Comptia Casp Cas 003 Exam Objectives PDF

CompTIA Advanced
Security Practitioner
(CASP) Certification
Exam Objectives
EXAM NUMBER: CAS-003
About the Exam
The CompTIA Advanced Security Practitioner (CASP) certification is a vendor-neutral credential. The CASP
exam is an internationally targeted validation of advanced-level security skills and knowledge.
The CASP exam will certify the successful candidate has the technical knowledge and skills
required to conceptualize, engineer, integrate and implement secure solutions across complex
environments to support a resilient enterprise. The candidate will apply critical thinking and
judgment across a broad spectrum of security disciplines to propose, implement and advocate
sustainable security solutions that map to organizational strategies, balance security requirements
with business/regulatory requirements, analyze risk impact and respond to security incidents.
The CASP certification is aimed at IT security professionals who have:
• A minimum of ten years of experience in IT administration, including at
least five years of hands-on technical security experience
• The following recommended prerequisites: CompTIA Network+, Security+, CSA+
or equivalent experience
EXAM ACCREDITATION
The CASP certification exam is accredited by ANSI to show compliance with the ISO 17024
standard and, as such, undergoes regular reviews and updates to the exam objectives.
CompTIA AUTHORIZED MATERIALS USE POLICY

CompTIA Certifications, LLC is not affiliated with and does not authorize, endorse or condone utilizing any
content provided by unauthorized third-party training sites (aka “brain dumps”). Individuals who utilize
such materials in preparation for any CompTIA examination will have their certifications revoked and be
suspended from future testing in accordance with the CompTIA Candidate Agreement. In an effort to more
clearly communicate CompTIA’s exam policies on use of unauthorized study materials, CompTIA directs
all certification candidates to the CompTIA Certification Exam Policies. Please review all CompTIA policies
before beginning the study process for any CompTIA exam. Candidates will be required to abide by the
CompTIA Candidate Agreement. If a candidate has a question as to whether study materials are considered
unauthorized (aka “brain dumps”), he/she should contact CompTIA at examsecurity@comptia.org to confirm.
PLEASE NOTE
The lists of examples provided in bulleted format are not exhaustive lists. Other examples of
technologies, processes or tasks pertaining to each objective may also be included on the exam,
although not listed or covered in this objectives document. CompTIA is constantly reviewing the
content of our exams and updating test questions to be sure our exams are current and the security
of the questions is protected. When necessary, we will publish updated exams based on existing
exam objectives. Please know that all related exam preparation materials will still be valid.
**Candidates should have basic knowledge of vendor-specific tools and technologies, as this knowledge
may be required for the CASP certification exam. CompTIA has included a sample list of hardware and
software at the end of this document to assist candidates as they prepare for the CASP exam. This list may
also be helpful for training companies that wish to create a lab component for their training offering.
CompTIA Advanced Security Practitioner (CASP) Certification Exam Objectives Version 3.0
(Exam Number: CAS-003)
TEST DETAILS
Required exam CASP CAS-003
Number of questions Maximum of 90
Types of questions Multiple choice and performance-based
Length of test 165 minutes
Recommended experience Ten years of experience in IT administration, including at least
five years of hands-on technical security experience
Passing score CASP CAS-003: Pass/Fail only. No scaled score.
EXAM OBJECTIVES (DOMAINS)

The table below lists the domain areas measured by this examination and the
approximate extent to which they are represented in the examination:
DOMAIN PERCENTAGE OF EXAMINATION
1.0 Risk Management 19%

2.0 Enterprise Security Architecture 25%
3.0 Enterprise Security Operations 20%
4.0 Technical Integration of Enterprise Security 23%
5.0 Research, Development and Collaboration 13%
Total 100%
1.0 Risk Management
1.1 Summarize business and industry influences
and associated security risks.
• Risk management of new products, - Policies • Impact of de-perimeterization (e.g.,
new technologies and user behaviors - Regulations constantly changing network boundary)
• New or changing business - Export controls - Telecommuting
models/strategies - Legal requirements - Cloud
- Partnerships - Geography - Mobile
- Outsourcing - Data sovereignty - BYOD
- Cloud - Jurisdictions - Outsourcing
- Acquisition/merger – • Internal and external influences - Ensuring third-party providers
divestiture/demerger - Competitors have requisite levels of
- Data ownership - Auditors/audit findings information security
- Data reclassification - Regulatory entities
• Security concerns of integrating - Internal and external
diverse industries client requirements
- Rules - Top-level management
1.2 Compare and contrast security, privacy policies and

