Book description
Learn, prepare, and practice for CompTIA Advanced Security Practitioner (CASP) CAS-003 exam success with this CompTIA Approved Cert Guide from Pearson IT Certification, a leader in IT Certification learning and a CompTIA Authorized Platinum Partner.
- Master CompTIA Advanced Security Practitioner (CASP) CAS-003 exam topics
- Assess your knowledge with chapter-ending quizzes
- Review key concepts with exam preparation tasks
- Practice with unique sets of exam-realistic practice questions
CompTIA Advanced Security Practitioner (CASP) CAS-003 Authorized Cert Guide is a best-of-breed exam study guide. Leading security certification training experts Robin Abernathy and Troy McMillan share preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.
The book presents you with an organized test preparation routine through the use of proven series elements and techniques. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly. Review questions help you assess your knowledge, and a final preparation chapter guides you through tools and resources to help you craft your final study plan.
The companion website contains the powerful Pearson Test Prep practice test software, complete with hundreds of exam-realistic questions. The assessment engine offers you a wealth of customization options and reporting features, laying out a complete assessment of your knowledge to help you focus your study where it is needed most. This online assessment engine enables you to access the practice tests via the Internet on any desktop, laptop, tablet, or smartphone device with internet connectivity. The web-based version also allows you to download the software to your desktop, so you can use the practice test even when you don't have an internet connection. The desktop version syncs with your online version when an internet connection is established, to update and track your progress. This integrated learning package offers these additional benefits:
• Allows you to focus on individual topic areas or take complete, timed exams
• Presents unique sets of exam-realistic practice questions
• Tracks your performance and provides feedback on a module-by-module basis, laying out a complete assessment of your knowledge to help you focus your study where it is needed most.
Well-regarded for its level of detail, assessment features, and challenging review questions and exercises, this CompTIA approved study guide helps you master the concepts and techniques that will enable you to succeed on the exam the first time, including:
- Enterprise security
- Risk management and incident response
- Research, analysis, and assessment
- Integration of computing, communications, and business disciplines
- Technical integration of enterprise components
Companion Website
The website contains two free, complete practice exams.
Includes Exclusive Offer for 70% Off Premium Edition eBook and Practice Test & 60% off
CompTIA Advanced Security Practitioner (CASP) CAS-003 Complete Video Course and Practice Test
Pearson Test Prep online system requirements:
Browsers: Chrome version 40 and above; Firefox
version 35 and above; Safari version 7; Internet Explorer
10, 11; Microsoft Edge; Opera. Devices: Desktop and
laptop computers, tablets running on Android and iOS,
smartphones with a minimum screen size of 4.7".
Internet access required.
Pearson Test Prep offline system requirements:
Windows 10, Windows 8.1, or Windows 7; Microsoft .NET
Framework 4.5 Client; Pentium-class 1 GHz processor (or
equivalent); 512 MB RAM; 650 MB disk space plus 50 MB
for each downloaded practice exam; access to the Internet
to register and download exam databases..
Table of contents
- Cover Page
- About This eBook
- Title Page
- Copyright Page
- Dedication
- Contents at a Glance
- Table of Contents
- About the Authors
- Dedication
- Acknowledgments
- About the Reviewer
- We Want to Hear from You!
- Reader Services
- About the Book
- Introduction: The CASP Exam
-
Chapter 1. Business and Industry Influences and Associated Security Risks
- Risk Management of New Products, New Technologies, and User Behaviors
- New or Changing Business Models/Strategies
- Security Concerns of Integrating Diverse Industries
- Internal and External Influences
- Impact of De-perimeterization (e.g., Constantly Changing Network Boundary)
- Exam Preparation Tasks
- Review All Key Topics
- Define Key Terms
- Review Questions
-
Chapter 2. Security, Privacy Policies, and Procedures
- Policy and Process Life Cycle Management
- Support Legal Compliance and Advocacy
- Common Business Documents to Support Security
- Security Requirements for Contracts
- General Privacy Principles for Sensitive Information
- Support the Development of Policies Containing Standard Security Practices
- Exam Preparation Tasks
- Review All Key Topics
- Define Key Terms
- Review Questions
-
Chapter 3. Risk Mitigation Strategies and Controls
- Categorize Data Types by Impact Levels Based on CIA
- Incorporate Stakeholder Input into CIA Impact-Level Decisions
- Determine the Aggregate CIA Score
- Determine Minimum Required Security Controls Based on Aggregate Score
- Select and Implement Controls Based on CIA Requirements and Organizational Policies
- Extreme Scenario Planning/Worst-Case Scenario
- Conduct System-Specific Risk Analysis
- Make Risk Determination Based upon Known Metrics
