CompTIA® SecurityX® CAS-005 Certification Guide

Name: CompTIA® SecurityX® CAS-005 Certification Guide | Master advanced security strategies and confidently take the new CAS-005 exam
Brand: Packt Publishing
Price: 29.99 EUR
Availability: OnlineOnly

Master advanced security strategies and confidently take the new CAS-005 exam

Mark Birch(Autor*in)

Packt Publishing

1. Auflage

Erschienen am 25. Juli 2025

698 Seiten

E-Book

ePUB mit Adobe-DRM

Systemvoraussetzungen

978-1-83664-096-7 (ISBN)

29,99 €inkl. 7% MwSt.

Systemvoraussetzungen

für ePUB mit Adobe-DRM

E-Book Einzellizenz

Als Download verfügbar

Beschreibung

Weitere Details

Inhalt

Intro
Table of Contents
Preface
Domain 1: Governance, Risk, and Compliance
Given a Set of Organizational Security Requirements, Implement the Appropriate Governance Components
Policies
Procedures
Standards
Guidelines
Security program management
Awareness and training
Communication
Reporting
Management commitment
The RACI matrix
Governance frameworks
COBIT
ITIL
Change/configuration management
Asset management life cycle
CMDB
Inventory
GRC tools
Data governance in staging environments
Production
Development
Testing
QA
Data life cycle management
Summary
Given a Set of Organizational Security Requirements, Perform Risk Management Activities
Impact analysis
Extreme but plausible scenarios
Risk assessment and management
Quantitative risk analysis
Qualitative risk analysis
Risk assessment frameworks
Appetite/tolerance
Risk prioritization
Severity impact
Remediation
Validation
Third-party risk management
Supply chain risk
Vendor risk
Subprocessor risk
Availability risk considerations
Business Continuity and Disaster Recovery (BC/DR)
BC/DR testing
Tabletop exercises
Simulation of disaster scenarios
Full-scale operational tests
Data backups
Connected backups
Disconnected backups
Best practices for backup strategies
Confidentiality risk considerations
Data leak response
Sensitive/privileged data breach
Incident response testing
Reporting
Encryption
Integrity risk considerations
Remote journaling
Hashing
Interference
Privacy risk considerations
Data subject rights
Data sovereignty
Biometrics
Crisis management
Breach response
Summary
Explain How Compliance Affects Information Security Strategies
Awareness of industry-specific compliance in cybersecurity
Healthcare
Financial
Government
Industry standards
Payment Card Industry Data Security Standard (PCI DSS)
International Organization for Standardization/International Electrotechnical Commission (ISO/IEC) 27000 series
Digital Markets Act (DMA)
Security and reporting frameworks
Benchmarks
Center for Internet Security (CIS)
Foundational best practices
Security Organization Control Type 2 (SOC 2)
National Institute of Standards and Technology Cybersecurity Framework (NIST CSF)
Cloud Security Alliance (CSA)
Audits versus assessments versus certifications
Audits
Assessments
Certifications
External versus internal
Privacy regulations
General Data Protection Regulation (GDPR)
California Consumer Privacy Act (CCPA)
General Data Protection Law (LGPD)
Children's Online Privacy Protection Act (COPPA)
Awareness of cross-jurisdictional compliance requirements
E-discovery
Legal holds
Due diligence
Due care
Export controls
Contractual obligations
Summary
Given a Scenario, Performing Threat Modeling Activities
Threat actor characteristics
Motivation
Resources
Capabilities
Attack patterns
Frameworks
MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK)
Common Attack Pattern Enumeration and Classification (CAPEC)
Cyber Kill Chain
The Diamond Model of Intrusion Analysis
STRIDE
Open Web Application Security Project (OWASP)
Attack surface determination
Architecture reviews
Data flows
Trust boundaries
Code reviews
User factors
Organizational change
Mergers
Acquisitions
Divestitures
Staffing changes
Enumeration/discovery
Internal and external facing assets
Third-party connections
Unsanctioned assets/accounts
Cloud service discovery
Public digital presence
Methods for identifying threats
Abuse cases
Antipatterns
Attack trees
Attack graphs
Modeling the applicability of threats to the organization/environment
With an existing system in place
Without an existing system in place
Summary
Summarize the Information Security Challenges Associated with AI Adoption
