book

CompTIA Advanced Security Practitioner (CASP+) CAS-004 Cert Guide, 3rd Edition

by Robin Abernathy, Troy McMillan

July 2022

Intermediate to advanced

864 pages

20h 31m

English

Pearson IT Certification

Read now

Unlock full access

Who Should Read This Book?Strategies for Exam PreparationHow This Book Is OrganizedCompanion WebsitePearson Test Prep Practice Test SoftwareAccessing the Pearson Test Prep Software OnlineAccessing the Pearson Test Prep Software OfflineCustomizing Your ExamsUpdating Your ExamsPremium Edition eBook and Practice Tests
ServicesSegmentationDe-perimeterization/Zero TrustMerging of Networks from Various OrganizationsSoftware-Defined Networking (SDN)Exam Preparation TasksReview All Key TopicsDefine Key TermsComplete Tables and Lists from MemoryReview Questions
ScalabilityResiliencyAutomationPerformanceContainerizationVirtualizationContent Delivery NetworkCachingExam Preparation TasksReview All Key TopicsDefine Key TermsComplete Tables and Lists from MemoryReview Questions
Baseline and TemplatesSoftware AssuranceConsiderations of Integrating Enterprise ApplicationsIntegrating Security into Development Life CycleExam Preparation TasksReview All Key TopicsDefine Key TermsComplete Tables and Lists from MemoryReview Questions
Data Loss PreventionData Loss DetectionData Classification, Labeling, and TaggingObfuscationAnonymizationEncrypted vs. UnencryptedData Life CycleData Inventory and MappingData Integrity ManagementData Storage, Backup, and RecoveryExam Preparation TasksReview All Key TopicsDefine Key TermsComplete Tables and Lists from MemoryReview Questions
Credential ManagementPassword PoliciesFederationAccess ControlProtocolsMultifactor Authentication (MFA)One-Time Password (OTP)Hardware Root of TrustSingle Sign-On (SSO)JavaScript Object Notation (JSON) Web Token (JWT)Attestation and Identity ProofingExam Preparation TasksReview All Key TopicsDefine Key TermsReview Questions
Virtualization StrategiesProvisioning and DeprovisioningMiddlewareMetadata and TagsDeployment Models and ConsiderationsHosting ModelsService ModelsCloud Provider LimitationsExtending Appropriate On-premises ControlsStorage ModelsExam Preparation TasksReview All Key TopicsDefine Key TermsComplete Tables and Lists from MemoryReview Questions
Privacy and Confidentiality RequirementsIntegrity RequirementsNon-repudiationCompliance and Policy RequirementsCommon Cryptography Use CasesCommon PKI Use CasesExam Preparation TasksReview All Key TopicsDefine Key TermsComplete Tables and Lists from MemoryReview Questions
Artificial IntelligenceMachine LearningQuantum ComputingBlockchainHomomorphic EncryptionSecure Multiparty ComputationDistributed ConsensusBig DataVirtual/Augmented Reality3-D PrintingPasswordless AuthenticationNano TechnologyDeep LearningBiometric ImpersonationExam Preparation TasksReview All Key TopicsDefine Key TermsComplete Tables and Lists from MemoryReview Questions
Intelligence TypesActor TypesThreat Actor PropertiesIntelligence Collection MethodsFrameworksExam Preparation TasksReview All Key TopicsDefine Key TermsComplete Tables and Lists from MemoryReview Questions
Indicators of CompromiseResponseExam Preparation TasksReview All Key TopicsDefine Key TermsComplete Tables and Lists from MemoryReview Questions
Vulnerability ScansSecurity Content Automation Protocol (SCAP)Self-assessment vs. Third-Party Vendor AssessmentPatch ManagementInformation SourcesExam Preparation TasksReview All Key TopicsDefine Key TermsComplete Tables and Lists from MemoryReview Questions
MethodsToolsDependency ManagementRequirementsExam Preparation TasksReview All Key TopicsDefine Key TermsComplete Tables and Lists from MemoryReview Questions
VulnerabilitiesInherently Vulnerable System/ApplicationAttacksExam Preparation TasksReview All Key TopicsDefine Key TermsComplete Tables and Lists from MemoryReview Questions
Proactive and DetectionSecurity Data AnalyticsPreventiveApplication ControlSecurity AutomationPhysical SecurityExam Preparation TasksReview All Key TopicsDefine Key TermsComplete Tables and Lists from MemoryReview Questions
Event ClassificationsTriage EventPreescalation TasksIncident Response ProcessSpecific Response Playbooks/ProcessesCommunication PlanStakeholder ManagementExam Preparation TasksReview All Key TopicsDefine Key TermsReview Questions
Legal vs. Internal Corporate PurposesForensic ProcessIntegrity PreservationCryptanalysisSteganalysisExam Preparation TasksReview All Key TopicsDefine Key TermsComplete Tables and Lists from MemoryReview Questions