procedures based on organizational requirements.
• Policy and process life cycle management - Memorandum of • Support the development of policies
- New business understanding (MOU) containing standard security practices
- New technologies - Service-level agreement (SLA) - Separation of duties
- Environmental changes - Operating-level agreement (OLA) - Job rotation
- Regulatory requirements - Non-disclosure agreement (NDA) - Mandatory vacation
- Emerging risks - Business partnership agreement (BPA) - Least privilege
• Support legal compliance and advocacy - Master service agreement (MSA) - Incident response
by partnering with human resources, • Research security requirements - Forensic tasks
legal, management and other entities for contracts - Employment and
• Understand common business - Request for proposal (RFP) termination procedures
documents to support security - Request for quote (RFQ) - Continuous monitoring
- Risk assessment (RA) - Request for information (RFI) - Training and awareness for users
- Business impact analysis (BIA) • Understand general privacy - Auditing requirements and frequency
- Interoperability agreement (IA) principles for sensitive information - Information classification
- Interconnection security
agreement (ISA)
1.0 Risk Management
1.3 Given a scenario, execute risk mitigation strategies and controls.

• Categorize data types by - Likelihood of threat • Risk management processes
impact levels based on CIA - Motivation - Exemptions
• Incorporate stakeholder input - Source - Deterrence
into CIA impact-level decisions - ARO - Inherent
• Determine minimum-required security - Trend analysis - Residual
controls based on aggregate score - Return on investment (ROI) • Continuous improvement/monitoring
• Select and implement controls - Total cost of ownership • Business continuity planning
based on CIA requirements • Translate technical risks - RTO
and organizational policies in business terms - RPO
• Extreme scenario planning/ • Recommend which strategy should - MTTR
worst-case scenario be applied based on risk appetite - MTBF
• Conduct system-specific risk analysis - Avoid • IT governance
• Make risk determination - Transfer - Adherence to risk
based upon known metrics - Mitigate management frameworks
- Magnitude of impact - Accept • Enterprise resilience
based on ALE and SLE
1.4 Analyze risk metric scenarios to secure the enterprise.

• Review effectiveness of • Analyze security solution
existing security controls metrics and attributes to ensure
- Gap analysis they meet business needs
- Lessons learned - Performance
- After-action reports - Latency
• Reverse engineer/deconstruct - Scalability
existing solutions - Capability
• Creation, collection and - Usability
analysis of metrics - Maintainability
- KPIs - Availability
- KRIs - Recoverability
• Prototype and test multiple solutions - ROI
• Create benchmarks and - TCO
compare to baselines • Use judgment to solve problems where
• Analyze and interpret trend data the most secure solution is not feasible
to anticipate cyber defense needs
2.0 Enterprise Security Architecture
2.1 Analyze a scenario and integrate network and security components,
concepts and architectures to meet security requirements.
• Physical and virtual network - IPv4 and IPv6 transitional • Security zones
and security devices technologies - DMZ
- UTM - Network authentication methods - Separation of critical assets
- IDS/IPS - 802.1x - Network segmentation
- NIDS/NIPS - Mesh networks • Network access control
- INE - Placement of fixed/mobile devices - Quarantine/remediation
- NAC - Placement of hardware - Persistent/volatile or
- SIEM and applications non-persistent agent
- Switch • Complex network security - Agent vs. agentless
- Firewall solutions for data flow • Network-enabled devices
- Wireless controller - DLP - System on a chip (SoC)
- Router - Deep packet inspection - Building/home automation systems
- Proxy - Data flow enforcement - IP video
- Load balancer - Network flow (S/flow) - HVAC controllers
- HSM - Data flow diagram - Sensors
- MicroSD HSM • Secure configuration and baselining of - Physical access control systems
• Application and protocol-aware networking and security components - A/V systems
technologies • Software-defined networking - Scientific/industrial equipment
- WAF • Network management • Critical infrastructure
- Firewall and monitoring tools - Supervisory control and
- Passive vulnerability scanners - Alert definitions and rule writing data acquisition (SCADA)
- DAM - Tuning alert thresholds - Industrial control systems (ICS)
• Advanced network design - Alert fatigue
(wired/wireless) • Advanced configuration of routers,
- Remote access switches and other network devices
- VPN - Transport security
- IPSec - Trunking security
- SSL/TLS - Port security
- SSH - Route protection
- RDP - DDoS protection
- VNC - Remotely triggered black hole
- VDI
- Reverse proxy
2.2 Analyze a scenario to integrate security controls for

