The CompTIA Advanced Security Practitioner certification validates advanced-level competency in risk management; enterprise security operations and architecture; research and collaboration; and integration of enterprise security. Successful candidates will have the knowledge required to:
- Enterprise Security domain expanded to include operations and architecture concepts, techniques, and requirements
- More emphasis on analyzing risk through interpreting trend data and anticipating cyber defense needs to meet business goals
- Expanding security control topics to include Mobile and small form factor devices, as well as software vulnerability
- Broader coverage of integrating cloud and virtualization technologies into a secure enterprise architecture
- Inclusion of implementing cryptographic techniques, such as Blockchain- Cryptocurrency and Mobile device encryption
Why is it different?
CASP+ is the only hands-on, performance-based certification for practitioners - not managers - at the advanced skill level of cybersecurity. While cybersecurity managers help identify what cybersecurity policies and frameworks could be implemented, CASP+ certified professionals figure out how to implement solutions within those policies and frameworks.
Enterprise Security Architecture
Enterprise Security Operations
Technical Integration of Enterprise Security
Research, Development and Collaboration
CompTIA Advanced Security Practitioner is compliant with ISO 17024 standards and approved by the US DoD to meet directive 8140/8570.01-M requirements. It is compliant with government regulations under the Federal Information Security Management Act (FISMA).
CompTIA updated CASP+ in January 2015 to address current risks and incident response scenarios inherent with cyber warfare, modern hacking techniques and the cloud. A sample of significant changes include:
- Scenario-based objectives to evaluate technical troubleshooting and judgement
- Broader coverage of cryptographic concepts and methods
- Increased secure storage, specifically on encryption, data confidentiality and the cloud
- Tracking technologies in asset management, including categorizing of systems
- Technical side of secure integration across the enterprise was expanded into a new domain