CASP+ (CAS-004) Cert Prep: 3 Security Engineering and Cryptography

Learn about the security engineering and cryptography topics you need to know to pass the CompTIA Advanced Security Practitioner+ (CASP+) (CAS-004) exam.

Introduction

• Welcome
• About the exam

1. Enterprise Mobility

• Enterprise mobility
• Enterprise mobility management
• WPA3
• Connectivity options
• Security configurations
• DNS protection
• Deployment options
• Reconnaissance concerns
• Mobile security

2. Endpoint Security Controls

• Endpoint security controls
• Device hardening
• Patching
• Security settings
• Mandatory access controls (MAC)
• Secure boot
• Hardware encryption
• Endpoint protections
• Logging and monitoring
• Resiliency

3. Cloud Technologies

• Cloud technologies
• Business continuity and disaster recovery
• Cloud encryption
• Serverless computing
• Software-defined networking (SDN)
• Log collection and analysis
• Cloud application security broker
• Cloud misconfigurations

4. Operational Technologies

• Operational technologies
• Embedded systems
• ICS and SCADA
• ICS protocols
• Industries and sectors

5. Hashing and Symmetric Algorithms

• Hashing and symmetric algorithms
• Hashing
• Message authentication
• Symmetric algorithms
• Stream ciphers
• Block ciphers

6. Asymmetric Algorithms

• Asymmetric algorithms
• Using asymmetric algorithms
• SSL, TLS, and cipher suites
• S/MIME and SSH
• EAP
• IPSec
• Elliptic curve cryptography (ECC)
• Forward secrecy
• Authenticated encryption with associated data (AEAD)
• Key stretching

7. Public Key Infrastructure

• Public key infrastructure
• PKI components
• Digital certificates
• Using digital certificates
• Trust models
• Certificate management
• Certificate validity: CRL and OCSP
• Protecting web traffic
• Troubleshooting certificates
• Troubleshooting keys

Conclusion

• Conclusion