Legal and privacy implications
Potential misuse
Explainable versus non-explainable models
Organizational policies on the use of AI
Ethical governance
Threats to the model
Prompt injection
Unsecured output handling
Training data poisoning
Model denial of service
Supply chain vulnerabilities
Model theft
Model inversion
AI-enabled attacks
Unsecured plugin design
Deepfake
Deepfake exploits in digital media
Deepfake exploits in interactivity
AI pipeline injection
Social engineering
Automated exploit generation
Risks of AI usage
Overreliance on AI
Sensitive information disclosure to the model
Sensitive information disclosure from the model
Excessive agency of the AI
AI-enabled assistants/digital workers
Access/permissions
Guardrails
Data loss prevention
Disclosure of AI usage
Summary
Domain 2: Security Architecture
Given a Scenario, Analyze Requirements to Design Resilient Systems
Component placement and configuration
Firewalls
Firewall capability
IDSs/IPSs
Network IDS versus NIPS
Wireless IPS
Vulnerability scanner
Virtual private network (VPN)
IPsec
Network access control (NAC)
802.1X
Web application firewall (WAF)
Proxy
Forward proxy
Reverse proxy
Secure web gateway (SWG)
API gateway
Network TAPs
Data collectors
Content delivery network (CDN)
Availability and integrity design considerations
Load balancing
Recoverability
Interoperability
Geographical considerations
Vertical versus horizontal scaling
Persistence versus non-persistence
Summary
Given a Scenario, Implement Security in the Early Stages of the Systems Life Cycle and Throughout Subsequent Stages
Systems development life cycle
Security requirements definition
Functional requirements
Non-functional requirements
Security versus usability trade-off
Software assurance
Static application security testing (SAST)
Dynamic application security testing
Interactive application security testing (IAST)
Runtime application self-protection (RASP)
Comparison of different software assurance testing techniques
Vulnerability analysis
Software composition analysis
Software bill of materials (SBoM)
Formal methods
CI/CD
Coding standards and linting
Branch protection
Continuous improvement
Testing activities
Canary testing
Regression testing
Integration testing
Automated testing and retesting
Unit testing
Challenges and best practices
Supply chain risk management
Software supply chain
Hardware supply chain
Hardware assurance
Certification and validation process
EOL considerations
Summary
Given a Scenario, Integrate Appropriate Controls in the Design of a Secure Architecture
Attack surface management and reduction
Vulnerability management
Hardening
Defense-in-depth
Legacy components within an architecture
Detection and threat-hunting enablers
Centralized logging
Continuous monitoring
Alerting
Sensor placement
Information and data security design
Classification models
Data labeling
Tagging strategies
Data loss prevention
Data at rest
Data in transit
Data in use
Data discovery
Hybrid infrastructures
Third-party integrations
Control effectiveness
Assessments
Scanning
Metrics
Summary
Given a Scenario, Apply Security Concepts to the Design of Access, Authentication, and Authorization Systems
Provisioning/deprovisioning
Provisioning
Credential issuance
Self-provisioning
Deprovisioning
Best practices for provisioning and deprovisioning
Federation
OpenID Connect
OAuth
Security Assertion Markup Language (SAML)
Single sign-on
Kerberos
Conditional Access
Identity provider
Service provider
Attestations
Policy decision and enforcement points
Access control models
Role-based access control
Rule-based access control
Attribute-based access control
Mandatory access control
Discretionary access control
Logging and auditing
Public key infrastructure architecture
Certificate extensions
Certificate types
Wildcard certificates
SAN certificates
Smart card certificates
EV certificates
DV certificates
OV certificates
Code signing certificates
Client certificates
Online Certificate Status Protocol stapling
Certificate authority/registration authority
Templates
Deployment/integration approach
Access control systems
Physical access control systems
Logical access control systems
Summary
Given a Scenario, Securely Implement Cloud Capabilities in an Enterprise Environment
Cloud Access Security Broker (CASB)
