YoVDO

CASP+ Cert Prep: 2 Enterprise Security Architecture

Offered By: LinkedIn Learning

Tags

CompTIA CASP+ (Plus) Courses Network Security Courses Information Security Certifications Courses Network Design Courses Mobile Device Security Courses Firewalls Courses Software Vulnerabilities Courses Data Loss Prevention Courses

Course Description

Overview

Study for domain 2 of the CompTIA Advanced Security Practitioner (CASP+) certification exam: building a secure enterprise network.

Syllabus

Introduction
  • Enterprise security architecture
  • What you should know
  • About the exam
1. Network and Security Components
  • Network design
  • Switches
  • Routers
  • Importance of ports
  • Proxy
  • Firewalls
  • Web application firewalls (WAF) and next-generation firewalls (NGFW)
  • Firewall architecture
  • Wireless controllers
  • Virtual desktop infrastructure
  • Remote access
  • Transport encryption
  • Basic network authentication methods
  • Multifactor authentication factors
  • 802.1x authentication standard
  • IPv6 and transitional technologies
  • Mesh networks
  • Unified threat management (UTM)
  • NIDS and NIPS
  • SIEM
  • Hardware security modules (HSM)
  • In-line network encryptor (INE)
  • Vulnerability scanners
  • Database activity monitors
2. Security Solutions in the Architecture
  • Security solutions in the architecture
  • Network flow, packet analysis, and break and inspect
  • ACLs and rule sets
  • Change monitoring
  • Availability controls
  • RAIDS and SANs
  • Software-defined networking
  • Cloud-managed networks
  • Network management and monitoring
  • Trunking security
  • Port security
  • Route protection
  • DDoS protection
  • Remotely triggered black holes
  • Security zones
  • Network access control
  • Network-enabled devices
  • Critical infrastructure
3. Securing Host Devices
  • Securing host devices
  • Trusted operating system
  • Anti-malware
  • Host-based firewall
  • HIDS and HIPS
  • Data loss prevention
  • Log monitoring
  • Endpoint detection response
  • What is host hardening?
  • Patch management
  • Baselining configuration
  • Application whitelisting and blacklisting
  • Group policies
  • Command line restrictions
  • Configuring dedicated interfaces
  • Restricting peripherals
  • File and disk encryption
  • Boot loader protections
  • Cloud-augmented security
  • Security through virtualization
  • Hardware vulnerabilities in virtualization
  • Terminal services and application delivery services
4. Securing Mobile and Small Form Factor Devices
  • Mobile and small form factor device security
  • Enterprise mobility management
  • BYOD vs. COPE
  • Application security for mobile devices
  • Over-the-air updates
  • Remote assistance
  • Remote access
  • Authentication
  • Context-aware security measures
  • Privacy concerns
  • Mobile payment
  • Tethering
  • Wearable technology
  • Security implications of wearable technology
5. Software Vulnerabilities
  • Application security design
  • Application specific issues
  • More application specific issues
  • Database activity monitoring (DAM) and web application firewalls (WAF)
  • Client and server-side processing
Conclusion
  • Next steps

Taught by

Jason Dion

Related Courses

Master the OWASP Top 10
LinkedIn Learning
Information Security - 5 - Secure Systems Engineering
Indian Institute of Technology Madras via Swayam
Reverse Engineering and Exploit Development
Udemy