CASP Domain 4: Integration of Computing, Communications, and Business Disciplines
Integration of Computing, Communications, and Business Disciplines are the topics of the fourth domain of the CompTIA Advanced Security Practitioner (CASP) exam, version CAS-002, and contributes 16% of the overall percentage of the exam. As a CASP-certified professional, you’ll need to grasp all of the essential concepts we’ll be discussing in the forthcoming sections to enter the exam with confidence.
What Do I Need to Know about Diverse Business Units?
IT security doesn’t work alone. As a CASP-certified professional, you will be playing a crucial role by facilitating collaboration across diverse business units to accomplish security goals. Doing so requires you to provide assistance, guidance, and recommendations to senior management and staff on security controls and processes. Here are some of the tools you’ll be using.
Interpreting Security Requirements and Goals
Apart from dealing with technical aspects of security (such as configuring IDS and firewalls), a CASP-certified professional may also be tasked with interpreting security requirements and goals to communicate with several stakeholders from other disciplines. These stakeholders include sales staff, programmers, network administrators database administrators, management/executive management, Human Resources, financial, facilities managers, the Emergency Response team, and the physical security manager.
Providing Objective Guidance and Impartial Recommendations
As a CASP-certified professional, you may undertake the responsibility of providing guidance and recommendations to senior management and staff on security processes and controls. According to NIST, there are three types of controls, including administrative, physical, and technical. CASPs may have the responsibility of analyzing these controls and then recommending adjustments in order to achieve reliable security. These controls also involve several categories. For example, FIPS-200 lists 17 categories of controls and NIST-800 lists 18 categories. However, the primary categories of these controls include preventive control, detective control, corrective control, compensating control, and recovery control.
Establishing Effective Collaboration Within Teams
CASP-certified professionals may be asked to establish an effective collaboration within teams to implement security solutions. However, the senior management must support the CASP in achieving this goal. Doing so requires the senior management to provide vocal support and approval for formal security policies, strategies, monitoring, and resources required to implement and maintain security activities.
This involves the creation of standards, policies, procedures, guidelines, and baselines. IT governance requires all the personnel working in different business units to participate in the establishment of such standards, policies, procedures, guidelines, and baselines.
What Do I Need to Know About Appropriate Controls for CASP?
Communication systems are becoming increasingly valuable and attractive targets of malicious actors. The recent advances in VoIP, emails, instant messaging, and various other electronic systems have grabbed the attention of bad guys who continually develop nefarious methods to compromise such technologies. As a CASP professional, you will be selecting one or more appropriate control to secure communications and collaboration solutions. Among them, you may need to secure Unified Collaboration Tools, Remote Access, Mobile devices, and Over-the-air Technologies.
Security of Unified Collaboration and Communication Tools
The International Engineering Consortium defines Unified Communication as “all forms of calls and cross-media/multimedia message management functions managed by an individual user for both social and business purposes.” A CASP professional must know several essential unified collaboration and communication tools, including Video Conferencing, Web Conferencing, Desktop Sharing, Instant Messaging, Presence, Remote Assistance, Email (SMTP, POP, and IMAP), Telephony (VoIP), and Collaboration Sites (e.g., social media and Cloud-based platforms).
In computer networking, remote access is the ability to get access to a laptop, computer, iPad, or a network from a remote location. Remote access enables employees or any individuals to work offsite such as from home or other distant places. Several methods are used to provide remote access, such as WAN and VPN. Remote access can be either centralized or decentralized. Centralized access performs all authorization verification using a single entity within a system. Two such systems are RADIUS and Diameter. On the other hand, the decentralized system conducts authorization verification through various entities located throughout a system. Authentication verification is performed by using several different authentication protocols, including Password Authentication Protocol (PAP), Challenge Handshake Authentication Protocol (CHAP), and Lightweight Directory Access Protocol (LDAP).
Mobile Device Management
Mobile devices are important considerations for corporate’s security efforts because they may provide a great many potential avenues to intruders. For example, Bring-Your-Own-Device (BYOD) as an attack vector can pose an immense threat because the entire enterprise can be put at risk by a misuse of this policy. Several threats and vulnerabilities associated with BYOD include malicious applications, rooting/jailbreaking, lost/stolen equipment, and untrustworthy employees. Prior to the 2008 presidential elections, Barack Obama had a BlackBerry mobile phone. The NSA, along with many other security agencies, advised the presidential candidate not to use BlackBerry due to its insecurity and vulnerabilities. Instead, they recommended him to use a device that is rated as a secure for sensitive and secret communications. In order to prevent threats and vulnerabilities, enterprises should formulate a viable security policy for their mobile device management system.