host devices to meet security requirements.
• Trusted OS (e.g., how and when to use it) - Security/group policy implementation - Drive mapping
- SELinux - Command shell restrictions - Webcam
- SEAndroid - Patch management - Recording mic
- TrustedSolaris - Manual - Audio output
- Least functionality - Automated - SD port
• Endpoint security software - Scripting and replication - HDMI port
- Anti-malware - Configuring dedicated interfaces - File and disk encryption
- Antivirus - Out-of-band management - Firmware updates
- Anti-spyware - ACLs • Boot loader protections
- Spam filters - Management interface - Secure boot
- Patch management - Data interface - Measured launch
- HIPS/HIDS - External I/O restrictions - Integrity measurement architecture
- Data loss prevention - USB - BIOS/UEFI
- Host-based firewalls - Wireless - Attestation services
- Log monitoring - Bluetooth - TPM
- Endpoint detection response - NFC • Vulnerabilities associated with hardware
• Host hardening - IrDA • Terminal services/application
- Standard operating environment/ - RF delivery services
configuration baselining - 802.11
- Application whitelisting - RFID
and blacklisting - Drive mounting
2.3 Analyze a scenario to integrate security controls for mobile and

small form factor devices to meet security requirements.
• Enterprise mobility management - Device loss/theft • Wearable technology
- Containerization - Hardware anti-tamper - Devices
- Configuration profiles and payloads - eFuse - Cameras
- Personally owned, corporate-enabled - TPM - Watches
- Application wrapping - Rooting/jailbreaking - Fitness devices
- Remote assistance access - Push notification services - Glasses
- VNC - Geotagging - Medical sensors/devices
- Screen mirroring - Encrypted instant messaging apps - Headsets
- Application, content - Tokenization - Security implications
and data management - OEM/carrier Android fragmentation - Unauthorized remote activation/
- Over-the-air updates - Mobile payment deactivation of devices or features
(software/firmware) - NFC-enabled - Encrypted and unencrypted
- Remote wiping - Inductance-enabled communication concerns
- SCEP - Mobile wallet - Physical reconnaissance
- BYOD - Peripheral-enabled payments - Personal data theft
- COPE (credit card reader) - Health privacy
- VPN - Tethering - Digital forensics of collected data
- Application permissions - USB
- Side loading - Spectrum management
- Unsigned apps/system apps - Bluetooth 3.0 vs. 4.1
- Context-aware management - Authentication
- Geolocation/geofencing - Swipe pattern
- User behavior - Gesture
- Security restrictions - Pin code
- Time-based restrictions - Biometric
• Security implications/privacy concerns - Facial
- Data storage - Fingerprint
- Non-removable storage - Iris scan
- Removable storage - Malware
- Cloud storage - Unauthorized domain bridging
- Transfer/backup data - Baseband radio/SOC
to uncontrolled storage - Augmented reality
- USB OTG - SMS/MMS/messaging
2.4 Given software vulnerability scenarios, select

appropriate security controls.
• Application security design • Application sandboxing
considerations • Secure encrypted enclaves
- Secure: by design, by • Database activity monitor
default, by deployment • Web application firewalls
• Specific application issues • Client-side processing vs.
- Unsecure direct object references server-side processing
- XSS - JSON/REST
- Cross-site request forgery (CSRF) - Browser extensions
- Click-jacking - ActiveX
- Session management - Java applets
- Input validation - HTML5
- SQL injection - AJAX
- Improper error and - SOAP
exception handling - State management
- Privilege escalation - JavaScript
- Improper storage of sensitive data • Operating system vulnerabilities
- Fuzzing/fault injection • Firmware vulnerabilities
- Secure cookie storage
and transmission
- Buffer overflow
- Memory leaks
- Integer overflows
- Race conditions
- Time of check
- Time of use
- Resource exhaustion
- Geotagging
- Data remnants
- Use of third-party libraries
- Code reuse
3.0 Enterprise Security Operations
3.1 Given a scenario, conduct a security assessment
using the appropriate methods.
• Methods - Routing tables - Internal and external audits
- Malware sandboxing - DNS records - Color team exercises
- Memory dumping, runtime debugging - Search engines - Red team
- Reconnaissance • Types - Blue team
- Fingerprinting - Penetration testing - White team
- Code review - Black box
- Social engineering - White box
- Pivoting - Gray box
- Open source intelligence - Vulnerability assessment
- Social media - Self-assessment
- Whois - Tabletop exercises
3.2 Analyze a scenario or output, and select the

appropriate tool for a security assessment.
• Network tool types - HTTP interceptor - SCAP tool
- Port scanners - Exploitation tools/frameworks - File integrity monitoring
- Vulnerability scanners - Visualization tools - Log analysis tools
- Protocol analyzer - Log reduction and analysis tools - Antivirus
- Wired • Host tool types - Reverse engineering tools
- Wireless - Password cracker • Physical security tools
- SCAP scanner - Vulnerability scanner - Lock picks
- Network enumerator - Command line tools - RFID tools
- Fuzzer - Local exploitation tools/frameworks - IR camera
3.0 Enterprise Security Operations
3.3 Given a scenario, implement incident response and recovery procedures.
• E-discovery • Incident response support tools

