Study for domain 2 of the CompTIA Advanced Security Practitioner (CASP+) certification exam: building a secure enterprise network.
Overview
Syllabus
Introduction
- Enterprise security architecture
- What you should know
- About the exam
- Network design
- Switches
- Routers
- Importance of ports
- Proxy
- Firewalls
- Web application firewalls (WAF) and next-generation firewalls (NGFW)
- Firewall architecture
- Wireless controllers
- Virtual desktop infrastructure
- Remote access
- Transport encryption
- Basic network authentication methods
- Multifactor authentication factors
- 802.1x authentication standard
- IPv6 and transitional technologies
- Mesh networks
- Unified threat management (UTM)
- NIDS and NIPS
- SIEM
- Hardware security modules (HSM)
- In-line network encryptor (INE)
- Vulnerability scanners
- Database activity monitors
- Security solutions in the architecture
- Network flow, packet analysis, and break and inspect
- ACLs and rule sets
- Change monitoring
- Availability controls
- RAIDS and SANs
- Software-defined networking
- Cloud-managed networks
- Network management and monitoring
- Trunking security
- Port security
- Route protection
- DDoS protection
- Remotely triggered black holes
- Security zones
- Network access control
- Network-enabled devices
- Critical infrastructure
- Securing host devices
- Trusted operating system
- Anti-malware
- Host-based firewall
- HIDS and HIPS
- Data loss prevention
- Log monitoring
- Endpoint detection response
- What is host hardening?
- Patch management
- Baselining configuration
- Application whitelisting and blacklisting
- Group policies
- Command line restrictions
- Configuring dedicated interfaces
- Restricting peripherals
- File and disk encryption
- Boot loader protections
- Cloud-augmented security
- Security through virtualization
- Hardware vulnerabilities in virtualization
- Terminal services and application delivery services
- Mobile and small form factor device security
- Enterprise mobility management
- BYOD vs. COPE
- Application security for mobile devices
- Over-the-air updates
- Remote assistance
- Remote access
- Authentication
- Context-aware security measures
- Privacy concerns
- Mobile payment
- Tethering
- Wearable technology
- Security implications of wearable technology
- Application security design
- Application specific issues
- More application specific issues
- Database activity monitoring (DAM) and web application firewalls (WAF)
- Client and server-side processing
- Next steps
Taught by
Jason Dion