People used these CompTIA dumps to get 100% marks


it is unbelieveable, however CAS-002 real questions are availabe right here.

CAS-002 exam answers | CAS-002 model question | CAS-002 test sample | CAS-002 practice test | CAS-002 bootcamp - bigdiscountsales.com



CAS-002 - CompTIA Advanced Security Practitioner (CASP) - Dump Information

Vendor : CompTIA
Exam Code : CAS-002
Exam Name : CompTIA Advanced Security Practitioner (CASP)
Questions and Answers : 532 Q & A
Updated On : November 13, 2017
PDF Download Mirror : CAS-002 Brain Dump
Get Full Version : Pass4sure CAS-002 Full Version


Try these Actual test questions for CAS-002 exam.

I passed. proper, the examination become tough, so I simply got past it attributable to killexams.com Q&A and examSimulator. i am upbeat to document that I passed the CAS-002 examination and feature as of past due obtained my statement. The framework inquiries were the component i was most harassed over, so I invested hours honing on thekillexams.com exam simulator. It beyond any doubt helped, as consolidated with distinct segments.

Start preparing these CAS-002 questions answers and chillout.

The killexams.com Questions & solutions made me effective enough to break up this examination. I endeavored 90/ninety five questions in due time and exceeded effectively. I never considered passing. a lot obliged killexams.com for help me in passing the CAS-002. With a complete time paintings and an authentic diploma readiness aspect by way of side made me greatly occupied to equip myself for the CAS-002 exam. by one method or every other I came to reflect onconsideration on killexams.

I feel very confident by preparing CAS-002 actual test questions.

i might probably advise it to my companions and accomplices. I got 360 of imprints. i used to be enchanted with the results I were given with the assist study manual CAS-002 exam route cloth. I generally idea authentic and extensive researchwere the reaction to any or all exams, until I took the assistance of killexams.com brain sell off to pass my exam CAS-002. extraordinarily satisfy.

Found an accurate source for real CAS-002 Actual Questions.

Im inspired to look the feedback that CAS-002 braindump is up to date. The modifications are very new and that i did no longer anticipate to discover them everywhere. I just took my first CAS-002 examination so this one can be the following step. Gonna order soon.

Do you know the fastest manner to clear CAS-002 examination? i have were given it.

i used to be a lot disappointed in the ones days due to the fact I didnt any time to prepare for CAS-002 examination prep because of my a few each day routine paintings I ought to spend maximum time at the way, a long distance from my domestic to my paintings region. i used to be so much concerned about CAS-002 examination, due to the fact time is so near, then in the future my pal informed approximately killexams, that turned into the flip to my life, the answer of my all troubles. I should do my CAS-002 exam prep at the way easily through the use of my computer and killexams.com is so dependable and extremely good.

I sense very assured through preparing CAS-002 present day Braindumps.

I have been using the killexams.com for a while to all my exams. Last week, I passed with a great score in the CAS-002 exam by using the Q&A study resources. I had some doubts on topics, but the material cleared all my doubts. I have easily found the solution for all my doubts and issues. Thanks for providing me the solid and reliable material. It is the best product as I know.

Just try these real questions and success is yours.

I efficiently comprehended the troublesome themes like shipping Competence and content material expertise effectsfrom killexams. I correctly score ninety% marks. All credits to killexams.com. i used to be looking for a reference guidewhich helped me in planning for the CAS-002 examination. My occupied calendar simply permitted me to extra time of twohours by using one approach or another. through booking and deciding to buy the killexams.com Questions/solutionsand examination simulaotr, I were given it at my entryway mission internal one week and commenced planning.

amazed to peer CAS-002 real questions!

i am over the moon to mention that I exceeded the CAS-002 exam with ninety two% rating. killexams.com Questions & answers notes made the entire issue substantially easy and clean for me! maintain up the notable work. inside the wake of perusing your direction notes and a chunk of practice structure exam simulator, i used to be efficiently ready to bypass the CAS-002 examination. clearly, your direction notes in reality supported up my actuality. a few topics like instructor conversation and Presentation abilties are achieved very nicely.

Observed maximum CAS-002 Questions in braindumps that I prepared.

I dont feel alone during exams anymore because I have a wonderful study partner in the form of this killexams. Not only that but I also have teachers who are ready to guide me at any time of the day. This same guidance was given to me during my exams and it didnt matter whether it was day or night, all my queries were answered. I am very thankful to the teachers here for being so nice and friendly and helping me in clearing my very tough exam with CAS-002 study material and CAS-002 study and yes even CAS-002 self study is awesome.

I got CAS-002 certified in 2 days preparation.

To get success in CAS-002 exam. people believe that a student must possess sharp mind. Although it is true but it is not entirely true since along with the student, the coach or the instructor must also be well qualified and educated. I feel blessed that I was acquainted with this Killexams.com where I met such great educators who taught me how to clear my CAS-002 test and got me through them with a breeze. I thank them with the bottom of my heart.

See more CompTIA dumps

FC0-U41 | TK0-201 | EK0-001 | LX0-104 | SK0-004 | JK0-801 | PK0-003 | PD0-001 | SK0-003 | N10-006 | JK0-023 | CS0-001 | JK0-U11 | 220-902 | JK0-022 | CV0-001 | CLO-001 | 220-901 | CD0-001 | FC0-U51 | FC0-U11 | ISS-001 | PK0-004 | JK0-019 | MB0-001 | SY0-401 | JK0-802 | CAS-002 | CN0-201 | JK0-U21 | JK0-U31 | LX0-103 | FC0-TS1 |

Latest Exams added on bigdiscountsales

1Z0-453 | 210-250 | 300-210 | 500-205 | 500-210 | 70-765 | 9A0-409 | C2010-555 | C2090-136 | C9010-260 | C9010-262 | C9020-560 | C9020-568 | C9050-042 | C9050-548 | C9050-549 | C9510-819 | C9520-911 | C9520-923 | C9520-928 | C9520-929 | C9550-512 | CPIM-BSP | C_TADM70_73 | C_TB1200_92 | C_TBW60_74 | C_TPLM22_64 | C_TPLM50_95 | DNDNS-200 | DSDPS-200 | E20-562 | E20-624 | E_HANABW151 | E_HANAINS151 | JN0-1330 | JN0-346 | JN0-661 | MA0-104 | MB2-711 | NSE6 | OMG-OCRES-A300 | P5050-031 |

