- Tapa blanda: 624 páginas
- Editor: Sybex Inc.,U.S.; Edición: 1 (23 de diciembre de 2014)
- Idioma: Inglés
- ISBN-10: 1118930843
- ISBN-13: 978-1118930847
- Valoración media de los clientes: Sé el primero en opinar sobre este producto
- Clasificación en los más vendidos de Amazon: nº437.985 en Libros en idiomas extranjeros (Ver el Top 100 en Libros en idiomas extranjeros)
- Ver el Índice completo
CASP CompTIA Advanced Security Practitioner Study Guide: Exam CAS-002 (Inglés) Tapa blanda – 23 dic 2014
|Nuevo desde||Usado desde|
Hay una nueva edición de este producto:
Los clientes que compraron este producto también compraron
Descripción del producto
Reseña del editor
CompTIA-approved, best-selling prep for CompTIA's Advanced Security Practitioner certification, updated for the CAS-002 exam CASP: CompTIA Advanced Security Practitioner Study Guide: CAS-002 is the updated edition of the bestselling book covering the CASP certification exam. CompTIA approved, this guide covers all of the CASP exam objectives with clear, concise, thorough information on crucial security topics. With practical examples and insights drawn from real-world experience, the book is a comprehensive study resource with authoritative coverage of key concepts. Exam highlights, end-of-chapter reviews, and a searchable glossary help with information retention, and cutting-edge exam prep software offers electronic flashcards and hundreds of bonus practice questions. Additional hands-on lab exercises mimic the exam's focus on practical application, providing extra opportunities for readers to test their skills. CASP is a DoD 8570.1-recognized security certification that validates the skillset of advanced-level IT security professionals. The exam measures the technical knowledge and skills required to conceptualize, design, and engineer secure solutions across complex enterprise environments, as well as the ability to think critically and apply good judgment across a broad spectrum of security disciplines. This study guide helps CASP candidates thoroughly prepare for the exam, providing the opportunity to: Master risk management and incident response Sharpen research and analysis skills Integrate computing with communications and business Review enterprise management and technical component integration Experts predict a 45-fold increase in digital data by 2020, with one-third of all information passing through the cloud. Data has never been so vulnerable, and the demand for certified security professionals is increasing quickly. The CASP proves an IT professional's skills, but getting that certification requires thorough preparation. This CASP study guide provides the information and practice that eliminate surprises on exam day. Also available as a set, Security Practitoner & Crypotography Set, 9781119071549 with Applied Cryptography: Protocols, Algorithms, and Source Code in C, 2nd Edition.
Includes Real-World Scenarios, Hands-On Exercises, and Access to Exam Prep Software Featuring:
+ Practice Test Environment
+ Hundreds of Practice Questions
+ Electronic Flashcards
+ Hands-On Exercises
Bestselling CASP prep with hands-on labs
With practical examples and insights drawn from the real-world experience of an industry expert, this book covers all of the CASP exam objectives with clear, concise information on crucial security topics, including risk management and incident response; research and analysis; enterprise management; technical component integration; the integration of computing, communications, and business; and more. CompTIA approved, this essential guide provides hands-on practice, electronic study tools, and other valuable features including:
Full coverage of all exam objectives in a systematic approach, so you can be confident youre getting the instruction you need for the exam
Practical written labs to reinforce critical skills
Real-world scenarios that put what youve learned in the context of actual job roles
Challenging review questions in each chapter to prepare you for exam day
Exam Essentials, a key feature in each chapter that identifies critical areas you must become proficient in before taking the exam
A handy section that maps every official exam objective to the corresponding chapter in the book so you can track your exam prep objective by objective
A coupon that saves you 10% on CompTIA exam vouchers
Sybex Exam Prep Tools
A full set of test prep tools is available to help you prepare for the exam. Go to www.sybex.com/go/casp2e and select the Downloads tab for access to:
- Chapter review questions
- Two full-length practice exams
- Over 150 electronic flashcards
- Glossary of key terms
Includes coverage of all exam objectives, including these key topics:
- Enterprise management
- Risk management and incident response
- Research and analysis
- Integration of computing, communications and business disciplines
- Technical integration of enterprise components
No es necesario ningún dispositivo Kindle. Descárgate una de las apps de Kindle gratuitas para comenzar a leer libros Kindle en tu smartphone, tablet u ordenador.
