Details

CASP+ CompTIA Advanced Security Practitioner Study Guide

CASP+ CompTIA Advanced Security Practitioner Study Guide

Exam CAS-004
4. Aufl.

von: Nadean H. Tanner, Jeff T. Parker

38,99 €

Verlag: Wiley
Format: PDF
Veröffentl.: 15.09.2022
ISBN/EAN: 9781119803188
Sprache: englisch
Anzahl Seiten: 592

In den Warenkorb
Als Gutschein
DRM-geschütztes eBook, Sie benötigen z.B. Adobe Digital Editions und eine Adobe ID zum Lesen.

Beschreibungen

Titelbeschreibung

<p><b>Prepare to succeed in your new cybersecurity career with the challenging and sought-after CASP+ credential </b></p> <p>In the newly updated Fourth Edition of <i>CASP+ CompTIA Advanced Security Practitioner Study Guide Exam CAS-004</i>, risk management and compliance expert Jeff Parker walks you through critical security topics and hands-on labs designed to prepare you for the new CompTIA Advanced Security Professional exam and a career in cybersecurity implementation. Content and chapter structure of this Fourth edition was developed and restructured to represent the CAS-004 Exam Objectives.  </p> <p>From operations and architecture concepts, techniques and requirements to risk analysis, mobile and small-form factor device security, secure cloud integration, and cryptography, you’ll learn the cybersecurity technical skills you’ll need to succeed on the new CAS-004 exam, impress interviewers during your job search, and excel in your new career in cybersecurity implementation. </p> <p>This comprehensive book offers: </p> <ul> <li>Efficient preparation for a challenging and rewarding career in implementing specific solutions within cybersecurity policies and frameworks </li> <li>A robust grounding in the technical skills you’ll need to impress during cybersecurity interviews </li> <li>Content delivered through scenarios, a strong focus of the CAS-004 Exam </li> <li>Access to an interactive online test bank and study tools, including bonus practice exam questions, electronic flashcards, and a searchable glossary of key terms </li> </ul> <p>Perfect for anyone preparing for the CASP+ (CAS-004) exam and a new career in cybersecurity, <i>CASP+ CompTIA Advanced Security Practitioner Study Guide Exam CAS-004 </i>is also an ideal resource for current IT professionals wanting to promote their cybersecurity skills or prepare for a career transition into enterprise cybersecurity. </p>