- Electronic inventory and asset control - dd
- Data retention policies - tcpdump
- Data recovery and storage - nbtstat
- Data ownership - netstat
- Data handling - nc (Netcat)
- Legal holds - memdump
• Data breach - tshark
- Detection and collection - foremost
- Data analytics • Severity of incident or breach
- Mitigation - Scope
- Minimize - Impact
- Isolate - Cost
- Recovery/reconstitution - Downtime
- Response - Legal ramifications
- Disclosure • Post-incident response
• Facilitate incident detection - Root-cause analysis
and response - Lessons learned
- Hunt teaming - After-action report
- Heuristics/behavioral analytics
- Establish and review system,
audit and security logs
• Incident and emergency response
- Chain of custody
- Forensic analysis of
compromised system
- Continuity of operations
- Disaster recovery
- Incident response team
- Order of volatility
4.0 Technical Integration of Enterprise Security
4.1 Given a scenario, integrate hosts, storage, networks and
applications into a secure enterprise architecture.
• Adapt data flow security to meet • Resources provisioning
changing business needs and deprovisioning
• Standards - Users
- Open standards - Servers
- Adherence to standards - Virtual devices
- Competing standards - Applications
- Lack of standards - Data remnants
- De facto standards • Design considerations during mergers,
• Interoperability issues acquisitions and demergers/divestitures
- Legacy systems and • Network secure segmentation
software/current systems and delegation
- Application requirements • Logical deployment diagram and
- Software types corresponding physical deployment
- In-house developed diagram of all relevant devices
- Commercial • Security and privacy considerations
- Tailored commercial of storage integration
- Open source • Security implications of integrating
- Standard data formats enterprise applications
- Protocols and APIs - CRM
• Resilience issues - ERP
- Use of heterogeneous components - CMDB
- Course of action - CMS
automation/orchestration - Integration enablers
- Distribution of critical assets - Directory services
- Persistence and non- - DNS
persistence of data - SOA
- Redundancy/high availability - ESB
- Assumed likelihood of attack
• Data security considerations
- Data remnants
- Data aggregation
- Data isolation
- Data ownership
- Data sovereignty
- Data volume
4.2 Given a scenario, integrate cloud and virtualization

technologies into a secure enterprise architecture.
• Technical deployment models • Security advantages and • Vulnerabilities associated with
(outsourcing/insourcing/ disadvantages of virtualization comingling of hosts with different
managed services/partnership) - Type 1 vs. Type 2 hypervisors security requirements
- Cloud and virtualization - Container-based - VMEscape
considerations and hosting options - vTPM - Privilege elevation
- Public - Hyperconverged infrastructure - Live VM migration
- Private - Virtual desktop infrastructure - Data remnants
- Hybrid - Secure enclaves and volumes • Data security considerations
- Community • Cloud augmented security services - Vulnerabilities associated with a
- Multitenancy - Anti-malware single server hosting
- Single tenancy - Vulnerability scanning multiple data types
- On-premise vs. hosted - Sandboxing - Vulnerabilities associated with a
- Cloud service models - Content filtering single platform hosting multiple data
- SaaS - Cloud security broker types/owners on multiple
- IaaS - Security as a service virtual machines
- PaaS - Managed security service providers • Resources provisioning
and deprovisioning
- Virtual devices
- Data remnants
4.3 Given a scenario, integrate and troubleshoot advanced

authentication and authorization technologies to
support enterprise security objectives.
• Authentication • Identity propagation
- Certificate-based authentication • Federation
- Single sign-on - SAML
- 802.1x - OpenID
- Context-aware authentication - Shibboleth
- Push-based authentication - WAYF
• Authorization • Trust models
- OAuth - RADIUS configurations
- XACML - LDAP
- SPML - AD
• Attestation
• Identity proofing
4.4 Given a scenario, implement cryptographic techniques.

