CompTIA Certifications

CompTIA Advanced Security Practitioner

CompTIA Advanced Security Practitioner

The CompTIA Advanced Security Practitioner certification validates advanced-level competency in risk management; enterprise security operations and architecture; research and collaboration; and integration of enterprise security. Successful candidates will have the knowledge required to:

  • Enterprise Security domain expanded to include operations and architecture concepts, techniques, and requirements
  • More emphasis on analyzing risk through interpreting trend data and anticipating cyber defense needs to meet business goals
  • Expanding security control topics to include Mobile and small form factor devices, as well as software vulnerability
  • Broader coverage of integrating cloud and virtualization technologies into a secure enterprise architecture
  • Inclusion of implementing cryptographic techniques, such as Blockchain- Cryptocurrency and Mobile device encryption

Why is it different?

CASP+ is the only hands-on, performance-based certification for practitioners - not managers - at the advanced skill level of cybersecurity. While cybersecurity managers help identify what cybersecurity policies and frameworks could be implemented, CASP+ certified professionals figure out how to implement solutions within those policies and frameworks.

Exam Domains

Risk Management
Enterprise Security Architecture
Enterprise Security Operations
Technical Integration of Enterprise Security
Research, Development and Collaboration

CompTIA Advanced Security Practitioner is compliant with ISO 17024 standards and approved by the US DoD to meet directive 8140/8570.01-M requirements. It is compliant with government regulations under the Federal Information Security Management Act (FISMA).

What’s New

CompTIA updated CASP+ in January 2015 to address current risks and incident response scenarios inherent with cyber warfare, modern hacking techniques and the cloud. A sample of significant changes include:

  • Scenario-based objectives to evaluate technical troubleshooting and judgement
  • Broader coverage of cryptographic concepts and methods
  • Increased secure storage, specifically on encryption, data confidentiality and the cloud
  • Tracking technologies in asset management, including categorizing of systems
  • Technical side of secure integration across the enterprise was expanded into a new domain

Jobs that use CompTIA CASP+

  • Security Architect
  • Technical Lead Analyst
  • Application Security Engineer
  • Security Engineer

Organizations that Recommend or Teach CASP+

  • Verizon Telematics
  • US Navy
  • US Army
  • Network Solutions, LLC
  • One Source Technologies Inc.
  • Booz Allen Hamilton Inc.

Exam Details

Exam Codes CAS-003
Launch Date April 2, 2018
Exam Description CASP+ covers the technical knowledge and skills required to conceptualize, engineer, integrate and implement secure solutions across complex environments to support a resilient enterprise.
Number of Questions Maximum of 90 questions
Type of Questions Performance-based and multiple choice
Length of Test 165 Minutes
Passing Score Pass/Fail only. No scaled score.
Recommended Experience A minimum of ten years of experience in IT administration, including at least five years of hands-on technical security experience
Languages English
Retirement Usually three years after launch