Inhaltsverzeichnis

<p>Introduction xxv</p> <p>Assessment Test xxxv</p> <p><b>Chapter 1 Risk Management 1</b></p> <p>Risk Terminology 4</p> <p>The Risk Assessment Process 6</p> <p>Asset Identification 6</p> <p>Information Classification 8</p> <p>Risk Assessment 9</p> <p>Risk Assessment Options 14</p> <p>Implementing Controls 16</p> <p>Policies Used to Manage Employees 17</p> <p>Pre-Employment Policies 18</p> <p>Employment Policies 18</p> <p>End of Employment and Termination Procedures 20</p> <p>Cost-Benefit Analysis 21</p> <p>Continuous Monitoring 22</p> <p>Enterprise Security Architecture Frameworks and Governance 23</p> <p>Training and Awareness for Users 24</p> <p>Best Practices for Risk Assessments 25</p> <p>Business Continuity Planning and Disaster Recovery 27</p> <p>Reviewing the Effectiveness of Existing Security Controls 28</p> <p>Conducting Lessons Learned and After-Action Reviews 30</p> <p>Creation, Collection, and Analysis of Metrics 31</p> <p>Metrics 31</p> <p>Trend Data 32</p> <p>Analyzing Security Solutions to Ensure They Meet Business Needs 32</p> <p>Testing Plans 33</p> <p>Internal and External Audits 34</p> <p>Using Judgment to Solve Difficult Problems 35</p> <p>Summary 35</p> <p>Exam Essentials 36</p> <p>Review Questions 38</p> <p><b>Chapter 2 Configure and Implement Endpoint Security Controls 43</b></p> <p>Hardening Techniques 45</p> <p>Address Space Layout Randomization Use 47</p> <p>Hardware Security Module and Trusted Platform Module 48</p> <p>Trusted Operating Systems 52</p> <p>Compensating Controls 55</p> <p>Summary 57</p> <p>Exam Essentials 58</p> <p>Review Questions 59</p> <p><b>Chapter 3 Security Operations Scenarios 63</b></p> <p>Threat Management 66</p> <p>Types of Intelligence 66</p> <p>Threat Hunting 67</p> <p>Threat Emulation 67</p> <p>Actor Types 67</p> <p>Intelligence Collection Methods 71</p> <p>Open-Source</p> <p>Intelligence 71</p> <p>Human Intelligence and Social Engineering 73</p> <p>Frameworks 74</p> <p>MITRE Adversarial Tactics, Techniques and Common Knowledge 74</p> <p>ATT&CK for Industrial Control Systems 75</p> <p>Cyber Kill Chain 76</p> <p>Diamond Model of Intrusion Analysis 76</p> <p>Indicators of Compromise 77</p> <p>Reading the Logs 77</p> <p>Intrusion Detection and Prevention 78</p> <p>Notifications and Responses to IoCs 79</p> <p>Response 80</p> <p>Summary 85</p> <p>Exam Essentials 85</p> <p>Review Questions 86</p> <p><b>Chapter 4 Security Ops: Vulnerability Assessments and Operational Risk 91</b></p> <p>Terminology 97</p> <p>Vulnerability Management 98</p> <p>Security Content Automation Protocol 103</p> <p>Self-Assessment vs. Third-Party Vendor Assessment 105</p> <p>Patch Management 108</p> <p>Information Sources 110</p> <p>Tools 112</p> <p>Assessments 124</p> <p>Penetration Testing 129</p> <p>Assessment Types 131</p> <p>Vulnerabilities 134</p> <p>Buffer Overflow 134</p> <p>Integer Overflow 135</p> <p>Memory Leaks 136</p> <p>Race Conditions (TOC/TOU) 136</p> <p>Resource Exhaustion 137</p> <p>Data Remnants 138</p> <p>Use of Third-Party Libraries 138</p> <p>Code Reuse 138</p> <p>Cryptographic Vulnerabilities 138</p> <p>Broken Authentication 139</p> <p>Security Misconfiguration 140</p> <p>Inherently Vulnerable System/Application 140</p> <p>Client-Side Processing vs. Server-Side Processing 141</p> <p>Attacks 145</p> <p>Proactive Detection 153</p> <p>Incident Response 153</p> <p>Countermeasures 153</p> <p>Deceptive Technology 154</p> <p>USB Key Drops 155</p> <p>Simulation 155</p> <p>Security Data Analytics 155</p> <p>Application Control 156</p> <p>Allow and Block Lists 157</p> <p>Security Automation 157</p> <p>Physical Security 158</p> <p>Summary 159</p> <p>Exam Essentials 160</p> <p>Review Questions 161</p> <p><b>Chapter 5 Compliance and Vendor Risk 165</b></p> <p>Shared Responsibility in Cloud Computing 168</p> <p>Cloud Service/Infrastructure Models 169</p> <p>Cloud Computing Providers and Hosting Options 169</p> <p>Benefits of Cloud Computing 171</p> <p>Security of On-Demand/Elastic Cloud Computing 174</p> <p>Geographic Location 175</p> <p>Infrastructure 175</p> <p>Compute 175</p> <p>Storage 175</p> <p>Networking 176</p> <p>Managing and Mitigating Risk 182</p> <p>Security Concerns of Integrating Diverse Industries 185</p> <p>Regulations, Accreditations, and Standards 187</p> <p>PCI DSS 187</p> <p>GDPR 190</p> <p>ISO 192</p> <p>CMMI 193</p> <p>NIST 194</p> <p>COPPA 195</p> <p>CSA-STAR 196</p> <p>HIPAA, SOX, and GLBA 197</p> <p>Contract and Agreement Types 198</p> <p>Third-Party Attestation of Compliance 202</p> <p>Legal Considerations 203</p> <p>Summary 204</p> <p>Exam Essentials 205</p> <p>Review Questions 206</p> <p><b>Chapter 6 Cryptography and PKI 211</b></p> <p>The History of Cryptography 216</p> <p>Cryptographic Goals and Requirements 217</p> <p>Supporting Security Requirements 218</p> <p>Compliance and Policy Requirements 219</p> <p>Privacy and Confidentiality Requirements 219</p> <p>Integrity Requirements 220</p> <p>Nonrepudiation 220</p> <p>Risks with Data 221</p> <p>Data at Rest 221</p> <p>Data in Transit 222</p> <p>Data in Process/Data in Use 222</p> <p>Hashing 223</p> <p>Message Digest 225</p> <p>Secure Hash Algorithm 225</p> <p>Message Authentication Code 226</p> <p>Hashed Message Authentication Code 226</p> <p>RACE Integrity Primitives Evaluation Message Digest 226</p> <p>Poly1305 226</p> <p>Symmetric Algorithms 227</p> <p>Data Encryption Standard 230</p> <p>Triple DES 231</p> <p>Rijndael and the Advanced Encryption Standard 231</p> <p>ChaCha 232</p> <p>Salsa20 232</p> <p>International Data Encryption Algorithm 232</p> <p>Rivest Cipher Algorithms 233</p> <p>Counter Mode 233</p> <p>Asymmetric Encryption 233</p> <p>Diffie–Hellman 235</p> <p>RSA 236</p> <p>Elliptic Curve Cryptography 237</p> <p>ElGamal 238</p> <p>Hybrid Encryption and Electronic Data Exchange (EDI) 238</p> <p>Public Key Infrastructure Hierarchy 239</p> <p>Certificate Authority 240</p> <p>Registration Authority 241</p> <p>Digital Certificates 241</p> <p>Certificate Revocation List 243</p> <p>Certificate Types 243</p> <p>Certificate Distribution 244</p> <p>The Client’s Role in PKI 245</p> <p>Implementation of Cryptographic Solutions 247</p> <p>Application Layer Encryption 248</p> <p>Transport Layer Encryption 249</p> <p>Internet Layer Controls 250</p> <p>Additional Authentication Protocols 251</p> <p>Cryptocurrency 252</p> <p>Digital Signatures 252</p> <p>Recognizing Cryptographic Attacks 254</p> <p>Troubleshooting Cryptographic Implementations 256</p> <p>Summary 259</p> <p>Exam Essentials 259</p> <p>Review Questions 261</p> <p><b>Chapter 7 Incident Response and Forensics 265</b></p> <p>The Incident Response Framework 268</p> <p>Event Classifications 268</p> <p>Triage Events 269</p> <p>Pre-Escalation Tasks 270</p> <p>The Incident Response Process 270</p> <p>Response Playbooks and Processes 273</p> <p>Communication Plan and Stakeholder Management 274</p> <p>Forensic Concepts 277</p> <p>Principles, Standards, and Practices 278</p> <p>The Forensic Process 279</p> <p>Forensic Analysis Tools 283</p> <p>File Carving Tools 284</p> <p>Binary Analysis Tools 284</p> <p>Analysis Tools 286</p> <p>Imaging Tools 288</p> <p>Hashing Utilities 289</p> <p>Live Collection vs. Postmortem Tools 290</p> <p>Summary 294</p> <p>Exam Essentials 294</p> <p>Review Questions 295</p> <p><b>Chapter 8 Security Architecture 301</b></p> <p>Security Requirements and Objectives for a Secure Network Architecture 310</p> <p>Services 310</p> <p>Segmentation 334</p> <p>Deperimeterization/Zero Trust 344</p> <p>Merging Networks from Various Organizations 352</p> <p>Software-Defined Networking 357</p> <p>Organizational Requirements for Infrastructure Security Design 358</p> <p>Scalability 358</p> <p>Resiliency 