• Techniques • Implementations - Stream vs. block
- Key stretching - Crypto modules - PKI
- Hashing - Crypto processors - Wild card
- Digital signature - Cryptographic service providers - OCSP vs. CRL
- Message authentication - DRM - Issuance to entities
- Code signing - Watermarking - Key escrow
- Pseudo-random number generation - GPG - Certificate
- Perfect forward secrecy - SSL/TLS - Tokens
- Data-in-transit encryption - SSH - Stapling
- Data-in-memory/processing - S/MIME - Pinning
- Data-at-rest encryption - Cryptographic applications and - Cryptocurrency/blockchain
- Disk proper/improper implementations - Mobile device encryption
- Block - Strength considerations
- File - Performance - Elliptic curve cryptography
- Record - Feasibility to implement - P-256 vs. P-384 vs. P521
- Steganography - Interoperability
4.5 Given a scenario, select the appropriate control to secure

communications and collaboration solutions.
• Remote access - Instant messaging
- Resource and services - Presence
- Desktop and application sharing - Email
- Remote assistance - Telephony and VoIP integration
• Unified collaboration tools - Collaboration sites
- Conferencing - Social media
- Web - Cloud-based
- Video
- Audio
- Storage and document
collaboration tools
- Unified communication
5.0 Research, Development
and Collaboration
5.1 Given a scenario, apply research methods to determine
industry trends and their impact to the enterprise.
• Perform ongoing research • Research security implications
- Best practices of emerging business tools
- New technologies, security - Evolving social media platforms
systems and services - Integration within the business
- Technology evolution (e.g., RFCs, ISO) - Big Data
• Threat intelligence - AI/machine learning
- Latest attacks • Global IA industry/community
- Knowledge of current - Computer emergency
vulnerabilities and threats response team (CERT)
- Zero-day mitigation - Conventions/conferences
controls and remediation - Research consultants/vendors
- Threat model - Threat actor activities
- Emerging threat sources
5.2 Given a scenario, implement security activities

across the technology life cycle.
• Systems development life cycle - Forbidden coding techniques - Security requirements
- Requirements - NX/XN bit use traceability matrix (SRTM)
- Acquisition - ASLR use - Requirements definition
- Test and evaluation - Code quality - System design document
- Commissioning/decommissioning - Code analyzers - Testing plans
- Operational activities - Fuzzer - Validation and acceptance testing
- Monitoring - Static - Regression
- Maintenance - Dynamic - User acceptance testing
- Configuration and - Development approaches - Unit testing
change management - DevOps - Integration testing
- Asset disposal - Security implications of - Peer review
- Asset/object reuse agile, waterfall and spiral • Adapt solutions to address:
• Software development life cycle software development - Emerging threats
- Application security frameworks methodologies - Disruptive technologies
- Software assurance - Continuous integration - Security trends
- Standard libraries - Versioning • Asset management (inventory control)
- Industry-accepted approaches - Secure coding standards
- Web services security (WS-security) - Documentation
5.0 Research, Development and Collaboration
5.3 Explain the importance of interaction across diverse

business units to achieve security goals.
• Interpreting security requirements • Provide objective guidance and
and goals to communicate with impartial recommendations to staff and
stakeholders from other disciplines senior management on
- Sales staff security processes and controls
- Programmer • Establish effective collaboration within
- Database administrator teams to implement secure solutions
- Network administrator • Governance, risk and
- Management/executive management compliance committee
- Financial
- Human resources
- Emergency response team
- Facilities manager
- Physical security manager
- Legal counsel
CASP Acronyms
The following is a list of acronyms that appear on the CASP exam. Candidates
are encouraged to review the complete list and attain a working knowledge of
all listed acronyms as a part of a comprehensive exam preparation program.
ACRONYM SPELLED OUT ACRONYM SPELLED OUT

