Robin Abernathy,
Troy McMillan
CompTIA Advanced Security Practitioner (CASP) CAS-003 Cert Guide
Paperback Engels 2018 9780789759443
Verwachte levertijd ongeveer 9 werkdagen
Samenvatting
The book presents an organized test preparation routine through the use of proven series elements and techniques. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help students drill on key concepts they must know thoroughly. Review questions help them assess their knowledge, and a final preparation chapter guides them through tools and resources to help them craft your final study plan.
The companion website contains the powerful Pearson Test Prep practice test software, complete with hundreds of exam-realistic questions. The assessment engine offers a wealth of customization options and reporting features, laying out a complete assessment of your knowledge to help students focus their study where it is needed most. This online assessment engine enables you to access the practice tests via the Internet on any desktop, laptop, tablet, or smartphone device with internet connectivity. The web-based version also allows you to download the software to your desktop, so you can use the practice test even when you don't have an internet connection. The desktop version syncs with your online version when an internet connection is established, to update and track your progress.
Specificaties
ISBN13:9780789759443
Taal:Engels
Bindwijze:paperback
Uitgever:Pearson Education
Serie:Certification Guide
Lezersrecensies
Wees de eerste die een lezersrecensie schrijft!
Inhoudsopgave
<p style="margin: 0px;">Introduction The CASP Exam 2<br> The Goals of the CASP Certification 3<br> The Value of the CASP Certification 5<br> CASP Exam Objectives 7<br> Steps to Becoming a CASP 35<br> CompTIA Authorized Materials Use Policy 35<br>Chapter 1 Business and Industry Influences and Associated Security Risks 38<br> Risk Management of New Products, New Technologies, and User Behaviors 39<br> New or Changing Business Models/Strategies 40<br> Security Concerns of Integrating Diverse Industries 44<br> Internal and External Influences 52<br> Impact of De-perimeterization (e.g., Constantly Changing Network Boundary) 54<br> Exam Preparation Tasks 60<br> Review All Key Topics 60<br> Define Key Terms 60<br> Review Questions 61<br>Chapter 2 Security, Privacy Policies, and Procedures 64<br> Policy and Process Life Cycle Management 65<br> Support Legal Compliance and Advocacy 70<br> Common Business Documents to Support Security 71<br> Security Requirements for Contracts 75<br> General Privacy Principles for Sensitive Information 77<br> Support the Development of Policies Containing Standard Security Practices 78<br> Exam Preparation Tasks 91<br> Review All Key Topics 91<br> Define Key Terms 92<br> Review Questions 92<br>Chapter 3 Risk Mitigation Strategies and Controls 96<br> Categorize Data Types by Impact Levels Based on CIA 98<br> Incorporate Stakeholder Input into CIA Impact-Level Decisions 100<br> Determine the Aggregate CIA Score 101<br> Determine Minimum Required Security Controls Based on Aggregate Score 102<br> Select and Implement Controls Based on CIA Requirements and Organizational Policies 102<br> Extreme Scenario Planning/Worst-Case Scenario 123<br> Conduct System-Specific Risk Analysis 125<br> Make Risk Determination Based upon Known Metrics 126<br> Translate Technical Risks in Business Terms 134<br> Recommend Which Strategy Should Be Applied Based on Risk Appetite 135<br> Risk Management Processes 137<br> Continuous Improvement/Monitoring 141<br> Business Continuity Planning 141<br> IT Governance 148<br> Enterprise Resilience 168<br> Exam Preparation Tasks 170<br> Review All Key Topics 170<br> Define Key Terms 171<br> Review Questions 171<br>Chapter 4 Risk Metric