Atnaujinkite slapukų nuostatas

CompTIA Advanced Security Practitioner (CASP) CAS-003 Cert Guide 2nd edition [Multiple-component retail product]

3.50/5 (8 ratings by Goodreads)
,
  • Formatas: Multiple-component retail product, 912 pages, aukštis x plotis x storis: 240x194x50 mm, weight: 1659 g, Contains 1 Digital product license key and 1 Hardback
  • Serija: Certification Guide
  • Išleidimo metai: 26-Jun-2018
  • Leidėjas: Pearson IT Certification
  • ISBN-10: 0789759446
  • ISBN-13: 9780789759443
Kitos knygos pagal šią temą:
CompTIA Advanced Security Practitioner (CASP) CAS-003 Cert Guide 2nd editionDidesnis paveikslėlis
  • Formatas: Multiple-component retail product, 912 pages, aukštis x plotis x storis: 240x194x50 mm, weight: 1659 g, Contains 1 Digital product license key and 1 Hardback
  • Serija: Certification Guide
  • Išleidimo metai: 26-Jun-2018
  • Leidėjas: Pearson IT Certification
  • ISBN-10: 0789759446
  • ISBN-13: 9780789759443
Kitos knygos pagal šią temą:
Pastovi nuoroda: https://www.kriso.lt/db/9780789759443.html
Raktažodžiai:
Learn, prepare, and practice for CompTIA Advanced Security Practitioner (CASP) CAS-003 exam success with this CompTIA Approved Cert Guide from Pearson IT Certification, a leader in IT Certification learning and a CompTIA Authorized Platinum Partner.





Master CompTIA Advanced Security Practitioner (CASP) CAS-003 exam topics Assess your knowledge with chapter-ending quizzes Review key concepts with exam preparation tasks Practice with unique sets of exam-realistic practice questions



CompTIA Advanced Security Practitioner (CASP) CAS-003 Authorized Cert Guide is a best-of-breed exam study guide. Leading security certification training experts Robin Abernathy and Troy McMillan share preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.







The book presents you with an organized test preparation routine through the use of proven series elements and techniques. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly. Review questions help you assess your knowledge, and a final preparation chapter guides you through tools and resources to help you craft your final study plan.







The companion website contains the powerful Pearson Test Prep practice test software, complete with hundreds of exam-realistic questions. The assessment engine offers you a wealth of customization options and reporting features, laying out a complete assessment of your knowledge to help you focus your study where it is needed most. This online assessment engine enables you to access the practice tests via the Internet on any desktop, laptop, tablet, or smartphone device with internet connectivity. The web-based version also allows you to download the software to your desktop, so you can use the practice test even when you don't have an internet connection. The desktop version syncs with your online version when an internet connection is established, to update and track your progress. This integrated learning package offers these additional benefits:



Allows you to focus on individual topic areas or take complete, timed exams Presents unique sets of exam-realistic practice questions Tracks your performance and provides feedback on a module-by-module basis, laying out a complete assessment of your knowledge to help you focus your study where it is needed most.







Well-regarded for its level of detail, assessment features, and challenging review questions and exercises, this CompTIA approved study guide helps you master the concepts and techniques that will enable you to succeed on the exam the first time, including:





Enterprise security Risk management and incident response Research, analysis, and assessment Integration of computing, communications, and business disciplines Technical integration of enterprise components







Companion Website



The website contains two free, complete practice exams.







