CASP+ Cert Prep: 2 Enterprise Security Architecture

Study for domain 2 of the CompTIA Advanced Security Practitioner (CASP+) certification exam: building a secure enterprise network.

Introduction

• Enterprise security architecture
• What you should know
• About the exam

1. Network and Security Components

• Network design
• Switches
• Routers
• Importance of ports
• Proxy
• Firewalls
• Web application firewalls (WAF) and next-generation firewalls (NGFW)
• Firewall architecture
• Wireless controllers
• Virtual desktop infrastructure
• Remote access
• Transport encryption
• Basic network authentication methods
• Multifactor authentication factors
• 802.1x authentication standard
• IPv6 and transitional technologies
• Mesh networks
• Unified threat management (UTM)
• NIDS and NIPS
• SIEM
• Hardware security modules (HSM)
• In-line network encryptor (INE)
• Vulnerability scanners
• Database activity monitors

2. Security Solutions in the Architecture

• Security solutions in the architecture
• Network flow, packet analysis, and break and inspect
• ACLs and rule sets
• Change monitoring
• Availability controls
• RAIDS and SANs
• Software-defined networking
• Cloud-managed networks
• Network management and monitoring
• Trunking security
• Port security
• Route protection
• DDoS protection
• Remotely triggered black holes
• Security zones
• Network access control
• Network-enabled devices
• Critical infrastructure

3. Securing Host Devices

• Securing host devices
• Trusted operating system
• Anti-malware
• Host-based firewall
• HIDS and HIPS
• Data loss prevention
• Log monitoring
• Endpoint detection response
• What is host hardening?
• Patch management
• Baselining configuration
• Application whitelisting and blacklisting
• Group policies
• Command line restrictions
• Configuring dedicated interfaces
• Restricting peripherals
• File and disk encryption
• Boot loader protections
• Cloud-augmented security
• Security through virtualization
• Hardware vulnerabilities in virtualization
• Terminal services and application delivery services

4. Securing Mobile and Small Form Factor Devices

• Mobile and small form factor device security
• Enterprise mobility management
• BYOD vs. COPE
• Application security for mobile devices
• Over-the-air updates
• Remote assistance
• Remote access
• Authentication
• Context-aware security measures
• Privacy concerns
• Mobile payment
• Tethering
• Wearable technology
• Security implications of wearable technology

5. Software Vulnerabilities

• Application security design
• Application specific issues
• More application specific issues
• Database activity monitoring (DAM) and web application firewalls (WAF)
• Client and server-side processing

Conclusion

• Next steps