API-based CASBs
Proxy-based CASB
Shadow IT detection
Shared responsibility model
CI/CD pipeline
Terraform
Ansible
Package monitoring
Container security
Container orchestration
Serverless
Serverless workloads
Serverless functions
Serverless resources
API security
Authorization
Rate limiting
Throttling
Logging and auditing
Cloud versus customer-managed security
Encryption keys
Licenses
Cloud data security considerations
Data exposure
Data leakage
Data remanence
Insecure storage resources
Cloud control strategies
Proactive controls
Detective controls
Preventative controls
Customer-to-cloud connectivity
Cloud service integration
Cloud service adoption
Summary
Given a Scenario, Integrate Zero-Trust Concepts into System Architecture Design
Continuous authorization
Context-based reauthentication
Network architecture
Segmentation
Microsegmentation
VPN and always-on VPN
API integration and validation
Asset identification, management, and attestation
Security boundaries
Data perimeters
Secure zone
System components
Deperimeterization
Secure access service edge (SASE)
Software-defined networking (SDN)
Software-defined wide area network (SD-WAN)
Defining subject-object relationships
Summary
Domain 3: Security Engineering
Given a Scenario, Troubleshoot Common Issues with Identity and Access Management (IAM) Components in an Enterprise Environment
Subject access control
User access control issues
Process access control issues
Device access control issues
Service access control issues
Biometrics access control issues
Secret management
Tokens
Certificates
Passwords
Keys
Rotation
Deletion
Conditional access
User-to-device binding
Geographic location
Time-based access control
Configuration
Attestation
Cloud IAM access and trust policies
Logging and monitoring
Privilege identity management (PIM)
Authentication and authorization
Security Assertion Markup Language (SAML)
OpenID Connect (OIDC)
Multifactor authentication (MFA)
Single sign-on (SSO)
Kerberos
Simultaneous Authentication of Equals (SAE)
Privileged access management (PAM)
Open Authorization (OAuth)
Extensible Authentication Protocol (EAP)
Identity proofing
Institute for Electrical and Electronics Engineers (IEEE) 802.1X
Federation
Summary
Given a Scenario, Analyze Requirements to Enhance the Security of Endpoint and Servers
Application control
Endpoint detection and response
EDR best practices
Event logging and monitoring
Endpoint privilege management
Attack surface monitoring and reduction
Host-based intrusion protection systems/host-based detection systems
Anti-malware
Combining detection methods
SELinux
Host-based firewall
Browser isolation
Configuration management
Mobile device management technologies
Threat actor tactics, techniques, and procedures (TTPs)
Injection attacks
Privilege escalation
Credential dumping
Unauthorized execution
Lateral movement
Credential-based lateral movement
Compromised accounts and media
File- and share-based propagation
Leveraging legitimate protocols and services
Defensive evasion
Obfuscated files or information
Masquerading
Uninstalling or disabling security software
Code signing
Timestomping
Process injection
Impairing defenses
Using rootkits
Living off the land
Summary
Given a Scenario, Troubleshoot Complex Network Infrastructure Security Issues
Network misconfigurations
Configuration drift
Routing errors
Switching errors
Insecure routing
VPN/tunnel errors
Weak or outdated encryption
Improper authentication settings
Key management issues
Split tunneling misconfigurations
Incorrect tunnel mode configuration
IPS/IDS issues
Rule misconfigurations
Lack of rules
False positives/false negatives
Placement of IPSs/IDSs
Observability
Domain Name System (DNS) security
Domain Name System Security Extensions (DNSSEC)
DNS poisoning (cache poisoning)
Sinkholing
Zone transfers
Email security
DomainKeys Identified Mail (DKIM)
Sender Policy Framework (SPF)
Domain-based message authentication, reporting, and conformance (DMARC)
Secure/Multipurpose Internet Mail Extensions (S/MIME)
Troubleshooting Transport Layer Security (TLS) errors
TLS certificate errors
Cipher mismatches
TLS versioning issues
Public key infrastructure (PKI) issues
Certificate expiration
Revoked certificates
Mismatched or incorrect key usage
Weak key length or algorithm choices