File Carving ToolsBinary Analysis ToolsAnalysis ToolsImaging ToolsHashing UtilitiesLive Collection vs. Post-mortem ToolsExam Preparation TasksReview All Key TopicsDefine Key TermsComplete Tables and Lists from MemoryReview Questions
Managed ConfigurationsDeployment ScenariosExam Preparation TasksReview All Key TopicsDefine Key TermsComplete Tables and Lists from MemoryReview Questions
Hardening TechniquesProcessesMandatory Access ControlTrustworthy ComputingCompensating ControlsExam Preparation TasksReview All Key TopicsDefine Key TermsComplete Tables and Lists from MemoryReview Questions
EmbeddedICS/Supervisory Control and Data Acquisition (SCADA)ProtocolsSectorsExam Preparation TasksReview All Key TopicsDefine Key TermsComplete Tables and Lists from MemoryReview Questions
Automation and OrchestrationEncryption ConfigurationLogsMonitoring ConfigurationsKey Ownership and LocationKey Life-Cycle ManagementBackup and Recovery MethodsInfrastructure vs. Serverless ComputingApplication VirtualizationSoftware-Defined NetworkingMisconfigurationsCollaboration ToolsStorage ConfigurationsCloud Access Security Broker (CASB)Exam Preparation TasksReview All Key TopicsDefine Key TermsReview Questions
PKI HierarchyCertificate TypesCertificate Usages/Profiles/TemplatesExtensionsTrusted ProvidersTrust ModelCross-certificationConfigure ProfilesLife-Cycle ManagementPublic and Private KeysDigital SignatureCertificate PinningCertificate StaplingCertificate Signing Requests (CSRs)Online Certificate Status Protocol (OCSP) vs. Certificate Revocation List (CRL)HTTP Strict Transport Security (HSTS)Exam Preparation TasksReview All Key TopicsDefine Key TermsReview Questions
HashingSymmetric AlgorithmsAsymmetric AlgorithmsProtocolsElliptic-Curve CryptographyForward SecrecyAuthenticated Encryption with Associated DataKey StretchingExam Preparation TasksReview All Key TopicsDefine Key TermsComplete Tables and Lists from Memory
Implementation and Configuration IssuesKeysExam Preparation TasksReview All Key TopicsDefine Key TermsComplete Tables and Lists from MemoryReview Questions
Risk AssessmentRisk Handling TechniquesRisk TypesRisk Management Life CycleRisk TrackingRisk Appetite vs. Risk TolerancePolicies and Security PracticesExam Preparation TasksReview All Key TopicsDefine Key TermsComplete Tables and Lists from MemoryReview Questions
Shared Responsibility Model (Roles/Responsibilities)Vendor Lock-in and Vendor Lock-outVendor ViabilityMeeting Client RequirementsSupport AvailabilityGeographical ConsiderationSupply Chain VisibilityIncident Reporting RequirementsSource Code EscrowsOngoing Vendor Assessment ToolsThird-Party DependenciesTechnical ConsiderationsExam Preparation TasksReview All Key TopicsDefine Key TermsComplete Tables and Lists from MemoryReview Questions
Security Concerns of Integrating Diverse IndustriesData ConsiderationsGeographic ConsiderationsThird-Party Attestation of ComplianceRegulations, Accreditations, and StandardsLegal ConsiderationsContract and Agreement TypesExam Preparation TasksReview All Key TopicsDefine Key TermsComplete Tables and Lists from Memory
Business Impact AnalysisPrivacy Impact AssessmentDisaster Recovery Plan (DRP)/Business Continuity Plan (BCP)Incident Response PlanTesting PlansExam Preparation TasksReview All Key TopicsDefine Key TermsComplete Tables and Lists from Memory
Tools for Final PreparationSuggested Plan for Final Review/StudySummary

Content preview from CompTIA Advanced Security Practitioner (CASP+) CAS-004 Cert Guide, 3rd Edition

Chapter 24

Troubleshooting Issues with Cryptographic Implementations

This chapter covers the following topics:

Implementation and Configuration Issues: This section covers validity dates, wrong certificate type, revoked certificates, incorrect name, chain issues including invalid root or intermediate CAs and self-signed certificates, weak signing algorithm, weak cipher suite, incorrect permissions, cipher mismatches, and downgrades.
Keys: This section covers key issues including mismatched keys, improper key handling, embedded keys, rekeying, exposed private keys, crypto shredding, cryptographic obfuscation, key rotation, and compromised keys

This chapter covers CAS-004 Objective 3.7: Given a scenario, troubleshoot issues with cryptographic ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Start your free trial

CCNP and CCIE Security Core SCOR 350-701 Official Cert Guide, 2nd Edition

Omar Santos

CompTIA PenTest+ PT0-002 Cert Guide, 2nd Edition

Omar Santos

CCNA 200-301 Official Cert Guide, Volume 1

Wendell Odom

CompTIA Network+ N10-009 Cert Guide, 2nd Edition

Anthony Sequeira

Publisher Resources

ISBN: 9780137348947