CompTIA Advanced Security Practitioner (CASP)

CompTIA has released a new certification called the CompTIA Advanced Security Practitioner (CASP). You can view the objectives for this certification here.

Looking over the objectives and the documentation about this exam, it’s clear that this is a at least a step above the CompTIA Security+ exam and it looks like a logical next step for people that have earned their Security+ certification and want to elevate their status. I recently finished up a book on the SSCP certification and the CASP is a step above the SSCP certification also.

I’m hesitant to say that the CASP will be on the same level as the CISSP certification, but the recommended requirements are high. CompTIA says that the “CompTIA Advanced Security Practitioner (CASP) Certification is aimed at an IT security professional who has a minimum of 10 years experience in IT administration including at least 5 years of hands-on technical security experience.” In contrast, the CISSP requires a minimum of five years of experience in at least two of the ten domains.

An important distinction between CASP and CISSP though is that while the CISSP requires the experience and takes steps to verify candidates truly have the minimum experience, CompTIA only recommends that candidates have the experience.

The CASP exam has four domains:

• 1.0 Enterprise Security (40%)
• 2.0 Risk Management, Policy/Procedure and Legal (24%)
• 3.0 Research and Analysis (14%)
• 4.0 Integration of Computing, Communications, and Business Disciplines (22%)

I was lucky enough to take this exam back when it was in the beta stages, so it was free for me. If you want to take it now, the retail price is listed at $329 USD. If you’re working on your Security+ certification now, you may find this certification in your future.

Best of luck.

Darril Gibson

Update: I received an email on September 15th letting me know I passed the beta.