Book description
Get Prepared for CompTIA Advanced Security Practitioner (CASP) Exam
Targeting security professionals who either have their CompTIA Security+ certification or are looking to achieve a more advanced security certification, this CompTIA Authorized study guide is focused on the new CompTIA Advanced Security Practitioner (CASP) Exam CAS-001. Veteran IT security expert and author Michael Gregg details the technical knowledge and skills you need to conceptualize, design, and engineer secure solutions across complex enterprise environments. He prepares you for aspects of the certification test that assess how well you apply critical thinking and judgment across a broad spectrum of security disciplines.
Featuring clear and concise information on crucial security topics, this study guide includes examples and insights drawn from real-world experience to help you not only prepare for the exam, but also your career. You will get complete coverage of exam objectives for all topic areas including:
Securing Enterprise-level Infrastructures
Conducting Risk Management Assessment
Implementing Security Policies and Procedures
Researching and Analyzing Industry Trends
Integrating Computing, Communications and Business Disciplines
Additionally, you can download a suite of study tools to help you prepare including an assessment test, two practice exams, electronic flashcards, and a glossary of key terms. Go to www.sybex.com/go/casp
and download the full set of electronic test prep tools.
Table of contents
- Cover
- Title Page
- Copyright
- Dear Reader,
- Dedication
- Acknowledgments
- About the Authors
- Table of Exercises
- Foreword
- Introduction
- Chapter 1: Cryptographic Tools and Techniques
- Chapter 2: Comprehensive Security Solutions
- Chapter 3: Securing Virtualized, Distributed, and Shared Computing
- Chapter 4: Host Security
-
Chapter 5: Application Security and Penetration Testing
- Application Security
- Specific Application Issues
- Application Sandboxing
- Application Security Framework
- Standard Libraries
- Secure Coding Standards
- Application Exploits
- Escalation of Privilege
- Improper Storage of Sensitive Data
- Cookie Storage and Transmission
- Process Handling at the Client and Server
- Security Assessments and Penetration Testing
- Summary
- Exam Essentials
- Review Questions
- Chapter 6: Risk Management
-
Chapter 7: Policies, Procedures, and Incident Response
- A High-Level View of Documentation
- Business Documents Used to Support Security
- Documents and Controls Used for Sensitive Information
- Auditing Requirements and Frequency
- The Incident Response Framework
- Digital Forensics
- The Role of Training and Employee Awareness
- Summary
- Exam Essentials
- Review Questions
- Chapter 8: Security Research and Analysis
- Chapter 9: Enterprise Security Integration
- Chapter 10: Security Controls for Communication and Collaboration
-
Appendix A: CASP Lab Manual
- What You’ll Need
- Lab A1: Download, Verify, and Install a Virtual Environment
- Lab A2: Explore Your Virtual Network
- Lab A3: Port Scanning
- Lab A4: Introduction to a Protocol Analyzer
- Lab A5: Web Vulnerabilities
- Lab A6: Introduction to the Nessus Vulnerability Scanner
- Lab A7: Verify a Baseline Security Configuration
- Lab A8: Basic Introduction to Windows Forensic Tools
- Lab A9: Introduction to Helix
- Lab A10: Introduction to Hashing
- Lab A11: File Encryption
- Lab A12: Cracking Encrypted Files
- Lab A13: Intrusion Detection
- Lab A14: An Introduction to Signature-Based Scanning
- Lab A15: Rootkit Detection
- Lab A16: Threat Modeling
- Lab A17: Introduction to the Metasploit Framework
- Lab A18: Social Engineering
- Lab A19: Routing, Switching, and Security
- Lab A20: Further Exploration
-
Appendix B: Answers to Review Questions
- Chapter 1: Cryptographic Tools and Techniques
- Chapter 2: Comprehensive Security Solutions
- Chapter 3: Securing Virtualized, Distributed, and Shared Computing
- Chapter 4: Host Security
- Chapter 5: Application Security and Penetration Testing
- Chapter 6: Risk Management
- Chapter 7: Policies, Procedures, and Incident Response
- Chapter 8: Security Research and Analysis
- Chapter 9: Enterprise Security Integration
- Chapter 10: Security Controls for Communication and Collaboration
- Appendix C: About the Additional Study Tools
- Index
Product information
- Title: CASP: CompTIA® Advanced Security Practitioner, Study Guide
- Author(s):
- Release date: February 2012
- Publisher(s): Sybex
- ISBN: 9781118083192
You might also like
book
CASP CompTIA Advanced Security Practitioner Study Guide: Exam CAS-002, Second Edition
CompTIA-approved, best-selling prep for CompTIA's Advanced Security Practitioner certification, updated for the CAS-002 exam CASP: CompTIA …
book
CASP CompTIA Advanced Security Practitioner Certification Study Guide (Exam CAS-001)
The Best Fully Integrated Study System Available for Exam CAS-001 With hundreds of practice questions and …
book
Building a HIPAA-Compliant Cybersecurity Program: Using NIST 800-30 and CSF to Secure Protected Health Information
Use this book to learn how to conduct a timely and thorough Risk Analysis and Assessment …
book
ASVAB Exam Cram, Second Edition
The Publisher regrets that the CD/DVD content for this title cannot be made available Online. ASVAB …