CompTIA CASP+ # Risk Management and IT Governance
Posted by Superadmin on September 16 2022 03:41:35

CompTIA CASP+ # Risk Management and IT Governance

with John Marx


01. About the Training Architect




Learn all about risk management and IT governance for the CAS-003 exam.

 

 

This course covers the security topics relative to the CASP+ Certification domain of risk management and IT Governance. In this course, the student will obtain the knowledge and skills needed to pass the CASP+ Certification exam as they relate to this specific domain. This course is one of five domains covered by the CAS-003 exam.


  

Course Contents

CompTIA CASP+ # Risk Management and IT Governance

with John Marx


02. Overview of the CASP+ Certification Courses




Learn all about risk management and IT governance for the CAS-003 exam.

 

 

This course covers the security topics relative to the CASP+ Certification domain of risk management and IT Governance. In this course, the student will obtain the knowledge and skills needed to pass the CASP+ Certification exam as they relate to this specific domain. This course is one of five domains covered by the CAS-003 exam.


  

Course Contents

CompTIA CASP+ # Risk Management and IT Governance

with John Marx


03. Introduction to the Risk Management and IT Governance Domain




Learn all about risk management and IT governance for the CAS-003 exam.

 

 

This course covers the security topics relative to the CASP+ Certification domain of risk management and IT Governance. In this course, the student will obtain the knowledge and skills needed to pass the CASP+ Certification exam as they relate to this specific domain. This course is one of five domains covered by the CAS-003 exam.


  

Course Contents

CompTIA CASP+ # Risk Management and IT Governance

with John Marx


04. Supporting Risk Management and IT Governance




Learn all about risk management and IT governance for the CAS-003 exam.

 

 

This course covers the security topics relative to the CASP+ Certification domain of risk management and IT Governance. In this course, the student will obtain the knowledge and skills needed to pass the CASP+ Certification exam as they relate to this specific domain. This course is one of five domains covered by the CAS-003 exam.


  

Course Contents

CompTIA CASP+ # Risk Management and IT Governance

with John Marx


05. IT Governance Frameworks




Learn all about risk management and IT governance for the CAS-003 exam.

 

 

This course covers the security topics relative to the CASP+ Certification domain of risk management and IT Governance. In this course, the student will obtain the knowledge and skills needed to pass the CASP+ Certification exam as they relate to this specific domain. This course is one of five domains covered by the CAS-003 exam.


  

Course Contents

CompTIA CASP+ # Risk Management and IT Governance

with John Marx


06. Privacy and Governance




Learn all about risk management and IT governance for the CAS-003 exam.

 

 

This course covers the security topics relative to the CASP+ Certification domain of risk management and IT Governance. In this course, the student will obtain the knowledge and skills needed to pass the CASP+ Certification exam as they relate to this specific domain. This course is one of five domains covered by the CAS-003 exam.


  

Course Contents

CompTIA CASP+ # Risk Management and IT Governance

with John Marx


07. Privacy and Mobile Devices




Learn all about risk management and IT governance for the CAS-003 exam.

 

 

This course covers the security topics relative to the CASP+ Certification domain of risk management and IT Governance. In this course, the student will obtain the knowledge and skills needed to pass the CASP+ Certification exam as they relate to this specific domain. This course is one of five domains covered by the CAS-003 exam.


  

Course Contents

CompTIA CASP+ # Risk Management and IT Governance

with John Marx


08. Governance and Third-Party Platforms




Learn all about risk management and IT governance for the CAS-003 exam.

 

 

This course covers the security topics relative to the CASP+ Certification domain of risk management and IT Governance. In this course, the student will obtain the knowledge and skills needed to pass the CASP+ Certification exam as they relate to this specific domain. This course is one of five domains covered by the CAS-003 exam.


  

Course Contents

CompTIA CASP+ # Risk Management and IT Governance

with John Marx


09. Data Ownership and Sovereignty




Learn all about risk management and IT governance for the CAS-003 exam.

 

 

This course covers the security topics relative to the CASP+ Certification domain of risk management and IT Governance. In this course, the student will obtain the knowledge and skills needed to pass the CASP+ Certification exam as they relate to this specific domain. This course is one of five domains covered by the CAS-003 exam.


