Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Computer Networks

CompTIA Advanced Security Practitioner (CASP) CY-CASP-CY1000 Certification Study Guide

advertisement 
CompTIA Advanced Security Practitioner (CASP)
CY-CASP-CY1000
Certification Study Guide
Dr. Wm. Arthur Conklin, Dr. Gregory White, and Dwayne Williams
Chapter 1 – Cryptographic Tools
Cryptography is one of the many tools used to secure data in a system. This chapter
introduces the use of cryptographic tools and techniques to secure systems and data in the
enterprise. Several factors need to be considered when choosing the appropriate
cryptographic method to protect data. This chapter outlines the elements needed to make
the best decision.
Objectives:
1.01 Determine Appropriate Tools and Techniques
1.02 Advanced PKI Concepts
1.03 Hashing
1.04 Cryptographic Applications
1.05 Digital Signature
1.06 Code Signing
1.07 Nonrepudiation
1.08 Transport Encryption
1.09 Implications of Cryptographic Methods and Design
1.10 Entropy
1.11 Pseudorandom Number Generation
1.12 Perfect Forward Secrecy
1.13 Confusion
1.14 Diffusion
Chapter 2 – Computing Platforms
This chapter examines some of the issues associated with virtual and cloud environments.
Objectives:
2.01 Advantages and Disadvantages of Virtualizing Servers and Minimizing Physical Space
Requirements
2.02 VLAN
2.03 Securing Virtual Environments, Appliances, and Equipment
2.04 Vulnerabilities Associated with a Single Physical Server Hosting Multiple Companies’
Virtual Machines
2.05 Vulnerabilities Associated with a Single Platform Hosting Multiple Companies’ Virtual
Machines
2.06 Secure Use of On-demand/Elastic Cloud Computing
1|CASP Exam Certification Complete Outline
2.07 Vulnerabilities Associated with Co-mingling of Hosts with Different Security
Requirements
2.08 Virtual Desktop Infrastructure (VDI)
2.09 Terminal Services
Chapter 3 – Enterprise Storage
This chapter discusses Enterprise Storages. Enterprise storage is designed for large-scale,
multiuser environments. When compared to consumer storage, enterprise storage is
typically more reliable, more scalable, has better fault tolerance, and is quite a bit more
expensive on a byte-for-byte basis. An enterprise storage solution for a medium to large
enterprise will typically consist of one or more online storage arrays, offline storage for
backups, and an archiving solution for long-term or permanent storage. Some enterprise
architects will also include disaster recovery solutions to address data recovery from
localized disasters that only affect part of the enterprise storage solution.
Objectives:
3.01 Explain the Security Implications of Enterprise Storage
3.02 Virtual Storage
3.03 NAS
3.04 SAN
3.05 VSAN
3.06 iSCSI
3.07 FCOE
3.08 LUN Masking
3.09 HBA Allocation
3.10 Redundancy (Location)
3.11 Secure Storage Management
Chapter 4 – Infrastructure
This chapter discusses one of greatest areas for risk and reward when it comes to security
investment is in the network infrastructure—how you design and secure the infrastructure
of your organization can have a tremendous impact on the survivability and security of your
organization.
Objectives:
4.01 Advanced Network Design
4.02 Complex Network Security Solutions for Data Flow
4.03 Secure Data Flows to Meet Changing Business Needs
4.04 Secure DNS
4.05 Secure Directory Services
4.06 Network Design Consideration
4.07 Multitier Networking Data Design Considerations
2|CASP Exam Certification Complete Outline
4.08 Logical Deployment Diagram and Corresponding Physical Deployment Diagram of All
Relevant Devices
4.09 Secure Infrastructure Design
4.10 Storage Integration
4.11 Advanced Configuration of Routers, Switches, and Other Network Devices
4.12 ESB
4.13 SOA
4.14 SIEM
4.15 Database Access Monitor (DAM)
4.16 Service Enabled
4.17 WS-Security
Chapter 5 - Host Security Controls
This chapter will concentrate on securing the individual hosts that make up the network. It is
at this point that the user interacts with the network, and many of the security features we
discuss here will be well known to users.
Objectives:
5.01 Host-based Firewalls
5.02 Trusted OS
5.03 Endpoint Security Software
5.04 Host Hardening
5.05 Asset Management (Inventory Control)
5.06 Data Exfiltration
5.07 HIPS/HIDS
5.08 NIPS/NIDS
Chapter 6 – Application Security
This chapter discusses how Application security is the collection of efforts designed to
provide protection to the applications used in the enterprise. As the network and operating
system layers achieved better security, hackers turned their sights to the applications being
run on the system. Whether a standalone application such as an e-mail or database server, or
an application designed around a web server (a web application), commercial software or
homegrown, all applications should be considered to be targets.
Objectives:
6.01 Web application security design considerations
6.02 Specific application issues
6.03 Application sandboxing
6.04 Application security frameworks
6.05 Secure coding standards
6.06 Exploits resulting from improper error and exception handling
3|CASP Exam Certification Complete Outline
6.07 Privilege escalation
6.08 Improper storage of sensitive data
6.09 Fuzzing/false injection
6.10 Secure cookie storage and transmission
6.11 Client-side processing vs. server-side processing
6.12 Buffer overflow
6.13 Integer overflows
6.14 Memory leaks
6.15 Race conditions
6.16 Resource exhaustion
Chapter 7 – Security Assessments
This Chapter discusses how Assessments ensure systems are patched, applications are not
vulnerable, and networks are locked down. Many different approaches and methods fall
under that very broad umbrella of “security assessments”—some methods are best at
addressing broad concerns and some are very specific in nature. In this section, we’ll
examine some of the various assessment tools and methods you can use (or hire other to
use) to help secure your network and applications.
Objectives:
7.01 Tool Types
 Port Scanners
 Vulnerability Scanners
 Protocol Analyzer
 Switch Port Analyzer
 Network Enumerator
 Password Cracker
 Fuzzer
 HTTP Interceptor
 Attacking Tools/Frameworks
7.02 Methods
 Vulnerability Assessment
 Penetration Testing
 Black Box
 White Box
 Gray Box
 Fingerprinting
 Code Review
 Social Engineering
4|CASP Exam Certification Complete Outline
Chapter 8 - Risk Implications
This chapter examines some of the issues that surround the risk management decisions
associated with common business situations. Risk management is an effective way to
determine the appropriate set of information security controls to employ in the enterprise.
The National Institute of Standards and Technologies (NIST) has developed a series of
Special Publications detailing the structure and framework of a flexible risk management
process.
Objectives:
8.01 Risk Management of New Products, New Technologies, and User Behaviors
8.02 New or Changing Business Models/Strategies
8.03 Internal and External Influences
8.04 Impact of De-perimeterization
Chapter 9 - Risk Management Strategy and Controls
This chapter discusses how Information security has become an exercise in risk
management. How using the tools and techniques of risk management has improved
organizations’ ability to secure the information assets they use in business operations.
Defining the term securing information assets leads to a detailed examination of security
models, of which the CIA triad (confidentiality, integrity, and availability) has proven to be a
simple and effective way of describing basic security needs.
Objectives:
9.01 Classify Information Types into Levels of CIA Based on Organization/Industry
9.02 Determine the Aggregate Score of CIA
9.03 Determine the Minimum Required Security Controls Based on Aggregate Score
9.04 Conduct System-Specific Risk Analysis
9.05 Make Risk Determination
9.06 Decide Which Security Controls Should Be Applied Based on Minimum Requirements
9.07 Implement Controls
9.08 Enterprise Security Architecture (ESA) Frameworks
9.09 Continuous Monitoring
Chapter 10 - E-discovery, Data Breaches, and Incident Response
This chapter discusses that in order to effectively deal with computer incidents, several
conditions are required. First, the concept of what’s “normal” for a system is necessary to
understand. Second, the enterprise must have a set of planned responses in the form of
procedures to use when the system departs from normal conditions. Without proper
preparation and supporting efforts, the actions necessary for incident response are unlikely
to be enacted in an effective manner.
5|CASP Exam Certification Complete Outline
Objectives:
10.01 E-discovery
10.02 Data breach
10.03 System design to facilitate incident response, taking into account types of violations
10.04 Incident and emergency response
Chapter 11 - Security and Privacy Policies
This chapter talks about the importance in any organization’s approach to implementing
security: the policies, procedures, standards, and guidelines established to detail what users
and administrators should be doing to maintain the security of the systems and network.
Collectively, these documents communicate the guidance needed to determine how security
will be implemented in the organization. Policies are high-level, broad statements
communicating what the organization wants to accomplish. Procedures are the step-by-step
instructions on how to implement policies in the organization. They describe exactly how
employees are expected to act in a given situation or to accomplish a specific task.
Standards are mandatory elements regarding the implementation of a policy or procedure.
They are accepted specifications that provide specific details on an objective. Some
standards are externally driven. Regulations for banking and financial institutions, for
example, require certain security measures be taken by law. Other standards may be set by
the organization to meet its own security goals. Guidelines are recommendations relating to
a policy.
Objectives:
11.01 Policy Development and Updates in Light of New Business, Technology, and
Environment Changes
11.02 Process/Procedure Development and Updates in Light of Policy, Environment, and
Business Changes
11.03 Support Legal Compliance and Advocacy by Partnering with HR, Legal, Management,
and Other Entities
11.04 Use Common Business Documents to Support Security
11.05 Use General Privacy Principles for PII/Sensitive PII
11.06 Support the Development of Policies
Chapter 12 - Industry Trends
This chapter discusses a number of the issues that security professionals need to stay on top
of. In some cases, specific examples will be utilized to discuss points; however, as has been
discussed, the environment is constantly changing, so the major thrust will be on the issues
that security professionals should be aware of, and not as much on specific vulnerabilities or
technologies.
Objectives:
12.01 Ongoing Security Research
6|CASP Exam Certification Complete Outline
12.02 Situational Awareness
12.03 Security Implications of New Business Tools
12.04 Global Information Assurance Industry/Community
12.05 Security Requirements for Contracts
Chapter 13 – Enterprise Security
This chapter discusses how Adapting to the rapidly changing IT environment and the threats
within it requires the application of tools and techniques security professionals didn’t really
need to worry about 10 years ago.
Objectives:
13.01 Benchmark
13.02 Prototype and Test Multiple Solutions
13.03 Cost Benefit Analysis (ROI, TCO)
13.04 Analyze and Interpret Trend Data to Anticipate Cyber Defense Aids
13.05 Review Effectiveness of Existing Security
13.06 Reverse-Engineer/Deconstruct Existing Solutions
13.07 Analyze Security Solutions to Ensure They Meet Business Needs
13.08 Conduct a Lessons-Learned/After-Action Review
13.09 Use Judgment to Solve Difficult Programs That Do Not Have a Best Solution
13.10 Conduct Network Traffic Analysis
Chapter 14 - People and Security
This chapter discusses the concerns of Organizations with the security of their property,
including sensitive financial data, customer data, and intellectual property. What has
happened in the last 50 years is the movement of all of this to computer systems and
networks and the subsequent ease with which it can be copied and transmitted. In order to
protect this important information, an organization needs to marshal the combined efforts
of individuals throughout the enterprise in order to supply the needed security. In order for
computer security to not become the weak link in the security chain, the organization must
develop a comprehensive security plan that integrates efforts between many different
disciplines.
