CompTIA Certifications

CompTIA Advanced Security Practitioner+

CompTIA Advanced Security Practitioner


CASP+ is an advanced-level cybersecurity certification covering technical skills in security architecture and senior security engineering in traditional, cloud, and hybrid environments, governance, risk, and compliance skills, assessing an enterprise’s cybersecurity readiness, and leading technical teams to implement enterprise-wide cybersecurity solutions. Successful candidates will have the knowledge required to:

  • Architect, engineer, integrate, and implement secure solutions across complex environments to support a resilient enterprise
  • Use monitoring, detection, incident response, and automation to proactively support ongoing security operations in an enterprise environment
  • Apply security practices to cloud, on-premises, endpoint, and mobile infrastructure, while considering cryptographic technologies and techniques
  • Consider the impact of governance, risk, and compliance requirements throughout the enterprise

Why is it different?

CASP+ is the only hands-on, performance-based certification for advanced practitioners — not managers — at the advanced skill level of cybersecurity. While cybersecurity managers help identify what cybersecurity policies and frameworks could be implemented, CASP+ certified professionals figure out how to implement solutions within those policies and frameworks.

Unlike other certifications, CASP+ covers both security architecture and engineering – CASP+ is the only certification on the market that qualifies technical leaders to assess cyber readiness within an enterprise, and design and implement the proper solutions to ensure the organization is ready for the next attack.

Exam Domains


% of Exam
1.0 Risk Management
2.0 Enterprise Security Architecture
3.0 Enterprise Security Operations
4.0 Technical Integration of Enterprise Security
5.0 Research, Development and Collaboration


% of Exam
1.0 Security Architecture
2.0 Security Operations
3.0 Security Engineering and Cryptography
4.0 Governance, Risk, and Compliance

CASP+ is compliant with ISO 17024 standards and approved by the US DoD to meet directive 8140/8570.01-M requirements. Regulators and government rely on ANSI accreditation, because it provides confidence and trust in the outputs of an accredited program. Over 2.3 million CompTIA ISO/ANSI-accredited exams have been delivered since January 1, 2011.

What’s New

Information security threats are on the rise globally. Organizations are increasingly concerned over the lack of adequately trained senior IT security staff’s ability to effectively lead and manage the overall cybersecurity resiliency against the next attack. Updates to CASP+ qualify advanced skills required of security architects and senior security engineers to effectively design, implement, and manage cybersecurity solutions on complex enterprise networks.

Jobs that use CompTIA CASP+

  • Security Architect
  • Senior Security Engineer
  • SOC Manager
  • Security Analyst

Organizations that Recommend or Teach CASP+

  • Target Corp.
  • General Dynamics IT (GDIT)
  • Ricoh
  • Splunk
  • John Hopkins University Applied Physics Laboratory
  • Exxon Mobil

Exam Details

Exam Codes CAS-003 CAS-004
Launch Date April 2, 2018 October 6, 2021
Exam Description CASP+ covers the technical knowledge and skills required to conceptualize, engineer, integrate and implement secure solutions across complex environments to support a resilient enterprise.
Number of Questions Maximum of 90 questions
Type of Questions Performance-based and multiple choice
Length of Test 165 Minutes
Passing Score Pass/Fail only. No scaled score.
Recommended Experience A minimum of ten years of experience in IT administration, including at least five years of hands-on technical security experience
Languages English and Japanese English, Japanese to follow
Retirement April 5, 2022 (English language version)
December 31, 2022 (Japanese)
Usually three years after launch
Testing Provider Pearson VUE
Testing Centers
Online Testing