Obtén la app gratuita:
Detalles del producto
Si eres el vendedor de este producto, ¿te gustaría sugerir ciertos cambios a través del servicio de atención al vendedor?
Opiniones de clientes
|5 estrellas (0%)|
|4 estrellas (0%)|
|3 estrellas (0%)|
|2 estrellas (0%)|
|1 estrella (0%)|
Opiniones de clientes más útiles en Amazon.com
Update: Failed the exam. This book didn't even cover many topics and did not deliver the depth needed. I have started reading the one by Robin Abernathy and so far it covers the material much better and looks like it covers all of the information needed.
Personally, I enjoyed using this study guide. It's an easy read, unlike many (if not most) study guides I've read. The author includes links to other sources for more in-depth coverage. He also recommends that candidates make use of simulators to prepare for the performance-based questions that make up the majority of the exam. There are a few subjects that I feel could have used more coverage. Also, he frequently introduces acronyms without a prior definition, which left me searching through the material I just read trying to find the meaning (minus 1 star).
I used the book along with a video course and a network simulator to prepare. I was studying for several other CompTIA certifications at the same time, plus I reviewed my Net+ and Security+, which helped a lot.
This book is poorly written and edited. Many sections have no flow and read like a series of facts that are thrown next to each other without context, which makes for a terrible learning experience. For example, you learn that VoIP uses SIP, RTP, and H.323, but the author doesn't tell you HOW they're used or what those protocols do. The depth isn't there, which is frustrating because the author often repeats the same basics in separate chapters, with neither passage offering the necessary context and detail to make repeating it worthwhile. And there's material that's missing that you will probably see on the test. Directory traversals, for example, aren't mentioned. Stateful inspection firewalls... no description to be found. Where is the emphasis on VPNs in securely connecting remote sites? It's a huge cybersecurity topic that is not given its due here. Too often the graphics don't sync with the descriptions, which are unclear in and of themselves. This gave me an awful lot of trouble in chapter 2 as I was learning about dual-homed gateways and subnets and so forth.
What do I mean by poorly edited? The way the information in the Sybex CASP book is organized and presented makes for laborious reading and frustrating study. If you're green, like me, you need to divide all this information into conceptual categories from the get-go. Everything about Active Directory, Kerberos, and LDAP belongs in one section, not a little bit about each one spread out over 400 pages. IaaS, PaaS, and SaaS should be presented in order of largest to smallest (or smallest to largest), but they're presented out of order, and without due consideration for each solution's security responsibilities of the cloud service provider contra customer. I read the Sybex Sexurity+ book, and the cryptography chapter in the CASP book may as well have been a copy and paste job. It would at least save you time if the publisher pruned out the redundancies and said as a foreword, "this book builds on the basic lesson in the Secutity+ book." Then some pages could have been devoted to the depth necessary to prepare you for the test.
Here's an excerpt from page 341 to show how little effort was put into the editing of this book:
"Social networking sites are becoming one of the biggest threats to a user's security and will remain so for the foreseeable future. One reason is that user's don't always think about security when using these sites. There is also the issue that these sites are designed to connect people. Security is not always the primary concern. One of the problems with social networking sites is that the users of these sites don't always think about security."
Did you catch the almost verbatim repetition?
The downloadable practice tests that come with the book are worse than useless. As exam prep, they are harmful. Don't study from them, as they're freckled with wrong and questionable answers. I didn't even look at the flash cards for this reason. And the questions in the chapter assessments and in the practice tests lack the hypothetical scenarios that seemingly every question on the real test has you analyze. There's not even practice simulations, which would be enormously helpful because those I think are the hardest part of the test.
You may wonder how I passed the test if I got so little out of the book and have so little direct IT experience. I did about 200 hours of self-directed study over a 10-week period. Other sources I used to study were the Network+ All-in-One, Sybex Security+, CISSP All-in-One, Defensive Security Handbook, Beginner's Networking Guide, Transcender practice questions and flash cards, Professor Messer's You Tube channel, and the trusty Google machine. I also skimmed the Metasploit handbook for some extra padding on pentesting. I read up on the NIST documentation regarding Risk Management, SDLC, and control types.