CASP+ Cert Prep: 5 Research, Development and Collaboration

In this installment of the CASP+ Cert Prep series, prepare for domain 5 of the CompTIA Advanced Security Practitioner (CASP+) exam: Research, Development, and Collaboration.

Introduction

• Research, development, and enterprise cybersecurity
• What you should know
• About the exam

1. Research Methods

• Conducting research
• Threat intelligence on latest attacks
• Current threats and threat models
• Zero-day mitigation controls
• Emerging social media platforms
• Big data and artificial intelligence
• Integration research within the business
• Computer emergency response team (CERT)
• Conferences, conventions, consultants, and vendors
• Threat actor activities
• Emerging threat sources

2 Security Activities across the Life Cycle

• Systems development life cycle
• Operational activities
• Asset disposal and asset reuse
• Software development life cycle
• Application security frameworks
• Software assurance
• Approaches to development
• Secure coding standards
• Documentation
• Validation and acceptance testing
• Adapting solutions to meet a need
• Asset management and inventory control

3. Collaboration with Other Business Units

• Collaboration across business units
• Sales staff
• Programmer
• Database administrator
• Network administrator
• Management and executive management
• Financial
• Human resources
• Emergency response team
• Facilities manager
• Physical security manager
• Legal counsel
• Governance, risk, and compliance committee
• Providing guidance to senior management
• Effective collaboration to implement security solutions

Conclusion

• What to do next