Dedication
  5. About the Authors
  6. Contents
  7. Preface
  8. Acknowledgments
  9. Introduction
  10. Part I Enterprise Security
    1. 1 Cryptographic Tools
      1. Determine Appropriate Tools and Techniques
        1. Symmetric Key Encryption Methods
        2. Asymmetric or Public Key Encryption Methods
      2. Advanced PKI Concepts
        1. Systems
      3. Hashing
        1. Hashing Algorithms
      4. Cryptographic Applications
        1. Practical Application of Cryptographic Functions
      5. Digital Signatures
      6. Code Signing
      7. Nonrepudiation
      8. Transport Encryption
      9. Implications of Cryptographic Methods and Design
        1. Strength
        2. Performance
        3. Feasibility to Implement
        4. Interoperability
      10. Entropy
      11. Pseudorandom Number Generation
      12. Perfect Forward Secrecy
      13. Confusion
      14. Diffusion
      15. ✔ Two-Minute Drill
      16. Q&A Self Test
        1. Lab Question
        2. Self Test Answers
        3. Lab Answer
    2. 2 Computing Platforms
      1. Advantages and Disadvantages of Virtualizing Servers and Minimizing Physical Space Requirements
        1. Advantages of Virtualizing
        2. Disadvantages of Virtualizing
      2. VLAN
        1. VLAN Usage
        2. VLAN Vulnerabilities
      3. Securing Virtual Environments, Appliances, and Equipment
      4. Vulnerabilities Associated with a Single Physical Server Hosting Multiple Companies’ Virtual Machines
      5. Vulnerabilities Associated with a Single Platform Hosting Multiple Companies’ Virtual Machines
      6. Secure Use of On-demand/Elastic Cloud Computing
        1. Advantages Associated with Cloud Computing
        2. Issues Associated with Cloud Computing
        3. Making Cloud Services More Secure
      7. Vulnerabilities Associated with Co-mingling of Hosts with Different Security Requirements
      8. Virtual Desktop Infrastructure (VDI)
        1. Three Models of VDI
        2. Advantages of VDI
        3. Disadvantages of VDI
      9. Terminal Services
      10. ✔ Two-Minute Drill
      11. Q&A Self Test
        1. Lab Question
        2. Self Test Answers
        3. Lab Answer
    3. 3 Enterprise Storage
      1. Explain the Security Implications of Enterprise Storage
      2. Virtual Storage
      3. NAS—Network Attached Storage
      4. SAN—Storage Area Network
      5. VSAN
      6. iSCSI
      7. FCOE
      8. LUN Masking
      9. HBA Allocation
      10. Redundancy (Location)
      11. Secure Storage Management
        1. Multipath
        2. Snapshots
        3. Deduplication
      12. ✔ Two-Minute Drill
      13. Q&A Self Test
        1. Lab Question
        2. Self Test Answers
        3. Lab Answer
    4. 4 Infrastructure
      1. Advanced Network Design
        1. Remote Access
        2. Placement of Security Devices
        3. Critical Infrastructure / Supervisory Control and Data Acquisition (SCADA)
        4. VoIP
        5. IPv6
      2. Complex Network Security Solutions for Data Flow
      3. Secure Data Flows to Meet Changing Business Needs
        1. Emerging Technologies
      4. Secure DNS
        1. Securing Zone Transfer
        2. TSIG
        3. DNSSEC
      5. Secure Directory Services
        1. LDAP
        2. AD
        3. Federated Identity
        4. Single Sign On
      6. Network Design Consideration
        1. Building Layouts
        2. Facilities Management
      7. Multitier Networking Data Design Considerations
      8. Logical Deployment Diagram and Corresponding Physical Deployment Diagram of All Relevant Devices
      9. Secure Infrastructure Design
      10. Storage Integration
      11. Advanced Configuration of Routers, Switches, and Other Network Devices
        1. Transport Security
        2. Trunking Security
        3. Route Protection
      12. ESB
      13. SOA
      14. SIEM
      15. Database Access Monitor (DAM)
      16. Service Enabled
      17. WS-Security
      18. ✔ Two-Minute Drill
      19. Q&A Self Test
        1. Lab Question
        2. Self Test Answers
        3. Lab Answer
    5. 5 Host Security Controls
