Overview
-
Learn about the security engineering and cryptography topics you need to know to pass the CompTIA Advanced Security Practitioner+ (CASP+) (CAS-004) exam.
Syllabus
-
Introduction
- Welcome
- About the exam
- Enterprise mobility
- Enterprise mobility management
- WPA3
- Connectivity options
- Security configurations
- DNS protection
- Deployment options
- Reconnaissance concerns
- Mobile security
- Endpoint security controls
- Device hardening
- Patching
- Security settings
- Mandatory access controls (MAC)
- Secure boot
- Hardware encryption
- Endpoint protections
- Logging and monitoring
- Resiliency
- Cloud technologies
- Business continuity and disaster recovery
- Cloud encryption
- Serverless computing
- Software-defined networking (SDN)
- Log collection and analysis
- Cloud application security broker
- Cloud misconfigurations
- Operational technologies
- Embedded systems
- ICS and SCADA
- ICS protocols
- Industries and sectors
- Hashing and symmetric algorithms
- Hashing
- Message authentication
- Symmetric algorithms
- Stream ciphers
- Block ciphers
- Asymmetric algorithms
- Using asymmetric algorithms
- SSL, TLS, and cipher suites
- S/MIME and SSH
- EAP
- IPSec
- Elliptic curve cryptography (ECC)
- Forward secrecy
- Authenticated encryption with associated data (AEAD)
- Key stretching
- Public key infrastructure
- PKI components
- Digital certificates
- Using digital certificates
- Trust models
- Certificate management
- Certificate validity: CRL and OCSP
- Protecting web traffic
- Troubleshooting certificates
- Troubleshooting keys
- Conclusion