Includes Exclusive Offer for 70% Off Premium Edition eBook and Practice Test
Introduction The CASP Exam 2(36)
The Goals of the GASP Certification
3(2)
Sponsoring Bodies
3(1)
Other Security Exams
4(1)
Stated Goals
4(1)
The Value of the GASP Certification
5(2)
To the Security Professional
5(1)
Department of Defense Directive 8140 and 8570 (DoDD 8140 and 8570)
5(1)
To the Enterprise
6(1)
GASP Exam Objectives
7(28)
1.0 Risk Management
7(1)
1.1 Summarize business and industry influences and associated security risks.
7(1)
1.2 Compare and contrast security, privacy policies and procedures based on organizational requirements.
8(1)
1.3 Given a scenario, execute risk mitigation strategies and controls.
9(2)
1.4 Analyze risk metric scenarios to secure the enterprise.
11(1)
2.0 Enterprise Security Architecture
12(1)
2.1 Analyze a scenario and integrate network and security components, concepts and architectures to meet security requirements.
12(2)
2.2 Analyze a scenario to integrate security controls for host devices to meet security requirements.
14(3)
2.3 Analyze a scenario to integrate security controls for mobile and small form factor devices to meet security requirements.
17(2)
2.4 Given software vulnerability scenarios, select appropriate security controls.
19(2)
3.0 Enterprise Security Operations
21(1)
3.1 Given a scenario, conduct a security assessment using the appropriate methods.
21(1)
3.2 Analyze a scenario or output, and select the appropriate tool for a security assessment.
22(1)
3.3 Given a scenario, implement incident response and recovery procedures.
23(2)
4.0 Technical Integration of Enterprise Security
25(1)
4.1 Given a scenario, integrate hosts, storage, networks and applications into a secure enterprise architecture.
25(2)
4.2 Given a scenario, integrate cloud and virtualization technologies into a secure enterprise architecture.
27(1)
4.3 Given a scenario, integrate and troubleshoot advanced authentication and authorization technologies to support enterprise security objectives.
28(1)
4.4 Given a scenario, implement cryptographic techniques.
29(2)
4.5 Given a scenario, select the appropriate control to secure communications and collaboration solutions.
31(1)
5.0 Research, Development and Collaboration
31(1)
5.1 Given a scenario, apply research methods to determine industry trends and their impact to the enterprise.
31(1)
5.2 Given a scenario, implement security activities across the technology life cycle.
32(2)
5.3 Explain the importance of interaction across diverse business units to achieve security goals.
34(1)
Steps to Becoming a GASP
35(1)
Qualifying for the Exam
35(1)
Signing Up for the Exam
35(1)
About the Exam
35(1)
CompTIA Authorized Materials Use Policy
35(3)
Chapter 1 Business and Industry Influences and Associated Security Risks 38(26)
Risk Management of New Products, New Technologies, and User Behaviors
39(1)
New or Changing Business Models/Strategies
40(4)
Partnerships
40(1)
Outsourcing
41(1)
Cloud
41(1)
Acquisition/Merger and Divestiture/Demerger
42(2)
Data Ownership
43(1)
Data Reclassification
44(1)
Security Concerns of Integrating Diverse Industries
44(8)
Rules
44(1)
Policies
45(1)
Regulations
45(5)
Export Controls
45(1)
Legal Requirements
46(4)
Geography
50(2)
Data Sovereignty
50(1)
Jurisdictions
51(1)
Internal and External Influences
52(2)
Competitors
52(1)
Auditors/Audit Findings
52(1)
Regulatory Entities
53(1)
Internal and External Client Requirements
53(1)
Top-Level Management
54(1)
Impact of De-perimeterization (e.g., Constantly Changing Network Boundary)
54(6)
Telecommuting
55(1)
Cloud
55(1)
Mobile
55(1)
BYOD
56(2)
Outsourcing
58(1)
Ensuring Third-Party Providers Have Requisite Levels of Information Security
58(2)
Exam Preparation Tasks
60(1)
Review All Key Topics
60(1)
Define Key Terms
60(1)
Review Questions
61(3)
Chapter 2 Security, Privacy Policies, and Procedures 64(32)
Policy and Process Life Cycle Management
65(5)
New Business
68(1)
New Technologies
68(1)
Environmental Changes
69(1)
Regulatory Requirements
69(1)
Emerging Risks
70(1)
Support Legal Compliance and Advocacy
70(1)
Common Business Documents to Support Security
71(4)
Risk Assessment (RA)
71(1)
Business Impact Analysis (BIA)
72(1)
Interoperability Agreement (IA)
72(1)
Interconnection Security Agreement (ISA)
72(1)
Memorandum of Understanding (MOU)
73(1)
Service-Level Agreement (SLA)
73(1)
Operating-Level Agreement (OLA)
73(1)
Non-Disclosure Agreement (NDA)
74(1)
Business Partnership Agreement (BPA)
74(1)
Master Service Agreement (MSA)
75(1)
Security Requirements for Contracts
75(2)
Request for Proposal (RFP)
76(1)
Request for Quote (RFQ)
76(1)
Request for Information (RFI)
76(1)
Agreement or Contract
77(1)
General Privacy Principles for Sensitive Information
77(1)
Support the Development of Policies Containing Standard Security Practices
78(13)
Separation of Duties
78(1)
Job Rotation
79(1)
Mandatory Vacation
80(1)
Least Privilege
80(1)
Incident Response
81(3)
Events Versus Incidents
83(1)
Rules of Engagement, Authorization, and Scope
83(1)
Forensic Tasks
84(1)
Employment and Termination Procedures
85(1)
Continuous Monitoring
86(1)
Training and Awareness for Users
86(2)
Auditing Requirements and Frequency
88(1)
Information Classification and Life Cycle
89(13)
Commercial Business Classifications
89(1)
Military and Government Classifications
90(1)
Information Life Cycle
90(1)
Exam Preparation Tasks
91(1)
Review All Key Topics
91(1)
Define Key Terms
92(1)
Review Questions
92(4)
