Introduction

The CASP+ certification was developed by the Computer Technology Industry Association (CompTIA) to provide an industry-wide means of certifying the competency of security professionals who have a minimum of 10 years' general hands-on IT experience with at least 5 years' hands-on IT security experience. The security professional's job is to protect the confidentiality, integrity, and availability of an organization's valuable information assets. As such, these individuals need to have the ability to apply critical thinking and judgment.

According to CompTIA, the CASP+ certification is a vendor-neutral credential. CASP+ validates advanced-level security skills and knowledge internationally. There is no prerequisite, but CASP+ certification is intended to follow CompTIA Network+, Security+, CySA+, Cloud+, and PenTest+ or equivalent certifications/experience and has a technical, "hands-on" focus at the enterprise level.

Many certification books present material for you to memorize before the exam, but this book goes a step further in that it offers best practices, tips, and hands-on exercises that help those in the field of security better protect critical assets, build defense in depth, and accurately assess risk.

If you're preparing to take the CASP+ exam, it is a good idea to find out as much information as possible about computer security practices and techniques. Because this test is designed for those with years of experience, you will be better prepared by having the most hands-on experience possible; this study guide was written with this in mind. We have included hands-on exercises, real-world scenarios, and review questions at the end of each chapter to give you some idea as to what the exam is like. You should be able to answer at least 90 percent of the test questions in this book correctly before attempting the exam; if you're unable to do so, reread the problematic chapters and try the questions again. Your score should improve.

Before You Begin the CompTIA CASP+ Certification Exam

Before you begin studying for the exam, it's good for you to know that the CASP+ certification is offered by CompTIA (an industry association responsible for many certifications) and is granted to those who obtain a passing score on a single exam. Before you begin studying for the exam, learn all you can about the certification.

A list of the CASP+ CAS-004 exam objectives is presented in this introduction. See the section "The CASP+ Exam Objective Map."

Obtaining CASP+ certification demonstrates that you can help your organization design and maintain system and network security services to secure the organization's assets. By obtaining CASP+ certification, you show that you have the technical knowledge and skills required to conceptualize, design, and engineer secure solutions across complex enterprise environments.

Who Should Read This Book

The CompTIA CASP+ Study Guide: Exam CAS-004, Fourth Edition, is designed to give you insight into the working world of IT security, and it describes the types of tasks and activities that a security professional with 5-10 years of experience carries out. Organized classes and study groups are the ideal structures for obtaining and practicing with the recommended equipment.

College classes, training classes, and boot camps are recommended ways to gain proficiency with the tools and techniques discussed in the book. However, nothing delivers hands-on learning like experiencing your own attempts, successes, and mistakes-on a home lab. More on home labs later.

What You Will Learn

This CompTIA CASP+ Study Guide covers all you need to know to pass the CASP+ exam. The exam is based on exam objectives, and this study guide is based on the current iteration of the CASP+ exam, version CAS-004.

Per the CASP+ CompTIA objectives for exam version CAS-004, the four domains include the following:

• Domain 1.0 Security Architecture
• Domain 2.0 Security Operations
• Domain 3.0 Security Engineering and Cryptography
• Domain 4.0 Governance, Risk, and Compliance

Each of these four domains further divide into objectives. For example, the fourth domain, "Governance, Risk, and Compliance," is covered across three objectives:

• 4.1 Given a set of requirements, apply the appropriate risk strategies.
• 4.2 Explain the importance of managing and mitigating vendor risk.
• 4.3 Explain compliance frameworks and legal considerations, and their organizational impact.
• 4.4 Explain the importance of business continuity and disaster recovery concepts.

These objectives read like a job task, but they are more akin to a named subset of knowledge. Many subobjectives and topics are found under each objective. These are listed hierarchically, ranging from 20 to 50 topics per objective. Yes, that's a lot of topics when you add it all up. In short, there is a lot of material to cover. Next, we address how the book tackles it all.

How This Book Is Organized

Remember how we just explained the CASP+ exam is based on domains and objectives? Your goal for exam preparation is essentially to cover all of those subobjectives and topics. That was our goal, too, in writing this study guide, so that's how we structured this book-around the same exam objectives, specifically calling out every subobjective and topic. If a topic or phrase from the exam objectives list isn't specifically called out, the concepts and understanding behind that topic or phrase are discussed thoroughly in the relevant chapters.

Nonetheless, CompTIA didn't structure the exam objectives to make for good reading or an easy flow. It would be simple to tell you that each chapter correlates exactly to two or three objectives. Instead, the book is laid out to create a balance between a relevant flow of information for learning and relatable coverage of the exam objectives. This book structure then serves to be most helpful for identifying and filling any knowledge gaps that you might have in a certain area and, in turn, best prepare you for the exam.

Extra Bits

Beyond what the exam requires, there is of course some "added value" in the form of tips, notes, stories, and URLs where you can go for additional information online. This is typical for the Sybex study guide format. The extra bits are obviously set apart from the study guide text, and they can be enjoyed as you wish. In most cases, URLs will point to a recent news event related to the topic at hand, a link to the cited regulation, or the site where a tool can be downloaded. If a particular concept interests you, you are encouraged to follow up with that article or URL. What you will learn in this study guide is exactly what you need to know to prepare for the CASP+ certification exam. What you will learn from those tips, notes, and URLs is additional context in which the topic at hand may be better understood. Next, we discuss what you should already have in order to be successful when learning from this book.

Requirements: Practice and Experience

To be most successful in reading and learning from this book, you will need to bring something to the table yourself, that is, your experience.

Experience

You're preparing to take one of CompTIA's most advanced certification exams. CompTIA's website associates the CASP+ exam with the SANS Institute GIAC Certified Enterprise Defender (GCED) exam, as only these two exams focus on "cybersecurity practitioner skills" at an advanced level. In comparison, the Certified Information Systems Security Professional (CISSP) and Certified Information Security Manager (CISM) exams focus on cybersecurity management skills.

The CASP+ exam covers a very wide range of information security topics. Understandably, the range is as wide as the range of information security job disciplines. As each of us grows from a junior level to the higher-level, technical lead roles, the time we spend working in one specialty area overshadows our exposure to other specialties. For example, three senior security practitioners working as an Active Directory engineer, a malware reverse engineer, and a network administrator might be highly skilled in their respective jobs yet have only a simple understanding of each other's roles. The exam topics include specific techniques and technologies that would be familiar to people who have held lead roles in the corresponding area of information security. Someone with experience in one or more technical areas has a great advantage, and that experience will benefit the candidate studying from this book and taking the CASP+ exam.

Last, CompTIA's recommended level of experience is a minimum of 10 years of general hands-on IT experience, including at least five years of hands-on technical security experience. If you have the five years, it is very likely that you have had at least minimal exposure to or understanding of most topics covered, enough for you to benefit from reading this book.

Practice

Given that the certification's title includes the word practitioner, you are expected to have, or be capable of building, a home lab for yourself. This does not mean that you need a 42U rack full of servers and network hardware in the basement (though it might bring up a lot of excitement at home). A home lab can be as simple as having one or two...