CASP+ Practice Tests. Nadean H. Tanner
Читать онлайн книгу.for damages arising herefrom. The fact that an organization or Web site is referred to in this work as a citation and/or a potential source of further information does not mean that the author or the publisher endorses the information the organization or Web site may provide or recommendations it may make. Further, readers should be aware that Internet Web sites listed in this work may have changed or disappeared between when this work was written and when it is read.
For general information on our other products and services or to obtain technical support, please contact our Customer Care Department within the U.S. at (877) 762-2974, outside the U.S. at (317) 572-3993 or fax (317) 572-4002.
Wiley publishes in a variety of print and electronic formats and by print-on-demand. Some material included with standard print versions of this book may not be included in e-books or in print-on-demand. If this book refers to media such as a CD or DVD that is not included in the version you purchased, you may download this material at http://booksupport.wiley.com. For more information about Wiley products, visit www.wiley.com.
Library of Congress Control Number: 2020938995
TRADEMARKS: Wiley, the Wiley logo, and the Sybex logo are trademarks or registered trademarks of John Wiley & Sons, Inc. and/or its affiliates, in the United States and other countries, and may not be used without written permission. All other trademarks are the property of their respective owners. John Wiley & Sons, Inc. is not associated with any product or vendor mentioned in this book.
6b 65 6e 6e 65 74 68 2c 20 69 20 6c 6f 76 65 20 79 6f 75 21
Acknowledgments
To Kenneth, thank you for all the love and question suggestions and for cooking dinner when I had a deadline.
To Shelby and Gavin, thank you for your patience and encouragement and for eating the dinners Daddy cooked.
To Kenyon Brown for making the ask, to Jan Lynn for keeping me on task, and to my dearest friend, Ryan Hendricks, for making sure I was right. I couldn't have done this without such talent and dedication.
And, to those of you taking the CASP+ exam, whether you volunteered or were voluntold—this book is for you. Best of luck, you got this!
About the Author
Nadean Hutto Tanner is the senior manager of Technical Education Strategy for Puppet software. Prior to Puppet, she was the lead instructor at Rapid7 teaching Nexpose, incident detection and response, and Metasploit. For more than 20 years, she has worked in academia as the IT director at a private school and a technology instructor at the university level. Tanner holds many industry certifications including the following:
ISC2: CISSP
CompTIA: A+, Network+, Security+, Server+, CTT+, CIOS, CNIP, CSIS, CASP+
ITIL: ITILv3
Microsoft: MCTS, MCITP, MCSA, MCT, MCP, MOS
Rapid7: IICS, IVMCA, MPCS, NACA, NCP
Tanner has trained and consulted for Fortune 50 companies in cybersecurity and security awareness, and has received hands-on experience working for the Department of Defense.
She is the author of the Cybersecurity Blue Team Toolkit, published by Wiley in 2019.
About the Technical Editor
Ryan Hendricks (CISSP, CEH, CASP+, Security+) has more than 15 years of cybersecurity and intelligence experience. His first venture was working on intelligence operations for the U.S. Navy; he continued in the government and private sectors as an educator, facilitator, consultant, and advisor for a multitude of information technology and cybersecurity principals.
Hendricks holds many certifications covering hardware, networking, operating systems, and cybersecurity. He worked as a trainer for the U.S. Department of Defense, educating hundreds of students on everything from military communication systems to the CompTIA CASP+ and (ISC)2 CISSP certifications.
Hendricks currently supports all technical product training operations at VMware Carbon Black, including creating content, developing labs, updating materials, piloting and expanding the certification programs, mentoring and managing the training team, and educating anyone who is willing to learn. When not working, he tries to balance spending his time learning new security tools and attack techniques to feed his need for knowledge and playing video games with his kids.
Introduction
CompTIA CASP+ (CompTIA Advanced Security Practitioner) Practice Tests is a companion volume to CompTIA CASP+ (CompTIA Advanced Security Practitioner) Study Guide (Wiley, 2019, Parker/Gregg). If you're looking to test your knowledge before you take the CASP+ exam, this book will help you by providing a combination of 1,000 questions that cover the five CASP+ domains and by including easy-to-understand explanations of both right and wrong answers.
If you're just starting to prepare for the CASP+ exam, we highly recommend that you use CompTIA Advanced Security Practitioner+ (CASP+) Study Guide to help you learn about each of the domains covered by the CASP+ exam. Once you're ready to test your knowledge, use this book to help find places where you might need to study more or to practice for the exam itself.
Because this is a companion to CASP+ Study Guide, this book is designed to be similar to taking the CASP+ exam. It contains multi-part scenarios as well as standard multiple-choice questions similar to those you may encounter on the certification exam.
CompTIA
CompTIA is a nonprofit trade organization that offers certification in a variety of IT areas, ranging from the skills that a PC support technician needs, which are covered on the A+ exam, to advanced skills like the CompTIA Advanced Security Practitioner (CASP+) certification. CompTIA divides its exams into four categories based on the skill level required for the exam and the topics it covers, as shown here:
Infrastructure | Core | Cybersecurity | Additional Professional |
Cloud+ Linux+ Server+ | ITF+ A+ Network+ Security+ | CySA+ PenTest+CASP+ | CTT+ Cloud Essentials+ Project+ |
As you can see, the CompTIA Advanced Security Practitioner+ certification fits into the Cybersecurity category, which is the same place you'll find the popular A+, Network+, and Security+ credentials. The CompTIA Advanced Security Practitioner+ exam is a more advanced exam, intended for professionals with 10 years of hands-on experience who possess the knowledge covered by all of the prior exams.
CompTIA certifications are ISO and ANSI accredited, and they are used throughout multiple industries as a measure of technical skill and knowledge. In addition, CompTIA certifications, including the Security+ and the CASP+, have been approved by the U.S. government as information assurance baseline certifications and are included in the State Department's Skills Incentive Program.
The CompTIA Advanced Security Practitioner+ Exam
The CompTIA Advanced Security Practitioner+ exam, which CompTIA refers to as the CASP+, is designed to be a vendor-neutral certification for cybersecurity, threat, and