Chapter 3 Risk Mitigation Strategies and Controls 96(78)
Categorize Data Types by Impact Levels Based on CIA
98(2)
Incorporate Stakeholder Input into CIA Impact-Level Decisions
100(1)
Determine the Aggregate CIA Score
101(1)
Determine Minimum Required Security Controls Based on Aggregate Score
102(1)
Select and Implement Controls Based on CIA Requirements and Organizational Policies
102(21)
Access Control Categories
102(6)
Compensative
103(1)
Corrective
103(1)
Detective
103(1)
Deterrent
103(1)
Directive
103(1)
Preventive
104(1)
Recovery
104(1)
Access Control Types
104(1)
Administrative (Management) Controls
104(2)
Logical (Technical) Controls
106(1)
Physical Controls
107(1)
Security Requirements Traceability Matrix (SRTM)
108(1)
Security Control Frameworks
109(9)
ISO/IEC 27000 Series
110(2)
Zachman Framework™
112(1)
The Open Group Architecture Framework (TOGAF)
113(1)
Department of Defense Architecture Framework (DoDAF)
113(1)
British Ministry of Defence Architecture Framework (MODAF)
113(1)
Sherwood Applied Business Security Architecture (SABSA)
113(1)
Control Objectives for Information and Related Technology (COBIT)
114(1)
National Institute of Standards and Technology (KIST) Special Publication (SP) 800 Series
115(3)
HITRUST CSF
118(8)
CIS Critical Security Controls
118(1)
Committee of Sponsoring Organizations (COSO) of the Treadway Commission Framework
119(1)
Operationally Critical Threat, Asset and Vulnerability Evaluation (OCTAVE)
120(1)
Information Technology Infrastructure Library (ITIL)
120(1)
Six Sigma
121(2)
Capability Maturity Model Integration (CMMI)
123(1)
CCTA Risk Analysis and Management Method (GRAMM)
123(1)
Extreme Scenario Planning/Worst-Case Scenario
123(2)
Conduct System-Specific Risk Analysis
125(1)
Make Risk Determination Based upon Known Metrics
126(8)
Qualitative Risk Analysis
126(1)
Quantitative Risk Analysis
127(1)
Magnitude of Impact Based on ALE and SLE
128(1)
SLE
128(1)
ALE
128(1)
Likelihood of Threat
129(1)
Motivation
129(1)
Source
130(1)
ARO
130(1)
Trend Analysis
130(1)
Return on Investment (ROI)
131(2)
Payback
132(1)
Net Present Value (NPV)
132(1)
Total Cost of Ownership
133(1)
Translate Technical Risks in Business Terms
134(1)
Recommend Which Strategy Should Be Applied Based on Risk Appetite
135(2)
Avoid
135(1)
Transfer
136(1)
Mitigate
136(1)
Accept
137(1)
Risk Management Processes
137(4)
Information and Asset (Tangible/Intangible) Value and Costs
138(1)
Vulnerabilities and Threats Identification
139(1)
Exemptions
139(1)
Deterrence
140(1)
Inherent
140(1)
Residual
140(1)
Continuous Improvement/Monitoring
141(1)
Business Continuity Planning
141(7)
Business Continuity Scope and Plan
141(1)
Personnel Components
142(1)
Project Scope
142(1)
Business Continuity Steps
142(6)
Develop Contingency Planning Policy
144(1)
Conduct the BIA
145(2)
Identify Preventive Controls
147(1)
Create Contingency Strategies
148(1)
Plan Testing, Training, and Exercises (TT&E)
148(1)
Maintain the Plan
148(1)
IT Governance
148(20)
Adherence to Risk Management Frameworks
149(1)
NIST
149(15)
Organizational Governance Components
164(11)
Policies
165(2)
Processes
167(1)
Procedures
167(1)
Standards
167(1)
Guidelines
167(1)
Baselines
167(1)
Enterprise Resilience
168(2)
Exam Preparation Tasks
170(1)
Review All Key Topics
170(1)
Define Key Terms
171(1)
Review Questions
171(3)
Chapter 4 Risk Metric Scenarios to Secure the Enterprise 174(18)
Review Effectiveness of Existing Security Controls
175(2)
Gap Analysis
176(1)
Lessons Learned and After-Action Reports
177(1)
Reverse Engineer/Deconstruct Existing Solutions
177(1)
Creation, Collection, and Analysis of Metrics
177(3)
KPIs
179(1)
KRIs
180(1)
Prototype and Test Multiple Solutions
180(1)
Create Benchmarks and Compare to Baselines
181(1)
Analyze and Interpret Trend Data to Anticipate Cyber Defense Needs
182(1)
Analyze Security Solution Metrics and Attributes to Ensure They Meet Business Needs
183(4)
Performance
183(1)
Latency
184(1)
Scalability
184(1)
Capability
185(1)
Usability
185(1)
Maintainability
185(1)
Availability
185(1)
Recoverability
186(1)
Cost/Benefit Analysis
186(1)
ROI
186(1)
TCO
186(1)
Use Judgment to Solve Problems Where the Most Secure Solution Is Not Feasible
187(1)
Exam Preparation Tasks
187(1)
Review All Key Topics
187(1)
Define Key Terms
188(1)
Review Questions
189(3)
Chapter 5 Network and Security Components, Concepts, and Architectures 192(94)
Physical and Virtual Network and Security Devices
194(18)
UTM
194(1)
IDS/IPS
195(2)
HIDS/HIPS
197(1)
NIPS
197(1)
NIDS
198(1)
INE
198(1)
NAC
199(1)
SIEM
199(2)
Switch
201(1)
Firewall
202(6)
Types of Firewalls
202(3)
NGFWs
205(1)
Firewall Architecture
205(3)
Wireless Controller
208(2)
Router
210(1)
Proxy
210(1)
Load Balancer
211(1)
HSM
211(1)
MicroSD HSM
212(1)
Application and Protocol-Aware Technologies
212(3)
WAF
212(1)
Firewall
213(1)
Passive Vulnerability Scanners
213(1)
Active Vulnerability Scanners
214(1)
DAM
214(1)
Advanced Network Design (Wired/Wireless)
215(26)
Remote Access
215(1)
VPN
215(5)
SSH
220(1)
RDP
220(1)
VNC
221(1)
VDI
221(20)
Reverse Proxy
222(1)
IPv4 and IPv6 Transitional Technologies
222(2)
Network Authentication Methods
224(2)
802.1x
226(2)
Mesh Networks
228(1)
Application of Solutions
229(1)
Placement of Hardware, Applications, and Fixed/Mobile Devices
230(11)
Complex Network Security Solutions for Data Flow
241(5)
DLP
241(1)
Deep Packet Inspection
242(1)
Data-Flow Enforcement
243(1)
Network Flow (S/flow)
244(1)
Network Flow Data
244(1)
Data Flow Diagram
245(1)