2FA Two-Factor Authentication CIA Confidentiality, Integrity and Availability
3DES Triple Digital Encryption Standard CIFS Common Internet File System
AAA Authentication, Authorization and Accounting CIRT Computer Incident Response Team
AAR After Action Report CISO Chief Information Security Officer
ACL Access Control List CLI Command Line Interface
AD Active Directory CMDB Configuration Management Database
AES Advanced Encryption Standard CMS Content Management System
AH Authentication Header COOP Continuity of Operations
AJAX Asynchronous JavaScript and XML COPE Corporate Owned, Personally Enabled
ALE Annualized Loss Expectancy COTS Commercial Off-the-Shelf
AP Access Point CRC Cyclical Redundancy Check
API Application Programming Interface CredSSP Credential Security Support Provider
APT Advanced Persistent Threat CRL Certification Revocation List
ARO Annualized Rate of Occurrence CRM Customer Resource Management
ARP Address Resolution Protocol CSP Cloud Service Provider
ASLR Address Space Layout Randomization CSP Cryptographic Service Provider
AUP Acceptable Use Policy CSRF Cross-Site Request Forgery
AV Antivirus CTR Counter Mode
B2B Business-to-Business CVE Collaborative Virtual Environment
BCP Business Continuity Planning CYOD Choose Your Own Device
BGP Border Gateway Protocol DAC Discretionary Access Control
BIA Business Impact Analysis DAM Database Activity Monitoring
BIOS Basic Input/Output System DAR Data at Rest
BPA Business Partnership Agreement DDoS Distributed Denial of Service
BPM Business Process Management DEP Data Execution Prevention
BYOD Bring Your Own Device DES Digital Encryption Standard
CA Certificate Authority DHCP Dynamic Host Configuration Protocol
CAPTCHA Completely Automated Public Turing DKIM Domain Keys Identified Mail
test to tell Computers and Humans Apart DLL Dynamic Link Library
CASB Cloud Access Security Broker DLP Data Loss Prevention
CBC Cipher Block Chaining DMZ Demilitarized Zone
CCMP Counter-Mode/CBC-Mac Protocol DNS Domain Name Service
CCTV Closed-Circuit Television DOM Document Object Model
CERT Computer Emergency Response Team DoS Denial of Service
CFB Cipher Feedback DRP Disaster Recovery Plan
CHAP Challenge Handshake Authentication Protocol DSA Digital Signature Algorithm
EAP Extensible Authentication Protocol IR Incident Response
ECB Event Control Block IRC Internet Relay Chat
ECC Elliptic Curve Cryptography IS-IS Intermediate System to Intermediate System
EDR Endpoint Detection Response ISA Interconnection Security Agreement
EFS Encrypted File System ISAC Information Sharing Analysis Center
EMI Electromagnetic Interference ISMS Information Security Management System
ERP Enterprise Resource Planning ISP Internet Service Provider
ESA Enterprise Security Architecture IV Initialization Vector
ESB Enterprise Service Bus JSON JavaScript Object Notation
ESP Encapsulated Security Payload KDC Key Distribution Center
EV Extended Validation (Certificate) KPI Key Performance Indicator
FDE Full Disk Encryption KRI Key Risk Indicator
FIM File Integrity Monitoring KVM Keyboard, Video, Mouse
FTP File Transfer Protocol LAN Local Area Network
GPG GNU Privacy Guard L2TP Layer 2 Tunneling Protocol
GPO Group Policy Object LDAP Lightweight Directory Access Protocol
GPU Graphic Processing Unit LEAP Lightweight Extensible Authentication Protocol
GRC Governance, Risk and Compliance LTE Long-Term Evolution
GRE Generic Routing Encapsulation LUN Logical Unit Number
GUI Graphical User Interface MAC Mandatory Access Control
HDD Hard Disk Drive MAC Media Access Control
HIDS Host-based Intrusion Detection System MAC Message Authentication Code
HIPS Host-based Intrusion Prevention System MAM Mobile Application Management
HMAC Hashed Message Authentication Code MAN Metropolitan Area Network
HOTP HMAC-based One-Time Password MBR Master Boot Record
HSM Hardware Security Module MD5 Message Digest 5
HSTS HTTP Strict Transport Security MDM Mobile Device Management
HVAC Heating, Ventilation and Air Conditioning MEAP Mobile Enterprise Application Platform
IaaS Infrastructure as a Service MFA Multifactor Authentication
ICMP Internet Control Message Protocol MFD Multifunction Device
ICS Industrial Control System MITM Man in the Middle
IDE Integrated Development Environment MOA Memorandum of Agreement
IdM Identity Management MOU Memorandum of Understanding
IdP Identity Provider MPLS Multiprotocol Label Switching
IDS Intrusion Detection System MSA Master Service Agreement
IETF Internet Engineering Task Force MSCHAP Microsoft Challenge Handshake
IKE Internet Key Exchange Authentication Protocol
IM Instant Messaging MSS Managed Security Service
IMAP Internet Message Access Protocol MSSP Managed Security Service Provider
INE Inline Network Encryptor MTA Message Transfer Agent
IOC Indicator of Compromise MTBF Mean Time Between Failure
IoT Internet of Things MTD Maximum Tolerable Downtime
IP Internet Protocol MTP Media Transfer Protocol
IPMI Internet Protocol Multicast Initiative MTTR Mean Time to Recovery
IPS Intrusion Prevention Systems MTU Maximum Transmission Unit
IPSec Internet Protocol Security NAC Network Access Control
NAS Network Attached Storage QoS Quality of Service
NAT Network Address Translation R&D Research and Development
NDA Non-Disclosure Agreement RA Recovery Agent
NFC Near Field Communication RA Registration Authority
NFS Network File System RADIUS Remote Authentication Dial-in User Server
NGFW Next Generation Firewall RAID Redundant Array of Inexpensive/Independent Disks
NIDS Network Intrusion Detection System RAS Remote Access Server
NIPS Network Intrusion Prevention System RBAC Role-Based Access Control
NIST National Institute of Standards and Technology RBAC Rule-Based Access Control
NLA Network-Level Authentication RDP Remote Desktop Protocol
NOS Network Operating System REST Representational State Transfer
NSP Network Service Provider RFC Request for Comments
NTFS New Technology File System RFI Request for Information
NTLM New Technology LAN Manager RFID Radio Frequency Identification
NTP Network Time Protocol RFP Request for Proposal
OCSP Online Certificate Status Protocol RFQ Request for Quote
OLA Operating-Level Agreement ROI Return on Investment
OOB Out-of-Band RPO Recovery Point Objective
OS Operating System RSA Rivest, Shamir and Adleman
OSI Open Systems Interconnection RTBH Remotely Triggered Black Hole
OSPF Open Shortest Path First RTO Recovery Time Objective
OTP One-Time Password RTP Real-time Transport Protocol
OVAL Open Vulnerability Assessment Language S/MIME Secure/Multipurpose Internet Mail Extensions
OWASP Open Web Application Security Project SaaS Software as a Service
P2P Peer-to-Peer SAML Security Assertions Markup Language
PaaS Platform as a Service SAN Subject Alternative Name
PAP Password Authentication Protocol SAN Storage Area Network
PAT Port Address Translation SAS Statement on Auditing Standards
PBKDF2 Password-Based Key Derivation Function 2 SATCOM Satellite Communications
PBX Private Branch Exchange SCADA Supervisory Control and Data Acquisition
PCI-DSS Payment Card Industry Data Security Standard SCAP Security Content Automation Protocol
PDP Policy Distribution Point SCEP Simple Certificate Enrollment Protocol
PEAP Protected Extensible Authentication Protocol SCP Secure Copy
PEP Policy Enforcement Point SCSI Small Computer System Interface
PFS Perfect Forward Secrecy SDL Security Development Life Cycle
PGP Pretty Good Privacy SDLC Software Development Life Cycle
PII Personal Identifiable Information SED Self-Encrypting Drive
PIP Policy Information Point SELinux Security Enhanced Linux
PIR Post Incident Report SFTP Secure File Transfer Protocol
PKI Public Key Infrastructure SHA Secure Hashing Algorithm
PLC Programmable Logic Controller SIEM Security Information Event Management
POC Proof of Concept SIM Subscriber Identity Module
POTS Plain Old Telephone Service SIP Session Initiation Protocol
PPP Point-to-Point Protocol SLA Service-Level Agreement
PPTP Point-to-Point Tunneling Protocol SLE Single Loss Expectancy
PSK Pre-Shared Key SMB Server Message Block
QA Quality Assurance SMS Short Message Service
SMTP Simple Mail Transfer Protocol VM Virtual Machine
SNAT Source Network Address Translation VMFS VMware File System
SNMP Simple Network Management Protocol VNC Virtual Network Connection
SOA Service-Oriented Architecture VoIP Voice over IP
SOA Start of Authority VPN Virtual Private Network
SOA Statement of Applicability VRRP Virtual Router Redundancy Protocol
SOAP Simple Object Access Protocol vSAN Virtual Storage Area Network
SOC Security Operations Center VTC Video Teleconferencing
SOC Service Organization Controls vTPM Virtual Trusted Platform Module
SOE Standard Operating Environment WAF Web Application Firewall
SOP Standard Operating Procedure WAP Wireless Access Point
SOW Statement of Work WAYF Where Are You From
SOX Sarbanes-Oxley Act of 2002 WEP Wired Equivalent Privacy
SP Service Provider WIDS Wireless Intrusion Detection System
SPIM Spam over Internet Messaging WIPS Wireless Intrusion Prevention System
SPML Service Provisioning Markup Language WMI Windows Management Interface
SRTM Security Requirements Traceability Matrix WPA Wireless Protected Access
SRTP Secure Real-Time Protocol WRT Work Recovery Time
SRV Service Records WSDL Web Services Description Language
SSD Solid State Drive XACML eXtensible Access Control Markup Language
SSDLC Security System Development Life Cycle XHR XMLHttpRequest
SSH Secure Shell XMPP eXtensible Messaging and Presence Protocol
SSID Service Set Identifier XSS Cross-Site Scripting
SSL Secure Sockets Layer
SSO Single Sign-On
SSP Storage Service Provider
TACACS Terminal Access Controller Access Control System
TCO Total Cost of Ownership
TCP/IP Transmission Control Protocol/Internet Protocol
TKIP Temporal Key Integrity Protocol
TLS Transport Layer Security
TOC/TOU Time of Check/Time of Use
TOS Type of Service
TOTP Time-based One-Time Password
TPM Trusted Platform Module
TSIG Transaction Signature Interoperability Group
TTR Time to Restore
UAC User Access Control
UAT User Acceptance Testing
UDP User Datagram Protocol
UEFI Unified Extensible Firmware Interface
UPS Uninterruptable Power Supply
URL Universal Resource Locator
USB Universal Serial Bus
UTM Unified Threat Management
VDI Virtual Desktop Infrastructure
VLAN Virtual Local Area Network
CASP Proposed Hardware and Software List
Candidates should have basic knowledge of vendor-specific tools and technologies,

