Table Of ContentAll-In-One / CASP+® CompTIA Advanced Security Practitioner Certification All-in-One Exam Guide / Lane / 133-4 / FM
Blind Folio: i
ALL IN ONE
CASP+®
CompTIA Advanced Security
Practitioner Certification
E X A M G U I D E
Second Edition
(Exam CAS-003)
00-FM.indd 1 13/03/19 1:18 PM
All-In-One / CASP+® CompTIA Advanced Security Practitioner Certification All-in-One Exam Guide / Lane / 133-4 / FM
Blind Folio: ii
This page intentionally left blank
00-FM.indd 2 12/03/19 5:38 PM
All-In-One / CASP+® CompTIA Advanced Security Practitioner Certification All-in-One Exam Guide / Lane / 133-4 / FM
Blind Folio: iii
ALL IN ONE
CASP+®
CompTIA Advanced Security
Practitioner Certification
E X A M G U I D E
Second Edition
(Exam CAS-003)
Nicholas Lane, Wm. Arthur Conklin,
Gregory White, Dwayne Williams
New York Chicago San Francisco
Athens London Madrid Mexico City
Milan New Delhi Singapore Sydney Toronto
McGraw-Hill Education is an independent entity from CompTIA®. This publication and accompanying media may be
used in assisting students to prepare for the CASP+® CompTIA Advanced Security Practitioner exam. Neither CompTIA
nor McGraw-Hill Education warrants that use of this publication and accompanying media will ensure passing any exam.
CompTIA and CASP+ are trademarks or registered trademarks of CompTIA in the United States and/or other countries.
All other trademarks are trademarks of their respective owners.
00-FM.indd 3 13/03/19 1:18 PM
Copyright © 2019 by McGraw-Hill Education. All rights reserved. Except as permitted under the United States Copyright Act
of 1976, no part of this publication may be reproduced or distributed in any form or by any means, or stored in a database or
retrieval system, without the prior written permission of the publisher.
ISBN: 978-1-26-044134-5
MHID: 1-26-044134-2
The material in this eBook also appears in the print version of this title: ISBN: 978-1-26-044133-8,
MHID: 1-26-044133-4.
eBook conversion by codeMantra
Version 1.0
All trademarks are trademarks of their respective owners. Rather than put a trademark symbol after every occurrence of a trade-
marked name, we use names in an editorial fashion only, and to the benefit of the trademark owner, with no intention of infringe-
ment of the trademark. Where such designations appear in this book, they have been printed with initial caps.
McGraw-Hill Education eBooks are available at special quantity discounts to use as premiums and sales promotions or for use in
corporate training programs. To contact a representative, please visit the Contact Us page at www.mhprofessional.com.
TERMS OF USE
This is a copyrighted work and McGraw-Hill Education and its licensors reserve all rights in and to the work. Use of this work
is subject to these terms. Except as permitted under the Copyright Act of 1976 and the right to store and retrieve one copy of the
work, you may not decompile, disassemble, reverse engineer, reproduce, modify, create derivative works based upon, transmit,
distribute, disseminate, sell, publish or sublicense the work or any part of it without McGraw-Hill Education’s prior consent. You
may use the work for your own noncommercial and personal use; any other use of the work is strictly prohibited. Your right to
use the work may be terminated if you fail to comply with these terms.
THE WORK IS PROVIDED “AS IS.” McGRAW-HILL EDUCATION AND ITS LICENSORS MAKE NO GUARANTEES
OR WARRANTIES AS TO THE ACCURACY, ADEQUACY OR COMPLETENESS OF OR RESULTS TO BE OBTAINED
FROM USING THE WORK, INCLUDING ANY INFORMATION THAT CAN BE ACCESSED THROUGH THE WORK VIA
HYPERLINK OR OTHERWISE, AND EXPRESSLY DISCLAIM ANY WARRANTY, EXPRESS OR IMPLIED, INCLUD-
ING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR
PURPOSE. McGraw-Hill Education and its licensors do not warrant or guarantee that the functions contained in the work will
meet your requirements or that its operation will be uninterrupted or error free. Neither McGraw-Hill Education nor its licensors
shall be liable to you or anyone else for any inaccuracy, error or omission, regardless of cause, in the work or for any damages
resulting therefrom. McGraw-Hill Education has no responsibility for the content of any information accessed through the work.