  

Course Contents

CompTIA CASP+ # Risk Management and IT Governance

with John Marx


10. Business Continuity Planning




Learn all about risk management and IT governance for the CAS-003 exam.

 

 

This course covers the security topics relative to the CASP+ Certification domain of risk management and IT Governance. In this course, the student will obtain the knowledge and skills needed to pass the CASP+ Certification exam as they relate to this specific domain. This course is one of five domains covered by the CAS-003 exam.


  

Course Contents

CompTIA CASP+ # Risk Management and IT Governance

with John Marx


11. Emerging Risks and Technological Change




Learn all about risk management and IT governance for the CAS-003 exam.

 

 

This course covers the security topics relative to the CASP+ Certification domain of risk management and IT Governance. In this course, the student will obtain the knowledge and skills needed to pass the CASP+ Certification exam as they relate to this specific domain. This course is one of five domains covered by the CAS-003 exam.


  

Course Contents

CompTIA CASP+ # Risk Management and IT Governance

with John Marx


12. Governing Software Development and Deployment




Learn all about risk management and IT governance for the CAS-003 exam.

 

 

This course covers the security topics relative to the CASP+ Certification domain of risk management and IT Governance. In this course, the student will obtain the knowledge and skills needed to pass the CASP+ Certification exam as they relate to this specific domain. This course is one of five domains covered by the CAS-003 exam.


  

Course Contents

CompTIA CASP+ # Risk Management and IT Governance

with John Marx


13. Remote Workers and Telecommuting




Learn all about risk management and IT governance for the CAS-003 exam.

 

 

This course covers the security topics relative to the CASP+ Certification domain of risk management and IT Governance. In this course, the student will obtain the knowledge and skills needed to pass the CASP+ Certification exam as they relate to this specific domain. This course is one of five domains covered by the CAS-003 exam.


  

Course Contents

CompTIA CASP+ # Risk Management and IT Governance

with John Marx


14. Using Tools to Conduct Security Assessments




Learn all about risk management and IT governance for the CAS-003 exam.

 

 

This course covers the security topics relative to the CASP+ Certification domain of risk management and IT Governance. In this course, the student will obtain the knowledge and skills needed to pass the CASP+ Certification exam as they relate to this specific domain. This course is one of five domains covered by the CAS-003 exam.


  

Course Contents

CompTIA CASP+ # Risk Management and IT Governance

with John Marx


15. Using Directory Services to Augment Risk Management




Learn all about risk management and IT governance for the CAS-003 exam.

 

 

This course covers the security topics relative to the CASP+ Certification domain of risk management and IT Governance. In this course, the student will obtain the knowledge and skills needed to pass the CASP+ Certification exam as they relate to this specific domain. This course is one of five domains covered by the CAS-003 exam.


  

Course Contents

CompTIA CASP+ # Risk Management and IT Governance

with John Marx


16. Conducting Security Assessment




Learn all about risk management and IT governance for the CAS-003 exam.

 

 

This course covers the security topics relative to the CASP+ Certification domain of risk management and IT Governance. In this course, the student will obtain the knowledge and skills needed to pass the CASP+ Certification exam as they relate to this specific domain. This course is one of five domains covered by the CAS-003 exam.

In this lab, we will use security utilities provided with Kali Linux to conduct a risk assessment. The lab provides a subnetwork of Linux and Windows servers to provide a complete VPC for exercising the Kali Linux utilities. Learning Objectives Successfully complete this lab by achieving the following learning objectives: Access the Kali Linux System Establish a session to the Kali Linux system: ssh cloud_user@ Change to superuser: su - Identify the Address Assigned to the Ethernet Controller Query the ethernet configuration on the Kali Linux server: ifconfig Make note of the IP address assigned to the primary ethernet controller. Use the `nmap` Command to Explore the Subnet Use the nmap utility to explore the ports open on the subnetwork. For help with nmap commands: nmap -h To scan a series or range of subnet private IP addresses: nmap -sn 10.0.1.1-255 To try other flags to speed the port scanning process: nmap -T4 -Pn -n -p- --min-parallelism 50 to 100 -vv 10.0.1.1-255 --max-retries 0 or 1 Use the hping3 Utility to Analyze a Single Host Use the hping3 to scan a certain host on the subnet: hping3 -1 Note: You may obtain the internal IP address of the host from the lab interface, the output from an nmap command, or the AWS dashboard. Use `nslookup` to Explore the Nameserver Configuration of Various Hosts Use nslookup to explore the A record on google.com: nslookup > google.com Use nslookup to look at MX records on google.com nslookup > set q=MX > google.com Use nslookup to interrogate other address types: nslookup > set type=any > google.com Use the dig Tool to Attempt a Domain Zone Transfer The syntax for the dig command is: dig axfr [domain host] [IP Address To Transfer To] Use `finger` to Determine Which Users Are Logged into Any Given Host Use the finger command to see who is logged in on a host: finger Or: finger -s root