as this knowledge may be required for the CASP certification exam. CompTIA
has included this sample list of hardware and software to assist candidates
as they prepare for the CASP exam. This list may also be helpful for training
companies that wish to create a lab component for their training offering.
EQUIPMENT TOOLS
• Laptops • Spectrum analyzer
• Basic server hardware (email server/ • Antennas
Active Directory server, trusted OS) • RF hacking hardware/SDR
• Tokens
• Mobile devices (Android and iOS) SOFTWARE
• Switches (managed switch) - IPv6 capable • Virtualized appliances
• Router – IPv6 capable (wired/wireless) (firewall, IPS, SIEM solution, RSA
• Gateway authentication, Asterisk PBX)
• Firewall • Windows
• VoIP • Linux distros
• Proxy server • VMWare player/virtual box
• Load balancer • Vulnerability assessment tools
• NIPS • SSH and Telnet utilities
• HSM • Threat modeling tool
• Access points • Host IPS
• Crypto-cards • Helix software
• Smart cards • Kali and all Kali toolsets
• Smart card reader • Remediation software
• Biometric devices • GNS and associated firmware
• Arduino/Raspberry Pi • Log analysis tools
•SCADA device
OTHER
SPARE HARDWARE • Sample logs
• Keyboards • Sample network traffic (packet capture)
• Cables • Sample organizational structure
• NICs • Sample network documentation
• Power supplies • Broadband Internet connection
• External USB flash drives • 3G/4G and/or hotspot
• Computer and mobile peripheral devices
© 2017 CompTIA Properties, LLC, used under license by CompTIA Certifications, LLC. All rights reserved. All certification programs and education related to such
programs are operated exclusively by CompTIA Certifications, LLC. CompTIA is a registered trademark of CompTIA Properties, LLC in the U.S. and internationally.
Other brands and company names mentioned herein may be trademarks or service marks of CompTIA Properties, LLC or of their respective owners. Reproduc-
tion or dissemination prohibited without written consent of CompTIA Properties, LLC. Printed in the U.S. 03873-Jun2017

