{"product_id":"casp-comptia-advanced-security-practitioner-study-guide-exam-cas004-fourth-edition-9781119803164","title":"CASP CompTIA Advanced Security Practitioner Study","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003ePrepare to succeed in your new cybersecurity career with the challenging and sought-after CASP+ credential In the newly updated Fourth Edition ofCASP+ CompTIA Advanced Security Practitioner Study Guide Exam CAS-004,risk management and compliance expert Jeff Parker walks you through critical security topicsand hands-on labsdesigned to prepare you for thenew CompTIA Advanced Security Professional exam and a career in cybersecurityimplementation.Contentand chapter structure ofthisFourtheditionwasdeveloped and restructuredtorepresenttheCAS-004ExamObjectives. From operations and architecture concepts, techniques and requirements torisk analysis, mobile and small-form factor device security, secure cloud integration, and cryptography,you'lllearn the cybersecurity technical skills you'll need tosucceed on the new CAS-004 exam, impress interviewers during your job search, and excel in your new career in cybersecurity implementation. This comprehensive book offers: Efficient preparation for a challengingand rewarding career in implementing specific solutions within cybersecurity policies and frameworksA robust grounding in thetechnicalskills you'll need toimpress duringcybersecurityinterviewsContent delivered through scenarios,a strongfocusof theCAS-004ExamAccess to an interactive online test bank and study tools, including bonus practice exam questions, electronic flashcards, and a searchable glossary of keyterms Perfect for anyonepreparing for the CASP+ (CAS-004) exam and a new career in cybersecurity,CASP+ CompTIA Advanced Security Practitioner Study Guide Exam CAS-004is also an ideal resource for current IT professionalswantingtopromotetheir cybersecurity skills or prepare for acareer transition into enterprise cybersecurity.\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTable of Contents\u003c\/b\u003e\u003cbr\u003e\u003cp\u003eIntroduction xxv\u003c\/p\u003e \u003cp\u003eAssessment Test xxxv\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 1 Risk Management 1\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eRisk Terminology 4\u003c\/p\u003e \u003cp\u003eThe Risk Assessment Process 6\u003c\/p\u003e \u003cp\u003eAsset Identification 6\u003c\/p\u003e \u003cp\u003eInformation Classification 8\u003c\/p\u003e \u003cp\u003eRisk Assessment 9\u003c\/p\u003e \u003cp\u003eRisk Assessment Options 14\u003c\/p\u003e \u003cp\u003eImplementing Controls 16\u003c\/p\u003e \u003cp\u003ePolicies Used to Manage Employees 17\u003c\/p\u003e \u003cp\u003ePre-Employment Policies 18\u003c\/p\u003e \u003cp\u003eEmployment Policies 18\u003c\/p\u003e \u003cp\u003eEnd of Employment and Termination Procedures 20\u003c\/p\u003e \u003cp\u003eCost-Benefit Analysis 21\u003c\/p\u003e \u003cp\u003eContinuous Monitoring 22\u003c\/p\u003e \u003cp\u003eEnterprise Security Architecture Frameworks and Governance 23\u003c\/p\u003e \u003cp\u003eTraining and Awareness for Users 24\u003c\/p\u003e \u003cp\u003eBest Practices for Risk Assessments 25\u003c\/p\u003e \u003cp\u003eBusiness Continuity Planning and Disaster Recovery 27\u003c\/p\u003e \u003cp\u003eReviewing the Effectiveness of Existing Security Controls 28\u003c\/p\u003e \u003cp\u003eConducting Lessons Learned and After-Action Reviews 30\u003c\/p\u003e \u003cp\u003eCreation, Collection, and Analysis