Secure Configuration and Baselining of Networking and Security Components
246(8)
ACLs
246(1)
Creating Rule Sets
246(1)
Change Monitoring
247(1)
Configuration Lockdown
248(1)
Availability Controls
248(6)
Software-Defined Networking
254(1)
Network Management and Monitoring Tools
255(5)
Alert Definitions and Rule Writing
259(1)
Tuning Alert Thresholds
259(1)
Alert Fatigue
260(1)
Advanced Configuration of Routers, Switches, and Other Network Devices
260(8)
Transport Security
260(1)
Trunking Security
260(2)
Port Security
262(4)
Limiting MAC Addresses
263(1)
Implementing Sticky Mac
263(1)
Ports
264(2)
Route Protection
266(1)
DDoS Protection
266(1)
Remotely Triggered Black Hole
267(1)
Security Zones
268(1)
DMZ
268(1)
Separation of Critical Assets
268(1)
Network Segmentation
269(1)
Network Access Control
269(2)
Quarantine/Remediation
270(1)
Persistent/Volatile or Non-persistent Agent
270(1)
Agent vs. Agentless
271(1)
Network-Enabled Devices
271(8)
System on a Chip (SoC)
271(3)
Secure Booting
271(1)
Secured Memory
272(1)
Runtime Data Integrity Check
273(1)
Central Security Breach Response
274(1)
Building/Home Automation Systems
274(1)
IP Video
275(1)
HVAC Controllers
276(1)
Sensors
277(1)
Physical Access Control Systems
277(1)
A/V Systems
278(1)
Scientific/Industrial Equipment
279(1)
Critical Infrastructure
279(1)
Exam Preparation Tasks
280(1)
Review All Key Topics
280(2)
Define Key Terms
282(1)
Review Questions
282(4)
Chapter 6 Security Controls for Host Devices 286(42)
Trusted OS (e.g., How and When to Use It)
287(3)
SELinux
289(1)
SEAndroid
289(1)
TrustedSolaris
290(1)
Least Functionality
290(1)
Endpoint Security Software
290(8)
Anti-malware
291(1)
Antivirus
291(1)
Anti-spyware
291(1)
Spam Filters
292(1)
Patch Management
292(1)
IDS/IPS
293(1)
HIPS/HIDS
293(1)
Data Loss Prevention
293(1)
Host-Based Firewalls
294(1)
Log Monitoring
295(2)
Endpoint Detection Response
297(1)
Host Hardening
298(18)
Standard Operating Environment/Configuration Baselining
298(1)
Application Whitelisting and Blacklisting
299(1)
Security/Group Policy Implementation
299(2)
Command Shell Restrictions
301(1)
Patch Management
302(1)
Manual
302(1)
Automated
302(1)
Configuring Dedicated Interfaces
303(1)
Out-of-Band Management
303(1)
ACLs
304(1)
Management Interface
304(1)
Data Interface
305(1)
External I/O Restrictions
305(1)
USB
306(9)
Wireless
306(7)
Drive Mounting
313(1)
Drive Mapping
314(1)
Webcam
314(1)
Recording Mic
314(1)
Audio Output
314(1)
SD Port
315(1)
HDMI Port
315(1)
File and Disk Encryption
315(1)
TPM
315(1)
Firmware Updates
316(1)
Boot Loader Protections
316(6)
Secure Boot
317(1)
Measured Launch
317(1)
Integrity Measurement Architecture
318(1)
BIOS/UEFI
318(1)
Attestation Services
319(1)
TPM
319(1)
Virtual TPM
320(2)
Vulnerabilities Associated with Hardware
322(1)
Terminal Services/Application Delivery Services
322(1)
Exam Preparation Tasks
323(1)
Review All Key Topics
323(1)
Define Key Terms
324(1)
Review Questions
324(4)
Chapter 7 Security Controls for Mobile and Small Form Factor Devices 328(26)
Enterprise Mobility Management
329(7)
Containerization
329(1)
Configuration Profiles and Payloads
329(1)
Personally Owned, Corporate-Enabled
330(1)
Application Wrapping
330(1)
Remote Assistance Access
330(1)
VNC
330(1)
Screen Mirroring
330(1)
Application, Content, and Data Management
331(1)
Over-the-Air Updates (Software/Firmware)
331(1)
Remote Wiping
332(1)
SCEP
332(1)
BYOD
332(1)
COPE
332(1)
VPN
333(1)
Application Permissions
333(1)
Side Loading
334(1)
Unsigned Apps/System Apps
334(1)
Context-Aware Management
334(2)
Geolocation/Geofencing
335(1)
User Behavior
335(1)
Security Restrictions
336(1)
Time-Based Restrictions
336(1)
Frequency
336(1)
Security Implications/Privacy Concerns
336(9)
Data Storage
336(2)
Non-Removable Storage
337(1)
Removable Storage
337(1)
Cloud Storage
337(1)
Transfer/Backup Data to Uncontrolled Storage
338(1)
USB OTG
338(1)
Device Loss/Theft
338(1)
Hardware Anti-Tamper
338(1)
eFuse
338(1)
TPM
339(1)
Rooting/Jailbreaking
339(1)
Push Notification Services
339(1)
Geotagging
339(1)
Encrypted Instant Messaging Apps
340(1)
Tokenization
340(1)
OEM/Carrier Android Fragmentation
340(1)
Mobile Payment
340(1)
NFC-Enabled
340(1)
Inductance-Enabled
341(1)
Mobile Wallet
341(1)
Peripheral-Enabled Payments (Credit Card Reader)
341(1)
Tethering
341(1)
USB
342(1)
Spectrum Management
342(1)
Bluetooth 3.0 vs. 4.1
342(1)
Authentication
342(2)
Swipe Pattern
343(1)
Gesture
343(1)
PIN Code
343(1)
Biometric
343(1)
Malware
344(1)
Unauthorized Domain Bridging
344(1)
Baseband Radio/SOC
345(1)
Augmented Reality
345(1)
SMS/MMS/Messaging
345(1)
Wearable Technology
345(5)
Devices
346(3)
Cameras
346(1)
Watches
346(1)
Fitness Devices
347(1)
Glasses
347(1)
Medical Sensors/Devices
348(1)
Headsets
348(1)
Security Implications
349(6)
Unauthorized Remote Activation/Deactivation of Devices or Features
349(1)
Encrypted and Unencrypted Communication Concerns
349(1)
Physical Reconnaissance
349(1)
Personal Data Theft
350(1)
Health Privacy
350(1)
Digital Forensics on Collected Data
350(1)
Exam Preparation Tasks
350(1)
Review All Key Topics
350(1)
Define Key Terms
351(1)
Review Questions
351(3)
Chapter 8 Software Vulnerability Security Controls 354(28)
Application Security Design Considerations
355(1)
Secure: By Design, By Default, By Deployment
355(1)
Specific Application Issues
356(14)
Unsecure Direct Object References
356(1)
XSS
356(1)
Cross-Site Request Forgery (CSRF)
357(1)
Click-Jacking
358(1)
Session Management
359(1)
Input Validation
