CASP+ CompTIA Advanced Security Practitioner Study Guide

Name: CASP+ CompTIA Advanced Security Practitioner Study Guide | Exam CAS-003
Brand: Wiley
Price: 38.99 EUR
Availability: OnlineOnly

Exam CAS-003

Jeff T. Parker Michael Gregg(Autor*in)

Wiley (Verlag)

3. Auflage

Erschienen am 23. Januar 2019

688 Seiten

E-Book

ePUB mit Adobe-DRM

Systemvoraussetzungen

978-1-119-47767-9 (ISBN)

38,99 €inkl. 7% MwSt.

Systemvoraussetzungen

für ePUB mit Adobe-DRM

E-Book Einzellizenz

Als Download verfügbar

Beschreibung

Comprehensive coverage of the new CASP+ exam, with hands-on practice and interactive study tools

The CASP+ CompTIA Advanced Security Practitioner Study Guide: Exam CAS-003, Third Edition, offers invaluable preparation for exam CAS-003. Covering 100 percent of the exam objectives, this book provides expert walk-through of essential security concepts and processes to help you tackle this challenging exam with full confidence. Practical examples and real-world insights illustrate critical topics and show what essential practices look like on the ground, while detailed explanations of technical and business concepts give you the background you need to apply identify and implement appropriate security solutions. End-of-chapter reviews help solidify your understanding of each objective, and cutting-edge exam prep software features electronic flashcards, hands-on lab exercises, and hundreds of practice questions to help you test your knowledge in advance of the exam.

The next few years will bring a 45-fold increase in digital data, and at least one third of that data will pass through the cloud. The level of risk to data everywhere is growing in parallel, and organizations are in need of qualified data security professionals; the CASP+ certification validates this in-demand skill set, and this book is your ideal resource for passing the exam.

* Master cryptography, controls, vulnerability analysis, and network security

* Identify risks and execute mitigation planning, strategies, and controls

* Analyze security trends and their impact on your organization

* Integrate business and technical components to achieve a secure enterprise architecture

CASP+ meets the ISO 17024 standard, and is approved by U.S. Department of Defense to fulfill Directive 8570.01-M requirements. It is also compliant with government regulations under the Federal Information Security Management Act (FISMA). As such, this career-building credential makes you in demand in the marketplace and shows that you are qualified to address enterprise-level security concerns. The CASP+ CompTIA Advanced Security Practitioner Study Guide: Exam CAS-003, Third Edition, is the preparation resource you need to take the next big step for your career and pass with flying colors.

Weitere Details

Weitere Ausgaben

Inhalt

Introduction

The CASP+ certification was developed by the Computer Technology Industry Association (CompTIA) to provide an industry-wide means of certifying the competency of security professionals who have 10 years' experience in IT administration and at least 5 years' hands-on technical experience. The security professional's job is to protect the confidentiality, integrity, and availability of an organization's valuable information assets. As such, these individuals need to have the ability to apply critical thinking and judgment.

According to CompTIA, the CASP+ certification "is a vendor-neutral credential." CASP+ validates "advanced-level security skills and knowledge" internationally. There is no prerequisite, but "CASP+ certification is intended to follow CompTIA Security+ or equivalent experience and has a technical, 'hands-on' focus at the enterprise level."

Many certification books present material for you to memorize before the exam, but this book goes a step further in that it offers best practices, tips, and hands-on exercises that help those in the field of security better protect critical assets, build defense in depth, and accurately assess risk.

If you're preparing to take the CASP+ exam, it is a good idea to find out as much information as possible about computer security practices and techniques. Because this test is designed for those with years of experience, you will be better prepared by having the most hands-on experience possible; this study guide was written with this in mind. We have included hands-on exercises, real-world scenarios, and review questions at the end of each chapter to give you some idea as to what the exam is like. You should be able to answer at least 90 percent of the test questions in this book correctly before attempting the exam; if you're unable to do so, reread the problematic chapters and try the questions again. Your score should improve.

Before You Begin the CompTIA CASP+ Certification Exam

Before you begin studying for the exam, it's good for you to know that the CASP+ exam is offered by CompTIA (an industry association responsible for many certifications) and is granted to those who obtain a passing score on a single exam. Before you begin studying for the exam, learn all you can about the certification.

A detailed list of the CASP+ CAS-003 (2018 Edition) exam objectives is presented in this Introduction. See the section "The CASP+ (2018 Edition) Exam Objective Map."

Obtaining CASP+ certification demonstrates that you can help your organization design and maintain system and network security services designed to secure the organization's assets. By obtaining CASP+ certification, you show that you have the technical knowledge and skills required to conceptualize, design, and engineer secure solutions across complex enterprise environments.