Intermediate CA configuration issues
Cryptographic implementations
Improper key management
Weak cryptographic algorithms
Vulnerabilities in cryptographic libraries
Misimplementation of encryption protocols
DoS/Distributed Denial of Service (DDoS)
Resource exhaustion
Network access control list (ACL) issues
Summary
Given a Scenario, Implement Hardware Security Technologies and Techniques
Roots of trust
Trusted platform module
Hardware security module
Virtual trusted platform module
Security coprocessors
CPU security extensions
Secure enclave
Virtual hardware
Host-based encryption
Self-encrypting drive
Secure Boot
Measured Boot
How Measured Boot works
Self-healing hardware
Tamper detection and countermeasures
Threat actor TTPs
Firmware tampering
Shimming
USB-based attacks
BIOS/UEFI attacks
Memory-based attacks
Electromagnetic interference
Electromagnetic pulse
Summary
Given a Set of Requirements, Secure Specialized and Legacy Systems Against Threats
OT
Supervisory Control and Data Acquisition (SCADA)
PLCs
Operational historian
Ladder logic
Heating, ventilation, and air conditioning (HVAC)
IoT
SoC
Understanding embedded systems
Field-programmable gate arrays (FPGAs)
Wireless technologies/radio frequency (RF)
Wi-Fi (802.11 standards)
Zigbee (the IEEE 802.15.4 standard)
Bluetooth and Bluetooth Low Energy (BLE)
LoRa
Cellular (4G/LTE/5G)
RFID
WirelessHART
ISA100.11a
Security and privacy considerations
Segmentation
Monitoring
Aggregation
Hardening
Data analytics
Environmental considerations
Regulatory compliance
Safety considerations
Safety instrumented system (SIS)
Industry-specific challenges
Utilities
Transportation
Healthcare
Manufacturing
Financial services
Government/defense
Characteristics of specialized/legacy systems
Unable to secure
Obsolete
Unsupported
Highly constrained
Summary
Given a Scenario, Use Automation to Secure the Enterprise
Scripting
PowerShell
Bash
Python
Cron/scheduled tasks
Event-based triggers
Infrastructure as code (IaC)
Configuration files
Yet Another Markup Language (YAML)
Extensible Markup Language (XML)
JavaScript Object Notation (JSON)
Tom's Obvious, Minimal Language (TOML)
Cloud APIs/software development kits (SDKs)
Amazon Web Services (AWS) SDKs and APIs for automated resource management
Google Cloud Platform (GCP) Cloud Functions API for serverless automation
Webhooks
Generative AI
Code assist
Documentation
Containerization
Automated patching
Auto-containment
Security orchestration, automation, and response (SOAR)
Vulnerability scans
Credentialed versus non-credentialed scans
Agent-based/server-based
Criticality ranking
Active versus passive scans
Security Content Automation Protocol (SCAP)
Extensible Configuration Checklist Description Format (XCCDF)
Open Vulnerability and Assessment Language (OVAL)
Common Platform Enumeration (CPE)
Common Vulnerabilities and Exposures (CVEs)
Common Vulnerability Scoring System (CVSS)
Workflow automation
Summary
Explain the Importance of Advanced Cryptographic Concepts
Post-quantum cryptography
Post-quantum vs. Diffie-Hellman and elliptic curve cryptography
Resistance to quantum computing decryption attack
Emerging implementations
Key stretching
Key splitting
Homomorphic encryption
Forward secrecy
Hardware acceleration
Envelope encryption
Performance versus security
Secure multiparty computation (SMPC or MPC)
Authenticated encryption with associated data
Mutual authentication
Summary
Given a Scenario, Apply the Appropriate Cryptographic Use Case and/or Technique
Use cases for cryptography
Data at rest
Data in transit
Data in use/processing
Secure email
Immutable databases/blockchain
Non-repudiation
Privacy applications
Legal and regulatory considerations
Resource considerations
Data sanitization
Data anonymization
Certificate-based authentication
Passwordless authentication
Software provenance
Software/code integrity
Centralized versus decentralized key management
Techniques used in cryptography
Tokenization
Code signing
Cryptographic erase/obfuscation
Digital signatures
Obfuscation
Serialization
Hashing
One-time pad
Symmetric cryptography
Asymmetric cryptography
Lightweight cryptography
Summary
Security Operations
Given a Scenario, Analyze Data to Enable Monitoring and Response Activities
Security information and event management (SIEM)
Event parsing