Under no circumstances shall McGraw-Hill Education and/or its licensors be liable for any indirect, incidental, special, punitive,
consequential or similar damages that result from the use of or inability to use the work, even if any of them has been advised of
the possibility of such damages. This limitation of liability shall apply to any claim or cause whatsoever whether such claim or
cause arises in contract, tort or otherwise.
All-In-One / CASP+® CompTIA Advanced Security Practitioner Certification All-in-One Exam Guide / Lane / 133-4 / FM
Blind Folio: v
I must thank my wife, Tiffany, for managing our home, children,
and all the homework during this long project. This would be
a challenging endeavor for anyone, especially while pregnant.
Without her, this book could not have happened.
—Nicholas Lane
I would like to thank my wife, best friend, muse, and love,
Susan, for all the sacrifices she has made as I “appropriated”
family time to play cat herder one more time. Without her
support, I could not accomplish half of what I do.
—Art Conklin, Ph.D.
I need to thank my wife, Charlan, for all of the support and
encouragement she has provided throughout not just this book,
but all of our over thirty years together. It keeps getting better
and I owe that to her.
—Gregory White, Ph.D.
Thanks to my loving wife, Leah, for all her love, support, and
understanding. And to my children for forgiving Daddy when
he often missed that last book before bedtime.
—Dwayne Williams
00-FM.indd 5 12/03/19 5:38 PM
All-In-One / CASP+® CompTIA Advanced Security Practitioner Certification All-in-One Exam Guide / Lane / 133-4 / FM
Blind Folio: vi
This page intentionally left blank
00-FM.indd 6 12/03/19 5:38 PM
All-In-One / CASP+® CompTIA Advanced Security Practitioner Certification All-in-One Exam Guide / Lane / 133-4 / FM
Blind Folio: vii
ABOUT THE AUTHORS
Nicholas Lane is an award-winning technical instructor at New Horizons Computer
Learning Centers and a practitioner with 20 years of experience in the technology indus-
try. At the 2018 Hacker Halted conference by EC-Council, Lane was recognized as one of
the top 5 EC-Council security instructors in North America. He has delivered advanced
security certification training to all branches of the military and government, including
the FBI and DoD. He is a member of InfraGard, which is a partnership between the
FBI and the private sector in pursuance of national security objectives for U.S. critical
infrastructure. As a member of CompTIA’s Network+ Advisory Committee, Lane has the
distinction of being one of the designers of CompTIA’s Network+ certification. He was
a contributing author to McGraw-Hill Education’s CompTIA Cloud+ Certification Study
Guide, Second Edition (Exam CV0-002). He is a speaker at technology conference events
and is a certification blogger for CompTIA. Lane also serves on CompTIA’s Instructor
Network Advisory Committee, which provides instructor and certification resources to
thousands of instructors worldwide. He holds numerous certifications, including CISSP,
CEH, CEI, MCT, MCSE, CASP+, MCITP, Security+, and others.
Wm. Arthur Conklin is an associate professor in the College of Technology at the
University of Houston. He is also the Director for the Center for Information Security
Research and Education. Conklin has a terminal degree from the Naval Postgraduate
School in electrical engineering and a Ph.D. from the University of Texas at San Anto-
nio in business administration. He currently holds Security+, CASP+, CISSP, CSSLP,
CRISC, CSDP, and DFCP certifications. Conklin’s research interests lie in the areas of
software assurance and the application of systems theory to security issues associated with
critical infrastructures. His dissertation was on the motivating factors for home users in
adopting security on their own PCs. He has coauthored five books on information secu-
rity and has written and presented numerous conference and academic journal papers.
He has over 10 years of teaching experience at the college level and has assisted in build-
ing two information security programs that have been recognized by the NSA and DHS
as Centers of Academic Excellence in Information Assurance Education. A former U.S.
Navy officer, he was also previously the Technical Director at the Center for Infrastruc-
ture Assurance and Security at the University of Texas at San Antonio.
