CompTIA® Advanced Security Practitioner (CASP) study guide mind map

1. Cryptography

1.1. @Domain 1.1 - CASP® Exam Relevance

1.1.1. 1.1 Distinguish which cryptographic tools and techniques are appropriate for a given situation.

1.2. Asymmetric Encryption

1.2.1. Diffie Hellman

1.2.2. El Gamal

1.2.3. Elliptic Curve Cryptography

1.2.4. Merkle–Hellman Knapsack

1.2.5. RSA

1.3. Authenticity

1.4. Cipher Text

1.5. Code signing

1.6. Confidentiality

1.7. Cryptanalysis

1.8. Cryptographic Key

1.9. Cryptographic Solutions

1.9.1. Application Layer Encryption (examples)

1.9.1.1. Secure Shell (SSH)

1.9.1.2. Pretty Good Privacy (PGP)

1.9.1.3. Secure Hypertext Transfer Protocol (S-HTTP)

1.9.2. Transport Layer Encryption

1.9.2.1. Secure Sockets Layer (SSL)

1.9.2.2. Transport Layer Security (TLS)

1.9.2.3. Wireless Transport Layer Security (WTLS)

1.9.3. Internet Layer Controls

1.9.3.1. Encapsulated Secure Payload (ESP)

1.9.3.2. Authentication Header (AH)

1.9.3.3. Security Association (SA)

1.9.3.4. Transport and Tunnel Mode

1.9.4. Physical Layer Controls

1.9.4.1. Password Authentication Protocol (PAP)

1.9.4.2. Challenge Handshake Authentication Protocol (CHAP)

1.9.4.3. Point-to-Point Tunneling Protocol (PPTP)

1.9.4.4. Layer 2 Tunneling Protocol (L2TP)

1.10. Digital Signatures

1.10.1. @What is it?

1.10.1.1. Used to provide integrity, authenticity and non-repudiation.

1.11. Encryption

1.12. Hash collision

1.12.1. Issue when has function generates the same output for two or more different inputs.

1.13. Hash function

1.13.1. aka. "One-way function"

1.14. Hashing

1.14.1. @What is it?

1.14.1.1. aka. "digital fingerprints"

1.14.2. HAVAL

1.14.3. Hashed Message Authentication Code (HMAC)

1.14.4. MD (series)

1.14.5. Message Authentication Code (MAC)

1.14.6. Secure Hash Algorithm (SHA)

1.14.6.1. SHA-0

1.14.6.2. SHA-1

1.14.6.3. SHA-2

1.15. Hybrid Encryption

1.16. Integrity

1.17. Non-repudiation

1.18. Nounces

1.19. Plain Text

1.20. Public Key Infrastructure (PKI)

1.20.1. Certificate Authority (CA)

1.20.2. Registration Authority (RA)

1.20.3. Certificate Revocation List (CRL)

1.20.4. Digital Certificates

1.21. Random numbers

1.21.1. Entropy

1.21.2. Pseudo Random Number Generation (PRNG)

1.21.2.1. @What is it?

1.21.2.1.1. Algorithms that can produce random numbers based on an initial state, called the seed state.

1.22. Symmetric Encryption (Private-key cryptography)

1.22.1. 2 types of ciphers

1.22.1.1. Ciphers in general share the following properties

1.22.1.1.1. Substitution

1.22.1.1.2. Transposition

1.22.1.1.3. Confusion

1.22.1.1.4. Diffusion

1.22.1.2. Block Ciphers

1.22.1.2.1. @What is it?

1.22.1.2.2. Advanced Encryption Standard (AES)

1.22.1.2.3. Blowfish

1.22.1.2.4. Carlisle Adams/Stafford Tavares (CAST)

1.22.1.2.5. Counter mode (CTR)

1.22.1.2.6. Data Encryption Standard (DES)

1.22.1.2.7. Electronic Codebook (ECB)

1.22.1.2.8. Initialization Vectors (IV)

1.22.1.2.9. International Data Encryption Algorithm (IDEA)

1.22.1.2.10. Rijndael

1.22.1.2.11. Secure and Fast Encryption Routine (SAFER)

1.22.1.2.12. Skipjack

1.22.1.2.13. Triple DES (3DES)

1.22.1.2.14. Twofish

1.22.1.2.15. XTS

1.22.1.3. Stream Ciphers

1.22.1.3.1. What is it?

1.22.1.3.2. Rivest Cipher (algorithms)

1.22.1.3.3. indirection, shift, accumulate, add, and count (ISAAC)

2. Interactive Acronyms

2.1. Interactive CASP Acronyms

2.2. download CASP Acronyms

3. Exam domains

3.1. Domain 1.0: Enterprise Security

3.1.1. 1.1 Distinguish which cryptographic tools and techniques are appropriate for a given situation.

