Overview
-
Learn about the security operations topics you need to know to pass the CompTIA Advanced Security Practitioner+ (CASP+) (CAS-004) exam.
Syllabus
-
Introduction
- Welcome
- About the exam
- Threat and vulnerability management
- Threat intelligence
- Threat hunting
- Intelligence collection
- Threat actors
- Threat management frameworks
- Vulnerability management activities
- Security Content Automation Protocol
- Vulnerability assessments
- Penetration test
- Pen test steps
- Pen test requirements
- Code analysis
- Protocol analysis
- Analysis utilities
- Risk reduction
- Deceptive technologies
- Security data analytics
- Preventative controls
- Application controls
- Security automation
- Physical security
- Analyzing vulnerabilities
- Race conditions
- Buffer overflows
- Authentication and references
- Ciphers and certificates
- Improper headers
- Software composition
- Vulnerable web applications
- Attacking vulnerabilities
- Directory traversals
- Cross-Site Scripting (XSS)
- Cross-site request forgery (CSRF)
- SQL injections
- XML injections
- Other injection attacks
- Authentication bypass
- VM attacks
- Network attacks
- Social engineering
- Indicators of compromise
- Types of IoCs
- PCAP files
- NetFlow
- Logs
- IoC notifications
- Response to IoCs
- Incident response
- Triage
- Communication plan
- Stakeholder management
- Incident response process
- Playbooks
- Digital forensics
- Forensic process
- Chain of custody
- Order of volatility
- Forensic analysis
- Digital forensic tools
- Forensic workstations
- File carving tools
- Binary analysis tools
- Forensic analysis tools
- Imaging tools
- Collection tools
- Conclusion
