Book description
CompTIA Advanced Security Practitioner (CASP+) CAS-004 Cert Guide presents you with an organized test preparation routine through the use of proven series elements and techniques. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly.
CompTIA Advanced Security Practitioner (CASP+) CAS-004 Cert Guide focuses specifically on the objectives for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam. Leading expert Troy McMillan shares preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.
This complete study package includes
* A test-preparation routine proven to help you pass the exams
* Chapter-ending exercises, which help you drill on key concepts you must know thoroughly
* An online interactive Flash Cards application to help you drill on Key Terms by chapter
* A final preparation chapter, which guides you through tools and resources to help you craft your review and test-taking strategies
* Study plan suggestions and templates to help you organize and optimize your study time
Well regarded for its level of detail, assessment features, and challenging review questions and exercises, this official study guide helps you master the concepts and techniques that ensure your exam success.
This study guide helps you master all the topics on the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam, including
* Ensuring a secure network architecture
* Determining the proper infrastructure security design
* Implementing secure cloud and virtualization solutions
* Performing threat and vulnerability management activities
* Implementing appropriate incident response
* Applying secure configurations to enterprise mobility
* Configuring and implementing endpoint security controls
* Troubleshooting issues with cryptographic implementations
* Applying appropriate risk strategies
Table of contents
- Cover Page
- About This eBook
- Title Page
- Copyright Page
- Pearson’s Commitment to Diversity, Equity, and Inclusion
- Contents at a Glance
- Table of Contents
- About the Author
- Dedication
- Acknowledgments
- About the Technical Reviewer
- We Want to Hear from You!
- Reader Services
-
Introduction
- Who Should Read This Book?
- Strategies for Exam Preparation
- How This Book Is Organized
- Companion Website
- Pearson Test Prep Practice Test Software
- Accessing the Pearson Test Prep Software Online
- Accessing the Pearson Test Prep Software Offline
- Customizing Your Exams
- Updating Your Exams
- Premium Edition eBook and Practice Tests
- Credits
-
Part I: Security Architecture
- Chapter 1 Ensuring a Secure Network Architecture
- Chapter 2 Determining the Proper Infrastructure Security Design
- Chapter 3 Securely Integrating Software Applications
-
Chapter 4 Securing the Enterprise Architecture by Implementing Data Security Techniques
- Data Loss Prevention
- Data Loss Detection
- Data Classification, Labeling, and Tagging
- Obfuscation
- Anonymization
- Encrypted vs. Unencrypted
- Data Life Cycle
- Data Inventory and Mapping
- Data Integrity Management
- Data Storage, Backup, and Recovery
- Exam Preparation Tasks
- Review All Key Topics
- Define Key Terms
- Complete Tables and Lists from Memory
- Review Questions
-
Chapter 5 Providing the Appropriate Authentication and Authorization Controls
- Credential Management
- Password Policies
- Federation
- Access Control
- Protocols
- Multifactor Authentication (MFA)
- One-Time Password (OTP)
- Hardware Root of Trust
- Single Sign-On (SSO)
- JavaScript Object Notation (JSON) Web Token (JWT)
- Attestation and Identity Proofing
- Exam Preparation Tasks
- Review All Key Topics
- Define Key Terms
- Review Questions
-
Chapter 6 Implementing Secure Cloud and Virtualization Solutions
- Virtualization Strategies
- Provisioning and Deprovisioning
- Middleware
- Metadata and Tags
- Deployment Models and Considerations
- Hosting Models
- Service Models
- Cloud Provider Limitations
- Extending Appropriate On-premises Controls
- Storage Models
- Exam Preparation Tasks
- Review All Key Topics
- Define Key Terms
- Complete Tables and Lists from Memory
- Review Questions
- Chapter 7 Supporting Security Objectives and Requirements with Cryptography and Public Key Infrastructure (PKI)
-
Chapter 8 Managing the Impact of Emerging Technologies on Enterprise Security and Privacy
- Artificial Intelligence
- Machine Learning
- Quantum Computing
- Blockchain
- Homomorphic Encryption
- Secure Multiparty Computation
- Distributed Consensus
- Big Data
- Virtual/Augmented Reality
- 3-D Printing
- Passwordless Authentication
- Nano Technology
- Deep Learning
- Biometric Impersonation