See more dumps on bigdiscountsales

HP0-J33 | 00M-664 | C4040-224 | 648-244 | 000-956 | MSC-121 | 9A0-039 | ST0-086 | 642-415 | C2090-463 | 642-885 | MB2-704 | CCA-500 | 77-881 | 000-048 | HP0-096 | 70-564-CSharp | 920-352 | 510-888 | 000-540 | 000-575 | HP2-N31 | MOS-EXP | C9550-512 | 00M-241 | 650-754 | HP2-Z37 | 156-410-12 | A00-205 | JN0-346 | 000-559 | 050-v70-CSEDLPS02 | A2040-403 | 310-812 | 1V0-604 | 100-105 | 000-371 | HP2-005 | 000-N01 | 005-002 | 000-N19 | LOT-800 | 00M-657 | 000-107 | NS0-111 | 1Z0-460 | Adwords-Reporting | 1Z0-066 | HP2-Z30 | LOT-803 |

CAS-002 Questions and Answers


QUESTION: 517

A security engineer is a new member to a configuration board at the request of management. The company has two new major IT projects starting this year and wants to plan security into the application deployment. The board is primarily concerned with the applications’ compliance with federal assessment and authorization standards. The security engineer asks for a timeline to determine when a security assessment of both applications should occur and does not attend subsequent configuration board meetings. If the security engineer is only going to perform a security assessment, which of the following steps in system authorization has the security engineer omitted? (Select TWO).

  1. Establish the security control baseline to be assessed
  2. Build the application according to software development security standards
  3. Write the systems functionality requirements into the security requirements traceability matrix
  4. Review the results of user acceptance testing
  5. Categorize the applications according to use
  6. Consult with the stakeholders to determine which standards can be omitted

Answer: A, E


QUESTION: 518

Company XYZ is building a new customer facing website which must access some corporate resources. The company already has an internal facing web server and a separate server supporting an extranet to which suppliers have access. The extranet web server is located in a network DMZ. The internal website is hosted on a laptop on the internal corporate network. The internal network does not restrict traffic between any internal hosts. Which of the following locations will BEST secure both the intranet and the customer facing website?

  1. The existing internal network segment
  2. Dedicated DMZ network segments
  3. The existing extranet network segment
  4. A third-party web hosting company

Answer: B


QUESTION: 519

A security analyst is tasked to create an executive briefing, which explains the activity and motivation of a cyber adversary. Which of the following is the MOST important content for the brief for management personnel to understand?

  1. Threat actor types, threat actor motivation, and attack tools
  2. Unsophisticated agents, organized groups, and nation states
  3. Threat actor types, attack sophistication, and the anatomy of an attack
  4. Threat actor types, threat actor motivation, and the attack impact

Answer: D


QUESTION: 520

Ann, a systems engineer, is working to identify an unknown node on the corporate network. To begin her investigative work, she runs the following nmap command string: user@hostname:~$ sudo nmap –O 192.168.1.54
Based on the output, nmap is unable to identify the OS running on the node, but the following ports are open on the device:
TCP/22 TCP/111 TCP/512-514 TCP/2049 TCP/32778
Based on this information, which of the following operating systems is MOST likely running on the unknown node?

  1. Linux
  2. Windows
  3. Solaris
  4. OSX

Answer: C


QUESTION: 521

After a security incident, an administrator would like to implement policies that would help reduce fraud and the potential for collusion between employees. Which of the following would help meet these goals by having co-workers occasionally audit another worker's position?

  1. Least privilege
  2. Job rotation
  3. Mandatory vacation
  4. Separation of duties

Answer: B


QUESTION: 522

A company wishes to purchase a new security appliance. A security administrator has extensively researched the appliances, and after presenting security choices to the company’s management team, they approve of the proposed solution. Which of the following documents should be constructed to acquire the security appliance?

  1. SLA
  2. RFQ
  3. RFP
  4. RFI

Answer: B


QUESTION: 523

A system administrator needs to meet the maximum amount of security goals for a new DNS infrastructure. The administrator deploys DNSSEC extensions to the domain names and infrastructure. Which of the following security goals does this meet? (Select TWO).

  1. Availability
  2. Authentication
  3. Integrity
  4. Confidentiality
  5. Encryption

Answer: B, C


QUESTION: 524

An intruder was recently discovered inside the data center, a highly sensitive area. To gain access, the intruder circumvented numerous layers of physical and electronic security measures. Company leadership has asked for a thorough review of physical security controls to prevent this from happening again. Which of the following departments are the MOST heavily invested in rectifying the problem? (Select THREE).

  1. Facilities management
  2. Human resources
  3. Research and development
  4. Programming
  5. Data center operations
  6. Marketing
  7. Information technology

Answer: A, E, G


QUESTION: 525

A company is in the process of outsourcing its customer relationship management system to a cloud provider. It will host the entire organization’s customer database. The database will be accessed by both the company’s users and its customers. The procurement department has asked what security activities must be performed for the deal to proceed. Which of the following are the MOST appropriate security activities to be performed as part of due diligence? (Select TWO).
  1. Physical penetration test of the datacenter to ensure there are appropriate controls.
  2. Penetration testing of the solution to ensure that the customer data is well protected.
  3. Security clauses are implemented into the contract such as the right to audit.
  4. Review of the organizations security policies, procedures and relevant hosting certifications.
  5. Code review of the solution to ensure that there are no back doors located in the software.

Answer: C, D


QUESTION: 526

A new web based application has been developed and deployed in production. A security engineer decides to use an HTTP interceptor for testing the application. Which of the following problems would MOST likely be uncovered by this tool?

  1. The tool could show that input validation was only enabled on the client side
  2. The tool could enumerate backend SQL database table and column names
  3. The tool could force HTTP methods such as DELETE that the server has denied
  4. The tool could fuzz the application to determine where memory leaks occur

Answer: A


QUESTION: 527

During a recent audit of servers, a company discovered that a network administrator, who required remote access, had deployed an unauthorized remote access application that communicated over common ports already allowed through the firewall. A network scan showed that this remote access application had already been installed on one third of the servers in the company. Which of the following is the MOST appropriate action that the company should take to provide a more appropriate solution?

