CompTIA Advanced Security Practitioner (CASP+) is an advanced-level cybersecurity certification designed for security architects and senior security engineers. It focuses on their ability to lead and enhance an enterprise’s cybersecurity readiness. CASP+ stands out in the cybersecurity certification landscape by being hands-on and performance-based.
- CASP+ is specifically aimed at advanced practitioners, not managers, who operate at an advanced skill level within cybersecurity.
- It covers both security architecture and engineering, equipping professionals to assess an organization’s cybersecurity readiness and implement the necessary solutions.
- CASP+ is comprehensive, addressing technical skills in various environments, governance, risk, and compliance, and the leadership of technical teams to implement enterprise-wide cybersecurity solutions.
- The certification is compliant with ISO 17024 standards and approved by the US Department of Defense (DoD) to meet directive 8140/8570.01-M requirements.
- It emphasizes key skills in security architecture, security operations, governance, risk, compliance, and security engineering and cryptography.
- Job opportunities for CASP+ certified individuals include Security Architect, Cybersecurity Engineer, Cyber Risk Analyst, SOC Manager, and Chief Information Security Officer.
- The CASP+ exam is a pass/fail test with no scaled score. It consists of a maximum of 90 multiple-choice and performance-based questions and lasts for 165 minutes.
- A minimum of ten years of general hands-on IT experience, including at least five years in hands-on security roles, is recommended for candidates.
- The certification is offered in English, Japanese, and Thai.
- CASP+ is typically retired three years after its launch.
- The price for the exam is $494 USD.
Difficulty: 1 out of 5.
In 2018, I enrolled in a week-long online course to prepare for the CompTIA Advanced Security Practitioner (CASP) exam. Regrettably, due to the poor quality of the instructor, I discontinued the course after just two days. My experience with online boot camps has led me to realize that the quality of instructors can be highly variable, often leading to mixed outcomes.
The CASP material, in my opinion, appeared to be a simplified version of the topics covered in the CISSP certification. While I am uncertain if CompTIA intends for CASP to serve as an introduction to CISSP, that was the impression I gathered from the content. Those who find the CASP exam relatively easy should consider transitioning to prepare for the CISSP certification promptly.
I found the CASP exam to be relatively non-technical, making it easily approachable through self-study or decent online courses available on platforms like Udemy. However, I currently perceive minimal value in terms of my career progression by possessing and maintaining the CASP certification.