3.1.2. 1.2 Distinguish and select among different types of virtualized, distributed and shared computing

3.1.3. 1.3 Explain the security implications of enterprise storage

3.1.4. 1.4 Integrate hosts, networks, infrastructures, applications and storage into secure comprehensive solutions

3.1.5. 1.5 Distinguish among security controls for hosts

3.1.6. 1.6 Explain the importance of application security

3.1.7. 1.7 Given a scenario, distinguish and select the method or tool that is appropriate to conduct an assessment

3.2. Domain 2.0: Risk Management, Policy and Procedure, and Legal

3.2.1. 2.1 Analyze the security risk implications associated with business decisions

3.2.2. 2.2 Execute and implement risk mitigation strategies and controls

3.2.3. 2.3 Explain the importance of preparing for and supporting the incident response and recovery process

3.2.4. 2.4 Implement security and privacy policies and procedures based on organizational requirements

3.3. Domain 3.0: Research and Analysis

3.3.1. 3.1 Analyze industry trends and outline potential impact to the enterprise

3.3.2. 3.2 Carry out relevant analysis for the purpose of securing the enterprise

3.4. Domain 4.0: Integration of Computing, Communications, and Business Disciplines

3.4.1. 4.1 Integrate enterprise disciplines to achieve secure solutions

3.4.2. 4.2 Explain the security impact of inter-organizational change

3.4.3. 4.3 Select and distinguish the appropriate security controls with regard to communications and collaboration

4. Security Solutions

4.1. Domain 1.4 - CASP® Exam Relevance

4.1.1. 1.4 Integrate hosts, networks, infrastructures, applications and storage into secure comprehensive solutions

4.2. Advanced Network Design

4.2.1. SCADA

4.2.2. Remote Access

4.2.3. VoIP

4.2.4. TCP/IP

4.2.4.1. Network Interface Layer

4.2.4.2. Internet Layer

4.2.4.3. Transport Layer

4.2.4.4. Application Layer

4.3. Secure Communication Solutions

4.4. Secure Facility Solutions

4.5. Secure Network Infrastructure Solutions

5. Virtualization

5.1. Domain 1.4 - CASP® Exam Relevance

5.1.1. 1.2 Distinguish and select among different types of virtualized, distributed and shared computing

5.1.2. 1.3 Explain the security implications of enterprise storage

5.2. Enterprise Security

5.2.1. Holistic view of security

5.2.2. Implementing enterprise security accomplishes the following

5.2.2.1. Demonstrates due care

5.2.2.2. Helps provide assurance of policy compliance

5.2.2.3. Lowers risks to acceptable levels

5.2.2.4. Helps optimize allocation of scarce security resources

5.2.2.5. Improves trust in the governance system

5.2.2.6. May lead to a better organization reputation

5.2.2.7. Helps establish accountability

5.3. Cloud Computing

5.3.1. Cloud Computing Models

5.3.1.1. Backup as a Service (BaaS)

5.3.1.2. Database as a Service (DaaS)

5.3.1.3. Desktop as a Service (DaaS)

5.3.1.4. Hardware as a Service (HaaS)

5.3.1.5. Identity as a Service (IaaS)

5.3.1.6. Infrastructure-as-a-Service (IaaS)

5.3.1.7. Monitoring-as-a-Service (MaaS)

5.3.1.8. Platform-as-a-Service (PaaS)

5.3.1.9. Software-as-a-Service (SaaS)

5.3.1.10. Storage as a Service (SaaS)

5.3.2. Cloud Computing Security

5.3.3. Cloud Computing Providers (selected)

5.3.3.1. Amazon

5.3.3.2. Citrix

5.3.3.3. CohesiveFT

5.3.3.4. FlexScale

5.3.3.5. Google

5.3.3.6. IBM

5.3.3.7. iCloud

5.3.3.8. Joyent

5.3.3.9. Microsoft

5.3.3.10. MozyHome

5.3.3.11. Nivanix

5.3.3.12. Rackspace

5.3.3.13. Salesforce.com

5.3.3.14. Sun

5.3.3.15. VMware

5.3.3.16. 3tera

5.3.4. Cloud Computing Vulnerabilities

5.3.5. Benefits of Cloud Computing

5.3.5.1. Reduces Cost

5.3.5.2. Increases Storage

5.3.5.3. Provides High Degree of Automation

5.3.5.4. Offers Flexibility

5.3.5.5. Provides More Mobility

5.3.5.6. Allows the Company’s IT Department to Shift Focus

5.4. Virtualization

5.4.1. Virtual LANs

5.5. Enterprise Storage

6. Host Security

6.1. Domain 1.5 - CASP® Exam Relevance

6.1.1. 1.5 Distinguish among security controls for hosts

6.2. Anti-malware

6.2.1. Antivirus

6.2.2. Anti-spyware

6.2.3. Spam Filters

6.3. Asset Management

6.4. Data Exfiltration

6.5. Endpoint Security Software

6.6. Firewalls and Access Control Lists (ACLs)

6.7. Host-Based Firewalls

6.8. Intrusion Detection and Prevention Systems (IDS and IPS)

6.9. OS Hardening

6.10. Trusted Operating System

7. Application Security (AppSec) and Penetration Testing (PenTest)

7.1. Domain 1.6 - CASP® Exam Relevance

7.1.1. 1.6 Explain the importance of application security

7.1.2. 1.7 Given a scenario, distinguish and select the method or tool that is appropriate to conduct an assessment