Event duplication
Non-reporting devices
Retention
Event false positives/false negatives
Aggregate data analysis
Correlation
Audit log reduction
Prioritization
Trends
Behavior baselines and analytics
Network behavior baselines
System behavior baselines
User behavior baselines
Application and service behavior baselines
Incorporating diverse data sources
Third-party reports and logs
Threat intelligence feeds
Vulnerability scans
CVE details
Bounty programs
Data loss prevention (DLP) data
Endpoint logs
Infrastructure device logs
Application logs
Cloud security posture management (CSPM) data
Alerting
False positives and false negatives in alerting
Alert failures and their impact
Prioritization factors for alerts
Malware detection and alerting
Vulnerability alerting
Reporting and metrics
Visualization
Dashboards
Summary
Given a Scenario, Analyze Vulnerabilities and Attacks and Recommended Solutions to Reduce the Attack Surface
Vulnerabilities and attacks
Injection
Cross-site scripting (XSS)
Unsafe memory utilization
Race conditions
Cross-Site Request Forgery (CSRF)
Server-Side Request Forgery (SSRF)
Insecure configuration
Embedded secrets
Outdated/unpatched software and libraries
End-of-Life (EOL) software
Poisoning
Directory service misconfiguration
Overflows
Deprecated functions
Vulnerable third parties
Outdated or unpatched libraries
Insecure APIs or integrations
Weak vendor security posture
Time of Check, Time of Use (TOCTOU)
Deserialization
Weak ciphers
Confused deputy
Implants
Mitigations
Input validation
Output encoding
Safe functions
Security design patterns
Updating/patching
Least privilege
Fail secure/fail safe
Secrets management
Least function/functionality
Defense-in-depth
Dependency management
Code signing
Encryption
Indexing
Allow listing
Summary
Given a Scenario, Apply Threat-Hunting and Threat Intelligence Concepts
Internal intelligence sources
Adversary emulation engagements
Internal reconnaissance
Hypothesis-based searches
Honeypots
Honeynets
User behavior analytics
External intelligence sources
Open source intelligence
Dark web monitoring
Information sharing and analysis centers (ISACs)
Reliability factors
Counterintelligence and operational security
Threat intelligence platforms
Third-party vendors
IoC sharing
STIX
TAXII
Rule-based languages
Sigma
Yet Another Recursive Acronym (YARA)
Real Intelligence Threat Analytics (RITA)
Snort
Indicators of attack
Tactics, techniques, and procedures
Summary
Given a Scenario, Analyze Data and Artifacts in Support of Incident Response Activities
Malware analysis
Detonation
IoC extraction
Sandboxing
Code stylometry
Variant matching
Code similarity
Malware attribution
Reverse engineering
Disassembly and decompilation
Binary
Byte code
Network analysis
Host analysis
Metadata analysis
Email header
Images
Audio/video
Files/filesystem
Hardware analysis
Joint Test Action Group
Data recovery and extraction
Threat response
Preparedness exercises
Timeline reconstruction
Root cause analysis
Cloud workload protection platform
Insider threat
Summary
Accessing the Online Practice Resources
Other Books You May Enjoy
Index
Coupon Code for CompTIA SecurityX Exam Vouchers
X43bae2967aac88ef295e6c37758932b7040c599
X54606a8002ce444f0ea934c3be689b84ee77ec7
Xbb10f4453d09017c920f7e461d0d336d6c6872a
X7150a30efc05cf7badfcc54c34eca3418a9cd71
X23ed41e011d75f74fdef0812b2f2f21cc6f8dc9
Xd986cec0fee8ddc5fddfc758fc8c4f0d1e0811f
Xb294564f6923885f8c30a3ff0a6dbb5f5d75f23
Xcd15ba310dad188759287d487088f75370b6af0
X982e090fc6d31a9ba5c1f49d1f0a0b26c44c01b
X4fafcd449ff3b39bee106a6200a350de7f69f0b
X8a6d337b28af40e562785add1e45521094747c5
X2711e74a6c6754e87bb5f61beabba80863b8730
X2115dea54093c62fa3c949278716e308a5250dd
X59595cb0834d2ed6415719ec9e8abf763c462cc
X766d6bd85f4086a9d5d0b5c9dd6c009d3b2f7c4
X838567e28e6daa5c6fb534cd36d64900af47d86
Xf0fd2f795387d0e0ded56f107dcbbba71d0a34a
X23fd8f40af77daf8bf3c23571bd48276e2dcc22
X64c9d005959bf9e4088dbceb6313697dd449c51
X3879cf11550090567ae9e70b9acc04f6eaa6318
X9e34f891d2242cc6df5d9b0e74027309e13d526
X15d7b4ed472d81acf82266994ad7f90ac7b8e81
X0bb4908c25cd2c8985440cce5ca2bc2b16e9105
Xcae69010d2705545e74a5fc3e11fd73645dc43f
X0552af6c17adf32a6196be878aa7d267009c371
X5f499365113d9a4c4336129ebacf3accb2a79ee
X7f690f4b91231122fcde0f37a3526d777b98047
X2391f837a6af0222af2f1270cd77aea7a047368