  

Course Contents

CompTIA CASP+ # Risk Management and IT Governance

with John Marx


17. Migrating Linux Users to LDAP




Learn all about risk management and IT governance for the CAS-003 exam.

 

 

This course covers the security topics relative to the CASP+ Certification domain of risk management and IT Governance. In this course, the student will obtain the knowledge and skills needed to pass the CASP+ Certification exam as they relate to this specific domain. This course is one of five domains covered by the CAS-003 exam.

In this lab, we go through the process of adding a Linux user and then using a migrate utility to create an LDIF file that facilitates the use of the `ldapadd` command to add the user to an LDAP directory. Learning Objectives Successfully complete this lab by achieving the following learning objectives: Connect to the LDAP Server and the Linux Server Connect to each server: ssh cloud_user@ Provide the appropriate password from the lab interface. Verify the Installation of LDAP on the LDAP Server On the LDAP Server Check the version of LDAP that has been staged: slapd -VV Verify the slapd daemon is running and active: sudo systemctl status slapd Provide the cloud_user password for the LDAP server. Search the existing LDAP database: ldapsearch -x -LLL -b dc=example,dc=com Set the Password for the LDAP Server On the LDAP Server Generate an encrypted password: slappasswd Copy the output from that command into the clipboard and save it. Use a Linux text editor to add the encrypted password to the slapd configuration file: sudo vi /etc/openldap/slapd.d/cn=config/olcDatabase={2}hdb.ldif Change the line that starts with olcRootPW, replacing the existing string after the colon with the encrypted password you just copied. After saving the configuration file, restart the service: sudo systemctl restart slapd Add a Linux User and Migrate the User to LDAP On the LDAP Server Add a Linux user: sudo useradd sudo passwd Respond with a password. Grab the user and group lines from /etc/passwd and /etc/group, and output them to text files: grep /etc/passwd > ./passwd.txt grep /etc/group > ./group.txt Use the migration utility to convert the Linux text into ldif format: /usr/share/migrationtools/migrate_passwd.pl ./passwd.txt ./passwd.ldif /usr/share/migrationtools/migrate_group.pl ./group.txt ./group.ldif Look at the files you have created: cat ./passwd.ldif cat ./group.ldif Add the ldif data to the directory: ldapadd -x -W -D "cn=Manager,dc=example,dc=com" -f ./passwd.ldif ldapadd -x -W -D "cn=Manager,dc=example,dc=com" -f ./group.ldif Search the directory to determine the contents: ldapsearch -x cn= -b dc=example,dc=com Verify the User You Added Is Available from the LDAP Client From the server configured as an LDAP client: id


  

Course Contents

CompTIA CASP+ # Risk Management and IT Governance

with John Marx


18. What to Expect in the Exam




Learn all about risk management and IT governance for the CAS-003 exam.

 

 

This course covers the security topics relative to the CASP+ Certification domain of risk management and IT Governance. In this course, the student will obtain the knowledge and skills needed to pass the CASP+ Certification exam as they relate to this specific domain. This course is one of five domains covered by the CAS-003 exam.


  

Course Contents

CompTIA CASP+ # Risk Management and IT Governance

with John Marx


19. Moving on to Enterprise Security Architecture




Learn all about risk management and IT governance for the CAS-003 exam.

 

 

This course covers the security topics relative to the CASP+ Certification domain of risk management and IT Governance. In this course, the student will obtain the knowledge and skills needed to pass the CASP+ Certification exam as they relate to this specific domain. This course is one of five domains covered by the CAS-003 exam.


  

Course Contents