Description

Learn about the security operations topics you need to know to pass the CompTIA Advanced Security Practitioner+ (CASP+) (CAS-004) exam.

Tags

Syllabus

Syllabus IntroductionWelcomeAbout the exam1. Threat and Vulnerability ManagementThreat and vulnerability managementThreat intelligenceThreat huntingIntelligence collectionThreat actorsThreat management frameworksVulnerability management activitiesSecurity Content Automation Protocol2. Vulnerability AssessmentsVulnerability assessmentsPenetration testPen test stepsPen test requirementsCode analysisProtocol analysisAnalysis utilities3. Risk ReductionRisk reductionDeceptive technologiesSecurity data analyticsPreventative controlsApplication controlsSecurity automationPhysical security4. Analyzing VulnerabilitiesAnalyzing vulnerabilitiesRace conditionsBuffer overflowsAuthentication and referencesCiphers and certificatesImproper headersSoftware compositionVulnerable web applications5. Attacking VulnerabilitiesAttacking vulnerabilitiesDirectory traversalsCross-Site Scripting (XSS)Cross-site request forgery (CSRF)SQL injectionsXML injectionsOther injection attacksAuthentication bypassVM attacksNetwork attacksSocial engineering6. Indicators of CompromiseIndicators of compromiseTypes of IoCsPCAP filesNetFlowLogsIoC notificationsResponse to IoCs7. Incident ResponseIncident responseTriageCommunication planStakeholder managementIncident response processPlaybooks8. Digital ForensicsDigital forensicsForensic processChain of custodyOrder of volatilityForensic analysis9. Digital Forensic ToolsDigital forensic toolsForensic workstationsFile carving toolsBinary analysis toolsForensic analysis toolsImaging toolsCollection toolsConclusionConclusion Read more