  1. Implement an IPS to block the application on the network
  2. Implement the remote application out to the rest of the servers
  3. Implement SSL VPN with SAML standards for federation
  4. Implement an ACL on the firewall with NAT for remote access

Answer: C


QUESTION: 528

The helpdesk department desires to roll out a remote support application for internal use on all company computers. This tool should allow remote desktop sharing, system log gathering, chat, hardware logging, inventory management, and remote registry access. The risk management team has been asked to review vendor responses to the RFQ. Which of the following questions is the MOST important?
  1. What are the protections against MITM?
  2. What accountability is built into the remote support application?
  3. What encryption standards are used in tracking database?
  4. What snapshot or “undo” features are present in the application?
  5. What encryption standards are used in remote desktop and file transfer functionality?

Answer: B


QUESTION: 529

The Chief Executive Officer (CEO) has asked the IT administrator to protect the externally facing web server from SQL injection attacks and ensure the backend database server is monitored for unusual behavior while enforcing rules to terminate unusual behavior. Which of the following would BEST meet the CEO’s requirements?

  1. WAF and DAM
  2. UTM and NIDS
  3. DAM and SIEM
  4. UTM and HSM
  5. WAF and SIEM

Answer: A


QUESTION: 530

A security officer is leading a lessons learned meeting. Which of the following should be components of that meeting? (Select TWO).

  1. Demonstration of IPS system
  2. Review vendor selection process
  3. Calculate the ALE for the event
  4. Discussion of event timeline
  5. Assigning of follow up items

Answer: D, E


QUESTION: 531

The helpdesk manager wants to find a solution that will enable the helpdesk staff to better serve company employees who call with computer-related problems. The helpdesk staff is currently unable to perform effective troubleshooting and relies on callers to describe their technology problems. Given that the helpdesk staff is located within the company headquarters and 90% of the callers are telecommuters, which of the following tools should the helpdesk manager use to make the staff more effective at troubleshooting while at the same time reducing company costs? (Select TWO).

  1. Web cameras
  2. Email
  3. Instant messaging
  4. BYOD
  5. Desktop sharing
  6. Presence

Answer: C, E


QUESTION: 532

A company has decided to move to an agile software development methodology. The company gives all of its developers security training. After a year of agile, a management review finds that the number of items on a vulnerability scan has actually increased since the methodology change. Which of the following best practices has MOST likely been overlooked in the agile implementation?

  1. Penetration tests should be performed after each sprint.
  2. A security engineer should be paired with a developer during each cycle.
  3. The security requirements should be introduced during the implementation phase.
  4. The security requirements definition phase should be added to each sprint.

Answer: D


CompTIA CAS-002 Exam (CompTIA Advanced Security Practitioner (CASP)) Detailed Information

CAS-002 - CompTIA Advanced Security Practitioner (CASP)


CAS-002 Test Objectives


CompTIA Advanced
Security Practitioner Certification
Exam Objectives

EXAM NUMBER: CAS-002

About the Exam
The CompTIA Advanced Security Practitioner (CASP) CAS-002 certification is a vendor-neutral credential. The CASP exam is an internationally targeted validation of advanced-level security skills and knowledge. Candidates are encouraged to use this document to help prepare for the CASP exam, which measures necessary skills for IT security professionals. Successful candidates will have the knowledge required to:
  • Conceptualize, engineer, integrate and implement secure solutions across complex environments
  • Apply critical thinking and judgment across a broad spectrum of security disciplines to propose and implement sustainable security solutions that map to organizational strategies
  • Translate business needs into security requirements
  • Analyze risk impact
  • Respond to security incidents
    These content examples are meant to clarify the test objectives and should not be construed as a comprehensive listing of all the content of this examination.
    EXAM ACCREDITATION
    CASP is accredited by ANSI to show compliance with the ISO 17024 Standard and, as such, undergoes regular reviews and updates to the exam objectives.

    TEST DETAILS
    Required exam CASP CAS-002 Number of questions Maximum of 90
    Types of questions Multiple choice and performance-based Length of test 165 minutes
    Recommended experience Ten years of experience in IT administration, including at least
    five years of hands-on technical security experience
    Passing score CASP CAS-002: Pass/Fail only. No scaled score.
    EXAM OBJECTIVES (DOMAINS)
    The table below lists the domains measured by this examination and the extent to which they are represented:

    DOMAIN PERCENTAGE OF EXAMINATION

    1.0 Enterprise Security
    30%
    2.0 Risk Management and Incident Response
    20%
    3.0 Research and Analysis
    18%
    4.0 Integration of Computing, Communications

    and Business Disciplines
    16%
    5.0 Technical Integration of Enterprise Components
    16%
    Total
    100%
    1.0 Enterprise Security

    1.1

    Given a scenario, select appropriate cryptographic concepts and techniques.
    • Techniques
      • Key stretching
      • Hashing
      • Code signing
      • Pseudorandom number generation
      • Perfect forward secrecy
      • Transport encryption
      • Data-at-rest encryption
      • Digital signature
    • Concepts
      • Entropy
      • Diffusion
      • Confusion
      • Non-repudiation
      • Confidentiality
      • Integrity
        • Chain of trust, root of trust
        • Cryptographic applications and proper/improper implementations
        • Advanced PKI concepts
          • Wild card
          • OCSP vs. CRL
          • Issuance to entities
          • Users
          • Systems
          • Applications
          • Key escrow
        • Steganography
        • Implications of cryptographic methods and design
          • Stream
          • Block
            • Modes
            • ECB
            • CBC
            • CFB
            • OFB
            • Known flaws/weaknesses
            • Strength vs. performance vs. feasibility to implement
              vs. interoperability
    • Implementations
      • DRM
      • Watermarking
      • GPG
      • SSL
      • SSH
      • S/MIME

        1.2

        Explain the security implications associated with enterprise storage.
    • Storage types
      • Virtual storage
      • Cloud storage
      • Data warehousing
      • Data archiving
      • NAS
      • SAN
      • vSAN
    • Storage protocols
      • iSCSI
      • FCoE
      • NFS, CIFS
    • Secure storage management
      • Multipath
      • Snapshots
      • Deduplication
      • Dynamic disk pools
      • LUN masking/mapping
      • HBA allocation
      • Offsite or multisite replication
        • Encryption
          • Disk
          • Block
          • File
          • Record
          • Port

        1.3

        Given a scenario, analyze network and security components, concepts and architectures.

