CompTIA Advanced Security Practitioner (CASP+)
Overview
CASP+ is an advanced-level cybersecurity certification covering technical skills in security architecture andsenior security engineering in traditional, cloud, and hybrid environments, governance, risk, andcompliance skills, assessing an enterprises cybersecurity readiness, and leading technical teams to implement enterprise-wide cybersecurity solutions.
Objectives
- Architect, engineer, integrate, and implement secure solutions across complex environments to support a resilient enterprise.
- Use monitoring, detection, incident response, and automation to proactively support ongoing security operations in an enterprise environment.
- Apply security practices to cloud, on-premises, endpoint, and mobile infrastructure, while considering cryptographic technologies and techniques.
- Consider the impact of governance, risk, and compliance requirements throughout the enterprise.
Prerequisites
- A minimum of ten years of experience in IT administration, including at least five years of hands-on technical security experience.
- A minimum of ten years of general hands-on IT experience, with at least five years of broad hands-on security experience.
Outline
- Explain Risk Assessment Methods.
- Summarize the Risk Lifecycle.
- Assess & Mitigate Vendor Risk.
- Identifying Critical Data Assets.
- Compare and Contrast Regulations, Accreditations, and Standards.
- Explain Legal Considerations & Contract Types.
- Explain the Role of Business Impact Analysis.
- Assess Disaster Recovery Plans.
- Explain Testing and Readiness Activities.
- Explain Critical Services.
- Explain Defensible Network Design.
- Implement Durable Infrastructures.
- Explain Secure Integration Activities.
- Assess Software Development Activities.
- Analyze Access Control Models & Best Practices.
- Analyze Development Models & Best Practices.
- Explain Virtualization and Cloud Technology.
- Explain Emerging Technologies.
- Analyze Enterprise Mobility Protections.
- Implement Endpoint Protection.
- Understand Impacts of Cloud Technology Adoption.
- Explain Security Concerns for Sector-Specific Technologies.
- Implementing Hashing and Symmetric Algorithms.
- Implementing Appropriate Asymmetric Algorithms and Protocols.
- Analyze Objectives of Cryptography and Public Key Infrastructure (PKI).
- Implementing Appropriate PKI Solutions.
- Explore Threat and Vulnerability Management Concepts.
- Explain Vulnerability and Penetration Test Methods.
- Explain Technologies Designed to Reduce Risk.
- Analyzing and Mitigating Vulnerabilities.
- Identifying and Responding to Indicators of Compromise.
- Exploring Digital Forensic Concepts.
Exam Facts
| Delivery | Online (Web based) |
| Format | Multiple choice |
| Proctoring | Live |
| Duration | 165 Minutes |
| # of questions | 90 |
| Pass grade | This test has no scaled score; it’s pass/fail only. |
Related Certification
- Certified: Advanced Security Practitioner CASP+ (CAS-004)