Over-the-air Technology Concerns
The wireless portion of a network needs to be another great concern for network security practitioners. Today, some prevalent types of wireless attacks include Wardriving, Warchalking, Eavesdropping, IP Address Spoofing, Password-based Attacks, Denial-of-Service (DoS) Attacks, Man-in-the-Middle Attacks, Compromised-key Attacks, Sniffer Attacks, Application-layer Attacks, and Rogue Access Points. Therefore, security experts use the most sophisticated and secure methods of wireless networking, such as GSM, OFDMA, FDMA, CDMA, OFDM, DSSS, and FHSS. These methods are performed through the modulation technique. Modulation is the process whereby images, audio, and video data is added to an electrical signal (also referred to as carrier wave) to be transmitted over an electronic medium.
What Do I Need to Know about Security Activities Across the Technology Life Cycle?
The Technology Life Cycle involves the addition of new devices, maintenance of current devices, and retirement of old devices. This life cycle requires some important security controls to be deployed to prevent threats and vulnerabilities. The CASP-certified professional will be able to provide security across the technology life cycle through End-to-end Solution Ownership, System Development Life Cycle, leaning how to Adapt Solutions to Address Emerging Threats and Security Trends, and Asset Management.
End-to-end Solution Ownership
As a CASP-certified professional, you are required to consider every aspect of security when a new device or technology is introduced and until it’s expired. Doing so requires you to check and affirm that the new introduction is fully protected and secure and doesn’t pose any grave threats to the entire security environment of the enterprise. Furthermore, periodic maintenance and audit of a new device or technology is also essential. Another important consideration is Change Management, which ensures that any changes will not affect the security of corporate’s IT infrastructures, including laptops and networks. The change can introduce loopholes, oversights, overlaps, and missing objects that can provide new potential avenues to penetrators. To control the change, the change-management experts implement security through extensive planning, testing, auditing, and monitoring of various activities with regard to security controls. More importantly, when implementing End-to-End solution ownership, the CASP must consider Operational Activities (e.g., vulnerability assessment, security policy management, security awareness and training, and security reviews and audits), Maintenance (maintaining schedule, the cost of maintenance, and maintenance of history), Commissioning/Decommissioning (this requires you to consider the legal requirements for data retention when data is decommissioned or disposed of), Asset Disposal, Asset/Object Reuse, and General Change Management.
System Development Life Cycle
Various models are available today for the System Development Life Cycle (SDLC). However, the most appropriate for CASP professionals is that of the NIST 800-64, which divides the SDLC into the five phases. These are:
As a CASP-certified professional, you will learn some additional and important concepts pertaining to SDLC. These concepts include Security System Development Life Cycle (SSDLC)/Security Development Lifecycle (SDL), Validation and Acceptance Testing, Security Requirements Traceability Matrix (SRTM), and Security Implications of Agile, Waterfall and Spiral Software Development Methodologies.
Addressing Emerging Threats and Security Trends
Enterprises must be mindful of both emerging threats and security trends and adapt solutions to address them both. For example, emerging threats may involve malicious emails or ask you to visit suspicious websites or click on the unknown links – commonly known as phishing. CASP professionals will have a crucial role in this scenario. He/she should develop a proactive security policy that will include:
- Development of a program plan and program strategy
- Definition of security responsibilities and roles
- Maintenance of security training and awareness program
- Implementation of said program plan
Asset Management (Inventory Control)
Asset management across the technology life cycle is indispensable for ensuring that assets aren’t lost or stolen and data regarding assets isn’t compromised. Doing so requires you to attain a strong knowledge of Device Tracking Technologies (e.g., Geo-location/GPS location), Object Tracking, and Containment Technology (e.g., Geo-tagging/geo-financing and RFID).
Where Should I Focus My Time Studying?
Although passing CASP exam could be a herculean task, joining the right training organization and studying the appropriate material will lead you to accomplish your cherished goal of a CASP credential. Students should focus their time studying CompTIA’s official material, that which receives the CompTIA Authorized Quality Curriculum (CAQC) seal. Here is a CASP Resources article that includes everything you need to know in this regard.
InfoSec’s CASP Boot Camp—Your First Bet
Do you want to take the CompTIA CASP exam? Fortunately, InfoSec Institute offers a uniquely designed CASP Boot Camp for candidates aspiring for CASP examination. The goal of this course is to provide IT experts with the most comprehensive accelerated environment for the CASP exam. You can enroll in this course and will soon be acquiring your professional CASP certification.
InfoSec also offers thousands of articles on a variety of security topics.