of Metrics 31\u003c\/p\u003e \u003cp\u003eMetrics 31\u003c\/p\u003e \u003cp\u003eTrend Data 32\u003c\/p\u003e \u003cp\u003eAnalyzing Security Solutions to Ensure They Meet Business Needs 32\u003c\/p\u003e \u003cp\u003eTesting Plans 33\u003c\/p\u003e \u003cp\u003eInternal and External Audits 34\u003c\/p\u003e \u003cp\u003eUsing Judgment to Solve Difficult Problems 35\u003c\/p\u003e \u003cp\u003eSummary 35\u003c\/p\u003e \u003cp\u003eExam Essentials 36\u003c\/p\u003e \u003cp\u003eReview Questions 38\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 2 Configure and Implement Endpoint Security Controls 43\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eHardening Techniques 45\u003c\/p\u003e \u003cp\u003eAddress Space Layout Randomization Use 47\u003c\/p\u003e \u003cp\u003eHardware Security Module and Trusted Platform Module 48\u003c\/p\u003e \u003cp\u003eTrusted Operating Systems 52\u003c\/p\u003e \u003cp\u003eCompensating Controls 55\u003c\/p\u003e \u003cp\u003eSummary 57\u003c\/p\u003e \u003cp\u003eExam Essentials 58\u003c\/p\u003e \u003cp\u003eReview Questions 59\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 3 Security Operations Scenarios 63\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eThreat Management 66\u003c\/p\u003e \u003cp\u003eTypes of Intelligence 66\u003c\/p\u003e \u003cp\u003eThreat Hunting 67\u003c\/p\u003e \u003cp\u003eThreat Emulation 67\u003c\/p\u003e \u003cp\u003eActor Types 67\u003c\/p\u003e \u003cp\u003eIntelligence Collection Methods 71\u003c\/p\u003e \u003cp\u003eOpen-Source\u003c\/p\u003e \u003cp\u003eIntelligence 71\u003c\/p\u003e \u003cp\u003eHuman Intelligence and Social Engineering 73\u003c\/p\u003e \u003cp\u003eFrameworks 74\u003c\/p\u003e \u003cp\u003eMITRE Adversarial Tactics, Techniques and Common Knowledge 74\u003c\/p\u003e \u003cp\u003eATT\u0026amp;CK for Industrial Control Systems 75\u003c\/p\u003e \u003cp\u003eCyber Kill Chain 76\u003c\/p\u003e \u003cp\u003eDiamond Model of Intrusion Analysis 76\u003c\/p\u003e \u003cp\u003eIndicators of Compromise 77\u003c\/p\u003e \u003cp\u003eReading the Logs 77\u003c\/p\u003e \u003cp\u003eIntrusion Detection and Prevention 78\u003c\/p\u003e \u003cp\u003eNotifications and Responses to IoCs 79\u003c\/p\u003e \u003cp\u003eResponse 80\u003c\/p\u003e \u003cp\u003eSummary 85\u003c\/p\u003e \u003cp\u003eExam Essentials 85\u003c\/p\u003e \u003cp\u003eReview Questions 86\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 4 Security Ops: Vulnerability Assessments and Operational Risk 91\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eTerminology 97\u003c\/p\u003e \u003cp\u003eVulnerability Management 98\u003c\/p\u003e \u003cp\u003eSecurity Content Automation Protocol 103\u003c\/p\u003e \u003cp\u003eSelf-Assessment vs. Third-Party Vendor Assessment 105\u003c\/p\u003e \u003cp\u003ePatch Management 108\u003c\/p\u003e \u003cp\u003eInformation Sources 110\u003c\/p\u003e \u003cp\u003eTools 112\u003c\/p\u003e \u003cp\u003eAssessments 124\u003c\/p\u003e \u003cp\u003ePenetration Testing 129\u003c\/p\u003e \u003cp\u003eAssessment Types 131\u003c\/p\u003e \u003cp\u003eVulnerabilities 134\u003c\/p\u003e \u003cp\u003eBuffer Overflow 134\u003c\/p\u003e \u003cp\u003eInteger Overflow 135\u003c\/p\u003e \u003cp\u003eMemory Leaks 136\u003c\/p\u003e \u003cp\u003eRace Conditions (TOC\/TOU) 136\u003c\/p\u003e \u003cp\u003eResource Exhaustion 137\u003c\/p\u003e \u003cp\u003eData Remnants 138\u003c\/p\u003e \u003cp\u003eUse of Third-Party Libraries 138\u003c\/p\u003e \u003cp\u003eCode