Enterprise Security for CASP (CAS-002)

CompTIA Advanced Security Practitioner is an advanced-level security certification for security professionals in an enterprise, government, or military environment. This course covers domain 1 of the CompTIA CAS-002 certification exam.
Course info
Level
Advanced
Updated
Nov 9, 2016
Duration
2h 55m
Table of contents
Course Overview
Appropriate Cryptographic Concepts and Techniques
Security Implications Associated with Enterprise Storage
Network and Security Components, Concepts, and Architectures
Troubleshoot Security Controls for Hosts
Application Vulnerabilities and Appropriate Security Controls
Description
Course info
Level
Advanced
Updated
Nov 9, 2016
Duration
2h 55m
Description

User data, company secrets, intellectual property, critical infrastructure, and more are all vulnerable if not secured and constantly maintained. In this course, Enterprise Security for CASP (CAS-002), you'll first learn all about cryptographic concepts and encryption methods. Next, you will learn about enterprise storage concepts and technologies. Finally, you'll learn about host security and application vulnerability issues. By the end of this course, you'll have the knowledge needed to both pass the CompTIA CAS-002 certification exam and help secure your company's IT assets from attack.

About the author
About the author

Chris is a lifelong learner and professional information technologist, trainer and IT Manager. Married with 3 children, Chris is interested in martial arts, working out, spending time with family and friends and being creative whenever possible.

More from the author
More courses by Christopher Rees
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hey everyone, my name is Christopher Rees and welcome to my course: Enterprise Security which is part of the CompTIA Advanced Security Practitioner exam, CAS-002. So in addition to a trainer at Pluralsight, I'm a former law enforcement officer who specialized in computer crimes, and I also have 20 years of enterprise IT experience. I've been training students from all over the world on various technologies since 1998. So, couple things about this course: IT security, as we know, is by far one of the fastest growing, and the most needed areas in IT. Every company, whether public or private, every government, and even every military from around the world, needs qualified competent IT security professionals to ensure their critical IT assets are secured. Whether that's user data, company secrets, intellectual property, critical infrastructure and more, are all vulnerable if not secured and constantly maintained. So this course covers domain one of the CompTIA CAS-002 certification exam, and it's packed full of information around cryptographic concepts, enterprise storage security concerns, network security, host security controls, and application vulnerabilities, and of course, the associated remediation. So a few things we'll cover in this course are: cryptographic concepts around hashing, code signing, PKI concepts, and various encryption methods. We'll cover enterprise storage concepts and technologies like NAS and SAN, and the associated protocols like CIFS, NFS, iSCSI, and FCoE. We'll also cover host security issues and secure concepts including secure boot, TPM, and measured launch, and also application vulnerability issues including HTML5, AJAX, Javascript, and others. So by the end of this course, you'll have the knowledge needed to pass both the CompTIA CAS-002 certification exam and help secure your company's IT assets from attack. The US military counts the CAS-002 certification exam toward both the DoD 8570 and also the 8140 Information Assurance requirements. So before beginning this course however, you should be very familiar with CompTIA's Security+, which is a prerequisite for this course. So the information contained here, along with the content in our Security+ course, will provide the information needed for the CAS-002 certification exam. So I hope you'll join me on this journey to become CompTIA CASP certified with our enterprise security course here at Pluralsight.

Security Implications Associated with Enterprise Storage
Hey, welcome back to Pluralsight. I'm your instructor Christopher Rees and in this module, we're going to talk about security implications associated with enterprise storage. So, in this module, we're going to cover three main areas. Storage types, we'll talk about storage protocols and then we'll also talk about secure storage management. So let's jump right in and get started. Okay, in this module we have some new things to cover, some things that were not included in the Security+ course, so this is relatively new information if you're not kind of familiar with this space. So again, three main areas. Storage types, protocols and secure storage management. Under storage types, we're going to talk about such things as virtual storage, cloud storage, data warehousing, data archiving, and then of course, NAS or network attached storage, SAN, storage area networks, and then virtual SANs. Under storage protocols, we'll talk about iSCSI, FCoE, or Fibre Channel over Ethernet, and we'll talk about the differences between NFS and CIFS. Alright, and then under the secure storage management section, we'll talk about multipathing, snapshots, dedup or deduplication. We'll talk about LUN masking and mapping, HBA allocation, offsite or multi-site replication, and then various types of encryption. Disk, block, file, record level encryption and then port encryption.

Troubleshoot Security Controls for Hosts
Hey, welcome back to Pluralsight, I'm your instructor, Christopher Rees, and in this module, we're going to be covering Troubleshooting Security Controls for Hosts. So we have a lot to cover in this module, so let's go ahead and dive right in. So in this module we have command shell restrictions. We're going to cover configuring dedicated interfaces, out-of-band NICs, or Network Interface Cards. We'll talk about data interface, or how to configure what that is. We'll talk about peripheral restrictions, Firewire. We'll talk about the security advantages and disadvantages of of virtualizing servers, and we'll break that down into Type I servers, Type II, and then container-based. We'll talk about cloud augmented security and hash matching. We'll also talk about content filtering, boot loader protections, and we'll break that down into several areas, including secure boot, measured launch, IMA, or Integrity Measurement Architecture, and we'll talk about BIOS and also UEFI. We'll talk about vulnerabilities associated with co-mingling of hosts of different security requirements, such things as VMEscape, privilege elevation, live VM migration, and then data remnants. We'll also talk about Virtual Desktop Infrastructure or VDI, and then also cover terminal services and application delivery services, and then last but not least, Virtual TPM. So again this builds upon a lot of the concepts that are covered in Security Plus. So if you look at the actual outline that's available on the website, you'll see what's covered in specifically this course and this module, and also what's covered in Security Plus. The two of those combined will give you all of the information for the CASP certification. Okay I just want to make sure I reiterate that, so you understand this is going to be in addition to what you're going to get from Security Plus, right? We're going to combine those together, give you the full breadth of information that you need for that CASP002 Certification. So let's go ahead and get started.

Application Vulnerabilities and Appropriate Security Controls
Hey welcome back to Pluralsight. I'm your instructor Christopher Rees, and in this module, we're going to cover the topic of differentiating application vulnerabilities and selecting appropriate security controls. So in this module, we're going to cover a number of things. We're going to cover security by design, default, and also security by deployment. We're going to cover specific application issues such as insecure direct object references, memory leaks, and race conditions. We'll also cover something referred to as time of check and time of use. We'll cover resource exhaustion. We'll cover geo-tagging. We'll also cover application security frameworks and standard libraries, industry accepted approaches, and web security services or WS-security. We'll cover something referred to as JSON and REST and cover what those things are, how they apply to security. We'll cover browser extensions such as Active X and Java Applets. And we'll also talk about Flash, along with HTML 5, AJAX, something we refer to as SOAP, state management, and then also Javascript. So let's go ahead and get started.