- Exam Preparation Tasks
- Review All Key Topics
- Define Key Terms
- Complete Tables and Lists from Memory
- Review Questions
-
Part II: Security Operations
- Chapter 9 Performing Threat Management Activities
- Chapter 10 Analyzing Indicators of Compromise and Formulating an Appropriate Response
- Chapter 11 Performing Vulnerability Management Activities
- Chapter 12 Using the Appropriate Vulnerability Assessment and Penetration Testing Methods and Tools
- Chapter 13 Analyzing Vulnerabilities and Recommending Risk Mitigations
- Chapter 14 Using Processes to Reduce Risk
- Chapter 15 Implementing the Appropriate Incident Response
- Chapter 16 Forensic Concepts
- Chapter 17 Forensic Analysis Tools
-
Part III: Security Engineering and Cryptography
- Chapter 18 Applying Secure Configurations to Enterprise Mobility
- Chapter 19 Configuring and Implementing Endpoint Security Controls
- Chapter 20 Security Considerations Impacting Specific Sectors and Operational Technologies
-
Chapter 21 Cloud Technology’s Impact on Organizational Security
- Automation and Orchestration
- Encryption Configuration
- Logs
- Monitoring Configurations
- Key Ownership and Location
- Key Life-Cycle Management
- Backup and Recovery Methods
- Infrastructure vs. Serverless Computing
- Application Virtualization
- Software-Defined Networking
- Misconfigurations
- Collaboration Tools
- Storage Configurations
- Cloud Access Security Broker (CASB)
- Exam Preparation Tasks
- Review All Key Topics
- Define Key Terms
- Review Questions
-
Chapter 22 Implementing the Appropriate PKI Solution
- PKI Hierarchy
- Certificate Types
- Certificate Usages/Profiles/Templates
- Extensions
- Trusted Providers
- Trust Model
- Cross-certification
- Configure Profiles
- Life-Cycle Management
- Public and Private Keys
- Digital Signature
- Certificate Pinning
- Certificate Stapling
- Certificate Signing Requests (CSRs)
- Online Certificate Status Protocol (OCSP) vs. Certificate Revocation List (CRL)
- HTTP Strict Transport Security (HSTS)
- Exam Preparation Tasks
- Review All Key Topics
- Define Key Terms
- Review Questions
- Chapter 23 Implementing the Appropriate Cryptographic Protocols and Algorithms
- Chapter 24 Troubleshooting Issues with Cryptographic Implementations
-
Part IV: Governance, Risk, and Compliance
- Chapter 25 Applying Appropriate Risk Strategies
-
Chapter 26 Managing and Mitigating Vendor Risk
- Shared Responsibility Model (Roles/Responsibilities)
- Vendor Lock-in and Vendor Lock-out
- Vendor Viability
- Meeting Client Requirements
- Support Availability
- Geographical Consideration
- Supply Chain Visibility
- Incident Reporting Requirements
- Source Code Escrows
- Ongoing Vendor Assessment Tools
- Third-Party Dependencies
- Technical Considerations
- Exam Preparation Tasks
- Review All Key Topics
- Define Key Terms
- Complete Tables and Lists from Memory
- Review Questions
-
Chapter 27 The Organizational Impact of Compliance Frameworks and Legal Considerations
- Security Concerns of Integrating Diverse Industries
- Data Considerations
- Geographic Considerations
- Third-Party Attestation of Compliance
- Regulations, Accreditations, and Standards
- Legal Considerations
- Contract and Agreement Types
- Exam Preparation Tasks
- Review All Key Topics
- Define Key Terms
- Complete Tables and Lists from Memory
- Chapter 28 Business Continuity and Disaster Recovery Concepts
- Chapter 29 Final Preparation
- Appendix A Answers to the Review Questions
- Glossary
- Index
- Appendix B Memory Tables
- Appendix C Memory Tables Answer Key
- Where are the companion content files? - Register
- Inside Front Cover
- Inside Back Cover
- Code Snippets
Product information
- Title: CompTIA Advanced Security Practitioner (CASP+) CAS-004 Cert Guide
- Author(s):
- Release date: July 2022
- Publisher(s): Pearson IT Certification
- ISBN: 9780137348947
You might also like
book
CompTIA Advanced Security Practitioner (CASP) CAS-003 Cert Guide, Second Edition
Learn, prepare, and practice for CompTIA Advanced Security Practitioner (CASP) CAS-003 exam success with this CompTIA …
book
CompTIA PenTest+ PT0-002 Cert Guide, 2nd Edition
This is the eBook edition of the CompTIA PenTest+ PT0-002 Cert Guide. This eBook does not …
video
CompTIA Advanced Security Practitioner (CASP) CAS-003
18+ Hours of Video Instruction More than 18 hours of video instruction to prepare you for …
book
CompTIA Cybersecurity Analyst (CySA+) CS0-002 Cert Guide, 2nd Edition
Learn, prepare, and practice for CompTIA Cybersecurity Analyst (CySA+) CS0-002 exam success with this Cert Guide …