Book description
CompTIA-approved, best-selling prep for CompTIA's Advanced Security Practitioner certification, updated for the CAS-002 exam
CASP: CompTIA Advanced Security Practitioner Study Guide: CAS-002 is the updated edition of the bestselling book covering the CASP certification exam. CompTIA approved, this guide covers all of the CASP exam objectives with clear, concise, thorough information on crucial security topics. With practical examples and insights drawn from real-world experience, the book is a comprehensive study resource with authoritative coverage of key concepts. Exam highlights, end-of-chapter reviews, and a searchable glossary help with information retention, and cutting-edge exam prep software offers electronic flashcards and hundreds of bonus practice questions. Additional hands-on lab exercises mimic the exam's focus on practical application, providing extra opportunities for readers to test their skills.
CASP is a DoD 8570.1-recognized security certification that validates the skillset of advanced-level IT security professionals. The exam measures the technical knowledge and skills required to conceptualize, design, and engineer secure solutions across complex enterprise environments, as well as the ability to think critically and apply good judgment across a broad spectrum of security disciplines. This study guide helps CASP candidates thoroughly prepare for the exam, providing the opportunity to:
Master risk management and incident response
Sharpen research and analysis skills
Integrate computing with communications and business
Review enterprise management and technical component integration
Experts predict a 45-fold increase in digital data by 2020, with one-third of all information passing through the cloud. Data has never been so vulnerable, and the demand for certified security professionals is increasing quickly. The CASP proves an IT professional's skills, but getting that certification requires thorough preparation. This CASP study guide provides the information and practice that eliminate surprises on exam day.
Table of contents
- Title Page
- Copyright
- Publisher's Note
- Dedication
- Acknowledgments
- About the Author
- About the Contributor
- Foreword
- Introduction
- Assessment Test
- Chapter 1: Cryptographic Tools and Techniques
- Chapter 2: Comprehensive Security Solutions
- Chapter 3: Securing Virtualized, Distributed, and Shared Computing
-
Chapter 4: Host Security
- Firewalls and Network Access Control
- Host-Based Firewalls
- Trusted Operating Systems
- Endpoint Security Solutions
- Anti-malware
- Host Hardening
- Asset Management
- Data Exfiltration
- Intrusion Detection and Prevention
- Network Management, Monitoring, and Security Tools
- Summary
- Exam Essentials
- Review Questions
-
Chapter 5: Application Security and Penetration Testing
- Application Security Testing
- Specific Application Issues
- Application Sandboxing
- Application Security Frameworks
- Secure Coding Standards
- Application Exploits
- Escalation of Privilege
- Improper Storage of Sensitive Data
- Cookie Storage and Transmission
- Malware Sandboxing
- Memory Dumping
- Process Handling at the Client and Server
- Security Assessments and Penetration Testing
- Summary
- Exam Essentials
- Review Questions
- Chapter 6: Risk Management
-
Chapter 7: Policies, Procedures, and Incident Response
- A High-Level View of Documentation
- Business Documents Used to Support Security
- Documents and Controls Used for Sensitive Information
- Training and Awareness for Users
- Auditing Requirements and Frequency
- The Incident Response Framework
- Incident and Emergency Response
- Summary
- Exam Essentials
- Review Questions
- Chapter 8: Security Research and Analysis
- Chapter 9: Enterprise Security Integration
- Chapter 10: Security Controls for Communication and Collaboration
-
Appendix A: CASP Lab Manual
- What You'll Need
- Lab A1: Verifying a Baseline Security Configuration
- Lab A2: Introduction to a Protocol Analyzer
- Lab A3: Performing a Wireless Site Survey
- Lab A4: Using Windows Remote Access
- Lab A5: Configuring a VPN Client
- Lab A6: Using the Windows Command-Line Interface (CLI)
- Lab A7: Cisco IOS Command-Line Basics
- Lab A8: Shopping for Wi-Fi Antennas
- Lab A9: Cloud Provisioning
- Lab A10: Introduction to Windows Command-Line Forensic Tools
- Lab A11: Introduction to Hashing Using a GUI
- Lab A12: Hashing from the Command Line
- Lab A13: Cracking Encrypted Passwords
- Lab A14: Threat Modeling
- Lab A15: Social Engineering
- Lab A16: Downloading, Verifying, and Installing a Virtual Environment
- Lab A17: Exploring Your Virtual Network
- Lab A18: Port Scanning
- Lab A19: Introduction to the Metasploit Framework
- Lab A20: Sniffing NETinVM Traffic with Wireshark
- Suggestions for Further Exploration of Security Topics
-
Appendix B: Answers to Review Questions
- Chapter 1: Cryptographic Tools and Techniques
- Chapter 2: Comprehensive Security Solutions
- Chapter 3: Securing Virtualized, Distributed, and Shared Computing
- Chapter 4: Host Security
- Chapter 5: Application Security and Penetration Testing
- Chapter 6: Risk Management
- Chapter 7: Policies, Procedures, and Incident Response
- Chapter 8: Security Research and Analysis
- Chapter 9: Enterprise Security Integration
- Chapter 10: Security Controls for Communication and Collaboration
- Appendix C: About the Additional Study Tools
- Free Online Study Tools
- End User License Agreement
Product information
- Title: CASP CompTIA Advanced Security Practitioner Study Guide: Exam CAS-002, Second Edition
- Author(s):
- Release date: October 2014
- Publisher(s): Sybex
- ISBN: 9781118930847
You might also like
book
CASP CompTIA Advanced Security Practitioner Certification Study Guide (Exam CAS-001)
The Best Fully Integrated Study System Available for Exam CAS-001 With hundreds of practice questions and …
book
Asset Protection through Security Awareness
Supplying a high-level overview of how to protect your company's physical and intangible assets, Asset Protection …
book
Communication System Security
Helping current and future system designers take a more productive approach in the field, Communication System …
book
Practical Forensic Imaging
Forensic image acquisition is an important part of postmortem incident response and evidence collection. Digital forensic …