CompTIA Certifications

CompTIA Advanced Security Practitioner

CompTIA Advanced Security Practitioner

The CompTIA Advanced Security Practitioner certification validates advanced-level competency in risk management; enterprise security operations and architecture; research and collaboration; and integration of enterprise security. Successful candidates will have the knowledge required to:

  • Enterprise Security domain expanded to include operations and architecture concepts, techniques, and requirements
  • More emphasis on analyzing risk through interpreting trend data and anticipating cyber defense needs to meet business goals
  • Expanding security control topics to include Mobile and small form factor devices, as well as software vulnerability
  • Broader coverage of integrating cloud and virtualization technologies into a secure enterprise architecture
  • Inclusion of implementing cryptographic techniques, such as Blockchain- Cryptocurrency and Mobile device encryption

Why is it different?

CASP+ is the only hands-on, performance-based certification for practitioners - not managers - at the advanced skill level of cybersecurity. While cybersecurity managers help identify what cybersecurity policies and frameworks could be implemented, CASP+ certified professionals figure out how to implement solutions within those policies and frameworks.

Exam Domains

Risk Management
19%
Enterprise Security Architecture
25%
Enterprise Security Operations
20%
Technical Integration of Enterprise Security
23%
Research, Development and Collaboration
13%

CompTIA Advanced Security Practitioner is compliant with ISO 17024 standards and approved by the US DoD to meet directive 8140/8570.01-M requirements. It is compliant with government regulations under the Federal Information Security Management Act (FISMA).

What’s New

CompTIA updated CASP+ in January 2015 to address current risks and incident response scenarios inherent with cyber warfare, modern hacking techniques and the cloud. A sample of significant changes include:

  • Scenario-based objectives to evaluate technical troubleshooting and judgement
  • Broader coverage of cryptographic concepts and methods
  • Increased secure storage, specifically on encryption, data confidentiality and the cloud
  • Tracking technologies in asset management, including categorizing of systems
  • Technical side of secure integration across the enterprise was expanded into a new domain

Jobs that use CompTIA CASP+

  • Security Architect
  • Technical Lead Analyst
  • Application Security Engineer
  • Security Engineer

Organizations that Recommend or Teach CASP+

  • Verizon Telematics
  • US Navy
  • US Army
  • Network Solutions, LLC
  • One Source Technologies Inc.
  • Booz Allen Hamilton Inc.

Exam Details

Exam Codes CAS-003
Launch Date April 2, 2018
Exam Description CASP+ covers the technical knowledge and skills required to conceptualize, engineer, integrate and implement secure solutions across complex environments to support a resilient enterprise.
Number of Questions Maximum of 90 questions
Type of Questions Performance-based and multiple choice
Length of Test 165 Minutes
Passing Score Pass/Fail only. No scaled score.
Recommended Experience A minimum of ten years of experience in IT administration, including at least five years of hands-on technical security experience
Languages English
Retirement Usually three years after launch