360(1)
SQL Injection
360(2)
Improper Error and Exception Handling
362(1)
Privilege Escalation
362(1)
Improper Storage of Sensitive Data
362(1)
Fuzzing/Fault Injection
363(1)
Secure Cookie Storage and Transmission
364(1)
Buffer Overflow
364(3)
Memory Leaks
367(1)
Integer Overflows
367(1)
Race Conditions
367(1)
Time of Check/Time of Use
367(1)
Resource Exhaustion
368(1)
Geotagging
368(1)
Data Remnants
369(1)
Use of Third-Party Libraries
369(1)
Code Reuse
370(1)
Application Sandboxing
370(1)
Secure Encrypted Enclaves
371(1)
Database Activity Monitor
371(1)
Web Application Firewalls
371(1)
Client-Side Processing vs. Server-Side Processing
371(7)
JS ON/REST
372(1)
Browser Extensions
373(1)
ActiveX
373(1)
Java Applets
373(1)
HTML5
374(1)
AJAX
374(2)
SOAP
376(1)
State Management
376(1)
JavaScript
376(1)
Operating System Vulnerabilities
377(1)
Firmware Vulnerabilities
377(1)
Exam Preparation Tasks
378(1)
Review All Key Topics
378(1)
Define Key Terms
378(1)
Review Questions
379(3)
Chapter 9 Security Assessments 382(28)
Methods
383(15)
Malware Sandboxing
383(1)
Memory Dumping, Runtime Debugging
384(1)
Reconnaissance
385(1)
Fingerprinting
385(2)
Code Review
387(1)
Social Engineering
388(1)
Phishing/Pharming
388(1)
Shoulder Surfing
389(1)
Identity Theft
389(1)
Dumpster Diving
389(1)
Pivoting
389(1)
Open Source Intelligence
390(8)
Social Media
390(1)
Whois
391(1)
Routing Tables
392(2)
DNS Records
394(3)
Search Engines
397(1)
Test Types
398(7)
Penetration Test
398(3)
Black Box
400(1)
White Box
400(1)
Gray Box
400(1)
Vulnerability Assessment
401(1)
Self-Assessment
402(1)
Tabletop Exercises
403(1)
Internal and External Audits
403(1)
Color Team Exercises
404(1)
Exam Preparation Tasks
405(1)
Review All Key Topics
405(1)
Define Key Terms
406(1)
Review Questions
407(3)
Chapter 10 Select the Appropriate Security Assessment Tool 410(38)
Network Tool Types
411(16)
Port Scanners
411(2)
Network Vulnerability Scanners
413(1)
Protocol Analyzer
414(2)
Wired
414(1)
Wireless
415(1)
SCAP Scanner
416(4)
Permissions and Access
418(1)
Execute Scanning
419(1)
Network Enumerator
420(2)
Fuzzer
421(1)
HTTP Interceptor
422(1)
Exploitation Tools/Frameworks
422(2)
Visualization Tools
424(1)
Log Reduction and Analysis Tools
425(2)
Host Tool Types
427(14)
Password Cracker
427(1)
Host Vulnerability Scanners
428(1)
Command Line Tools
429(7)
netstat
429(2)
ping
431(2)
tracert/traceroute
433(1)
ipconfig/ifconfig
434(1)
nslookup/dig
435(1)
Sysinternals
435(1)
OpenSSL
436(1)
Local Exploitation Tools/Frameworks
436(1)
SCAP Tool
437(1)
File Integrity Monitoring
437(1)
Log Analysis Tools
438(1)
Antivirus
439(1)
Reverse Engineering Tools
440(1)
Physical Security Tools
441(3)
Lock Picks
441(1)
Locks
442(2)
RFID Tools
444(1)
IR Camera
444(1)
Exam Preparation Tasks
444(1)
Review All Key Topics
444(1)
Define Key Terms
445(1)
Review Questions
446(2)
Chapter 11 Incident Response and Recovery 448(38)
E-Discovery
449(5)
Electronic Inventory and Asset Control
450(1)
Data Retention Policies
451(1)
Data Recovery and Storage
451(1)
Data Ownership
452(1)
Data Handling
453(1)
Legal Holds
454(1)
Data Breach
454(3)
Detection and Collection
455(1)
Data Analytics
455(1)
Mitigation
456(1)
Minimize
456(1)
Isolate
456(1)
Recovery/Reconstitution
456(1)
Response
457(1)
Disclosure
457(1)
Facilitate Incident Detection and Response
457(4)
Internal and External Violations
458(2)
Privacy Policy Violations
458(1)
Criminal Actions
459(1)
Insider Threats
459(1)
Non-malicious Threats/Misconfigurations
459(1)
Hunt Teaming
460(1)
Heuristics/Behavioral Analytics
460(1)
Establish and Review System, Audit and Security Logs
461(1)
Incident and Emergency Response
461(10)
Chain of Custody
461(2)
Evidence
462(1)
Surveillance, Search, and Seizure
463(1)
Forensic Analysis of Compromised System
463(2)
Media Analysis
464(1)
Software Analysis
464(1)
Network Analysis
464(1)
Hardware/Embedded Device Analysis
465(1)
Continuity of Operations
465(1)
Disaster Recovery
465(4)
Data Backup Types and Schemes
465(4)
Electronic Backup
469(1)
Incident Response Team
469(1)
Order of Volatility
470(1)
Incident Response Support Tools
471(7)
dd
471(1)
tcpdump
472(1)
nbtstat
473(1)
netstat
474(1)
nc (Netcat)
475(1)
memcopy
476(1)
tshark
476(1)
foremost
477(1)
Severity of Incident or Breach
478(2)
Scope
478(1)
Impact
478(1)
System Process Criticality
479(1)
Cost
479(1)
Downtime
479(1)
Legal Ramifications
480(1)
Post-incident Response
480(1)
Root-Cause Analysis
480(1)
Lessons Learned
480(1)
After-Action Report
481(8)
Change Control Process
481(1)
Update Incident Response Plan
481(1)
Exam Preparation Tasks
481(1)
Review All Key Topics
481(1)
Define Key Terms
482(1)
Review Questions
483(3)
Chapter 12 Host, Storage, Network, and Application Integration 486(26)
Adapt Data Flow Security to Meet Changing Business Needs
487(2)
Standards
489(2)
Open Standards
489(1)
Adherence to Standards
489(1)
Competing Standards
490(1)
Lack of Standards
490(1)
De Facto Standards
490(1)
Interoperability Issues
491(3)
Legacy Systems and Software/Current Systems
491(1)
Application Requirements
492(1)
Software Types
492(1)
In-house Developed
493(1)
Commercial
493(1)
Tailored Commercial
493(1)
Open Source
493(1)
Standard Data Formats
493(1)
Protocols and APIs
494(1)
Resilience Issues
494(2)
Use of Heterogeneous Components
494(1)
Course of Action Automation/Orchestration
495(1)
Distribution of Critical Assets
495(1)
Persistence and Non-persistence of Data
495(1)
Redundancy/High Availability
496(1)
Assumed Likelihood of Attack
496(1)