Scenarios to Secure the Enterprise 174<br> Review Effectiveness of Existing Security Controls 175<br> Reverse Engineer/Deconstruct Existing Solutions 177<br> Creation, Collection, and Analysis of Metrics 177<br> Prototype and Test Multiple Solutions 180<br> Create Benchmarks and Compare to Baselines 181<br> Analyze and Interpret Trend Data to Anticipate Cyber Defense Needs 182<br> Analyze Security Solution Metrics and Attributes to Ensure They Meet Business Needs 183<br> Use Judgment to Solve Problems Where the Most Secure Solution Is Not Feasible 187<br> Exam Preparation Tasks 187<br> Review All Key Topics 187<br> Define Key Terms 188<br> Review Questions 189<br>Chapter 5 Network and Security Components, Concepts, and Architectures 192<br> Physical and Virtual Network and Security Devices 194<br> Application and Protocol-Aware Technologies 212<br> Advanced Network Design (Wired/Wireless) 215<br> Complex Network Security Solutions for Data Flow 241<br> Secure Configuration and Baselining of Networking and Security Components 246<br> Software-Defined Networking 254<br> Network Management and Monitoring Tools 255<br> Advanced Configuration of Routers, Switches, and Other Network Devices 260<br> Security Zones 268<br> Network Access Control 269<br> Network-Enabled Devices 271<br> Critical Infrastructure 279<br> Exam Preparation Tasks 280<br> Review All Key Topics 280<br> Define Key Terms 282<br> Review Questions 282<br>Chapter 6 Security Controls for Host Devices 286<br> Trusted OS (e.g., How and When to Use It) 287<br> Endpoint Security Software 290<br> Host Hardening 298<br> Boot Loader Protections 316<br> Vulnerabilities Associated with Hardware 322<br> Terminal Services/Application Delivery Services 322<br> Exam Preparation Tasks 323<br> Review All Key Topics 323<br> Define Key Terms 324<br> Review Questions 324<br>Chapter 7 Security Controls for Mobile and Small Form Factor Devices 328<br> Enterprise Mobility Management 329<br> Security Implications/Privacy Concerns 336<br> Wearable Technology 345<br> Exam Preparation Tasks 350<br> Review All Key Topics 350<br> Define Key Terms 351<br> Review Questions 351<br>Chapter 8 Software Vulnerability Security Controls 354<br> Application Security Design Considerations 355<br> Specific Application Issues 356<br> Application Sandboxing 370<br> Secure Encrypted Enclaves 371<br> Database Activity Monitor 371<br> Web Application Firewalls 371<br> Client-Side Processing vs. Server-Side Processing 371<br> Operating System Vulnerabilities 377<br> Firmware Vulnerabilities 377<br> Exam Preparation Tasks 378<br> Review All Key Topics 378<br> Define Key Terms 378<br> Review Questions 379<br>Chapter 9 Security Assessments 382<br> Methods 383<br> Test Types 398<br> Exam Preparation Tasks 405<br> Review All Key Topics 405<br> Define Key Terms 406<br> Review Questions 407<br>Chapter 10 Select the Appropriate Security Assessment Tool 410<br> Network Tool Types 411<br> Host Tool Types 427<br> Physical Security Tools 441<br> Exam Preparation Tasks 444<br> Review All Key Topics 444<br> Define Key Terms 445<br> Review Questions 446<br>Chapter 11 Incident Response and Recovery 448<br> E-Discovery 449<br> Data Breach 454<br> Facilitate Incident Detection and Response 457<br> Incident and Emergency Response 461<br> Incident Response Support Tools 471<br> Severity of Incident or Breach 478<br> Post-incident Response 480<br> Exam Preparation Tasks 481<br> Review All Key Topics 481<br> Define Key Terms 482<br> Review Questions 483<br>Chapter 12 Host, Storage, Network, and Application Integration 486<br> Adapt Data Flow Security to Meet Changing Business Needs 487<br> Standards 489<br> Interoperability Issues 491<br> Resilience Issues 494<br> Data Security Considerations 496<br> Resources Provisioning and