Comptia Casp Cas 003 Exam Objectives PDF

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Comptia Casp Cas 003 Exam Objectives PDF

Uploaded by

Copyright:

Available Formats

CompTIA Advanced

CompTIA AUTHORIZED MATERIALS USE POLICY

EXAM OBJECTIVES (DOMAINS)

DOMAIN PERCENTAGE OF EXAMINATION

1.0 Risk Management 19%

1.2 Compare and contrast security, privacy policies and

1.3 Given a scenario, execute risk mitigation strategies and controls.

1.4 Analyze risk metric scenarios to secure the enterprise.

2.2 Analyze a scenario to integrate security controls for

2.3 Analyze a scenario to integrate security controls for mobile and

2.4 Given software vulnerability scenarios, select

3.2 Analyze a scenario or output, and select the

3.3 Given a scenario, implement incident response and recovery procedures.

• E-discovery • Incident response support tools

4.2 Given a scenario, integrate cloud and virtualization

4.3 Given a scenario, integrate and troubleshoot advanced

4.4 Given a scenario, implement cryptographic techniques.

4.5 Given a scenario, select the appropriate control to secure

5.2 Given a scenario, implement security activities

5.3 Explain the importance of interaction across diverse

ACRONYM SPELLED OUT ACRONYM SPELLED OUT

Candidates should have basic knowledge of vendor-specific tools and technologies,

You might also like