Reuse 138\u003c\/p\u003e \u003cp\u003eCryptographic Vulnerabilities 138\u003c\/p\u003e \u003cp\u003eBroken Authentication 139\u003c\/p\u003e \u003cp\u003eSecurity Misconfiguration 140\u003c\/p\u003e \u003cp\u003eInherently Vulnerable System\/Application 140\u003c\/p\u003e \u003cp\u003eClient-Side Processing vs. Server-Side Processing 141\u003c\/p\u003e \u003cp\u003eAttacks 145\u003c\/p\u003e \u003cp\u003eProactive Detection 153\u003c\/p\u003e \u003cp\u003eIncident Response 153\u003c\/p\u003e \u003cp\u003eCountermeasures 153\u003c\/p\u003e \u003cp\u003eDeceptive Technology 154\u003c\/p\u003e \u003cp\u003eUSB Key Drops 155\u003c\/p\u003e \u003cp\u003eSimulation 155\u003c\/p\u003e \u003cp\u003eSecurity Data Analytics 155\u003c\/p\u003e \u003cp\u003eApplication Control 156\u003c\/p\u003e \u003cp\u003eAllow and Block Lists 157\u003c\/p\u003e \u003cp\u003eSecurity Automation 157\u003c\/p\u003e \u003cp\u003ePhysical Security 158\u003c\/p\u003e \u003cp\u003eSummary 159\u003c\/p\u003e \u003cp\u003eExam Essentials 160\u003c\/p\u003e \u003cp\u003eReview Questions 161\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 5 Compliance and Vendor Risk 165\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eShared Responsibility in Cloud Computing 168\u003c\/p\u003e \u003cp\u003eCloud Service\/Infrastructure Models 169\u003c\/p\u003e \u003cp\u003eCloud Computing Providers and Hosting Options 169\u003c\/p\u003e \u003cp\u003eBenefits of Cloud Computing 171\u003c\/p\u003e \u003cp\u003eSecurity of On-Demand\/Elastic Cloud Computing 174\u003c\/p\u003e \u003cp\u003eGeographic Location 175\u003c\/p\u003e \u003cp\u003eInfrastructure 175\u003c\/p\u003e \u003cp\u003eCompute 175\u003c\/p\u003e \u003cp\u003eStorage 175\u003c\/p\u003e \u003cp\u003eNetworking 176\u003c\/p\u003e \u003cp\u003eManaging and Mitigating Risk 182\u003c\/p\u003e \u003cp\u003eSecurity Concerns of Integrating Diverse Industries 185\u003c\/p\u003e \u003cp\u003eRegulations, Accreditations, and Standards 187\u003c\/p\u003e \u003cp\u003ePCI DSS 187\u003c\/p\u003e \u003cp\u003eGDPR 190\u003c\/p\u003e \u003cp\u003eISO 192\u003c\/p\u003e \u003cp\u003eCMMI 193\u003c\/p\u003e \u003cp\u003eNIST 194\u003c\/p\u003e \u003cp\u003eCOPPA 195\u003c\/p\u003e \u003cp\u003eCSA-STAR 196\u003c\/p\u003e \u003cp\u003eHIPAA, SOX, and GLBA 197\u003c\/p\u003e \u003cp\u003eContract and Agreement Types 198\u003c\/p\u003e \u003cp\u003eThird-Party Attestation of Compliance 202\u003c\/p\u003e \u003cp\u003eLegal Considerations 203\u003c\/p\u003e \u003cp\u003eSummary 204\u003c\/p\u003e \u003cp\u003eExam Essentials 205\u003c\/p\u003e \u003cp\u003eReview Questions 206\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 6 Cryptography and PKI 211\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eThe History of Cryptography 216\u003c\/p\u003e \u003cp\u003eCryptographic Goals and Requirements 217\u003c\/p\u003e \u003cp\u003eSupporting Security Requirements 218\u003c\/p\u003e \u003cp\u003eCompliance and Policy Requirements 219\u003c\/p\u003e \u003cp\u003ePrivacy and Confidentiality Requirements 219\u003c\/p\u003e \u003cp\u003eIntegrity Requirements 220\u003c\/p\u003e \u003cp\u003eNonrepudiation 220\u003c\/p\u003e \u003cp\u003eRisks with Data 221\u003c\/p\u003e \u003cp\u003eData at Rest 221\u003c\/p\u003e \u003cp\u003eData in Transit 222\u003c\/p\u003e \u003cp\u003eData in Process\/Data in Use 222\u003c\/p\u003e \u003cp\u003eHashing 223\u003c\/p\u003e \u003cp\u003eMessage Digest 225\u003c\/p\u003e \u003cp\u003eSecure Hash Algorithm 