        - NextGen firewalls

        - Remote access
        - IPS
        switches and other network devices
        - VPN
        - Passive vulnerability scanners
        - Transport security
        - SSH
        - DAM
        - Trunking security
        - RDP

        - Route protection
        - VNC
        security components

        - SSL
        - Switches
        - Data flow enforcement
        - IPv6 and associated
        - Firewalls
        - DMZ
        transitional technologies
        - Wireless controllers
        - Separation of critical assets
        - Transport encryption
        - Routers

        - Network authentication methods
        - Proxies
        - Quarantine/remediation
        - 802.1x


        - Mesh networks
        solutions for data flow
        network-enabled devices

        - SSL inspection
        - Building automation systems
        - UTM
        - Network flow data
        - IP video
        - NIPS

        - HVAC controllers
        - NIDS
        networking and security components
        - Sensors
        - INE
        - ACLs
        - Physical access control systems
        - SIEM
        - Change monitoring
        - A/V systems
        - HSM
        - Configuration lockdown
        - Scientific/industrial equipment
        - Placement of devices
        - Availability controls

        - Application and protocol

        Control and Data Acquisition (SCADA)/
        aware technologies

        Industrial Control Systems (ICS)
        - WAF


        • Advanced network design (wired/wireless)
        • Advanced configuration of routers,
        • Virtual networking and
        • Security zones
        • Network access control
        • Complex network security
        • Operational and consumer
        • Security devices
        • Secure configuration and baselining of
        • Critical infrastructure/Supervisory
        • Software-defined networking
        • Cloud-managed networks
        • Network management and
        monitoring tools

        1.4

        Given a scenario, select and troubleshoot security controls for hosts.
        • Trusted OS (e.g., how and when to use it)
        • Endpoint security software
          • Anti-malware
          • Antivirus
          • Anti-spyware
          • Spam filters
          • Patch management
          • HIPS/HIDS
          • Data loss prevention
          • Host-based firewalls
          • Log monitoring
        • Host hardening
          • Standard operating environment/ configuration baselining
            - Application whitelisting and blacklisting
          • Security/group policy implementation
          • Command shell restrictions
          • Patch management
          • Configuring dedicated interfaces
            • Out-of-band NICs
            • ACLs
            • Management interface
            • Data interface
        • Peripheral restrictions
          • USB
          • Bluetooth
          • Firewire
        • Full disk encryption
        • Security advantages and disadvantages of virtualizing servers
          • Type I
          • Type II
          • Container-based
        • Cloud augmented security services
          • Hash matching
            • Antivirus
            • Anti-spam
            • Vulnerability scanning
          • Sandboxing
            • Content filtering
        • Boot loader protections
          • Secure boot
          • Measured launch
          • Integrity Measurement Architecture (IMA)
          • BIOS/UEFI
        • Vulnerabilities associated with
          co-mingling of hosts with different security requirements
          • VM escape
          • Privilege elevation
          • Live VM migration
          • Data remnants
        • Virtual Desktop Infrastructure (VDI)
        • Terminal services/application delivery services
        • TPM
        • VTPM
        • HSM

        1.5

        Differentiate application vulnerabilities and select appropriate security controls.
        • Web application security design considerations
          • Secure: by design, by default, by deployment
        • Specific application issues
          • Cross-Site Request Forgery (CSRF)
          • Click-jacking
          • Session management
          • Input validation
          • SQL injection
          • Improper error and exception handling
          • Privilege escalation
          • Improper storage of sensitive data
          • Fuzzing/fault injection
          • Secure cookie storage and transmission
          • Buffer overflow
          • Memory leaks
          • Integer overflows
          • Race conditions
            • Time of check
            • Time of use
          • Resource exhaustion
          • Geo-tagging
          • Data remnants
  • Application sandboxing
  • Application security frameworks
    • Standard libraries
    • Industry-accepted approaches
    • Web services security (WS-security)
  • Secure coding standards
  • Database Activity Monitor (DAM)
  • Web Application Firewalls (WAF)
  • Client-side processing vs. server-side processing
    • JSON/REST
    • Browser extensions
      • ActiveX
      • Java Applets
      • Flash
    • HTML5
    • AJAX
    • SOAP
    • State management
    • JavaScript
    2.0 Risk Management and Incident Response

    2.1

    Interpret business and industry influences and explain associated security risks.
    • Risk management of new products, new technologies and user behaviors
    • New or changing business models/strategies
      • Partnerships
      • Outsourcing
      • Cloud
      • Merger and demerger/divestiture
    • Security concerns of integrating diverse industries
      • Rules
      • Policies
      • Regulations
      • Geography
    • Ensuring third-party providers have requisite levels of information security
    • Internal and external influences
      • Competitors
      • Auditors/audit findings
      • Regulatory entities
    • Internal and external client requirements
    • Top level management
    • Impact of de-perimeterization (e.g., constantly changing network boundary)
      • Telecommuting
      • Cloud
      • BYOD
      • Outsourcing

        2.2

        Given a scenario, execute risk mitigation planning, strategies and controls.
        • Classify information types into levels of CIA based on organization/industry
        • Incorporate stakeholder input into CIA decisions
        • Implement technical controls based on CIA requirements and policies of the organization
        • Determine aggregate score of CIA
        • Extreme scenario planning/ worst case scenario
        • Determine minimum required security controls based on aggregate score
        • Conduct system specific risk analysis
        • Make risk determination
          • Magnitude of impact
            • ALE
            • SLE
          • Likelihood of threat
            • Motivation
            • Source
            • ARO
            • Trend analysis
          • Return On Investment (ROI)
          • Total cost of ownership
        • Recommend which strategy should be applied based on risk appetite
          • Avoid
          • Transfer
          • Mitigate
          • Accept
        • Risk management processes
          • Exemptions
          • Deterrance
          • Inherent
          • Residual
        • Enterprise security architecture frameworks
        • Continuous improvement/monitoring
        • Business continuity planning
        • IT governance

