CompTIA Advanced Security Practitioner (CASP)
CompTIA Advanced Security Practitioner (CASP+) CAS-003 is the ideal certification for technical professionals who wish to remain immersed in technology as opposed to strictly managing.
The CompTIA Advanced Security Practitioner (CASP) Certification is a vendor-neutral credential. The CASP exam is an internationally targeted validation of advanced-level security skills and knowledge. While there is no required prerequisite, the CASP certification is intended to follow CompTIA Security+ or equivalent experience and has a technical, “hands-on” focus at the enterprise level.
The CompTIA CySA+ exam is an internationally targeted validation of intermediate-level security skills and knowledge. While there is no required prerequisite, the CompTIA CySA+ certification is intended to follow CompTIA Security+ or equivalent experience and has a technical, “hands-on” focus on IT security analytics.
It is recommended for CompTIA CySA+ certification candidates to have the following:
3-4 years of hands-on information security or related experience
Network+, Security+ or equivalent knowledge
Why is it different?
CASP+ is the only hands-on, performance-based certification for practitioners – not managers – at the advanced skill level of cybersecurity. While cybersecurity managers help identify what cybersecurity policies and frameworks could be implemented, CASP+ certified professionals figure out how to implement solutions within those policies and frameworks.
About the exam
The CASP+ certification validates advanced-level competency in risk management; enterprise security operations and architecture; research and collaboration; and integration of enterprise security. Successful candidates will have the knowledge required to:
Enterprise Security domain expanded to include operations and architecture concepts, techniques, and requirements
More emphasis on analyzing risk through interpreting trend data and anticipating cyber defense needs to meet business goals
Expanding security control topics to include Mobile and small form factor devices, as well as software vulnerability
Broader coverage of integrating cloud and virtualization technologies into a secure enterprise architecture
Inclusion of implementing cryptographic techniques, such as Blockchain- Cryptocurrency and Mobile device encryption
CASP+ is compliant with ISO 17024 standards and approved by the US DoD to meet directive 8140/8570.01-M requirements. Regulators and government rely on ANSI accreditation because it provides confidence and trust in the outputs of an accredited program.
1.0 Risk Management
Summarize business and industry influences and associated security risks.
Risk management of new products, new technologies and user behaviors
New or changing business models/strategies
Security concerns of integrating diverse industries
Internal and external influences
Impact of de-perimeterization (e.g., constantly changing network boundary
Compare and contrast security, privacy policies and procedures based on organizational requirements.
Policy and process life cycle management
Support legal compliance and advocacy by partnering with human resources, legal, management and other entities
Understand common business documents to support security
Research security requirements for contracts
Understand general privacy principles for sensitive information
Support the development of policies containing standard security practices
Given a scenario, execute risk mitigation strategies and controls.
Categorize data types by impact levels based on CIA
Incorporate stakeholder input into CIA impact-level decisions
Determine minimum-required security controls based on aggregate score
Select and implement controls based on CIA requirements and organizational policies
Extreme scenario planning/ worst-case scenario
Conduct system-specific risk analysis
Make risk determination based upon known metrics
Translate technical risks in business terms
Recommend which strategy should be applied based on risk appetite
Risk management processes
Business continuity planning
Analyze risk metric scenarios to secure the enterprise.
Review effectiveness of existing security controls
Reverse engineer/deconstruct existing solutions
Creation, collection and analysis of metrics
Prototype and test multiple solutions
Create benchmarks and compare to baselines
Analyze and interpret trend data to anticipate cyber defense needs
Analyze security solution metrics and attributes to ensure they meet business needs
Use judgment to solve problems where the most secure solution is not feasible
2.0 Enterprise Security Architecture
Analyze a scenario and integrate network and security components, concepts and architectures to meet security requirements.
Physical and virtual network and security devices
Application and protocol-aware technologies
Advanced network design (wired/wireless)
Complex network security solutions for data flow
Secure configuration and baselining of networking and security components
Network management and monitoring tools
Advanced configuration of routers, switches and other network devices
Network access control
Analyze a scenario to integrate security controls for host devices to meet security requirements.
Trusted OS (e.g., how and when to use it)
Endpoint security software
Boot loader protections
Vulnerabilities associated with hardware
Terminal services/application delivery services
Analyze a scenario to integrate security controls for mobile and small form factor devices to meet security requirements.
Enterprise mobility management
Security implications/privacy concerns
Given software vulnerability scenarios, select appropriate security controls.
Application security design considerations
Specific application issues
Secure encrypted enclaves
Database activity monitor
Web application firewalls
Client-side processing vs. server-side processing
Operating system vulnerabilities
3.0 Enterprise Security Operations
Given a scenario, conduct a security assessment using the appropriate methods.
Analyze a scenario or output, and select the appropriate tool for a security assessment.
Network tool types
Host tool types
Physical security tools
Given a scenario, implement incident response and recovery procedures.
Facilitate incident detection and response
Incident and emergency response
Incident response support tools
Severity of incident or breach
4.0 Technical Integration of Enterprise Security
Given a scenario, integrate hosts, storage, networks and applications into a secure enterprise architecture.
Adapt data flow security to meet changing business needs
Data security considerations
Resources provisioning and deprovisioning
Design considerations during mergers, acquisitions and demergers/divestitures
Network secure segmentation and delegation
Logical deployment diagram and corresponding physical deployment diagram of all relevant devices
Security and privacy considerations of storage integration
Security implications of integrating enterprise applications
Given a scenario, integrate cloud and virtualization technologies into a secure enterprise architecture.
Technical deployment models (outsourcing/insourcing/ managed services/partnership)
Security advantages and disadvantages of virtualization
Cloud augmented security services
Vulnerabilities associated with comingling of hosts with different security requirements
Data security considerations
Resources provisioning and deprovisioning
Given a scenario, integrate and troubleshoot advanced authentication and authorization technologies to support enterprise security objectives.
Given a scenario, implement cryptographic techniques.
Given a scenario, select the appropriate control to secure communications and collaboration solutions.
Unified collaboration tools
5.0 Research, Development and Collaboration
Given a scenario, apply research methods to determine industry trends and their impact to the enterprise.
Perform ongoing research
Research security implications of emerging business tools
Global IA industry/community
Given a scenario, implement security activities across the technology life cycle.
Systems development life cycle
Software development life cycle
Adapt solutions to address
Asset management (inventory control)
Explain the importance of interaction across diverse business units to achieve security goals.
Interpreting security requirements and goals to communicate with stakeholders from other disciplines
Provide objective guidance and impartial recommendations to staff and senior management on security processes and controls
Establish effective collaboration within teams to implement secure solutions
Governance, risk and compliance committee