CompTIA Advanced Security Practitioner (CASP) exam 2023 with 100% correct answers

Trusted Operating System provides support for multilevel security and evidence of correctness to meet a particular set of government requirements Trusted Computer System Evaluation Criteria (TCSEC) - standards for the DoD to evaluate products - Orange Book a collection of criteria based on the Bell-LaPadula Model - replaced by Common Criteria Common Criteria - international standard - uses Evaluation Assurance Levels to rate systems - ISO 15408-1:2009 is equivalent to CC CC EAL 1 Functionally tested CC EAL 2 Structurally tested CC EAL 3 Methodically tested and checked CC EAL 4 Methodically designed, tested and reviewed CC EAL 5 Semi-formally designed and tested CC EAL 6 Semi-formally verified design and tested CC EAL 7 Formally verified design and tested Patch Types - Hot fixes - solve security issues and should be applied immediately, if applicable - Update - solves functionality issue - Service Pack - all hotfixes and updates since OS release Data Loss Prevention - designed to prevent data leakage - Network DLP - installed at network egress points near perimeter - Endpoint DLP - runs on end-user workstations - Precise methods - involve content registration - Imprecise methods - involve keywords, regexps, et iptables - Common host-based firewall on Linux - replaces ipchains Auditing Guidelines - log management plan: control log size, backup processes, and periodic review plans - Ensure log deletion is an administrative, two-person control - Monitor high-privilege accounts - Audit trail includes info for transaction processing: who, when, where (system), success - No log deletion or modification Windows Audit Policy: Success and failure audit for file-access printers and object-access events Improper access to printers