CompTIA Advanced Security Practitioner (CASP)

Level: Intermediate


CompTIA Advanced Security Practitioner (CASP+) CAS-003 is the ideal certification for technical professionals who wish to remain immersed in technology as opposed to strictly managing.

The CompTIA Advanced Security Practitioner (CASP) Certification is a vendor-neutral credential. The CASP exam is an internationally targeted validation of advanced-level security skills and knowledge. While there is no required prerequisite, the CASP certification is intended to follow CompTIA Security+ or equivalent experience and has a technical, “hands-on” focus at the enterprise level.


The CompTIA CySA+ exam is an internationally targeted validation of intermediate-level security skills and knowledge. While there is no required prerequisite, the CompTIA CySA+ certification is intended to follow CompTIA Security+ or equivalent experience and has a technical, “hands-on” focus on IT security analytics.

It is recommended for CompTIA CySA+ certification candidates to have the following:

3-4 years of hands-on information security or related experience

Network+, Security+ or equivalent knowledge

Why is it different?

CASP+ is the only hands-on, performance-based certification for practitioners – not managers – at the advanced skill level of cybersecurity. While cybersecurity managers help identify what cybersecurity policies and frameworks could be implemented, CASP+ certified professionals figure out how to implement solutions within those policies and frameworks.

About the exam

The CASP+ certification validates advanced-level competency in risk management; enterprise security operations and architecture; research and collaboration; and integration of enterprise security. Successful candidates will have the knowledge required to:

Enterprise Security domain expanded to include operations and architecture concepts, techniques, and requirements

More emphasis on analyzing risk through interpreting trend data and anticipating cyber defense needs to meet business goals

Expanding security control topics to include Mobile and small form factor devices, as well as software vulnerability

Broader coverage of integrating cloud and virtualization technologies into a secure enterprise architecture

Inclusion of implementing cryptographic techniques, such as Blockchain- Cryptocurrency and Mobile device encryption

CASP+ is compliant with ISO 17024 standards and approved by the US DoD to meet directive 8140/8570.01-M requirements. Regulators and government rely on ANSI accreditation because it provides confidence and trust in the outputs of an accredited program.

Class Outline

1.0 Risk Management

Summarize business and industry influences and associated security risks.

Risk management of new products, new technologies and user behaviors

New or changing business models/strategies

Security concerns of integrating diverse industries

Internal and external influences

Impact of de-perimeterization (e.g., constantly changing network boundary

Compare and contrast security, privacy policies and procedures based on organizational requirements.

Policy and process life cycle management

Support legal compliance and advocacy by partnering with human resources, legal, management and other entities

Understand common business documents to support security

Research security requirements for contracts

Understand general privacy principles for sensitive information

Support the development of policies containing standard security practices

Given a scenario, execute risk mitigation strategies and controls.

Categorize data types by impact levels based on CIA

Incorporate stakeholder input into CIA impact-level decisions

Determine minimum-required security controls based on aggregate score

Select and implement controls based on CIA requirements and organizational policies

Extreme scenario planning/ worst-case scenario

Conduct system-specific risk analysis

Make risk determination based upon known metrics

Translate technical risks in business terms

Recommend which strategy should be applied based on risk appetite

Risk management processes

Continuous improvement/monitoring

Business continuity planning

IT governance

Enterprise resilience

Analyze risk metric scenarios to secure the enterprise.

Review effectiveness of existing security controls

Reverse engineer/deconstruct existing solutions

Creation, collection and analysis of metrics

Prototype and test multiple solutions

Create benchmarks and compare to baselines

Analyze and interpret trend data to anticipate cyber defense needs

Analyze security solution metrics and attributes to ensure they meet business needs

Use judgment to solve problems where the most secure solution is not feasible

2.0 Enterprise Security Architecture

Analyze a scenario and integrate network and security components, concepts and architectures to meet security requirements.

Physical and virtual network and security devices

Application and protocol-aware technologies

Advanced network design (wired/wireless)

Complex network security solutions for data flow

Secure configuration and baselining of networking and security components

Software-defined networking

Network management and monitoring tools

Advanced configuration of routers, switches and other network devices

Security zones

Network access control

Network-enabled devices

Critical infrastructure

Analyze a scenario to integrate security controls for host devices to meet security requirements.

Trusted OS (e.g., how and when to use it)

Endpoint security software

Host hardening

Boot loader protections

Vulnerabilities associated with hardware

Terminal services/application delivery services

Analyze a scenario to integrate security controls for mobile and small form factor devices to meet security requirements.

Enterprise mobility management

Security implications/privacy concerns

Wearable technology

Given software vulnerability scenarios, select appropriate security controls.

Application security design considerations

Specific application issues

Application sandboxing

Secure encrypted enclaves

Database activity monitor

Web application firewalls

Client-side processing vs. server-side processing

Operating system vulnerabilities

Firmware vulnerabilities

3.0 Enterprise Security Operations

Given a scenario, conduct a security assessment using the appropriate methods.



Analyze a scenario or output, and select the appropriate tool for a security assessment.

Network tool types

Host tool types

Physical security tools

Given a scenario, implement incident response and recovery procedures.


Data breach

Facilitate incident detection and response

Incident and emergency response

Incident response support tools

Severity of incident or breach

Post-incident response

4.0 Technical Integration of Enterprise Security

Given a scenario, integrate hosts, storage, networks and applications into a secure enterprise architecture.

Adapt data flow security to meet changing business needs


Interoperability issues

Resilience issues

Data security considerations

Resources provisioning and deprovisioning

Design considerations during mergers, acquisitions and demergers/divestitures

Network secure segmentation and delegation

Logical deployment diagram and corresponding physical deployment diagram of all relevant devices

Security and privacy considerations of storage integration

Security implications of integrating enterprise applications

Given a scenario, integrate cloud and virtualization technologies into a secure enterprise architecture.

Technical deployment models (outsourcing/insourcing/ managed services/partnership)

Security advantages and disadvantages of virtualization

Cloud augmented security services

Vulnerabilities associated with comingling of hosts with different security requirements

Data security considerations

Resources provisioning and deprovisioning

Given a scenario, integrate and troubleshoot advanced authentication and authorization technologies to support enterprise security objectives.




Identity proofing

Identity propagation


Trust models

Given a scenario, implement cryptographic techniques.



Given a scenario, select the appropriate control to secure communications and collaboration solutions.

Remote access

Unified collaboration tools

5.0 Research, Development and Collaboration

Given a scenario, apply research methods to determine industry trends and their impact to the enterprise.

Perform ongoing research

Threat intelligence

Research security implications of emerging business tools

Global IA industry/community

Given a scenario, implement security activities across the technology life cycle.

Systems development life cycle

Software development life cycle

Adapt solutions to address

Asset management (inventory control)

Explain the importance of interaction across diverse business units to achieve security goals.

Interpreting security requirements and goals to communicate with stakeholders from other disciplines

Provide objective guidance and impartial recommendations to staff and senior management on security processes and controls

Establish effective collaboration within teams to implement secure solutions

Governance, risk and compliance committee