        2.3

        2.0 Risk Management and Incident Response
        Compare and contrast security, privacy policies and procedures based on organizational requirements.
    • Policy development and updates in light of new business, technology, risks and environment changes
    • Process/procedure development and updates in light of policy, environment and business changes
    • Support legal compliance and advocacy by partnering with HR, legal, management and other entities
    • Use common business documents to support security
      • Risk assessment (RA)/ Statement Of Applicability (SOA)
      • Business Impact Analysis (BIA)
      • Interoperability Agreement (IA)
      • Interconnection Security Agreement (ISA)
      • Memorandum Of Understanding (MOU)
      • Service Level Agreement (SLA)
      • Operating Level Agreement (OLA)
      • Non-Disclosure Agreement (NDA)
      • Business Partnership Agreement (BPA)
    • Use general privacy principles for sensitive information (PII)
  • Support the development of policies that contain
    • Separation of duties
    • Job rotation
    • Mandatory vacation
    • Least privilege
    • Incident response
    • Forensic tasks
    • Employment and termination procedures
    • Continuous monitoring
    • Training and awareness for users
    • Auditing requirements and frequency

    2.4

    Given a scenario, conduct incident response and recovery procedures.
    • E-discovery
      • Electronic inventory and asset control
      • Data retention policies
      • Data recovery and storage
      • Data ownership
      • Data handling
      • Legal holds
    • Data breach
      • Detection and collection
        • Data analytics
      • Mitigation
        • Minimize
        • Isolate
      • Recovery/reconstitution
      • Response
      • Disclosure
  • Design systems to facilitate incident response
    • Internal and external violations
      • Privacy policy violations
      • Criminal actions
      • Insider threat
      • Non-malicious threats/ misconfigurations
    • Establish and review system, audit and security logs
  • Incident and emergency response
    • Chain of custody
    • Forensic analysis of compromised system
    • Continuity Of Operation Plan (COOP)
    • Order of volatility
      3.0 Research, Analysis and Assessment

      3.1

      Apply research methods to determine industry trends and impact to the enterprise.
      • Perform ongoing research
        • Best practices
        • New technologies
        • New security systems and services
        • Technology evolution (e.g., RFCs, ISO)
      • Situational awareness
        • Latest client-side attacks
        • Knowledge of current vulnerabilities and threats
        • Zero-day mitigating controls and remediation
      - Emergent threats and issues
      • Research security implications of new business tools
        • Social media/networking
        • End user cloud storage
        • Integration within the business
      • Global IA industry/community
        • Computer Emergency Response Team (CERT)
        • Conventions/conferences
        • Threat actors
      - Emerging threat sources/ threat intelligence
      • Research security requirements for contracts
        • Request For Proposal (RFP)
        • Request For Quote (RFQ)
        • Request For Information (RFI)
        • Agreements

          3.2

          Analyze scenarios to secure the enterprise.
      • Create benchmarks and compare to baselines
      • Prototype and test multiple solutions
      • Cost benefit analysis
        • ROI
        • TCO
      • Metrics collection and analysis
      • Analyze and interpret trend data to anticipate cyber defense needs
      • Review effectiveness of existing security controls
      • Reverse engineer/deconstruct existing solutions
      • Analyze security solution attributes to ensure they meet business needs
        • Performance
        • Latency
        • Scalability
        • Capability
        • Usability
        • Maintainability
        • Availability
        • Recoverability
      • Conduct a lessons-learned/ after-action report
      • Use judgment to solve difficult problems that do not have a best solution

        3.3

        Given a scenario, select methods or tools appropriate to conduct an assessment and analyze results.
      • Tool type
        • Port scanners
        • Vulnerability scanners
        • Protocol analyzer
        • Network enumerator
        • Password cracker
        • Fuzzer
        • HTTP interceptor
        • Exploitation tools/frameworks
        • Passive reconnaissance and intelligence gathering tools
          • Social media
          • Whois
          • Routing tables
      • Methods
        • Vulnerability assessment
        • Malware sandboxing
        • Memory dumping, runtime debugging
          • Penetration testing
          • Black box
          • White box
          • Grey box
          • Reconnaissance
          • Fingerprinting
          • Code review
          • Social engineering
            4.0 Integration of Computing, Communications and Business Disciplines

            4.1

            Given a scenario, facilitate collaboration across diverse business units to achieve security goals.
      • Interpreting security requirements and goals to communicate with stakeholders from other disciplines
        • Sales staff
        • Programmer
        • Database administrator
        • Network administrator
      • Management/executive management
      • Financial
      • Human resources
      • Emergency response team
      • Facilities manager
      • Physical security manager
  • Provide objective guidance and impartial recommendations to staff and senior management on security processes and controls
  • Establish effective collaboration within teams to implement secure solutions
  • IT governance

    4.2

    Given a scenario, select the appropriate control to secure communications and collaboration solutions.
    • Security of unified collaboration tools
      • Web conferencing
      • Video conferencing
      • Instant messaging
      • Desktop sharing
      • Remote assistance
      • Presence
        • Email
        • Telephony
          • VoIP
        • Collaboration sites
          • Social media
          • Cloud-based
    • Remote access
    • Mobile device management
      • BYOD
    • Over-the-air technologies concerns

      4.3

      Implement security activities across the technology life cycle.
    • End-to-end solution ownership
      • Operational activities
      • Maintenance
      • Commissioning/decommissioning
      • Asset disposal
      • Asset/object reuse
      • General change management
    • Systems development life cycle
      • Security System Development Life Cycle (SSDLC)/Security Development Lifecycle (SDL)
      • Security Requirements Traceability Matrix (SRTM)
      • Validation and acceptance testing
      • Security implications of agile, waterfall and spiral software development methodologies
    • Adapt solutions to address emerging threats and security trends
    • Asset management (inventory control)
      • Device tracking technologies
        - Geo-location/GPS location
        • Object tracking and containment technologies
          • Geo-tagging/geo-fencing
          • RFID
5.0 Technical Integration
of Enterprise Components

