Training and Certification
CompTIA CASP+ Exam Updates
April 23, 2018
[This post was last updated on 4/19/2019.]
The new CASP+ certification CAS-003 exam is focused on the most current knowledge and skills required of advanced security professionals.
CASP+ Certification Overview
CompTIA’s CASP+ certification is a unique advanced-level certification in that it is geared towards professionals who want to continue in a hands-on security practitioner role versus a managerial role. Security managers are primarily responsible for identifying policies and frameworks that may need to be implemented, CASP+ professionals decide the best course to apply and execute the policies and/or frameworks.
The certification is for professionals in the following, or similar, roles:
- Information Systems Security Engineers
- Security Consultants
- Network Security Engineers
- Security Architects
- Technical Analysts
- And more!
CASP+ Exam Overview
Similar to previous CASP+ exams (CAS-001 and CAS-002), the newest exam, CAS-003, follows a similar format. The exam is pass or fail with no scaled score and contains no more than 90 multiple-choice/performance-based questions. The exam is administered through Pearson VUE and candidates will have 2 hours and 35 minutes to complete the exam. Applicants for the CASP+ certification are recommended to have at least 10 years of experience in IT administration, with at least five of those years in a hands-on technical security role.
New CASP+ CAS-003
The newest version of the CASP+ exam ensures that security practitioners will be prepared with the knowledge and skills to defend their organization from ever-evolving cyber threats. The changes to the exam will be seen in the following areas:
- Domains and percentage of exam
- Emphasis on evaluating risk
- Expansion of security control topics
- Greater coverage of cloud and virtualization technologies
- Incorporation of cryptographic techniques
A quick comparison of the new domains and percentages reflects the aforementioned items. See the side-by-side comparison below.
- Risk Management – 19%
- Enterprise Security Architecture – 25%
- Enterprise Security Operations – 20%
- Technical Integration of Enterprise Security – 23%
- Research, Development, and Collaboration – 13%
- Enterprise Security – 30%
- Risk Management and Incident Response – 20%
- Research and Analysis – 18%
- Integration of Computing, Communication, and Business Disciplines – 16%
- Technical Integration of Enterprise Components – 16%
After earning your CASP+ certification, you will need to earn 75 CEUs over the next three years to renew the certification.
Certification Renewal for CASP+
Renewing the CASP+ credential is necessary to remain certified. The credential holder must earn a minimum of 75 Continuing Education Units (CEUs) over a period of three years after they have passed the CASP+ exam. CEUs can be earned in a variety of ways, through a single activity or multiple activities.
Single activities accepted for renewal consideration by CompTIA include:
- Passing the latest version of an exam
- Earning a non-CompTIA Certification
Multiple activities accepted for CEU consideration by CompTIA include:
- Earning CompTIA certifications
- Attending training or higher education courses
- Participating in conferences or training
- Publishing blog posts, whitepapers, or writing a book
- Work experience
To learn more about why CASP+ is a worthwhile certification, read this blog post, “Is CASP+ Worth It”.