      1. Host-based Firewalls
      2. Trusted OS
      3. Endpoint Security Software
        1. Antivirus
        2. Anti-spyware
        3. Anti-malware
        4. Spam Filters
      4. Host Hardening
        1. Standard Operating Environment
        2. Security/Group Policy Implementation
        3. Command Shell Restrictions
        4. Warning Banners
        5. Restricted Interfaces
      5. Asset Management (Inventory Control)
      6. Data Exfiltration
        1. Covert Channels
        2. Steganography
      7. HIPS/HIDS
      8. NIPS/NIDS
      9. ✔ Two-Minute Drill
      10. Q&A Self Test
        1. Lab Question
        2. Self Test Answers
        3. Lab Answer
    6. 6 Application Security
      1. Web Application Security Design Considerations
        1. Secure by Design
        2. Secure by Default
        3. Secure by Deployment
      2. Specific Application Issues
        1. Input Validation
        2. Cross-Site Scripting (XSS)
        3. Clickjacking
        4. Session Management
        5. SQL Injection
      3. Application Sandboxing
      4. Application Security Frameworks
        1. Standard Libraries
        2. Industry-Accepted Approaches
      5. Secure Coding Standards
      6. Exploits Resulting from Improper Error and Exception Handling
        1. Error and Exception Handling
      7. Privilege Escalation
      8. Improper Storage of Sensitive Data
      9. Fuzzing/False Injection
      10. Secure Cookie Storage and Transmission
      11. Client-Side Processing vs. Server-Side Processing
        1. State Management
        2. JavaScript
        3. AJAX
      12. Buffer Overflow
      13. Integer Overflows
      14. Memory Leaks
      15. Race Conditions
        1. Time of Check
      16. Time of Use
      17. Resource Exhaustion
      18. ✔ Two-Minute Drill
      19. Q&A Self Test
        1. Lab Question
        2. Self Test Answers
        3. Lab Answer
    7. 7 Security Assessments
      1. Tool Types
        1. Port Scanners
        2. Vulnerability Scanners
        3. Protocol Analyzer
        4. Switch Port Analyzer
        5. Network Enumerator
        6. Password Cracker
        7. Fuzzer
        8. HTTP Interceptor
        9. Attacking Tools/Frameworks
      2. Methods
        1. Vulnerability Assessment
        2. Penetration Testing
        3. Black Box
        4. White Box
        5. Gray Box
        6. Fingerprinting
        7. Code Review
        8. Social Engineering
      3. ✔ Two-Minute Drill
      4. Q&A Self Test
        1. Lab Question
        2. Self Test Answers
        3. Lab Answer
  11. Part II Risk Management, Policy/Procedure, and Legal
    1. 8 Analyze Risk Implications
      1. Risk Management of New Products, New Technologies, and User Behaviors
      2. New or Changing Business Models/Strategies
        1. Risk Management Process
        2. Partnerships
        3. Outsourcing
        4. Managed Security Services
        5. Mergers and Acquisitions
      3. Internal and External Influences
        1. Compliance
        2. Audit Findings
        3. Client Requirements
        4. Top-level Management
      4. Impact of De-perimeterization
        1. Enterprise Standard Operating Environment
        2. Personally Managed Devices
        3. BYOD
        4. Merging SOE and Personal Device Networks
      5. ✔ Two-Minute Drill
      6. Q&A Self Test
        1. Lab Question
        2. Self Test Answers
        3. Lab Answer
    2. 9 Risk Management Strategy and Controls
      1. Classify Information Types into Levels of CIA Based on Organization/Industry
        1. Confidentiality
        2. Integrity
        3. Availability
        4. CIA Tradeoffs
      2. Determine the Aggregate Score of CIA
        1. Nomenclature
      3. Determine the Minimum Required Security Controls Based on Aggregate Score
      4. Conduct System-Specific Risk Analysis
        1. Qualitative Risk Analysis
        2. Quantitative Risk Analysis
      5. Make Risk Determination
        1. Magnitude of Impact
        2. Likelihood of Threat
      6. Decide Which Security Controls Should Be Applied Based on Minimum Requirements
        1. Avoid