5.1

5.2

Given a scenario, integrate hosts, storage, networks and applications into a secure enterprise architecture.
  • Secure data flows to meet
- Vulnerabilities associated with a
  • Logical deployment diagram and
changing business needs
single physical server hosting
corresponding physical deployment
  • Standards
multiple companies’ virtual machines
diagram of all relevant devices
- Open standards
- Vulnerabilities associated with
  • Secure infrastructure design (e.g., decide
- Adherence to standards
a single platform hosting multiple
where to place certain devices/applications)
- Competing standards
companies’ virtual machines
  • Storage integration (security considerations)
- Lack of standards
- Secure use of on-demand/
  • Enterprise application integration enablers
- De facto standards
elastic cloud computing
- CRM
  • Interoperability issues
- Data remnants
- ERP
- Legacy systems/current systems
- Data aggregation
- GRC
- Application requirements
- Data isolation
- ESB
- In-house developed vs. commercial
- Resources provisioning
- SOA
vs. commercial customized
and deprovisioning
- Directory services
  • Technical deployment models
- Users
- DNS
(outsourcing/insourcing/
- Servers
- CMDB
managed services/partnership)
- Virtual devices
- CMS
- Cloud and virtualization
- Applications

considerations and hosting options
- Securing virtual environments, services,

- Public
applications, appliances and equipment

- Private
- Design considerations during mergers,

- Hybrid
acquisitions and demergers/divestitures

- Community
- Network secure segmentation

- Multi-tenancy
and delegation

- Single tenancy


Given a scenario, integrate advanced authentication and authorization technologies to support enterprise objectives.
  • Authentication
    • Certificate-based authentication
    • Single sign-on
  • Authorization
    • OAUTH
    • XACML
    • SPML
  • Attestation
  • Identity propagation
  • Federation
    • SAML
    • OpenID
    • Shibboleth
    • WAYF
  • Advanced trust models
    • RADIUS configurations
    • LDAP
    • AD
CASP Acronyms
The following is a list of acronyms that appear on the CASP exam. Candidates are encouraged to review the complete list and attain a working knowledge of all listed acronyms as a part of a comprehensive exam preparation program.
ACRONYM
SPELLED OUT
ACRONYM
SPELLED OUT
3DES
Triple Digital Encryption Standard
CIRT
Computer Incident Response Team
AAA
Authentication, Authorization and Accounting
CISO
Chief Information Security Officer
AAR
After Action Report
CLI
Command Line Interface
ACL
Access Control List
CMDB
Configuration Management Database
AD
Active Directory
CMS
Content Management System
AES
Advanced Encryption Standard
COOP
Continuity Of Operations
AH
Authentication Header
CORS
Cross-Origin Resource Sharing
AIDE
Advanced Intrusion Detection Environment
COTS
Commercial Off-The-Shelf
AJAX
Asynchronous JAVA And XML
CRC
Cyclical Redundancy Check
ALE
Annualized Loss Expectancy
CredSSP
Credential Security Support Provider
AP
Access Point
CRL
Certification Revocation List
API
Application Programming Interface
CRM
Customer Resource Management
APT
Advanced Persistent Threats
CSP
Cryptographic Service Provider
ARO
Annualized Rate of Occurrence
CSRF
Cross-Site Request Forgery
ARP
Address Resolution Protocol
CVE
Collaborative Virtual Environment
AUP
Acceptable Use Policy
DAC
Discretionary Access Control
AV
Antivirus
DAM
Database Activity Monitoring
BCP
Business Continuity Planning
DDoS
Distributed Denial of Service
BGP
Border Gateway Protocol
DEP
Data Execution Prevention
BIOS
Basic Input/Output System
DES
Digital Encryption Standard
BPA
Business Partnership Agreement
DHCP
Dynamic Host Configuration Protocol
BPM
Business Process Management
DLL
Dynamic Link Library
CA
Certificate Authority
DLP
Data Loss Prevention
CaaS
Communication as a Service
DMZ
Demilitarized Zone
CAC
Common Access Card
DNS
Domain Name Service (Server)
CAPTCHA
Completely Automated Public Turning test to tell
DOM
Document Object Model

Computers and Humans Apart
DoS
Denial of Service
CASB
Cloud Access Security Broker
DRP
Disaster Recovery Plan
CBC
Cipher Block Chaining
DSA
Digital Signature Algorithm
CCMP
Counter-mode/CBC-Mac Protocol
EAP
Extensible Authentication Protocol
CCTV
Closed-Circuit Television
ECB
Event Control Block
CERT
Computer Emergency Response Team
ECC
Elliptic Curve Cryptography
CFB
Cipher Feedback
EFS
Encrypted File System
CHAP
Challenge Handshake Authentication Protocol
ELA
Enterprise License Agreement
CIA
Confidentiality, Integrity and Availability
EMI
Electromagnetic Interference
CIFS
Common Internet File System
ESA
Enterprise Security Architecture
ESB
Enterprise Service Bus
JSON
JavaScript Object Notation
ESP
Encapsulated Security Payload
JWT
JSON Web Token
EV
Extended Validation (Certificate)
KDC
Key Distribution Center
FCoE
Fiber Channel over Ethernet
KVM
Keyboard, Video, Mouse
FDE
Full Disk Encryption
LAN
Local Area Network
FIM
File Integrity Monitoring
L2TP
Layer 2 Tunneling Protocol
FTP
File Transfer Protocol
LDAP
Lightweight Directory Access Protocol
GPG
GNU Privacy Guard
LEAP
Lightweight Extensible Authentication Protocol
GPU
Graphic Processing Unit
LOB
Line Of Business
GRC
Governance, Risk and Compliance
LTE
Long-Term Evolution
GRE
Generic Routing Encapsulation
LUN
Logical Unit Number
GUI
Graphical User Interface
MaaS
Monitoring as a Service
HBA
Host Bus Adapter
MAC
Mandatory Access Control
HDD
Hard Disk Drive
MAC
Media Access Control or
HIDS
Host-based Intrusion Detection System