Deprovisioning 500<br> Design Considerations During Mergers, Acquisitions and Demergers/Divestitures 501<br> Network Secure Segmentation and Delegation 502<br> Logical Deployment Diagram and Corresponding Physical Deployment Diagram of All Relevant Devices 502<br> Security and Privacy Considerations of Storage Integration 504<br> Security Implications of Integrating Enterprise Applications 504<br> Exam Preparation Tasks 507<br> Review All Key Topics 507<br> Define Key Terms 508<br> Review Questions 508<br>Chapter 13 Cloud and Virtualization Technology Integration 512<br> Technical Deployment Models (Outsourcing/Insourcing/Managed Services/Partnership) 513<br> Security Advantages and Disadvantages of Virtualization 518<br> Cloud Augmented Security Services 521<br> Vulnerabilities Associated with Comingling of Hosts with Different Security Requirements 527<br> Data Security Considerations 529<br> Resources Provisioning and Deprovisioning 531<br> Exam Preparation Tasks 532<br> Review All Key Topics 532<br> Define Key Terms 532<br> Review Questions 533<br>Chapter 14 Authentication and Authorization Technology Integration 536<br> Authentication 537<br> Authorization 550<br> Attestation 557<br> Identity Propagation 558<br> Federation 559<br> Trust Models 563<br> Exam Preparation Tasks 566<br> Review All Key Topics 566<br> Define Key Terms 567<br> Review Questions 567<br>Chapter 15 Cryptographic Techniques 570<br> Techniques 572<br> Implementations 592<br> Exam Preparation Tasks 611<br> Review All Key Topics 611<br> Define Key Terms 612<br> Review Questions 613<br>Chapter 16 Secure Communication and Collaboration 616<br> Remote Access 617<br> Unified Collaboration Tools 621<br> Exam Preparation Tasks 634<br> Review All Key Topics 634<br> Define Key Terms 635<br> Review Questions 635<br>Chapter 17 Industry Trends and Their Impact to the Enterprise 638<br> Perform Ongoing Research 639<br> Threat Intelligence 643<br> Research Security Implications of Emerging Business Tools 649<br> Global IA Industry/Community 653<br> Exam Preparation Tasks 660<br> Review All Key Topics 660<br> Define Key Terms 661<br> Review Questions 661<br>Chapter 18 Security Activities Across the Technology Life Cycle 664<br> Systems Development Life Cycle 665<br> Software Development Life Cycle 673<br> Adapt Solutions 706<br> Asset Management (Inventory Control) 709<br> Exam Preparation Tasks 711<br> Review All Key Topics 711<br> Define Key Terms 712<br> Review Questions 713<br>Chapter 19 Business Unit Interaction 716<br> Interpreting Security Requirements and Goals to Communicate with Stakeholders from Other Disciplines 717<br> Provide Objective Guidance and Impartial Recommendations to Staff and Senior Management on Security Processes and Controls 724<br> Establish Effective Collaboration Within Teams to Implement Secure Solutions 725<br> Governance, Risk, and Compliance Committee 726<br> Exam Preparation Tasks 727<br> Review All Key Topics 727<br> Define Key Terms 728<br> Review Questions 729<br>Appendix A Answers 732<br>Glossary 754</p> <p style="margin: 0px;"><br></p> <p style="margin: 0px;">Online-only Elements:<br>Appendix B Memory Tables<br>Appendix C Memory Table Answers<br>Appendix D Study Planner</p> <p style="margin: 0px;"><br>9780789759443, TOC, 4/16/2018<br></p>
Rubrieken
- advisering
- algemeen management
- coaching en trainen
- communicatie en media
- economie
- financieel management
- inkoop en logistiek
- internet en social media
- it-management / ict
- juridisch
- leiderschap
- marketing
- mens en maatschappij
- non-profit
- ondernemen
- organisatiekunde
- personal finance
- personeelsmanagement
- persoonlijke effectiviteit
- projectmanagement
- psychologie
- reclame en verkoop
- strategisch management
- verandermanagement
- werk en loopbaan