Data Security Considerations
496(4)
Data Remnants
497(1)
Data Aggregation
498(1)
Data Isolation
498(1)
Data Ownership
499(1)
Data Sovereignty
499(1)
Data Volume
500(1)
Resources Provisioning and Deprovisioning
500(1)
Users
500(1)
Servers
501(1)
Virtual Devices
501(1)
Applications
501(1)
Data Remnants
501(1)
Design Considerations During Mergers, Acquisitions and Demergers/Divestitures
501(1)
Network Secure Segmentation and Delegation
502(1)
Logical Deployment Diagram and Corresponding Physical Deployment Diagram of All Relevant Devices
502(2)
Security and Privacy Considerations of Storage Integration
504(1)
Security Implications of Integrating Enterprise Applications
504(3)
CRM
504(1)
ERP
505(1)
CMDB
505(1)
CMS
505(1)
Integration Enablers
505(1)
Directory Services
505(1)
DNS
506(1)
SOA
506(1)
ESB
507(1)
Exam Preparation Tasks
507(1)
Review All Key Topics
507(1)
Define Key Terms
508(1)
Review Questions
508(4)
Chapter 13 Cloud and Virtualization Technology Integration 512(24)
Technical Deployment Models (Outsourcing/Insourcing/Managed Services/Partnership)
513(5)
Cloud and Virtualization Considerations and Hosting Options
513(2)
Public
514(1)
Private
514(1)
Hybrid
514(1)
Community
514(1)
Multitenancy
515(1)
Single Tenancy
515(1)
On-Premise vs. Hosted
515(1)
Cloud Service Models
516(2)
Security Advantages and Disadvantages of Virtualization
518(3)
Type 1 vs. Type 2 Hypervisors
519(1)
Type 1 Hypervisor
519(1)
Type 2 Hypervisor
519(1)
Container-Based
520(1)
vTPM
520(1)
Hyperconverged Infrastructure
521(1)
Virtual Desktop Infrastructure
521(1)
Secure Enclaves and Volumes
521(1)
Cloud Augmented Security Services
521(6)
Hash Matching
522(1)
Anti-malware
522(1)
Vulnerability Scanning
523(2)
Sandboxing
525(1)
Content Filtering
525(1)
Cloud Security Broker
526(1)
Security as a Service
527(1)
Managed Security Service Providers
527(1)
Vulnerabilities Associated with Comingling of Hosts with Different Security Requirements
527(2)
VMEscape
527(1)
Privilege Elevation
528(1)
Live VM Migration
528(1)
Data Remnants
529(1)
Data Security Considerations
529(2)
Vulnerabilities Associated with a Single Server Hosting Multiple Data Types
530(1)
Vulnerabilities Associated with a Single Platform Hosting Multiple Data Types/Owners on Multiple Virtual Machines
530(1)
Resources Provisioning and Deprovisioning
531(1)
Virtual Devices
531(1)
Data Remnants
531(1)
Exam Preparation Tasks
532(1)
Review All Key Topics
532(1)
Define Key Terms
532(1)
Review Questions
533(3)
Chapter 14 Authentication and Authorization Technology Integration 536(34)
Authentication
537(13)
Authentication Factors
538(10)
Knowledge Factors
538(1)
Ownership Factors
538(1)
Characteristic Factors
539(1)
Additional Authentication Concepts
540(1)
Identity and Account Management
540(1)
Password Types and Management
541(3)
Physiological Characteristics
544(1)
Behavioral Characteristics
545(1)
Biometric Considerations
546(1)
Dual-Factor and Multi-Factor Authentication
547(1)
Certificate-Based Authentication
548(1)
Single Sign-on
548(1)
802.1x
549(1)
Context-Aware Authentication
550(1)
Push-Based Authentication
550(1)
Authorization
550(7)
Access Control Models
550(3)
Discretionary Access Control
551(1)
Mandatory Access Control
551(1)
Role-Based Access Control
551(1)
Rule-Based Access Control
552(1)
Content-Dependent Access Control
552(1)
Access Control Matrix
552(1)
ACLs
553(1)
Access Control Policies
553(1)
Default to No Access
553(1)
OAuth
553(2)
XACML
555(1)
SPML
556(1)
Attestation
557(1)
Identity Proofing
558(1)
Identity Propagation
558(1)
Federation
559(4)
SAML
560(1)
OpenID
561(1)
Shibboleth
561(2)
WAYF
563(1)
Trust Models
563(3)
RADIUS Configurations
563(1)
LDAP
564(1)
AD
565(1)
Exam Preparation Tasks
566(1)
Review All Key Topics
566(1)
Define Key Terms
567(1)
Review Questions
567(3)
Chapter 15 Cryptographic Techniques 570(46)
Techniques
572(20)
Key Stretching
572(1)
Hashing
572(2)
MD2/MD4/MD5/MD6
574(1)
SHA/SHA-2/SHA-3
575(1)
NAVAL
576(1)
RIPEMD-160
576(1)
Digital Signature
576(1)
Message Authentication
577(1)
Code Signing
578(1)
Pseudo-Random Number Generation
578(1)
Perfect Forward Secrecy
578(1)
Data-in-Transit Encryption
579(2)
SSL/TLS
579(1)
HTTP/HTTPS/SHTTP
579(1)
SET and 3-D Secure
580(1)
IPsec
580(1)
Data-in-Memory/Processing
581(1)
Data-at-Rest Encryption
581(11)
Symmetric Algorithms
582(3)
Asymmetric Algorithms
585(3)
Hybrid Ciphers
588(1)
Disk-Level Encryption
588(1)
Block-Level Encryption
589(1)
File-Level Encryption
589(1)
Record-Level Encryption
589(2)
Port-Level Encryption
591(1)
Steganography
591(1)
Implementations
592(19)
Crypto Modules
592(1)
Crypto Processors
593(1)
Cryptographic Service Providers
593(1)
DRM
593(1)
Watermarking
594(1)
GNU Privacy Guard (GPG)
594(1)
SSL/TLS
595(1)
Secure Shell (SSH)
595(1)
S/MIME
596(1)
Cryptographic Applications and Proper/Improper Implementations
596(1)
Strength Versus Performance Versus Feasibility to Implement Versus Interoperability
596(1)
Feasibility to Implement
597(1)
Interoperability
597(1)
Stream vs. Block
597(12)
Stream Ciphers
597(1)
Block Ciphers
598(1)
Modes
598(4)
Known Flaws/Weaknesses
602(1)
PKI
603(1)
Wildcard
603(1)
OCSP vs. CRL
604(1)
Issuance to Entities
604(2)
Key Escrow
606(1)
Certificate
606(1)
Tokens
607(1)
Stapling
608(1)
Pinning
608(1)
Cryptocurrency/Blockchain
609(1)
Mobile Device Encryption Considerations
610(1)
Elliptic Curve Cryptography
610(1)
P256 vs. P384 vs. P512
610(1)
Exam Preparation Tasks
611(1)
Review All Key Topics
611(1)
Define Key Terms
612(1)
Review Questions
