Comptia Advanced Security Practitioner (Casp+) Cas-004 Cert Guide - Troy Mcmillan

. .

Auteur(s) : Troy Mcmillan

Editeur : Pearson Education

Langue : Anglais

Parution : 01/08/2022

Format : Moyen, de 350g à 1kg

Nombre de pages : 864

Expédition : 1610

Dimensions : 23.1 x 19.6 x 48.0

ISBN : 9780137348954

Résumé :

CompTIA Advanced Security Practitioner (CASP+) CAS-004 Cert Guide presents you with an organized test preparation routine through the use of proven series elements and techniques. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly.

CompTIA Advanced Security Practitioner (CASP+) CAS-004 Cert Guide focuses specifically on the objectives for the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam. Leading expert Troy McMillan shares preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.

This complete study package includes

* A test-preparation routine proven to help you pass the exams
* Chapter-ending exercises, which help you drill on key concepts you must know thoroughly
* An online interactive Flash Cards application to help you drill on Key Terms by chapter
* A final preparation chapter, which guides you through tools and resources to help you craft your review and test-taking strategies

Study plan suggestions and templates to help you organize and optimize your study time

Well regarded for its level of detail, assessment features, and challenging review questions and exercises, this official study guide helps you master the concepts and techniques that ensure your exam success.

This study guide helps you master all the topics on the CompTIA Advanced Security Practitioner (CASP+) CAS-004 exam, including

* Ensuring a secure network architecture
* Determining the proper infrastructure security design
* Implementing secure cloud and virtualization solutions
* Performing threat and vulnerability management activities
* Implementing appropriate incident response
* Applying secure configurations to enterprise mobility
* Configuring and implementing endpoint security controls
* Troubleshooting issues with cryptographic implementations
* Applying appropriate risk strategies...

Biographie:

Troy McMillan, CASP, is a product developer and technical editor for CyberVista as well as a full-time trainer. He became a professional trainer more than 20 years ago, teaching Cisco, Microsoft, CompTIA, and wireless classes. His recent work includes

* Author of CompTIA CySA+ CS0-002 Cert Guide (Pearson IT Certification)
* Author of CompTIA A+ Complete Review Guide (Sybex)
* Author of CompTIA Server + Study Guide (Sybex)
* Contributing subject matter expert for CCNA Cisco Certified Network Associate Certification Exam Preparation Guide (Kaplan)
* Prep test question writer for Network+ Study Guide (Sybex)
* Technical editor for Windows 7 Study Guide (Sybex)
* Contributing author for CCNA-Wireless Study Guide (Sybex)
* Technical editor for CCNA Study Guide, Revision 7 (Sybex)
* Author of VCP VMware Certified Professional on vSphere 4 Review Guide: Exam VCP-410 and associated instructional materials (Sybex)
* Author of Cisco Essentials (Sybex)
* Co-author of CISSP Cert Guide (Pearson IT Certification)
* Prep test question writer for CCNA Wireless 640-722 (Cisco Press)

He also has appeared in the following training videos for OnCourse Learning: Security+...

Sommaire:

Introduction I
Part I: Security Architecture
Chapter 1 Ensuring a Secure Network Architecture 3
Services 3
Load Balancer 3
Intrusion Detection System (IDS)/Network Intrusion Detection System (NIDS)/Wireless Intrusion Detection System (WIDS) 3
Intrusion Prevention System (IPS)/Network Intrusion Prevention System (NIPS)/Wireless Intrusion Prevention System (WIPS) 6
Web Application Firewall (WAF) 6
Network Access Control (NAC) 8
Virtual Private Network (VPN) 10
Domain Name System Security Extensions (DNSSEC) 11
Firewall/Unified Threat Management (UTM)/Next-Generation Firewall (NGFW) 11
Network Address Translation (NAT) Gateway 19
Internet Gateway 21
Forward/Transparent Proxy 21
Reverse Proxy 22
Distributed Denial-of-Service (DDoS) Protection 22
Routers 22
Mail Security 26
Application Programming Interface (API) Gateway/Extensible Markup Language (XML) Gateway 30
Traffic Mirroring 30
Sensors 32
Segmentation 39
Microsegmentation 40
Local Area Network (LAN)/Virtual Local Area Network (VLAN) 40
Jump Box 43
Screened Subnet 44
Data Zones 44
Staging Environments 45
Guest Environments 45
VPC/Virtual Network (VNET) 45
Availability Zone 46
NAC Lists 47
Policies/Security Groups 47
Regions 49
Access Control Lists (ACLs) 49
Peer-to-Peer 49
Air Gap 49
De-perimeterization/Zero Trust 49
Cloud 50
Remote Work 50
Mobile 50
Outsourcing and Contracting 52
Wireless/Radio Frequency (RF) Networks 53
Merging of Networks from Various Organizations 58
Peering 59
Cloud to on Premises 59
Data Sensitivity Levels 59
Mergers and Acquisitions 60
Cross-domain 61
Federation 61
Directory Services 61
Software-Defined Networking (SDN) 62
Open SDN 63
Hybrid SDN 64
SDN Overlay 64
Exam Preparation Tasks 66
Chapter 2 Determining the Proper Infrastructure Security Design 73
Scalability 73
Vertically 73
Horizontally 74
Resiliency 74
High Availability/Redundancy 74
Diversity/Heterogeneity 75
Course of Action Orchestration 75
Distributed Allocation 76
Replication 76
Clustering 76
Automation 76
Autoscaling 76
Security Orchestration, Automation, and Response (SOAR) 77
Bootstrapping 77
Performance 77
Containerization 78
Virtualization 79
Content Delivery Network 79
Caching 80
Exam Preparation Tasks 81
Chapter 3 Securely Integrating Software Applications 85
Baseline and Templates 85
Baselines 85
Create Benchmarks and Compare to Baselines 85
Templates 86
Secure Design Patterns/Types of Web Technologies 87
Container APIs 88
Secure Coding Standards 89
Application Vetting Processes 90
API Management 91
Middleware 91
Software Assurance 92
Sandboxing/Development Environment 92
Validating Third-Party Libraries 93
Defined DevOps Pipeline 93
Code Signing 94
Interactive Application Security Testing (IAST) vs. Dynamic Application Security Testing (DAST) vs. Static Application Security Testing (SAST) 95
Considerations of Integrating Enterprise Applications 100
Customer Relationship Management (CRM) 100
Enterprise Resource Planning (ERP) 100
Configuration Management Database (CMDB) 101
Content Management System (CMS) 101
Integration Enablers 101
Integrating Security into Development Life Cycle 103
Formal Methods 103
Requirements 103
Fielding 104
Insertions and Upgrades 104
Disposal and Reuse 104
Testing 105
Development...