        2. Transfer
        3. Mitigate
        4. Accept
      7. Implement Controls
        1. Security Requirements Traceability Matrix (SRTM)
      8. Enterprise Security Architecture (ESA) Frameworks
      9. Continuous Monitoring
      10. ✔ Two-Minute Drill
      11. Q&A Self Test
        1. Lab Question
        2. Self Test Answers
        3. Lab Answer
    3. 10 E-discovery, Data Breaches, and Incident Response
      1. E-discovery
        1. Digital Forensics
        2. Digital Forensics Process
        3. Electronic Inventory and Asset Control
        4. Data Retention Policies
        5. Data Recovery and Storage
        6. Data Ownership and Handling
      2. Data Breach
        1. Recovery
        2. Minimization
        3. Mitigation and Response
      3. System Design to Facilitate Incident Response, Taking into Account Types of Violations
        1. Internal and External
        2. Privacy Policy Violations
        3. Criminal Actions
        4. Establish and Review System Event and Security Logs
      4. Incident and Emergency Response
        1. Incident Response Teams
      5. ✔ Two-Minute Drill
      6. Q&A Self Test
        1. Lab Question
        2. Self Test Answers
        3. Lab Answer
    4. 11 Security and Privacy Policies
      1. Policy Development and Updates in Light of New Business, Technology, and Environment Changes
      2. Process/Procedure Development and Updates in Light of Policy, Environment, and Business Changes
      3. Support Legal Compliance and Advocacy by Partnering with HR, Legal, Management, and Other Entities
      4. Use Common Business Documents to Support Security
        1. Interconnection Security Agreement (ISA)
        2. Memorandum of Understanding (MOU)
        3. Service Level Agreement (SLA)
        4. Operating Level Agreement (OLA)
        5. Non-Disclosure Agreement (NDA)
        6. Business Partnership Agreement (BPA)
      5. Use General Privacy Principles for PII/Sensitive PII
      6. Support the Development of Policies
        1. Separation of Duties
        2. Job Rotation
        3. Mandatory Vacation
        4. Least Privilege
        5. Incident Response
        6. Forensic Tasks
        7. On-going Security
        8. Training and Awareness for Users
        9. Auditing Requirements and Frequency
      7. ✔ Two-Minute Drill
      8. Q&A Self Test
        1. Lab Question
        2. Self Test Answers
        3. Lab Answer
  12. Part III Research and Analysis
    1. 12 Industry Trends
      1. Ongoing Security Research
        1. Best Practices
        2. New Technologies
        3. New Security Systems and Services
        4. Technology Evolution
      2. Situational Awareness
        1. Latest Client-Side Attacks
        2. Threats
        3. Counter Zero Day
        4. Emergent Issues
      3. Research Security Implications of New Business Tools
        1. Social Media/Networking
        2. Integration within the Business
      4. Global Information Assurance Industry/Community
        1. Conventions
        2. Attackers
        3. Emerging Threat Sources
      5. Security Requirements for Contracts
        1. RFP, RFQ, and RFI
        2. Agreements
      6. ✔ Two-Minute Drill
      7. Q&A Self Test
        1. Lab Question
        2. Self Test Answers
        3. Lab Answer
    2. 13 Enterprise Security
      1. Benchmark
      2. Prototype and Test Multiple Solutions
      3. Cost Benefit Analysis (ROI, TCO)
      4. Analyze and Interpret Trend Data to Anticipate Cyber Defense Aids
      5. Review Effectiveness of Existing Security
      6. Reverse-Engineer/Deconstruct Existing Solutions
      7. Analyze Security Solutions to Ensure They Meet Business Needs
        1. Specify the Performance
        2. Latency
        3. Scalability
        4. Capability
        5. Usability
        6. Maintainability
        7. Availability
      8. Conduct a Lessons-Learned/After-Action Review
      9. Use Judgment to Solve Difficult Problems That Do Not Have a Best Solution
      10. Conduct Network Traffic Analysis
      11. ✔ Two-Minute Drill
      12. Q&A Self Test
        1. Lab Question