225\u003c\/p\u003e \u003cp\u003eMessage Authentication Code 226\u003c\/p\u003e \u003cp\u003eHashed Message Authentication Code 226\u003c\/p\u003e \u003cp\u003eRACE Integrity Primitives Evaluation Message Digest 226\u003c\/p\u003e \u003cp\u003ePoly1305 226\u003c\/p\u003e \u003cp\u003eSymmetric Algorithms 227\u003c\/p\u003e \u003cp\u003eData Encryption Standard 230\u003c\/p\u003e \u003cp\u003eTriple DES 231\u003c\/p\u003e \u003cp\u003eRijndael and the Advanced Encryption Standard 231\u003c\/p\u003e \u003cp\u003eChaCha 232\u003c\/p\u003e \u003cp\u003eSalsa20 232\u003c\/p\u003e \u003cp\u003eInternational Data Encryption Algorithm 232\u003c\/p\u003e \u003cp\u003eRivest Cipher Algorithms 233\u003c\/p\u003e \u003cp\u003eCounter Mode 233\u003c\/p\u003e \u003cp\u003eAsymmetric Encryption 233\u003c\/p\u003e \u003cp\u003eDiffie–Hellman 235\u003c\/p\u003e \u003cp\u003eRSA 236\u003c\/p\u003e \u003cp\u003eElliptic Curve Cryptography 237\u003c\/p\u003e \u003cp\u003eElGamal 238\u003c\/p\u003e \u003cp\u003eHybrid Encryption and Electronic Data Exchange (EDI) 238\u003c\/p\u003e \u003cp\u003ePublic Key Infrastructure Hierarchy 239\u003c\/p\u003e \u003cp\u003eCertificate Authority 240\u003c\/p\u003e \u003cp\u003eRegistration Authority 241\u003c\/p\u003e \u003cp\u003eDigital Certificates 241\u003c\/p\u003e \u003cp\u003eCertificate Revocation List 243\u003c\/p\u003e \u003cp\u003eCertificate Types 243\u003c\/p\u003e \u003cp\u003eCertificate Distribution 244\u003c\/p\u003e \u003cp\u003eThe Client’s Role in PKI 245\u003c\/p\u003e \u003cp\u003eImplementation of Cryptographic Solutions 247\u003c\/p\u003e \u003cp\u003eApplication Layer Encryption 248\u003c\/p\u003e \u003cp\u003eTransport Layer Encryption 249\u003c\/p\u003e \u003cp\u003eInternet Layer Controls 250\u003c\/p\u003e \u003cp\u003eAdditional Authentication Protocols 251\u003c\/p\u003e \u003cp\u003eCryptocurrency 252\u003c\/p\u003e \u003cp\u003eDigital Signatures 252\u003c\/p\u003e \u003cp\u003eRecognizing Cryptographic Attacks 254\u003c\/p\u003e \u003cp\u003eTroubleshooting Cryptographic Implementations 256\u003c\/p\u003e \u003cp\u003eSummary 259\u003c\/p\u003e \u003cp\u003eExam Essentials 259\u003c\/p\u003e \u003cp\u003eReview Questions 261\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 7 Incident Response and Forensics 265\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eThe Incident Response Framework 268\u003c\/p\u003e \u003cp\u003eEvent Classifications 268\u003c\/p\u003e \u003cp\u003eTriage Events 269\u003c\/p\u003e \u003cp\u003ePre-Escalation Tasks 270\u003c\/p\u003e \u003cp\u003eThe Incident Response Process 270\u003c\/p\u003e \u003cp\u003eResponse Playbooks and Processes 273\u003c\/p\u003e \u003cp\u003eCommunication Plan and Stakeholder Management 274\u003c\/p\u003e \u003cp\u003eForensic Concepts 277\u003c\/p\u003e \u003cp\u003ePrinciples, Standards, and Practices 278\u003c\/p\u003e \u003cp\u003eThe Forensic Process 279\u003c\/p\u003e \u003cp\u003eForensic Analysis Tools 283\u003c\/p\u003e \u003cp\u003eFile Carving Tools 284\u003c\/p\u003e \u003cp\u003eBinary Analysis Tools 284\u003c\/p\u003e \u003cp\u003eAnalysis Tools 286\u003c\/p\u003e \u003cp\u003eImaging Tools 288\u003c\/p\u003e \u003cp\u003eHashing Utilities 289\u003c\/p\u003e \u003cp\u003eLive Collection vs. Postmortem Tools 290\u003c\/p\u003e \u003cp\u003eSummary 294\u003c\/p\u003e \u003cp\u003eExam Essentials 294\u003c\/p\u003e \u003cp\u003eReview Questions 295\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 8 Security Architecture 