Message Authentication Code
HIPS
Host-based Intrusion Prevention System
MAN
Metropolitan Area Network
HMAC
Hashed Message Authentication Code
MBR
Master Boot Record
HOTP
HMAC-based One-Time Password
MD5
Message Digest 5
HSM
Hardware Security Module
MDF
Main Distribution Frame
HSTS
HTTP Strict Transport Security
MDM
Mobile Device Management
HVAC
Heating, Ventilation and Air Conditioning
MEAP
Mobile Enterprise Application Platform
IaaS
Infrastructure as a Service
MFD
Multifunction Device
ICMP
Internet Control Message Protocol
MITM
Man In The Middle
ICS
Industrial Control System
MOA
Memorandum Of Agreement
IDF
Intermediate Distribution Frame
MOU
Memorandum Of Understanding
IdM
Identity Management
MPLS
Multiprotocol Label Switching
IdP
Identity Provider
MSCHAP
Microsoft Challenge Handshake
IDS
Intrusion Detection System

Authentication Protocol
IETF
Internet Engineering Task Force
MSS
Managed Security Service
IKE
Internet Key Exchange
MTA
Message Transfer Agent
IM
Instant Messaging
MTBF
Mean Time Between Failure
IMAP
Internet Message Access Protocol
MTD
Maximum Tolerable Downtime
INE
Inline Network Encryptor
MTTR
Mean Time To Recovery
IOC
Input/Output Controller
MTU
Maximum Transmission Unit
IP
Internet Protocol
NAC
Network Access Control
IPS
Intrusion Prevention Systems
NAS
Network Attached Storage
IPSec
Internet Protocol Security
NAT
Network Address Translation
IR
Incident Response
NDA
Non-Disclosure Agreement
IRC
Internet Relay Chat
NFS
Network File System
IS-IS
Intermediate System to Intermediate System
NIDS
Network-based Intrusion Detection System
ISA
Interconnection Security Agreement
NIPS
Network-based Intrusion Prevention System
ISAC
Information Sharing Analysis Center
NIST
National Institute of Standards and Technology
iSCSI
Internet Small Computer System Interface
NLA
Network Level Authentication
ISMS
Information Security Management System
NOS
Network Operating System
ISP
Internet Service Provider
NSP
Network Service Provider
IV
Initialization Vector
NTFS
New Technology File System
NTLM
New Technology LANMAN
ROI
Return On Investment
NTP
Network Time Protocol
RPO
Recovery Point Objective
OCSP
Online Certificate Status Protocol
RSA
Rivest, Shamir and Adleman
OFB
Output Feedback
RTO
Recovery Time Objective
OLA
Operating Level Agreement
RTP
Real-time Transport Protocol
OS
Operating System
S/MIME
Secure/Multipurpose Internet Mail Extensions
OSI
Open Systems Interconnection
SaaS
Software as a Service
OSPF
Open Shortest Path First
SAML
Security Assertions Markup Language
OTP
One-Time Password
SAN
Subject Alternative Name or Storage Area Network
OVAL
Open Vulnerability Assessment Language
SAS
Statement on Auditing Standards
OWASP
Open Web Application Security Project
SATCOM
Satellite Communications
P2P
Peer to Peer
SCADA
Supervisory Control And Data Acquisition
PaaS
Platform as a Service
SCAP
Security Content Automation Protocol
PACS
Physical Access Control Server
SCEP
Simple Certificate Enrollment Protocol
PAP
Password Authentication Protocol
SCP
Secure Copy
PAT
Port Address Translation
SCSI
Small Computer System Interface
PBKDF2
Password-Based Key Derivation Function 2
SDL
Security Development Life Cycle
PBX
Private Branch Exchange
SDLC
Software Development Life Cycle
PCI-DSS
Payment Card Industry Data Security Standard
SDLM
Software Development Life Cycle Methodology
PDP
Policy Distribution Point
SELinux
Security Enhanced Linux
PEAP
Protected Extensible Authentication Protocol
SFTP
Secure File Transfer Protocol
PEP
Policy Enforcement Point
SHA
Secure Hashing Algorithm
PFS
Perfect Forward Secrecy
SIEM
Security Information Event Management
PGP
Pretty Good Privacy
SIM
Subscriber Identity Module
PII
Personal Identifiable Information
SIP
Session Initiation Protocol
PIP
Policy Information Point
SLA
Service Level Agreement
PKI
Public Key Infrastructure
SLE
Single Loss Expectancy
PLC
Programmable Logical Controller
SMB
Server Message Block
POTS
Plain Old Telephone Service
SMS
Short Message Service
PPP
Point-to-Point Protocol
SMTP
Simple Mail Transfer Protocol
PPTP
Point-to-Point Tunneling Protocol
SNAT
Secure Network Address Translation
PSK
Pre-Shared Key
SNMP
Simple Network Management Protocol
QA
Quality Assurance
SOA
Service Oriented Architecture or Start Of Authority
QoS
Quality of Service
SOAP
Simple Object Access Protocol
R&D
Research and Development
SOC
Security Operations Center or
RA
Recovery Agent or Registration Authority

Service Organization Controls
RAD
Rapid Application Development
SOE
Standard Operating Environment
RADIUS
Remote Authentication Dial-In User Server
SOP
Same Origin Policy
RAID
Redundant Array of Inexpensive/Independent Disks
SOW
Statement Of Work
RAS
Remote Access Server
SOX
Sarbanes-Oxley Act
RBAC
Role-Based Access Control or
SP
Service Provider