Gregory White has been involved in computer and network security since 1986. He
spent 19 years on active duty with the U.S. Air Force and 11 years in the Air Force
Reserves before retiring after a combined 30 years of service. He obtained his Ph.D. in
computer science from Texas A&M University in 1995. His dissertation topic was in the
area of computer network intrusion detection, and he continues to conduct research in
this area today. He is currently the Director for the Center for Infrastructure Assurance
and Security and is an associate professor of computer science at the University of Texas
00-FM.indd 7 12/03/19 5:38 PM
All-In-One / CASP+® CompTIA Advanced Security Practitioner Certification All-in-One Exam Guide / Lane / 133-4 / FM
Blind Folio: viii
at San Antonio. White has written and presented numerous articles and conference
papers on security. He is also the coauthor of five textbooks on computer and network
security and has written chapters for two other security books. White continues to be
active in security research. His current research initiatives include efforts in high-speed
intrusion detection, community infrastructure protection, and visualization of commu-
nity and organization security postures and incident response.
Dwayne Williams is Associate Director, Special Projects for the Center for Infrastructure
Assurance and Security at the University of Texas at San Antonio and has over 18 years of
experience in information systems and network security. Williams’ experience includes
six years of commissioned military service as a Communications-Computer Information
Systems Officer in the U.S. Air Force, specializing in network security, corporate infor-
mation protection, intrusion detection systems, incident response, and VPN technology.
Prior to joining the CIAS, he served as Director of Consulting for SecureLogix Corpo-
ration, where he directed and provided security assessment and integration services to
Fortune 100, government, public utility, oil and gas, financial, and technology clients.
Williams graduated in 1993 from Baylor University with a Bachelor of Arts in computer
science. Williams is a Certified Information Systems Security Professional (CISSP) and
coauthor of McGraw-Hill Education’s CompTIA Security+ All-in-One Exam Guide and
Sams’s Voice and Data Security.
About the Technical Editor
Daniel Lachance, CompTIA Cloud+, CompTIA Server+, CompTIA A+, Comp-
TIA Network+, CompTIA Security+, MCT, MCSA, MCITP, MCTS, is the owner of
Lachance IT Consulting, Inc., based in Halifax, Nova Scotia. Dan has delivered techni-
cal IT training for a wide variety of products for more than 20 years. He has recorded
IT support videos related to security and various cloud-computing platforms. Dan has
developed custom applications and planned, implemented, troubleshot, and documented
various network configurations and conducted network security audits. Dan has worked
as a technical editor on a number of certification books and has authored several books,
including CompTIA Server+ Certification All-in-One Exam Guide (Exam SK0-004) and
CompTIA Security+ Certification Practice Exams, Second Edition (Exam SY0-401).
When not performing with the Halifax-based cover band Clusterfunk, Dan loves
being around family and spending time outdoors.
00-FM.indd 8 12/03/19 5:38 PM
All-In-One / CASP+® CompTIA Advanced Security Practitioner Certification All-in-One Exam Guide / Lane / 133-4 / FM
CONTENTS AT A GLANCE
Part I Risk Management
Chapter 1 Security Influences and Risk. .............................................. 3
Chapter 2 Security Policies and Procedures. ........................................ 41
Chapter 3 Risk Mitigation, Strategies, and Controls ................................ 81
Chapter 4 Risk Metrics .............................................................. 121
Part II Enterprise Security Architecture
Chapter 5 Network Security Components, Concepts, and Architectures ...... 151
Chapter 6 Security Controls for Host Devices. .................................... 213
Chapter 7 Mobile Security Controls. ............................................... 265
Chapter 8 Software Vulnerabilities and Security Controls ....................... 309
Part III Enterprise Security Operations
Chapter 9 Security Assessments ................................................... 347
Chapter 10 Security Assessment Tools. ............................................. 377
Chapter 11 Incident Response and Recovery Procedures. ........................ 417
Part IV Technical Integration of Enterprise Security
Chapter 12 Hosts, Storage, Networks, and Applications .......................... 461
Chapter 13 Cloud and Virtualization ................................................ 501
Chapter 14 Authentication and Authorization. .................................... 551
Chapter 15 Cryptographic Techniques. ............................................. 583
Chapter 16 Securing Communications and Collaboration. ....................... 629
Part V Research, Development, and Collaboration
Chapter 17 Research Methods and Industry Trends ............................... 657
Chapter 18 Technology Life Cycles and Security Activities........................ 689
ix
00-FM.indd 9 12/03/19 5:38 PM