613(3)
Chapter 16 Secure Communication and Collaboration 616(22)
Remote Access
617(4)
Dial-up
617(1)
VPN
618(1)
SSL
618(1)
Remote Administration
618(1)
Resource and Services
618(1)
Desktop and Application Sharing
619(1)
Remote Assistance
620(1)
Unified Collaboration Tools
621(13)
Web Conferencing
621(1)
Video Conferencing
622(1)
Audio Conferencing
623(1)
Storage and Document Collaboration Tools
624(1)
Unified Communication
625(1)
Instant Messaging
625(1)
Presence
626(1)
Email
627(1)
IMAP
627(1)
POP
627(1)
SMTP
628(2)
Email Spoofing
628(1)
Spear Phishing
628(1)
Whaling
629(1)
Spam
629(1)
Captured Messages
629(1)
Disclosure of Information
630(1)
Malware
630(1)
Telephony and VoIP Integration
630(2)
Collaboration Sites
632(7)
Social Media
632(1)
Cloud-Based Collaboration
633(1)
Exam Preparation Tasks
634(1)
Review All Key Topics
634(1)
Define Key Terms
635(1)
Review Questions
635(3)
Chapter 17 Industry Trends and Their Impact to the Enterprise 638(26)
Perform Ongoing Research
639(4)
Best Practices
640(1)
New Technologies, Security Systems and Services
641(1)
Technology Evolution (e.g., RFCs, ISO)
642(1)
Threat Intelligence
643(6)
Latest Attacks
644(2)
Knowledge of Current Vulnerabilities and Threats
646(1)
Zero-Day Mitigation Controls and Remediation
647(1)
Threat Model
648(1)
Research Security Implications of Emerging Business Tools
649(4)
Evolving Social Media Platforms
650(1)
End-User Cloud Storage
650(1)
Integration Within the Business
651(1)
Big Data
652(1)
AI/Machine Learning
653(1)
Global IA Industry/Community
653(7)
Computer Emergency Response Team (CERT)
654(1)
Conventions/Conferences
654(1)
Research Consultants/Vendors
655(1)
Threat Actor Activities
655(5)
Topology Discovery
656(1)
OS Fingerprinting
657(1)
Service Discovery
657(1)
Packet Capture
657(1)
Log Review
658(1)
Router/Firewall ACLs Review
658(1)
Email Harvesting
658(1)
Social Media Profiling
659(1)
Social Engineering
659(1)
Phishing
659(1)
Emerging Threat Sources
660(1)
Exam Preparation Tasks
660(1)
Review All Key Topics
660(1)
Define Key Terms
661(1)
Review Questions
661(3)
Chapter 18 Security Activities Across the Technology Life Cycle 664(52)
Systems Development Life Cycle
665(8)
Requirements
667(1)
Acquisition
668(1)
Test and Evaluation
668(1)
Commissioning/Decommissioning
668(1)
Operational Activities
669(3)
Monitoring
669(1)
Maintenance
670(1)
Configuration and Change Management
671(1)
Asset Disposal
672(1)
Asset/Object Reuse
673(1)
Software Development Life Cycle
673(33)
Plan/Initiate Project
674(1)
Gather Requirements
674(1)
Design
675(1)
Develop
675(1)
Test/Validate
676(1)
Release/Maintain
676(1)
Certify/Accredit
676(1)
Change Management and Configuration Management/Replacement
677(1)
Application Security Frameworks
677(1)
Software Assurance
677(11)
Auditing and Logging
677(1)
Risk Analysis and Mitigation
678(1)
Regression and Acceptance Testing
678(1)
Security Impact of Acquired Software
679(1)
Standard Libraries
679(1)
Industry-Accepted Approaches
680(1)
Web Services Security (WS-Security)
681(1)
Forbidden Coding Techniques
681(1)
NX/XN Bit Use
682(1)
ASLR Use
682(1)
Code Quality
683(1)
Code Analyzers
683(5)
Development Approaches
688(12)
Build and Fix
689(1)
Waterfall
689(1)
V-Shaped
690(1)
Prototyping
691(1)
Incremental
691(1)
Spiral
692(1)
Rapid Application Development (RAD)
692(2)
Agile
694(1)
JAD
694(1)
Cleanroom
695(1)
DevOps
695(1)
Security Implications of Agile, Waterfall, and Spiral Software Development Methodologies
696(2)
Continuous Integration
698(1)
Versioning
698(2)
Secure Coding Standards
700(1)
Documentation
700(4)
Security Requirements Traceability Matrix (SRTM)
700(1)
Requirements Definition
701(1)
System Design Document
701(1)
Testing Plans
702(2)
Validation and Acceptance Testing
704(2)
Unit Testing
704(2)
Adapt Solutions
706(3)
Address Emerging Threats
706(1)
Address Disruptive Technologies
707(1)
Address Security Trends
708(1)
Asset Management (Inventory Control)
709(2)
Device-Tracking Technologies
709(8)
Geolocation/GPS Location
709(1)
Object Tracking and Containment Technologies
709(1)
Geotagging/Geofencing
710(1)
RFID
710(1)
Exam Preparation Tasks
711(1)
Review All Key Topics
711(1)
Define Key Terms
712(1)
Review Questions
713(3)
Chapter 19 Business Unit Interaction 716(16)
Interpreting Security Requirements and Goals to Communicate with Stakeholders from Other Disciplines
717(7)
Sales Staff
717(1)
Programmer
718(1)
Database Administrator
719(1)
Network Administrator
720(1)
Management/Executive Management
720(2)
Financial
722(1)
Human Resources
722(1)
Emergency Response Team
723(1)
Facilities Manager
723(1)
Physical Security Manager
723(1)
Legal Counsel
724(1)
Provide Objective Guidance and Impartial Recommendations to Staff and Senior Management on Security Processes and Controls
724(1)
Establish Effective Collaboration Within Teams to Implement Secure Solutions
725(1)
Governance, Risk, and Compliance Committee
726(1)
Exam Preparation Tasks
727(1)
Review All Key Topics
727(1)
Define Key Terms
728(1)
Review Questions
729(3)
Appendix A Answers 732(22)
Glossary 754(44)
Index 798
Robin Abernathy, CASP, is a product developer and technical editor for Kaplan IT training. She has developed and reviewed certification preparation materials in a variety of product lines, including Microsoft, CompTIA, Cisco, ITIL, (ISC)2, and PMI, and holds multiple certifications from these vendors. Her work with Kaplan IT Training includes practice tests and study guides for the Transcender brands.