Rule-Based Access Control
SPIM
Spam Over Internet Messaging
REST
Representational State Transfer
SPIT
Spam over Internet Telephony
RFC
Request For Comments
SPML
Service Provisioning Markup Language
RFI
Request For Information
SRTM
Security Requirements Traceability Matrix
RFP
Request For Proposal
SRTP
Secure Real-Time Protocol
RFQ
Request For Quote
SSD
Solid State Drive
SSDLC
Security System Development Life Cycle
VDI
Virtual Desktop Infrastructure
SSH
Secure Shell
VLAN
Virtual Local Area Network
SSID
Service Set Identifier
VM
Virtual Machine
SSL
Secure Sockets Layer
VMFS
Virtual Memory File System
SSO
Single Sign-On
VNC
Virtual Network Connection
SSP
Storage Service Provider
VoIP
Voice over IP
TACACS
Terminal Access Controller Access Control System
VPN
Virtual Private Network
TCO
Total Cost of Ownership
VRRP
Virtual Router Redundancy Protocol
TCP/IP
Transmission Control Protocol/Internet Protocol
vSAN
Virtual Storage Area Network
TKIP
Temporal Key Integrity Protocol
VTC
Video Teleconferencing
TLS
Transport Layer Security
VTPM
Virtual TPM
TOS
Type Of Service
WAF
Web Application Firewall
TOTP
Time-based One-Time Password
WAP
Wireless Access Point
TPM
Trusted Platform Module
WAYF
Where Are You From
TSIG
Transaction Signature Interoperability Group
WEP
Wired Equivalent Privacy
TTR
Time To Restore
WIDS
Wireless Intrusion Detection System
UAC
User Access Control
WIPS
Wireless Intrusion Prevention System
UAT
User Acceptance Testing
WPA
Wireless Protected Access
UDDI
Universal Description Discovery and Integration
WRT
Work Recovery Time
UDP
User Datagram Protocol
WSDL
Web Services Description Language
UEFI
Unified Extensible Firmware Interface
WWN
World Wide Name
UPS
Uninterruptable Power Supply
XACML
eXtensible Access Control Markup Language
URL
Universal Resource Locator
XHR
XMLHttpRequest
USB
Universal Serial Bus
XMPP
eXtensible Messaging and Presence
UTM
Unified Threat Management
XSS
Cross-Site Scripting
VaaS
Voice as a Service


CASP Proposed Hardware and Software List
CompTIA has included this sample list of hardware and software to assist candidates as they prepare for the CASP exam. This list may also be helpful for training companies who wish to create a lab component to their training offering. The bulleted lists below each topic are a sample list and not exhaustive.

EQUIPMENT

  • Laptops
  • Basic server hardware (email server/ active directory server, trusted OS)
  • Basic NAS/SAN
  • Tokens
  • Mobile devices
  • Switches (managed switch) - IPv6 capable
  • Router - IPv6 capable
  • Gateway
  • Firewall
  • VoIP
  • Proxy server
  • Load balancer
  • NIPS
  • HSM
  • Access points
  • Crypto-cards
  • Smart cards
  • Smart card reader
  • Biometric devices

    SPARE HARDWARE

  • Keyboards
  • Cables
  • NICs
  • Power supplies
  • External USB flash drives

    TOOLS

  • Spectrum analyzer
  • Vulnerability scanner
  • Antennas
  • Network mapper
  • Protocol analyzer

    SOFTWARE

  • Virtualized appliances (firewall, IPS, SIEM solution, RSA authentication, Asterisk PBX)
  • Packets Sniffer
  • Windows
  • Linux
  • VMware player/virtualbox
  • Vulnerability assessment tools
  • Port scanner
  • SSH and Telnet utilities
  • Threat modeling tool
  • Host IPS
  • Helix software
  • Kali
  • Remediation software
  • Open VAS
  • Pentest suite
  • Metasploit
  • GNS
  • Honeypot software

    OTHER

  • Sample logs
  • Sample network traffic (packet capture)
  • Sample organizational structure
  • Sample network documentation
  • Broadband Internet connection
  • 3G/4G and/or hotspot
© 2016 CompTIA Properties, LLC, used under license by CompTIA Certifications, LLC. All rights reserved. All certification programs and education related to such programs are operated exclusively by CompTIA Certifications, LLC. CompTIA is a registered trademark of CompTIA Properties, LLC in the U.S. and internationally. Other brands and company names mentioned herein may be trademarks or service marks of CompTIA Properties, LLC or of their respective owners. Reproduc- tion or dissemination prohibited without written consent of CompTIA Properties, LLC. Printed in the U.S. 03081-Feb2016

Comments

  1. I have attempted many exams but for none of them I got so useful material like CompTIA LX0-104 real exam dumps. It was available at very affordable price so I downloaded it hurriedly. I memorized CompTIA LX0-104 questions and answers thoroughly and appeared in the final exam with full confidence. If anyone wants passing guarantee then go to realexamdumps.com.

    ReplyDelete
  2. CAS-002 exam is hard like a nutshell but CompTIA CAS-002 Dumps made my attempt easy with very informative questions and answers series. I memorized all the questions and answers and got ready for the exam. I am thankful to Realexamdumps for offering online practice test which boosted my performance and gave me confidence. All the questions were very easy in the final after preparing from CAS-002 dumps.

    ReplyDelete
  3. There was no material as trustworthy as CS0-001 Exam Dumps so I downloaded this study guide without a second thought. I learned all the queries and answers and was capable to answer all the queries in the exam. CS0-001 Dumps PDF made me qualified to pass my CompTIA Exam by the first attempt.

    ReplyDelete
  4. While preparing for my IT exam, it was required to take help from a proper study material. For this purpose, I downloaded CompTIA CAS-002 dumps from Exam4Help.com and easily aced my IT certification. The experts who designed CompTIA CAS-002 PDF file not only guided but also kept me updated with any exam news during my preparation.

    ReplyDelete
  5. CAS-002 dumps proved to be a very valuable study material for me during my IT exam preparation. This short study guide gave me very apposite information that encompassed all aspects of the field. I was so convenient to study from PDF CAS-002 exam study guide. I am fully satisfied with this stuff and suggest all my colleagues to use it.

    ReplyDelete
  6. I was not having a lot of time to get ready for my CompTIA Advanced Security Practitioner test that made me stressed. At that point I was prescribed by one of my companions to utilize CAS-002 dumps online test engine for ensured achievement. I downloaded this minimized guide and began readiness which was done before the test. I was certain about my exhibition as I had rehearsed through training tests. I owe uncommon gratitude to the specialists on Exam4lead.com who guided earnestly and merciful.

    https://www.exam4lead.com/comptia.html

    ReplyDelete
  7. I have just completed the CompTIA CAS-002 training course and now I am able to review various preparation materials before meeting the CompTIA certification exam from DumpsOwner.com

    https://www.dumpsowner.com/comptia/cas-002-exam-dumps.html

    ReplyDelete

Post a Comment

Popular posts from this blog

CompTIA SY0-501 Dumps and Practice Tests with Real Questions

Don't Miss these CompTIA SY0-501 Dumps

Pass4sure SY0-501 Practice Tests with Real Questions