7.2. Application Security

7.3. Specific Application Issues

7.3.1. Cross-Site Scripting (XSS)

7.3.2. Clickjacking

7.3.3. Session Management

7.3.4. Input Validation

7.3.5. SQL Injection

7.3.6. Application Sandboxing

7.4. Application Security Framework

7.5. Standard Libraries

7.6. Secure Coding Standards

7.7. Application Exploits

7.8. Escalation of Privilege

7.8.1. Vertical Privilege Escalation

7.8.2. Horizontal Privilege Escalation

7.9. Improper Storage of Sensitive Data

7.10. Cookie Storage and Transmission

7.11. Process Handling at the Client and Server

7.11.1. Asynchronous JavaScript and XML (Ajax)

7.11.2. JavaScript

7.11.3. Buffer overflow

7.11.4. Memory leaks

7.11.5. Integer overflow

7.11.6. Race conditions (TOC/TOU)

7.11.7. Resource exhaustion

7.12. Security Assessments and Penetration Testing

7.12.1. Test Methods

7.12.1.1. Security Audit

7.12.1.2. Vulnerability Assessments

7.12.1.3. Penetration Testing

7.13. Penetration Testing Steps

7.13.1. 1. Reconnaissance

7.13.2. 2. Scanning

7.13.3. 3. Gaining access

7.13.4. 4. Escalation of privilege

7.13.5. 5. Maintaining access

7.13.6. 6. Covering, clearing tracks

7.13.7. 7. Determine recommendations

7.13.8. 8. Writing a report and presenting findings

7.14. Assessment Types

7.14.1. Black Box Testing

7.14.2. White Box Testing

7.14.3. Gray Box Testing

7.15. Assessment Areas

7.15.1. Denial of Service (DoS)

7.15.2. Wireless Networks

7.15.3. Telephony

7.15.4. Application and Security Code Review

7.15.5. Social Engineering Testing

7.15.6. Physical Testing

7.16. Security Assessment and Penetration Test Tools

7.16.1. Footprinting tools

7.16.2. Port scanning tools

7.16.3. Fingerprinting tools

7.16.4. Vulnerability scanning tools

7.16.4.1. software

7.16.4.1.1. LANguard

7.16.4.1.2. Nessus

7.16.4.1.3. Open Vulnerability Assessment System (OpenVAS)

7.16.4.1.4. Retina

7.16.4.1.5. SAINT

7.16.4.1.6. Shadow Security Scanner

7.16.5. Network enumeration tools

7.16.5.1. OS Fingerprinting Tools

7.16.5.2. Simple Network Management Protocol (SNMP) Queries

7.16.5.3. Port Scanners

7.16.5.4. Classic the OS’s Command Line

7.16.6. Protocol analyzer tools

7.16.7. Password cracking tools

7.16.7.1. software

7.16.7.1.1. Cain

7.16.7.1.2. John the Ripper

7.16.7.1.3. L0phtcrack

7.16.7.1.4. Ophcrack

7.16.7.2. Dictionary Password Cracking

7.16.7.3. Hybrid Password Cracking

7.16.7.4. Brute-Force Password Cracking

7.16.8. Fuzzing and false injection tools

7.16.8.1. software

7.16.8.1.1. SPIKE

7.16.8.1.2. SPIKEFile

7.16.8.1.3. WebFuzzer

7.16.8.1.4. eFuzz

7.16.8.1.5. Mangle

7.16.8.1.6. Tag Brute Forcer

7.16.8.1.7. IP Stack Integrity & Stability Checker (ISIC)

7.16.9. Wireless tools

7.16.10. HTTP interceptors

7.16.11. Exploit framework and attack tools

8. This freeware, non-commercial mind map was carefully hand crafted with passion and love for learning and constant improvement as well for promotion the CASP® certification and as a learning tool for candidates wanting to gain CASP® qualification. (please share, like and give feedback - your feedback and comments are my main motivation for further elaboration. THX!)

8.1. Questions / issues / errors? What do you think about my work? Your comments are highly appreciated. Please don't hesitate to contact me for :-) Mirosław Dąbrowski, Poland/Warsaw.

8.1.1. http://www.linkedin.com/in/miroslawdabrowski

8.1.2. https://www.google.com/+MiroslawDabrowski

8.1.3. https://play.spotify.com/user/miroslawdabrowski/

8.1.4. http://www.miroslawdabrowski.com

8.1.5. https://twitter.com/mirodabrowski

8.1.6. miroslaw_dabrowski