Who Should Read This Book

The CASP+ CompTIA Advanced Security Practitioner Study Guide: Exam CAS-003, 3rd Edition, is designed to give you the insight into the working world of IT security, and it describes the types of tasks and activities that a security professional with 5-10 years of experience carries out. Organized classes and study groups are the ideal structures for obtaining and practicing with the recommended equipment.

College classes, training classes, and boot camps are recommended ways to gain proficiency with the tools and techniques discussed in the book. However, nothing delivers hands-on learning like experiencing your own attempts, successes, and mistakes-on a home lab. More on home labs later.

What You Will Learn

This CASP+ CompTIA Advanced Security Practitioner Study Guide covers all you need to know in order to pass the CASP+ exam. The exam is based on exam objectives, and this study guide is based on the current iteration of the CASP+ exam, version CAS-003.

The latest exam version was first released in April 2018 and, if the CASP+ exam version life cycle follows the same pattern as most CompTIA exams, the CAS-003 version will remain current for about three years.

Per the CASP+ CompTIA objectives for exam version CAS-003, the five domains include the following:

Risk Management
Enterprise Security Architecture
Enterprise Security Operations
Technical Integration of Enterprise Security
Research, Development, and Collaboration

Each of these five domains further divide into 3-5 objectives. For example, the third domain, "Enterprise Security Operations," is covered across three objectives:

3.1 Given a scenario, conduct a security assessment using the appropriate methods.
3.2 Analyze a scenario or output, and select the appropriate tool for a security assessment.
3.3 Given a scenario, implement incident response and recovery procedures.

These objectives read like a job task, but they are more akin to a named subset of knowledge. Many subobjectives and topics are found under each objective. These are listed hierarchically, ranging from 20 to 50 topics per objective. Yes, that's a lot of topics when you add it all up. In short, there is a lot of material to cover. Next, we address how the book tackles it all.

How This Book Is Organized

Remember how we just explained the CASP+ exam is based on domains and objectives? Your goal for exam preparation is essentially to cover all of those subobjectives and topics. Those was our goal, too, in writing this study guide, so that's how we structured this book-around the same exam objectives, specifically calling out every subobjective and topic. If a topic or phrase from the exam objectives list isn't specifically called out, the concepts and understanding behind that topic or phrase are discussed thoroughly in the relevant chapter(s).

Nonetheless, CompTIA didn't structure the exam objectives to make for good reading or an easy flow. It would be simple to tell you that each chapter correlates exactly to two or three objectives. Instead, the book is laid out to create a balance between a relevant flow of information for learning and relatable coverage of the exam objectives. This book structure then serves to be most helpful for identifying and filling any knowledge gaps that you might have in a certain area and, in turn, best prepare you for the exam.

Extra Bits

Beyond what the exam requires, there is of course some "added value" in the form of tips, notes, stories, and URLs where you can go for additional information online. This is typical for the Sybex study guide format. The extra bits are obviously set apart from the study guide text, and they can be enjoyed as you wish. In most cases, URLs will point to a recent news event related to the topic at hand, a link to the cited regulation, or the site where a tool can be downloaded. If a particular concept interests you, you are encouraged to follow up with that article or URL. What you will learn in this study guide is exactly what you need to know to prepare for the CASP+ certification exam. What you will learn from those tips, notes, and URLs is additional context in which the topic at hand may be better understood. Next, we discuss what you should already have in order to be successful when learning from this book.

Requirements: Practice and Experience

To be most successful in reading and learning from this book, you will need to bring something to the table yourself; that is, your experience.

Experience

You're preparing to take one of CompTIA's most advanced certification exams. On CompTIA's website, they associate the CASP+ exam with the SANS Institute GIAC Certified Enterprise Defender (GCED) exam, as only these two exams focus on "cybersecurity practitioner skills" at an advanced level. In comparison, the CISSP and CISM exams focus on cybersecurity management skills.

The CASP+ exam covers a very wide range of information security topics. Understandably, the range is as wide as the range of information security job disciplines. As each of us grows from a junior level to the higher-level, technical lead roles, the time we spend working in one specialty area overshadows our exposure to other specialties. For example, three senior security practitioners working as an Active Directory engineer, a malware reverse engineer, and a network administrator might be highly skilled in their respective jobs yet have only a simple understanding of each other's roles. The exam topics include specific techniques and technologies, which would be familiar to people who have held lead roles in the corresponding area of information security. Someone with experience in one or more technical areas has a great advantage, and that experience will benefit the candidate studying from this book and taking the CASP+ exam.

Last, CompTIA's recommended level of experience is "a minimum of ten years of experience in IT administration, including at least five years of hands-on technical security experience." If you have the five years, it is very likely that you have had at least minimal exposure to or understanding of most topics covered, enough for you to benefit from reading this book.

Practice

Given that the certification's...

Systemvoraussetzungen

Als PDF speichern Als Link merken