- Translate Technical Risks in Business Terms
- Recommend Which Strategy Should Be Applied Based on Risk Appetite
- Risk Management Processes
- Continuous Improvement/Monitoring
- Business Continuity Planning
- IT Governance
- Enterprise Resilience
- Exam Preparation Tasks
- Review All Key Topics
- Define Key Terms
- Review Questions
-
Chapter 4. Risk Metric Scenarios to Secure the Enterprise
- Review Effectiveness of Existing Security Controls
- Reverse Engineer/Deconstruct Existing Solutions
- Creation, Collection, and Analysis of Metrics
- Prototype and Test Multiple Solutions
- Create Benchmarks and Compare to Baselines
- Analyze and Interpret Trend Data to Anticipate Cyber Defense Needs
- Analyze Security Solution Metrics and Attributes to Ensure They Meet Business Needs
- Use Judgment to Solve Problems Where the Most Secure Solution Is Not Feasible
- Exam Preparation Tasks
- Review All Key Topics
- Define Key Terms
- Review Questions
-
Chapter 5. Network and Security Components, Concepts, and Architectures
- Physical and Virtual Network and Security Devices
- Application and Protocol-Aware Technologies
- Advanced Network Design (Wired/Wireless)
- Complex Network Security Solutions for Data Flow
- Secure Configuration and Baselining of Networking and Security Components
- Software-Defined Networking
- Network Management and Monitoring Tools
- Advanced Configuration of Routers, Switches, and Other Network Devices
- Security Zones
- Network Access Control
- Network-Enabled Devices
- Critical Infrastructure
- Exam Preparation Tasks
- Review All Key Topics
- Define Key Terms
- Review Questions
- Chapter 6. Security Controls for Host Devices
- Chapter 7. Security Controls for Mobile and Small Form Factor Devices
-
Chapter 8. Software Vulnerability Security Controls
- Application Security Design Considerations
- Specific Application Issues
- Application Sandboxing
- Secure Encrypted Enclaves
- Database Activity Monitor
- Web Application Firewalls
- Client-Side Processing vs. Server-Side Processing
- Operating System Vulnerabilities
- Firmware Vulnerabilities
- Exam Preparation Tasks
- Define Key Terms
- Review Questions
- Chapter 9. Security Assessments
- Chapter 10. Select the Appropriate Security Assessment Tool
- Chapter 11. Incident Response and Recovery
-
Chapter 12. Host, Storage, Network, and Application Integration
- Adapt Data Flow Security to Meet Changing Business Needs
- Standards
- Interoperability Issues
- Resilience Issues
- Data Security Considerations
- Resources Provisioning and Deprovisioning
- Design Considerations During Mergers, Acquisitions and Demergers/Divestitures
- Network Secure Segmentation and Delegation
- Logical Deployment Diagram and Corresponding Physical Deployment Diagram of All Relevant Devices
- Security and Privacy Considerations of Storage Integration
- Security Implications of Integrating Enterprise Applications
- Exam Preparation Tasks
- Review All Key Topics
- Define Key Terms
- Review Questions
-
Chapter 13. Cloud and Virtualization Technology Integration
- Technical Deployment Models (Outsourcing/Insourcing/Managed Services/Partnership)
- Security Advantages and Disadvantages of Virtualization
- Cloud Augmented Security Services
- Vulnerabilities Associated with Comingling of Hosts with Different Security Requirements
- Data Security Considerations
- Resources Provisioning and Deprovisioning
- Exam Preparation Tasks
- Review All Key Topics
- Define Key Terms
- Review Questions
- Chapter 14. Authentication and Authorization Technology Integration
- Chapter 15. Cryptographic Techniques
- Chapter 16. Secure Communication and Collaboration
- Chapter 17. Industry Trends and Their Impact to the Enterprise
- Chapter 18. Security Activities Across the Technology Life Cycle
-
Chapter 19. Business Unit Interaction
- Interpreting Security Requirements and Goals to Communicate with Stakeholders from Other Disciplines
- Provide Objective Guidance and Impartial Recommendations to Staff and Senior Management on Security Processes and Controls
- Establish Effective Collaboration Within Teams to Implement Secure Solutions
- Governance, Risk, and Compliance Committee
- Exam Preparation Tasks
- Define Key Terms
- Review Questions
- Appendix A. Answers
- Glossary
- Index
- Appendix B. Memory Tables
- Appendix C. Memory Table Answers
- Appendix D. Study Planner
- Code Snippets
- Where are the companion content files? - Login
- Where are the companion content files? - Register
Product information
- Title: CompTIA Advanced Security Practitioner (CASP) CAS-003 Cert Guide, Second Edition
- Author(s):
- Release date: May 2018
- Publisher(s): Pearson IT Certification
- ISBN: 9780134859538
You might also like
book
Computer and Information Security Handbook, 3rd Edition
Computer and Information Security Handbook, Third Edition, provides the most current and complete reference on computer …
book
NIST Cybersecurity Framework - A pocket guide
The NIST CSF is a framework for organizations to manage and mitigate cybersecurity risk based on …
book
Hacker Techniques, Tools, and Incident Handling, 2nd Edition
Hacker Techniques, Tools, and Incident Handling begins with an examination of the landscape, key terms, and …
book
ChatGPT For Dummies
Learn how the disruptive AI chatbot is going to change school, work, and beyond ChatGPT For …