359</p> <p>Automation 359</p> <p>Containerization 360</p> <p>Virtualization 361</p> <p>Content Delivery Network 361</p> <p>Integrating Applications Securely into an Enterprise Architecture 362</p> <p>Baseline and Templates 362</p> <p>Software Assurance 367</p> <p>Considerations of Integrating Enterprise Applications 370</p> <p>Integrating Security into the Development Life Cycle 373</p> <p>Data Security Techniques for Securing Enterprise Architecture 384</p> <p>Data Loss Prevention 384</p> <p>Data Loss Detection 387</p> <p>Data Classification, Labeling, and Tagging 388</p> <p>Obfuscation 390</p> <p>Anonymization 390</p> <p>Encrypted vs. Unencrypted 390</p> <p>Data Life Cycle 391</p> <p>Data Inventory and Mapping 391</p> <p>Data Integrity Management 391</p> <p>Data Storage, Backup, and Recovery 392</p> <p>Security Requirements and Objectives for Authentication and Authorization Controls 394</p> <p>Credential Management 394</p> <p>Password Policies 396</p> <p>Federation 398</p> <p>Access Control 399</p> <p>Protocols 401</p> <p>Multifactor Authentication 403</p> <p>One-Time Passwords 404</p> <p>Hardware Root of Trust 404</p> <p>Single Sign-On 405</p> <p>JavaScript Object Notation Web Token 405</p> <p>Attestation and Identity Proofing 406</p> <p>Summary 406</p> <p>Exam Essentials 407</p> <p>Review Questions 410</p> <p><b>Chapter 9 Secure Cloud and Virtualization 415</b></p> <p>Implement Secure Cloud and Virtualization Solutions 418</p> <p>Virtualization Strategies 419</p> <p>Deployment Models and Considerations 425</p> <p>Service Models 429</p> <p>Cloud Provider Limitations 433</p> <p>Extending Appropriate On-Premises Controls 433</p> <p>Storage Models 439</p> <p>How Cloud Technology Adoption Impacts Organization Security 445</p> <p>Automation and Orchestration 445</p> <p>Encryption Configuration 445</p> <p>Logs 446</p> <p>Monitoring Configurations 447</p> <p>Key Ownership and Location 448</p> <p>Key Life-Cycle Management 448</p> <p>Backup and Recovery Methods 449</p> <p>Infrastructure vs. Serverless Computing 450</p> <p>Software-Defined Networking 450</p> <p>Misconfigurations 451</p> <p>Collaboration Tools 451</p> <p>Bit Splitting 461</p> <p>Data Dispersion 461</p> <p>Summary 461</p> <p>Exam Essentials 462</p> <p>Review Questions 463</p> <p><b>Chapter 10 Mobility and Emerging Technologies 467</b></p> <p>Emerging Technologies and Their Impact on Enterprise Security and Privacy 471</p> <p>Artificial Intelligence 472</p> <p>Machine Learning 472</p> <p>Deep Learning 472</p> <p>Quantum Computing 473</p> <p>Blockchain 473</p> <p>Homomorphic Encryption 474</p> <p>Distributed Consensus 475</p> <p>Big Data 475</p> <p>Virtual/Augmented Reality 475</p> <p>3D Printing 476</p> <p>Passwordless Authentication 476</p> <p>Nano Technology 477</p> <p>Biometric Impersonation 477</p> <p>Secure Enterprise Mobility Configurations 478</p> <p>Managed Configurations 479</p> <p>Deployment Scenarios 486</p> <p>Mobile Device Security Considerations 487</p> <p>Security Considerations for Technologies, Protocols, and Sectors 495</p> <p>Embedded Technologies 495</p> <p>ICS/Supervisory Control and Data Acquisition 496</p> <p>Protocols 498</p> <p>Sectors 499</p> <p>Summary 500</p> <p>Exam Essentials 500</p> <p>Review Questions 501</p> <p>Appendix Answers to Review Questions 505</p> <p>Chapter 1: Risk Management 506</p> <p>Chapter 2: Configure and Implement Endpoint Security Controls 507</p> <p>Chapter 3: Security Operations Scenarios 509</p> <p>Chapter 4: Security Ops: Vulnerability Assessments and Operational Risk 511</p> <p>Chapter 5: Compliance and Vendor Risk 513</p> <p>Chapter 6: Cryptography and PKI 514</p> <p>Chapter 7: Incident Response and Forensics 516</p> <p>Chapter 8: Security Architecture 519</p> <p>Chapter 9: Secure Cloud and Virtualization 522</p> <p>Chapter 10: Mobility and Emerging Technologies 524</p> <p>Index 529</p>

Autorenportrait

<p><b>ABOUT THE AUTHORS</b> <p><b>NADEAN H. TANNER</b> has been in the technology industry for over 20 years in a variety of positions from marketing to training to web development to hardware. She has worked in academia as an IT director and a postgraduate technology instructor. She has also been a trainer and consultant in advanced cybersecurity for Fortune 500 companies as well as the U.S. Department of Defense. Nadean is the author of <i>CASP+ Practices Tests: Exam CAS-004 and Cybersecurity Blue Team Toolkit.</i> <p><b>JEFF T. PARKER, CISSP, CompTIA Project+, CySA+,</b> is a certified technical trainer and consultant specializing in governance, risk management and compliance. Jeff’s infosec roots began as a security engineer, a member of a HP consulting group in Boston, USA. Prior to becoming an author, Jeff was a Global IT Risk Manager residing for several years in Prague, Czech Republic, where he rolled out a new risk management strategy for a multinational logistics firm.

Back cover copy

<p><b>The Updated CAS-004 Edition of the Best-Selling Study Guide for CompTIA’s CASP+ Certification</b> <p>The <i>CASP+ Study Guide, 4th Edition</i>, covers all CASP+ exam objectives with clear, concise, thorough information on crucial security topics. Updated for the CAS-004 exam, this Sybex Study Guide is full of practical examples and insights drawn from real-world experience to help you succeed. You’ll prepare for the exam smarter and faster with Sybex, thanks to superior content, including practice tests, a CASP+ Lab manual, and exam essentials. Reinforce what you have learned with the exclusive Sybex online learning environment and test bank, assessable across multiple devices. Get prepared for the CASP+ exam with Sybex. <p><b>Coverage of 100% of all exam objectives in this Study Guide means you’ll be ready for:</b> <ul><li>Security Architecture </li> <li>Security Operations </li> <li>Security Engineering and Cryptography</li> <li>Governance, Risk, and Compliance</li></ul> <p><b> ABOUT THE CASP+ CERTIFICATION</b> <p>The vendor-neutral CASP+ (CompTIA Advanced Security Practitioner) certification is the ideal credential for advanced level IT security professionals with the technical knowledge and skills required to conceptualize, design, and engineer secure solutions across complex enterprise environments. For more information visit www.comptia.org. <p><b>Interactive learning environment</b> <p>Take your exam prep to the next level with Sybex’s superior interactive online study tools. To access our learning environment, simply visit <b>www.wiley.com/go/sybex testprep,</b> register your book to receive your unique PIN and instantly gain a year of FREE access to: <ul><li><b>Interactive test bank with</b> 2 practice exams to help you to identify areas where further review is needed. Get more than 90% of the answers correct, and you’re ready to take the certification exam.</li> <li><b>100 electronic flashcards</b> to reinforce learning and last-minute prep before the exam </li> <li><b>Comprehensive glossary</b> in PDF format gives you instant access to the key terms so you are fully prepared</li></ul>

Country of final manufacture

US

Diese Produkte könnten Sie auch interessieren:

CompTIA A+ Certification All-In-One Desk Reference For Dummies
CompTIA A+ Certification All-In-One Desk Reference For Dummies
von: Glen E. Clarke, Edward Tetz
PDF ebook
26,99 €
Google Earth For Dummies
Google Earth For Dummies
von: David A. Crowder
PDF ebook
19,99 €
The IT Professional's Business and Communications Guide
The IT Professional's Business and Communications Guide
von: Steven Johnson
PDF ebook
17,99 €