Xfc7912b1b7f90e081e84b6a8dfc17836ea490f4
X0afc421a2a1ad97e071d10f53112f719b186b2d
X5b8023318381e12245194721d4cf26cf2f53685
X2d6fee95483023cc4f7e6ac2dfedf5d16e86ab7
X944fd3d5f37050ce5e751938bd02e4f9d991f5b
X83dcb85e316f16aa7b37af910f8afa326af137a
Xa657f80d9ecb6cbba00f86c62cd6d72b97b4987
Xcd65d25cc51f38eae0c3480bf9a34818e225d5b
X9a08cfcf40174313ca2298188b121c008c78fe4
X733ca0663c4405cdfa0d1a6f653a153f0e718b6
Xcd97f39d8e99d2b67cfa0f769ad23d473c901fa
X5aa0f5398a67494e66b1ade8d332c3aa531975e
X8acadce4eed907620f64998b21e261418624e3e
Xbea0e1014ebf1f56b1699711e7d3c7e69ce3982
Xefa9463bcd266828780bcbd61e6d381ba42d157
Xd2c2ac05e9342a372ec7af442e1cc160a49c159
X5151cafe2a94a6f60b5cb8441ca840a633f4be0
X298d7c3a02396dc1b548f033d8ec8d46cbfbbbe
Xeea0e379bde405bc25b11b6f2b66d2e21681016
Xe243ef2e8e04a1c1ad174cbecd331b59f4196d1
X5b3da69222259a2e221dacbb85aa60208b648b0
X997cff7b76421c22be3088cf9010a0035dc621f
Xa8e3c4f5f42c4f1e0428b7a444f3cc25caa6575
Xbd5a237b0ed2d06b5859892b22274c7483be245
X1bde17cfc8aea4120907de2382b7b39c3db81fa
X4206d38c6a8860a0a8aa904eb815b91eb2a0635
X57bea0172f32d8e7625ec8d26fa830f887c13a5
X2e9a47d74dbe20a081b5e2d6076afebfd72fba1
Xadf74428caefe1c2d88d9d673fe56123117fa48
X573076250f53fa5ffa74a29abecd0ddc75666b9
Xff4d4ba4c55efe2c933311b288922cc19c8346f
X0940fe847cd7b24b10fb6f2740638f498a1a3dc
X8f1fb8058dc782caed448658d5a605b67e493d5
Xab0f3a7e73fe57e3ab061ad2c7dbfdf75525a28
Xfc4d3dfa7556115349ab72e116c31acb944b434
X72e053d308e37af23e98464a787bdc7384a0738
Xf792b72129f796dbd9c4e6dd204f1d00131bd7c
Xe00240ca1d512ec74bc7a3addd4f787b2a488f5
Xf0a9abaea01f0fe876765391d8dc2377dc584e5
X47b11cfdd8b648e26ea881d3c07ddc1c1b1cf6e
X392e7f90bd9ffc5a9f705e22cf7aefd5e513033
Xd4c5dd82a6a3d4cf7dfcd7452c4fa7eeaafe690
Xda494601715570268a8f32a9d292d4a7367c016
Xb670fd40d7966619638ebd0179b414ddc2d86b0
X6b519e8c171fb4c08d25edc8f9404a2ab68d091
Xbc1c40f2416cc4968e7c558cab8197d9c5cfb33
X94a1c50581df138540d8113a9daa9f87f732194
X6c34dc1b18fd2d098819c4554b4659cd62d1672
_Hlk198290468
OLE_LINK1
_Hlk180585791
Xf37730d21472a154540e8140d903075512eec49
X3fa8c68fd1951cb6338bafac9c8bb95f528219f
Xed6b92168979c3c00fdbbfd08b1d2f6f227996c
X82d858a74279d4f51d39b780f57ce1587470fdd
Xb305fed3788ae1676b7b5323c584bbfb6fcbcc2
Xf020c0bf4c02354dec287e455107380522955e4
Xfa82e1563424a485fddd1cbd08b2bca2c1cfbac
X9b0b3c316a46148a5cf8e58dbcae0f7c6fc83a0
X278badcafa874beca4039e4105555fcd46c7bad
X061d0a0d7ee06ec4d06882e68ce8a2a1ce7e856
X7313b72cd84d879098a8eac5d360f086a5b3300
X80beb9ee584ad1bbb456208a812d52b1c376b28
X234b13b139b50a4749a6dec88be6e1d73793339
Xc9544d0bd52467c52b85a21aab4fcd7ac46742c
Xf1359fc391576ea81ab85e3d7f291d2e67122fe
X523a20f1e26cf126eba9a07675bce7c9ba73ae2
X5a74934d31fc59603bf18f1b8b078c1824b4070
X9ca7e52d97f81f29beffe623c867a7133d3d32b
Xf5c162dd16bd35a853d3c24700bb19b9de1cdb1
Xaf8a1133d15de7e604518a19ed7e090c01ecd85
X89dafe84afa5d48a0a95e9948e2b194bab741a1
Xe1f552be9587a37b7a17d77348ddc3111b30af8
X7d618483b54aa3aff4d0648effd22743722a9ef
X596db22afe79035e742ceed46c616708bbc4a3f
X556f81055261d3097e5d6a07c81f7ae5df174f1
Xa372a003e6a44166f4a78727b15c70970058885
X0d37a1708b097ce32a24812e26d06f058d88ee5
Xf739a61fa62caf520ed42bd4f6c3fb2f582eb32
Xd5dba1bf37089e72ab57f788ac94436815d7131
X126c87057fdac93c1fa7b1994be54245c553806
X75b6217a350afc1d9b64f5d77e9ebd1ae451e35
X45b5048a243701a519ece2897dced5a12c8db75
X529b0beb86d1663cdeee1c7d947ad8fdd68d194
X924796d3d2ec7c8b9acac594968afec11582693
X4c878925e65d8897623a648a156a62977f32425
Xb84b4f41ab05f01ec34c31fea77308bebef78b2
Xf3efc3e717f602737356a2d78f04027a5396c82
X15ec14a34a235a3ee016ea50a1e52c2127c1b9a
X9b16f5d57a36d1015ba89b427af3f8f3c438696
X878bae52c5943d68b274c76b769fca23901d350
X3a1f5e9ea554bd3b6e7604e0f7dd096546c48e7
X94e876763381e744f5460ca1ce21c96e4cc0aa1
X47afb220ef155f81641c7dfabed89abaa00025d
X7e37b5dd0a4ed6d91306a054c5eebf54ee2551a
X402f47c3581fdc2c87a36f93141e2859e711f20
X0bed5173459106f143b2cc31699efed8f5fb204
Xa470da64c7ab750344c8c126f247c2c2a6496cf
X4bd47d534f559cbfe0bd781db503d218b02c4da
X54843f764244080fa247558be60880170a555bc
Xe1ab9c0ca2f4613e9e8886578f9107717754849
X38269234c553a7a93e4f01a2be8f27ad09ae281
X2f56a0112b1712201001d046a832512a8d70a01
Xa1fc56576a2c2531e01e796e1403e2b3a090ca6
X6d0821359ad59de6eca97f756aebacc73f5d9d7
_Hlk190177987
_Hlk200202651
_Hlk200306829
_Hlk175052705

