book

CASP+ CompTIA Advanced Security Practitioner Study Guide, 4th Edition

Name: CASP+ CompTIA Advanced Security Practitioner Study Guide, 4th Edition
ISBN: 9781119803164

by Nadean H. Tanner, Jeff T. Parker

October 2022

Intermediate to advanced

592 pages

17h 32m

English

Sybex

Read now

Unlock full access

Cover
Title Page
Copyright
Acknowledgments
About the Authors
About the Technical Editor
Table of Exercises
Introduction
Before You Begin the CompTIA CASP+ Certification ExamWho Should Read This BookWhat You Will LearnHow This Book Is OrganizedHow to Use This BookTips for Taking the CASP+ ExamInteractive Online Learning Environment and TestBankCompTIA CASP+ Study Guide Exam ObjectivesThe CASP+ Exam Objective MapReader Support for This BookAssessment TestAnswers to Assessment Test
Chapter 1: Risk Management
Risk TerminologyThe Risk Assessment ProcessPolicies Used to Manage EmployeesCost-Benefit AnalysisContinuous MonitoringEnterprise Security Architecture Frameworks and GovernanceTraining and Awareness for UsersBest Practices for Risk AssessmentsBusiness Continuity Planning and Disaster RecoveryReviewing the Effectiveness of Existing Security ControlsConducting Lessons Learned and After-Action ReviewsCreation, Collection, and Analysis of MetricsAnalyzing Security Solutions to Ensure They Meet Business NeedsTesting PlansInternal and External AuditsUsing Judgment to Solve Difficult ProblemsSummaryExam EssentialsReview Questions
Chapter 2: Configure and Implement Endpoint Security Controls
Hardening TechniquesTrusted Operating SystemsCompensating ControlsSummaryExam EssentialsReview Questions

Chapter 3: Security Operations Scenarios
Threat ManagementActor TypesIntelligence Collection MethodsFrameworksIndicators of CompromiseResponseSummaryExam EssentialsReview Questions
Chapter 4: Security Ops: Vulnerability Assessments and Operational Risk
TerminologyVulnerability ManagementVulnerabilitiesInherently Vulnerable System/ApplicationProactive DetectionSummaryExam EssentialsReview Questions
Chapter 5: Compliance and Vendor Risk
Shared Responsibility in Cloud ComputingSecurity Concerns of Integrating Diverse IndustriesRegulations, Accreditations, and StandardsContract and Agreement TypesThird-Party Attestation of ComplianceLegal ConsiderationsSummaryExam EssentialsReview Questions
Chapter 6: Cryptography and PKI
The History of CryptographyCryptographic Goals and RequirementsSupporting Security RequirementsRisks with DataHashingSymmetric AlgorithmsAsymmetric EncryptionPublic Key Infrastructure HierarchyDigital CertificatesImplementation of Cryptographic SolutionsRecognizing Cryptographic AttacksTroubleshooting Cryptographic ImplementationsSummaryExam EssentialsReview Questions
Chapter 7: Incident Response and Forensics
The Incident Response FrameworkForensic ConceptsForensic Analysis ToolsSummaryExam EssentialsReview Questions
Chapter 8: Security Architecture
Security Requirements and Objectives for a Secure Network ArchitectureOrganizational Requirements for Infrastructure Security DesignIntegrating Applications Securely into an Enterprise ArchitectureData Security Techniques for Securing Enterprise ArchitectureSecurity Requirements and Objectives for Authentication and Authorization ControlsSummaryExam EssentialsReview Questions
Chapter 9: Secure Cloud and Virtualization
Implement Secure Cloud and Virtualization SolutionsHow Cloud Technology Adoption Impacts Organization SecuritySummaryExam EssentialsReview Questions
Chapter 10: Mobility and Emerging Technologies
Emerging Technologies and Their Impact on Enterprise Security and PrivacySecure Enterprise Mobility ConfigurationsSecurity Considerations for Technologies, Protocols, and SectorsSummaryExam EssentialsReview Questions
Appendix: Answers to Review Questions
Chapter 1: Risk ManagementChapter 2: Configure and Implement Endpoint Security ControlsChapter 3: Security Operations ScenariosChapter 4: Security Ops: Vulnerability Assessments and Operational RiskChapter 5: Compliance and Vendor RiskChapter 6: Cryptography and PKIChapter 7: Incident Response and ForensicsChapter 8: Security ArchitectureChapter 9: Secure Cloud and VirtualizationChapter 10: Mobility and Emerging Technologies
Index
End User License Agreement

Overview

Prepare to succeed in your new cybersecurity career with the challenging and sought-after CASP+ credential

In the newly updated Fourth Edition of CASP+ CompTIA Advanced Security Practitioner Study Guide Exam CAS-004, risk management and compliance expert Jeff Parker walks you through critical security topics and hands-on labs designed to prepare you for the new CompTIA Advanced Security Professional exam and a career in cybersecurity implementation. Content and chapter structure of this Fourth edition was developed and restructured to represent the CAS-004 Exam Objectives.

From operations and architecture concepts, techniques and requirements to risk analysis, mobile and small-form factor device security, secure cloud integration, and cryptography, you’ll learn the cybersecurity technical skills you’ll need to succeed on the new CAS-004 exam, impress interviewers during your job search, and excel in your new career in cybersecurity implementation.

This comprehensive book offers:

Efficient preparation for a challenging and rewarding career in implementing specific solutions within cybersecurity policies and frameworks
A robust grounding in the technical skills you’ll need to impress during cybersecurity interviews
Content delivered through scenarios, a strong focus of the CAS-004 Exam
Access to an interactive online test bank and study tools, including bonus practice exam questions, electronic flashcards, and a searchable glossary of key terms

Perfect for anyone preparing for the CASP+ (CAS-004) exam and a new career in cybersecurity, CASP+ CompTIA Advanced Security Practitioner Study Guide Exam CAS-004 is also an ideal resource for current IT professionals wanting to promote their cybersecurity skills or prepare for a career transition into enterprise cybersecurity.

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

CompTIA Advanced Security Practitioner (CASP+) CAS-004 Cert Guide, 3rd Edition

Publisher Resources

ISBN: 9781119803164Purchase Link

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills