Scroll to top button

pearson-cas-002 : Pearson: CompTIA Advanced Security Practitioner

pearson-cas-002
Pearson: CompTIA Advanced Security Practitioner
ISBN : 978-1-61691-621-3
Gain hands-on expertise in CompTIA Advanced Security Practitioner (CASP) certification exam by Pearson: CompTIA Advanced Security Practitioner course. The course provides complete coverage of CAS-002 exam. The exam involves an application of critical thinking and judgment across a broad spectrum of security disciplines to propose and implement solutions that map to enterprise drivers while managing risk.

Here's what you will get

The CompTIA Advanced Security Practitioner is a standalone certification from CompTIA with the exam code CAS-001. CASP certification is a vendor-neutral credential designed for advanced-level IT security professionals to conceptualize, design, and engineer secure solutions across complex enterprise environments. This certification validates advanced-level security skills and knowledge internationally.

Lessons
19+
Exercises
9+
Quizzes
170+
Flashcards
647+
Glossary of terms
647+
Pre-assessment Questions
80+
Full Length Tests
1+
Post-Assessment Questions
80+
Exam FAQs
What is the format of the exam? Multiple choice and performance-based.
How many questions are asked in the exam? The exam contains 90 questions.
What is the duration of the exam? 165 minutes
What is the passing score? Pass/Fail only. No scaled score.
Where can I find more information about this exam? To know more about the pearson-cas-002, click here.
Which certification covers this exam?

Here's what you will learn

  • About the Authors
  • Dedication
  • Acknowledgments
  • About the Reviewers
  • We Want to Hear from You!
  • The Goals of the CASP Certification
  • The Value of the CASP Certification
  • CASP Exam Objectives
  • Steps to Becoming a CASP
  • CompTIA Authorized Materials Use Policy
  • Cryptographic Techniques
  • Cryptographic Concepts
  • Cryptographic Implementations
  • Review All Key Topics
  • Storage Types
  • Storage Protocols
  • Secure Storage Management
  • Review All Key Topics
  • Advanced Network Design (Wired/Wireless)
  • Virtual Networking and Security Components
  • Complex Network Security Solutions for Data Flow
  • Secure Configuration and Baselining of Networking and Security Components
  • Software-Defined Networking
  • Cloud-Managed Networks
  • Network Management and Monitoring Tools
  • Advanced Configuration of Routers, Switches, and Other Network Devices
  • Security Zones
  • Network Access Control
  • Operational and Consumer Network-Enabled Devices
  • Critical Infrastructure/Supervisory Control and ...isition (SCADA)/Industrial Control Systems (ICS)
  • Review All Key Topics
  • Trusted OS
  • Endpoint Security Software
  • Host Hardening
  • Security Advantages and Disadvantages of Virtualizing Servers
  • Cloud-Augmented Security Services
  • Boot Loader Protections
  • Vulnerabilities Associated with Commingling of Hosts with Different Security Requirements
  • Virtual Desktop Infrastructure (VDI)
  • Terminal Services/Application Delivery Services
  • Trusted Platform Module (TPM)
  • Virtual TPM (VTPM)
  • Hardware Security Module (HSM)
  • Review All Key Topics
  • Web Application Security Design Considerations
  • Specific Application Issues
  • Application Sandboxing
  • Application Security Frameworks
  • Secure Coding Standards
  • Software Development Methods
  • Database Activity Monitoring (DAM)
  • Web Application Firewalls (WAF)
  • Client-Side Processing Versus Server-Side Processing
  • Review All Key Topics
  • Risk Management of New Products, New Technologies, and User Behaviors
  • New or Changing Business Models/Strategies
  • Security Concerns of Integrating Diverse Industries
  • Ensuring That Third-Party Providers Have Requisite Levels of Information Security
  • Internal and External Influences
  • Impact of De-perimiterization
  • Review All Key Topics
  • Classify Information Types into Levels of CIA Based on Organization/Industry
  • Incorporate Stakeholder Input into CIA Decisions
  • Implement Technical Controls Based on CIA Requirements and Policies of the Organization
  • Determine the Aggregate CIA Score
  • Extreme Scenario/Worst-Case Scenario Planning
  • Determine Minimum Required Security Controls Based on Aggregate Score
  • Conduct System-Specific Risk Analysis
  • Make Risk Determination
  • Recommend Which Strategy Should be Applied Based on Risk Appetite
  • Risk Management Processes
  • Enterprise Security Architecture Frameworks
  • Continuous Improvement/Monitoring
  • Business Continuity Planning
  • IT Governance
  • Review All Key Topics
  • Policy Development and Updates in Light of New Business, Technology, Risks, and Environment Changes
  • Process/Procedure Development and Updates in Light of Policy, Environment, and Business Changes
  • Support Legal Compliance and Advocacy by Partnering with HR, Legal, Management, and Other Entities
  • Use Common Business Documents to Support Security
  • Use General Privacy Principles for Sensitive Information (PII)
  • Support the Development of Various Policies
  • Review All Key Topics
  • E-Discovery
  • Data Breach
  • Design Systems to Facilitate Incident Response
  • Incident and Emergency Response
  • Review All Key Topics
  • Perform Ongoing Research
  • Situational Awareness
  • Vulnerability Management Systems
  • Advanced Persistent Threats
  • Zero-Day Mitigating Controls and Remediation
  • Emergent Threats and Issues
  • Research Security Implications of New Business Tools
  • Global IA Industry/Community
  • Research Security Requirements for Contracts
  • Review All Key Topics
  • Create Benchmarks and Compare to Baselines
  • Prototype and Test Multiple Solutions
  • Cost/Benefit Analysis
  • Metrics Collection and Analysis
  • Analyze and Interpret Trend Data to Anticipate Cyber Defense Needs
  • Review Effectiveness of Existing Security Controls
  • Reverse Engineer/Deconstruct Existing Solutions
  • Analyze Security Solution Attributes to Ensure They Meet Business Needs
  • Conduct a Lessons-Learned/After-Action Report
  • Use Judgment to Solve Difficult Problems That Do Not Have a Best Solution
  • Review All Key Topics
  • Assessment Tool Types
  • Assessment Methods
  • Review All Key Topics
  • Interpreting Security Requirements and Goals to Communicate with Stakeholders from Other Disciplines
  • Provide Objective Guidance and Impartial Recomme...or Management on Security Processes and Controls
  • Establish Effective Collaboration within Teams to Implement Secure Solutions
  • IT Governance
  • Review All Key Topics
  • Security of Unified Collaboration Tools
  • Remote Access
  • Mobile Device Management
  • Over-the-Air Technologies Concerns
  • Review All Key Topics
  • End-to-End Solution Ownership
  • Systems Development Life Cycle (SDLC)
  • Adapt Solutions to Address Emerging Threats and Security Trends
  • Asset Management (Inventory Control)
  • Review All Key Topics
  • Secure Data Flows to Meet Changing Business Needs
  • Standards
  • Interoperability Issues
  • Technical Deployment Models
  • Logical and Physical Deployment Diagrams of Relevant Devices
  • Secure Infrastructure Design
  • Storage Integration (Security Considerations)
  • Enterprise Application Integration Enablers
  • Review All Key Topics
  • Authentication
  • Authorization
  • Attestation
  • Identity Propagation
  • Federation
  • Advanced Trust Models
  • Review All Key Topics

Copyright © 2002-2017 uCertify / All Rights Reserved.