Preface

The CompTIA SecurityX CAS-005 certification validates the advanced skills required to design, engineer, and implement secure enterprise-grade solutions across diverse, interconnected environments. This study guide is designed to equip cybersecurity professionals with the knowledge to proactively support resilient operations through automation, real-time monitoring, threat detection, and effective incident response. It addresses the application of security principles in complex infrastructures-whether cloud-based, on-premises, or hybrid-and emphasizes the practical integration of cryptographic methods and emerging technologies, including artificial intelligence. Throughout, the guide reinforces the importance of enterprise-wide governance, regulatory compliance, risk mitigation, and threat modeling as essential components of modern security architecture.

The CompTIA SecurityX exam is an update and rebrand of the CompTIA CASP+ (CAS-004) exam, which was retired in June 2025. The 28 objectives of the CAS-004 exam have been narrowed down to 23, and the domains have been reordered. The new weighting of the exam is shown in the following table:

Domain

Percentage of examination

1.0 Governance, Risk, and Compliance

20%

2.0 Security Architecture

27%

3.0 Security Engineering

31%

4.0 Security Operations

22%

Total

100%

Changes in this updated exam include a greater emphasis on cloud-native security, zero-trust architectures, threats from artificial intelligence, enhanced data protection regulations, and security for operational technology and internet of things (IoT) devices.

To help you best organize your study, this book has been structured to closely follow the CompTIA SecurityX domains, objectives, and concepts. The book is divided into four sections-one for each domain-and each section is split into chapters that align with the objectives as stated in the official exam outline. Each chapter has been designed to closely follow the concepts in each objective, again as stated in the outline.

In addition, there are mock exams that closely match the type of multiple-choice questions you will encounter in the actual exam, review questions to test your knowledge at the end of each chapter, flashcards to help you remember important ideas, and exam tips to support you on the day of the test.

There is also an exam voucher that gives you 12% off the cost of sitting the exam.