Robin most recently co-authored Pearsons CISSP Cert Guide with Troy McMillan and Sari Green and authored Pearsons Project+ Cert Guide. She provides training on computer hardware, software, networking, security, and project management. Robin also presents at technical conferences and hosts webinars on IT certification topics. More recently, Robin has recorded videos for CyberVistas IT certification training courses.







Troy McMillan, CASP, is a product developer and technical editor for Kaplan IT Training as well as a full-time trainer. He became a professional trainer more than 15 years ago, teaching Cisco, Microsoft, CompTIA, and wireless classes. His recent work includes:





Contributing subject matter expert for CCNA Cisco Certified Network Associate Certification Exam Preparation Guide (Kaplan) Prep test question writer for Network+ Study Guide (Sybex) Technical editor for Windows 7 Study Guide (Sybex) Contributing author for CCNA-Wireless Study Guide (Sybex) Technical editor for CCNA Study Guide, Revision 7 (Sybex) Author of VCP VMware Certified Professional on vSphere 4 Review Guide: Exam VCP-410 and associated instructional materials (Sybex) Author of Cisco Essentials (Sybex) Co-author of CISSP Cert Guide (Pearson) Prep test question writer for CCNA Wireless 640-722 (Cisco Press)

He also has appeared in the following training videos for OnCourse Learning: Security+; Network+; Microsoft 70-410, 411, and 412 exam prep; ICND 1; ICND 2; and Cloud+.







He now creates certification practice tests and study guides for the Transcender brands. Troy lives in both Sugarloaf Key, Florida, and Pfafftown, North Carolina, with his wife, Heike.