301\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eSecurity Requirements and Objectives for a Secure Network Architecture 310\u003c\/p\u003e \u003cp\u003eServices 310\u003c\/p\u003e \u003cp\u003eSegmentation 334\u003c\/p\u003e \u003cp\u003eDeperimeterization\/Zero Trust 344\u003c\/p\u003e \u003cp\u003eMerging Networks from Various Organizations 352\u003c\/p\u003e \u003cp\u003eSoftware-Defined Networking 357\u003c\/p\u003e \u003cp\u003eOrganizational Requirements for Infrastructure Security Design 358\u003c\/p\u003e \u003cp\u003eScalability 358\u003c\/p\u003e \u003cp\u003eResiliency 359\u003c\/p\u003e \u003cp\u003eAutomation 359\u003c\/p\u003e \u003cp\u003eContainerization 360\u003c\/p\u003e \u003cp\u003eVirtualization 361\u003c\/p\u003e \u003cp\u003eContent Delivery Network 361\u003c\/p\u003e \u003cp\u003eIntegrating Applications Securely into an Enterprise Architecture 362\u003c\/p\u003e \u003cp\u003eBaseline and Templates 362\u003c\/p\u003e \u003cp\u003eSoftware Assurance 367\u003c\/p\u003e \u003cp\u003eConsiderations of Integrating Enterprise Applications 370\u003c\/p\u003e \u003cp\u003eIntegrating Security into the Development Life Cycle 373\u003c\/p\u003e \u003cp\u003eData Security Techniques for Securing Enterprise Architecture 384\u003c\/p\u003e \u003cp\u003eData Loss Prevention 384\u003c\/p\u003e \u003cp\u003eData Loss Detection 387\u003c\/p\u003e \u003cp\u003eData Classification, Labeling, and Tagging 388\u003c\/p\u003e \u003cp\u003eObfuscation 390\u003c\/p\u003e \u003cp\u003eAnonymization 390\u003c\/p\u003e \u003cp\u003eEncrypted vs. Unencrypted 390\u003c\/p\u003e \u003cp\u003eData Life Cycle 391\u003c\/p\u003e \u003cp\u003eData Inventory and Mapping 391\u003c\/p\u003e \u003cp\u003eData Integrity Management 391\u003c\/p\u003e \u003cp\u003eData Storage, Backup, and Recovery 392\u003c\/p\u003e \u003cp\u003eSecurity Requirements and Objectives for Authentication and Authorization Controls 394\u003c\/p\u003e \u003cp\u003eCredential Management 394\u003c\/p\u003e \u003cp\u003ePassword Policies 396\u003c\/p\u003e \u003cp\u003eFederation 398\u003c\/p\u003e \u003cp\u003eAccess Control 399\u003c\/p\u003e \u003cp\u003eProtocols 401\u003c\/p\u003e \u003cp\u003eMultifactor Authentication 403\u003c\/p\u003e \u003cp\u003eOne-Time Passwords 404\u003c\/p\u003e \u003cp\u003eHardware Root of Trust 404\u003c\/p\u003e \u003cp\u003eSingle Sign-On 405\u003c\/p\u003e \u003cp\u003eJavaScript Object Notation Web Token 405\u003c\/p\u003e \u003cp\u003eAttestation and Identity Proofing 406\u003c\/p\u003e \u003cp\u003eSummary 406\u003c\/p\u003e \u003cp\u003eExam Essentials 407\u003c\/p\u003e \u003cp\u003eReview Questions 410\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 9 Secure Cloud and Virtualization 415\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eImplement Secure Cloud and Virtualization Solutions 418\u003c\/p\u003e \u003cp\u003eVirtualization Strategies 419\u003c\/p\u003e \u003cp\u003eDeployment Models and Considerations 425\u003c\/p\u003e \u003cp\u003eService Models 429\u003c\/p\u003e \u003cp\u003eCloud Provider Limitations 433\u003c\/p\u003e \u003cp\u003eExtending Appropriate On-Premises Controls 433\u003c\/p\u003e \u003cp\u003eStorage Models 439\u003c\/p\u003e \u003cp\u003eHow Cloud Technology Adoption Impacts Organization Security 445\u003c\/p\u003e \u003cp\u003eAutomation and Orchestration 445\u003c\/p\u003e \u003cp\u003eEncryption Configuration 445\u003c\/p\u003e \u003cp\u003eLogs 446\u003c\/p\u003e \u003cp\u003eMonitoring Configurations 