Introduction The CASP Exam 2 The Goals of the CASP Certification 3 The Value of the CASP Certification 5 CASP Exam Objectives 7 Steps to Becoming a CASP 35 CompTIA Authorized Materials Use Policy 35 Chapter 1 Business and Industry Influences and Associated Security Risks 38 Risk Management of New Products, New Technologies, and User Behaviors 39 New or Changing Business Models/Strategies 40 Security Concerns of Integrating Diverse Industries 44 Internal and External Influences 52 Impact of De-perimeterization (e.g., Constantly Changing Network Boundary) 54 Exam Preparation Tasks 60 Review All Key Topics 60 Define Key Terms 60 Review Questions 61 Chapter 2 Security, Privacy Policies, and Procedures 64 Policy and Process Life Cycle Management 65 Support Legal Compliance and Advocacy 70 Common Business Documents to Support Security 71 Security Requirements for Contracts 75 General Privacy Principles for Sensitive Information 77 Support the Development of Policies Containing Standard Security Practices 78 Exam Preparation Tasks 91 Review All Key Topics 91 Define Key Terms 92 Review Questions 92 Chapter 3 Risk Mitigation Strategies and Controls 96 Categorize Data Types by Impact Levels Based on CIA 98 Incorporate Stakeholder Input into CIA Impact-Level Decisions 100 Determine the Aggregate CIA Score 101 Determine Minimum Required Security Controls Based on Aggregate Score 102 Select and Implement Controls Based on CIA Requirements and Organizational Policies 102 Extreme Scenario Planning/Worst-Case Scenario 123 Conduct System-Specific Risk Analysis 125 Make Risk Determination Based upon Known Metrics 126 Translate Technical Risks in Business Terms 134 Recommend Which Strategy Should Be Applied Based on Risk Appetite 135 Risk Management Processes 137 Continuous Improvement/Monitoring 141 Business Continuity Planning 141 IT Governance 148 Enterprise Resilience 168 Exam Preparation Tasks 170 Review All Key Topics 170 Define Key Terms 171 Review Questions 171 Chapter 4 Risk Metric Scenarios to Secure the Enterprise 174 Review Effectiveness of Existing Security Controls 175 Reverse Engineer/Deconstruct Existing Solutions 177 Creation, Collection, and Analysis of Metrics 177 Prototype and Test Multiple Solutions 180 Create Benchmarks and Compare to Baselines 181 Analyze and Interpret Trend Data to Anticipate Cyber Defense Needs 182 Analyze Security Solution Metrics and Attributes to Ensure They Meet Business Needs 183 Use Judgment to Solve Problems Where the Most Secure Solution Is Not Feasible 187 Exam Preparation Tasks 187 Review All Key Topics 187 Define Key Terms 188 Review Questions 189 Chapter 5 Network and Security Components, Concepts, and Architectures 192 Physical and Virtual Network and Security Devices 194 Application and Protocol-Aware Technologies 212 Advanced Network Design (Wired/Wireless) 215 Complex Network Security Solutions for Data Flow 241 Secure Configuration and Baselining of Networking and Security Components 246 Software-Defined Networking 254 Network Management and Monitoring Tools 255 Advanced Configuration of Routers, Switches, and Other Network Devices 260 Security Zones 268 Network Access Control 269 Network-Enabled Devices 271 Critical Infrastructure 279 Exam Preparation Tasks 280 Review All Key Topics 280 Define Key Terms 282 Review Questions 282 Chapter 6 Security Controls for Host Devices 286 Trusted OS (e.g., How and When to Use It) 287 Endpoint Security Software 290 Host Hardening 298 Boot Loader Protections 316 Vulnerabilities Associated with Hardware 322 Terminal Services/Application Delivery Services 322 Exam Preparation Tasks 323 Review All Key Topics 323 Define Key Terms 324 Review Questions 324 Chapter 7 Security Controls for Mobile and Small Form Factor Devices 328 Enterprise Mobility Management 329 Security Implications/Privacy Concerns 336 Wearable Technology 345 Exam Preparation Tasks 350 Review All Key Topics 350 Define Key Terms 351 Review Questions 351 Chapter 8 Software Vulnerability Security Controls 354 Application Security Design Considerations 355 Specific Application Issues 356 Application Sandboxing 370 Secure Encrypted Enclaves 371 Database Activity Monitor 371 Web Application Firewalls 371 Client-Side Processing vs. Server-Side Processing 371 Operating System Vulnerabilities 377 Firmware Vulnerabilities 377 Exam Preparation Tasks 378 Review All Key Topics 378 Define Key Terms 378 Review Questions 379 Chapter 9 Security Assessments 382 Methods 383 Test Types 398 Exam Preparation Tasks 405 Review All Key Topics 405 Define Key Terms 406 Review Questions 407 Chapter 10 Select the Appropriate Security Assessment Tool 410 Network Tool Types 411 Host Tool Types 427 Physical Security Tools 441 Exam Preparation Tasks 444 Review All Key Topics 444 Define Key Terms 445 Review Questions 446 Chapter 11 Incident Response and Recovery 448 E-Discovery 449 Data Breach 454 Facilitate Incident Detection and Response 457 Incident and Emergency Response 461 Incident Response Support Tools 471 Severity of Incident or Breach 478 Post-incident Response 480 Exam Preparation Tasks 481 Review All Key Topics 481 Define Key Terms 482 Review Questions 483 Chapter 12 Host, Storage, Network, and Application Integration 486 Adapt Data Flow Security to Meet Changing Business Needs 487 Standards 489 Interoperability Issues 491 Resilience Issues 494 Data Security Considerations 496 Resources Provisioning and Deprovisioning 500 Design Considerations During Mergers, Acquisitions and Demergers/Divestitures 501 Network Secure Segmentation and Delegation 502 Logical Deployment Diagram and Corresponding Physical Deployment Diagram of All Relevant Devices 502 Security and Privacy Considerations of Storage Integration 504 Security Implications of Integrating Enterprise Applications 504 Exam Preparation Tasks 507 Review All Key Topics 507 Define Key Terms 508 Review Questions 508 Chapter 13 Cloud and Virtualization Technology Integration 512 Technical Deployment Models (Outsourcing/Insourcing/Managed Services/Partnership) 513 Security Advantages and Disadvantages of Virtualization 518 Cloud Augmented Security Services 521 Vulnerabilities Associated with Comingling of Hosts with Different Security Requirements 527 Data Security Considerations 529.