Objectives:
14.01 Interpreting Security Requirements to Communicate with Others
14.02 Providing Guidance to Staff and Senior Management
14.03 Establishing Effective Collaboration within Teams
14.04 Disciplines
7|CASP Exam Certification Complete Outline
Chapter 15 – Change Control
In this chapter, we examine some of these changes and discuss ways security professionals
can address them from a security point of view. The types of changes security professionals
are concerned with more often, because they occur more frequently, are changes in the IT
infrastructure. Whether this is as a result of new hardware or software, new technology can
introduce new vulnerabilities, and security professionals need to be prepared for them.
Another significant factor that can introduce security issues is changes in the organization
itself. Whether this is a restructuring or realignment of personnel within the existing
organization, or the acquisition of new entities being brought into the organization, changes
like these can introduce new security concerns as personnel adjust to changing job
requirements, which may require knowledge of new processes and procedures.
Objectives:
15.01 Security Concerns of Interconnecting Multiple Industries
15.02 Design Consideration during Mergers, Acquisitions, and Demergers
15.03 Assuring Third-Party Products Only Introduce Acceptable Risk
15.04 Network Secure Segmentation and Delegation
15.05 Integration of Products and Services
Chapter 16 - Security Controls for Communication and Collaboration
This chapter covers the securing of information in transit. Regardless of the channel being
used for communication, or the application providing the specific type of communication
service, there is a need to have the communications secured. Depending on the specifics of
the communication and the channel, the attributes of security, confidentiality, integrity, and
availability may have different desired levels of protection. In streaming comms, such as
video and web conferencing, availability can have significant impact because lost packets
can result in a poor user experience.
Objectives:
16.01 Unified Communications Security
16.02 VoIP Security
16.03 VoIP Implementation
16.04 Remote Access
16.05 Enterprise Configuration Management of Mobile Devices
16.06 Secure External Communications
16.07 Secure Implementation of Collaboration Platforms
16.08 Prioritizing Traffic (QoS)
16.09 Mobile Devices
8|CASP Exam Certification Complete Outline
Chapter 17 – Advanced Authentication Tools, Techniques, and Concepts
This chapter discusses how Advanced authentication tools, techniques, and concepts are
important elements of an enterprise security program. All processes in IT systems operate
under the auspices of an ID. Identity management begins with an identification step to
establish an ID and then a series of management steps to utilize the ID. The management
steps include the authentication, authorization, and maintenance of IDs. In simple
standalone systems, all of these functions are handled by an operating system. In complex
enterprises, different elements are utilized to handle different aspects of identity
management.
Objectives:
17.01 Federated Identity Management
17.02 eXtensible Access Control Markup Language (XACML)
17.03 Simple Object Access Protocol (SOAP)
17.04 Single Sign On (SSO)
17.05 Service Provisioning Markup Language (SPML)
17.06 Certificate-based Authentication
17.07 Attestation
Chapter 18 - Security Activities Across the Technology Life Cycle
This chapter discusses how the enterprise changes come from business changes and
changes in technology, known as the technology life cycle. The technology life cycle refers
to new technologies entering the enterprise on a regular basis, in limited use at first,
followed by widespread adoption when it makes business sense. Eventually technologies
are retired as new ones take their place. Across this life cycle, security functionality must be
maintained, and changes in the technology environment force potential changes in the
security environment.
Objectives:
18.01 End-to-End Solution Ownership
18.02 Understanding the Results of Solutions in Advance
18.03 Systems Development Life Cycle
18.04 Adapt Solutions to Address Emerging Threats and Security Trends
18.05 Validate the System Design
9|CASP Exam Certification Complete Outline
Related documents
A systematic review of interventions for children with cerebral palsy
A systematic review of interventions for children with cerebral palsy
Read More
Read More
Lab Report Grading Sheet
Lab Report Grading Sheet
6204 Sample Midterm
6204 Sample Midterm
Orientalism PPT
Orientalism PPT
Affiliate Update - California Association of School Psychologists
Affiliate Update - California Association of School Psychologists
THE MANAGEMENT REPORTING SYSTEM
THE MANAGEMENT REPORTING SYSTEM
Download
advertisement