447\u003c\/p\u003e \u003cp\u003eKey Ownership and Location 448\u003c\/p\u003e \u003cp\u003eKey Life-Cycle Management 448\u003c\/p\u003e \u003cp\u003eBackup and Recovery Methods 449\u003c\/p\u003e \u003cp\u003eInfrastructure vs. Serverless Computing 450\u003c\/p\u003e \u003cp\u003eSoftware-Defined Networking 450\u003c\/p\u003e \u003cp\u003eMisconfigurations 451\u003c\/p\u003e \u003cp\u003eCollaboration Tools 451\u003c\/p\u003e \u003cp\u003eBit Splitting 461\u003c\/p\u003e \u003cp\u003eData Dispersion 461\u003c\/p\u003e \u003cp\u003eSummary 461\u003c\/p\u003e \u003cp\u003eExam Essentials 462\u003c\/p\u003e \u003cp\u003eReview Questions 463\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 10 Mobility and Emerging Technologies 467\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eEmerging Technologies and Their Impact on Enterprise Security and Privacy 471\u003c\/p\u003e \u003cp\u003eArtificial Intelligence 472\u003c\/p\u003e \u003cp\u003eMachine Learning 472\u003c\/p\u003e \u003cp\u003eDeep Learning 472\u003c\/p\u003e \u003cp\u003eQuantum Computing 473\u003c\/p\u003e \u003cp\u003eBlockchain 473\u003c\/p\u003e \u003cp\u003eHomomorphic Encryption 474\u003c\/p\u003e \u003cp\u003eDistributed Consensus 475\u003c\/p\u003e \u003cp\u003eBig Data 475\u003c\/p\u003e \u003cp\u003eVirtual\/Augmented Reality 475\u003c\/p\u003e \u003cp\u003e3D Printing 476\u003c\/p\u003e \u003cp\u003ePasswordless Authentication 476\u003c\/p\u003e \u003cp\u003eNano Technology 477\u003c\/p\u003e \u003cp\u003eBiometric Impersonation 477\u003c\/p\u003e \u003cp\u003eSecure Enterprise Mobility Configurations 478\u003c\/p\u003e \u003cp\u003eManaged Configurations 479\u003c\/p\u003e \u003cp\u003eDeployment Scenarios 486\u003c\/p\u003e \u003cp\u003eMobile Device Security Considerations 487\u003c\/p\u003e \u003cp\u003eSecurity Considerations for Technologies, Protocols, and Sectors 495\u003c\/p\u003e \u003cp\u003eEmbedded Technologies 495\u003c\/p\u003e \u003cp\u003eICS\/Supervisory Control and Data Acquisition 496\u003c\/p\u003e \u003cp\u003eProtocols 498\u003c\/p\u003e \u003cp\u003eSectors 499\u003c\/p\u003e \u003cp\u003eSummary 500\u003c\/p\u003e \u003cp\u003eExam Essentials 500\u003c\/p\u003e \u003cp\u003eReview Questions 501\u003c\/p\u003e \u003cp\u003eAppendix Answers to Review Questions 505\u003c\/p\u003e \u003cp\u003eChapter 1: Risk Management 506\u003c\/p\u003e \u003cp\u003eChapter 2: Configure and Implement Endpoint Security Controls 507\u003c\/p\u003e \u003cp\u003eChapter 3: Security Operations Scenarios 509\u003c\/p\u003e \u003cp\u003eChapter 4: Security Ops: Vulnerability Assessments and Operational Risk 511\u003c\/p\u003e \u003cp\u003eChapter 5: Compliance and Vendor Risk 513\u003c\/p\u003e \u003cp\u003eChapter 6: Cryptography and PKI 514\u003c\/p\u003e \u003cp\u003eChapter 7: Incident Response and Forensics 516\u003c\/p\u003e \u003cp\u003eChapter 8: Security Architecture 519\u003c\/p\u003e \u003cp\u003eChapter 9: Secure Cloud and Virtualization 522\u003c\/p\u003e \u003cp\u003eChapter 10: Mobility and Emerging Technologies 524\u003c\/p\u003e \u003cp\u003eIndex 529\u003c\/p\u003e","brand":"John Wiley \u0026 Sons Inc","offers":[{"title":"Default Title","offer_id":49407157764439,"sku":"9781119803164","price":37.5,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9781119803164.jpg?v=1730498373","url":"https:\/\/bookcurl.com\/products\/casp-comptia-advanced-security-practitioner-study-guide-exam-cas004-fourth-edition-9781119803164","provider":"Book Curl","version":"1.0","type":"link"}