        2. Self Test Answers
      13. Lab Question
  13. Part IV Integration of Computing, Communications and Business Disciplines
    1. 14 People and Security
      1. Interpreting Security Requirements to Communicate with Others
        1. Programmers
        2. Network Engineers
        3. Sales Staff
      2. Providing Guidance to Staff and Senior Management
      3. Establishing Effective Collaboration within Teams
      4. Disciplines
        1. Programmer
        2. Database Administrator
        3. Network Administrator
        4. Management
        5. Stakeholders
        6. Financial Personnel
        7. Human Resources
        8. Emergency Response Team
        9. Facilities Manager
        10. Physical Security Manager
      5. ✔ Two-Minute Drill
      6. Q&A Self Test
        1. Lab Question
        2. Self Test Answers
        3. Lab Answer
    2. 15 Change Control
      1. Security Concerns of Interconnecting Multiple Industries
        1. Rules, Policies, and Regulations
      2. Design Consideration During Mergers, Acquisitions, and Demergers
      3. Assuring Third-Party Products Only Introduce Acceptable Risk
        1. Custom Developed
        2. COTS
      4. Network Secure Segmentation and Delegation
      5. Integration of Products and Services
      6. ✔ Two-Minute Drill
      7. Q&A Self Test
        1. Lab Question
        2. Self Test Answers
        3. Lab Answer
    3. 16 Security Controls for Communication and Collaboration
      1. Unified Communications Security
        1. Web Conferencing
        2. Video Conferencing
        3. Instant Messaging (IM)
        4. Desktop Sharing
        5. Remote Assistance
        6. Presence
        7. E-mail
        8. Telephony
      2. VoIP Security
      3. VoIP Implementation
      4. Remote Access
      5. Enterprise Configuration Management of Mobile Devices
      6. Secure External Communications
      7. Secure Implementation of Collaboration Platforms
      8. Prioritizing Traffic (QoS)
      9. Mobile Devices
        1. Laptops, IP Cameras, IP-based Devices
      10. ✔ Two-Minute Drill
      11. Q&A Self Test
        1. Lab Question
        2. Self Test Answers
        3. Lab Answer
    4. 17 Advanced Authentication Tools, Techniques, and Concepts
      1. Federated Identity Management
      2. eXtensible Access Control Markup Language (XACML)
      3. Simple Object Access Protocol (SOAP)
      4. Single Sign On (SSO)
        1. OpenID
      5. Service Provisioning Markup Language (SPML)
      6. Certificate-based Authentication
        1. SSL/TLS Certificate-based Authentication
      7. Attestation
      8. ✔ Two-Minute Drill
      9. Q&A Self Test
        1. Lab Question
        2. Self Test Answers
        3. Lab Answer
    5. 18 Security Activities Across the Technology Life Cycle
      1. End-to-End Solution Ownership
      2. Understanding the Results of Solutions in Advance
        1. Operational Activities
        2. Maintenance
        3. Decommissioning
        4. General Change Management
      3. Systems Development Life Cycle
        1. Security System Development Life Cycle (SSDLC) and Security Development Life Cycle (SDLC)
        2. Security Requirements Traceability Matrix (SRTM)
      4. Adapt Solutions to Address Emerging Threats and Security Trends
      5. Validate the System Design
        1. Common Criteria
        2. Federal Information Processing Standards (FIPS)
      6. ✔ Two-Minute Drill
      7. Q&A Self Test
        1. Lab Question
        2. Self Test Answers
        3. Lab Answer
  14. Appendix About the Download
    1. Downloading the ISO File
      1. System Requirements
    2. Installing and Running MasterExam
      1. MasterExam
    3. LearnKey Online Training
    4. Help
    5. Removing Installations
    6. Technical Support
    7. LearnKey Technical Support
  15. Glossary
  16. Index

Product information

  • Title: CASP CompTIA Advanced Security Practitioner Certification Study Guide (Exam CAS-001)
  • Author(s): Wm. Arthur Conklin, Gregory White, Dwayne Williams
  • Release date: October 2012
  • Publisher(s): McGraw-Hill
  • ISBN: 9780071776196