Who this book is for

This book is intended for experienced cybersecurity professionals preparing for the CompTIA SecurityX (CAS-005) certification, particularly those working in enterprise environments who are responsible for securing complex, hybrid infrastructures. It is especially valuable for security architects, engineers, senior analysts, and consultants seeking to deepen their knowledge of enterprise-level security operations, governance, risk management, and advanced technical controls. Candidates should already possess foundational cybersecurity knowledge (such as Security+ or equivalent experience) and be familiar with key concepts in network defense, cryptography, compliance, cloud security, and incident response. This guide is also useful for IT professionals transitioning into senior cybersecurity roles and for those involved in designing and implementing enterprise security strategies.

What this book covers

Chapter 1, Given a Set of Organizational Security Requirements, Implement the Appropriate Governance Components, explains the importance of organizational policies, security programs, governance frameworks, change management, and the importance of data governance in enterprise environments.

Chapter 2, Given a Set of Organizational Security Requirements, Perform Risk Management Activities, explores the essential risk management activities required to meet organizational security requirements, including impact analysis, risk assessment, third-party risk management, and strategies for addressing availability, confidentiality, integrity, privacy risks, crisis management, and breach response.

Chapter 3, Explain How Compliance Affects Information Security Strategies, provides a concise understanding of compliance requirements, industry standards, and security frameworks. It helps candidates distinguish between audits, assessments, and certifications, while also addressing privacy laws and cross-border data compliance challenges relevant to modern enterprise environments.

Chapter 4, Given a Scenario, Perform Threat-Modeling Activities, explores the comprehensive processes and methodologies of threat modeling, including understanding actor characteristics, attack patterns, frameworks, and methods, to effectively determine and apply threat models within an organizational environment.

Chapter 5, Summarize the Information Security Challenges Associated with Artificial Intelligence (AI) Adoption, explores the information security challenges associated with adopting artificial intelligence (AI), focusing on legal and privacy implications, threats to AI models, AI-enabled attacks, risks of AI usage, and the security of AI-enabled assistants and digital workers.

Chapter 6, Given a Scenario, Analyze Requirements to Design Resilient Systems, covers the critical process of designing resilient systems, focusing on the strategic placement and configuration of security devices and the essential considerations for ensuring system availability and integrity.

Chapter 7, Given a Scenario, Implement Security in the Early Stages of the Systems Life Cycle and Throughout Subsequent Stages, provides a comprehensive guide on implementing security measures throughout the system life cycle, from the initial stages to the end-of-life phase, ensuring robust protection against evolving threats.

Chapter 8, Given a Scenario, Integrate Appropriate Controls in the Design of a Secure Architecture, explores the integration of appropriate controls in the design of a secure architecture, emphasizing attack surface management, threat detection, data security, DLP, hybrid infrastructures, third-party integrations, and evaluating control effectiveness.

Chapter 9, Given a Scenario, Apply Security Concepts to the Design of Access, Authentication, and Authorization Systems, explores the application of security concepts in designing robust access, authentication, and authorization systems, crucial for protecting organizational resources and ensuring secure user interactions.

Chapter 10, Given a Scenario, Securely Implement Cloud Capabilities in an Enterprise Environment, explores the critical strategies and technologies required to safeguard cloud infrastructures, emphasizing practical approaches to leveraging cloud services while maintaining robust security postures.

Chapter 11, Given a Scenario, Integrate Zero Trust Concepts into System Architecture Design, explains how to apply Zero Trust principles to system architecture, emphasizing continuous authorization, context-based reauthentication, secure network architecture, API integration, asset management, security boundaries, deperimeterization, and defining subject-object relationships.

Chapter 12, Given a Scenario, Troubleshoot Common Issues with Identity and Access Management (IAM) Components in an Enterprise Environment, explains how to set about troubleshooting common issues with identity and access management (IAM) components in an enterprise environment, providing practical insights and solutions for maintaining secure and efficient IAM operations.

Chapter 13, Given a Scenario, Analyze Requirements to Enhance the Security of Endpoints and Servers, delves into strategies and techniques for analyzing and improving the security of endpoints and servers, covering application control, EDR, event logging, privilege management, and more, to ensure robust protection against evolving threats.

Chapter 14, Given a Scenario, Troubleshoot Complex Network Infrastructure Security Issues, covers advanced techniques for identifying and resolving security issues within network infrastructures, covering misconfigurations, IPS/IDS complications, DNS security, and more, equipping professionals with essential troubleshooting skills.

Chapter 15, Given a Scenario, Implement Hardware Security Technologies and Techniques, explains the implementation of hardware...

Systemvoraussetzungen

Als PDF speichern Als Link merken