CASP+: exam details and process [2022 update]
CompTIA has created the CASP+ (CompTIA Advanced Security Practitioner) to offer experienced IT security professionals effective ways to showcase their cybersecurity knowledge. The entrance requirements for this exam mean that only practicing experts (e.g., senior-level IT security staff, architects, engineers) can attain this certification, making it highly sought after and a good indicator for potential employers to consider when vetting future employees.
The latest version of the exam, CAS-004, launched on October 6, 2021, and features four revised domains that cover the knowledge needed to implement secure solutions across complex environments while considering the impact of governance, risk, and compliance requirements.
How many questions are in the CASP+?
The CASP+ exam consists of a maximum of 90 questions. There is no scaled score, and the exam is pass/fail.
How long do you have to complete the exam?
Candidates are given a maximum of 165 minutes to complete the test.
What is the format of the exam?
The exam format is multiple choice and performance-based, linked to a direct pass/fail score. This means that after the exam has been completed, there will be no results given to the candidate other than a pass or fail notification.
Performance-based questions (PBQ) create a simulated environment that offers unparalleled realism for practical hands-on operating specific tasks. A full explanation of PBQs can be found on CompTIA’s website here.
Below are the exam objectives, broken down into four domains on which the test is based.
|CAS-004 Exam Domains|
|1. Security Architecture (29%) – includes topics related to the security requirements needed to ensure an appropriate, secure network architecture; how to integrate software applications securely; appropriate authentication and authorization controls; secure cloud and virtualization solutions; the impact of emerging technologies on enterprise security and privacy.|
|2. Security Operations (30%) – puts emphasis on newer techniques addressing advanced threat management, vulnerability management and assessment, penetration testing, risk mitigation, incident response tactics and digital forensics analysis and latest tools.|
|3. Security Engineering and Cryptography (26%) – focuses on advanced cybersecurity configurations for endpoint security controls, enterprise mobility, cloud/hybrid environments as well as PKI and cryptographic solutions.|
|4. Governance, Risk and Compliance (15%) – covers advanced techniques to apply the appropriate risk strategies; mitigation of vendor risk; compliance to regulations such as CMMC, PCI-DSS, SOX, HIPAA, FISMA, NIST, STAR and CCPA; the importance of business continuity and disaster recovery readiness.|
Note: The CAS-004 exam domains include 80% of the topics similar to the previous version (CAS-003) and 20% updated information.
Where do I take the exam?
You may take this CompTIA certification exam through OnVUE online proctoring or in-person at a Pearson VUE testing center. The CASP+ exam can be scheduled by creating an account and logging in here. The full process to register for this exam is as follows:
- Purchase an exam voucher
- Create your account
- Locate a Pearson VUE-owned and operated test center in your area; otherwise, opt to take your exam online monitored by a VUE-certified proctor via webcam
- Schedule, reschedule, or cancel an exam
- Review your program’s test policies, like which forms of ID are accepted
- Take note of the exam particulars, such as reading all test instructions and candidate rules thoroughly
What score do I need to pass?
There is no set percentage for a passing score, and as such, candidates will only be told if they pass or fail. If you’ve passed the exam, you will receive a congratulatory email from CompTIA. The provided score report gives details on which exam areas you performed well.
If you haven’t passed your exam, don’t give up! “Being well-prepared remains your best bet to score a positive exam outcome, namely passing the test and being awarded the CASP+ certification,” says CompTIA.
How long do I have to wait if I don’t pass the first time?
If candidates fail the first time, they will be allowed to re-attempt the test within 24 hours (CompTIA does not require any waiting period). If they fail the exam a second time, they will need to wait for 14 calendar days before attempting the exam for the third time.
Note that candidates must pay the exam price each time they re-attempt the exam. CompTIA does not offer any free re-tests or even discounts on retakes. So, invest time in training and peruse study resources to prepare for the CASP+ exam.
If you decide that you cannot proceed with the exam, you can reschedule; however, there are some conditions. Exam rescheduling has to be done at least 24 hours before the test is set to start; any time after that, the candidate will have to forfeit the examination fee and pay again to attempt the CASP+ exam.
Note: Exams scheduled with ADA-specific needs require a three-day reschedule notice.
Recommended work experience
Candidates that wish to pursue the CASP+ certification are recommended to have at least ten years of general hands-on IT experience, with at least five years of broad hands-on security experience. Enterprise-level security management experience is helpful for certification candidates.
What is the price of the CASP exam?
Below is a current pricing table for all regions:
To buy the certification exam voucher, visit the CompTIA Store.
In order to successfully sit in for your CASP+ exam and gain access to the exam venue, you must produce suitable identification. Failure to provide a proper ID will result in the candidate not being able to take the exam and forfeiture of the examination fee. CompTIA has a list of identification documents that will be accepted on exam day. A proper ID is required for both on-site and remote testing.
- All names on the presented identification documentation must match exactly the registered candidate’s names.
- Candidates that find themselves outside of their country of origin must present identification that is acceptable to the country in which they are attempting to take their CASP+ exam. A valid passport may be used with a secondary form of ID.
- Original forms of documentation may only be presented, not photocopies.
The types of primary IDs include
- An international travel passport
- A valid driver’s license
- A military ID
- An identification card (state, province or national)
- An alien registration card (visa, permanent resident, green card)
- A local language ID (not in Roman characters) is accepted if issued from the country the candidate is testing in
If you have any questions about the ID policy, contact the Pearson VUE customer service center (www.pearsonvue.com/contact) at least three business days before the scheduled exam appointment.
CompTIA has a Continuing Education (CE) program that allows candidates to keep their certification valid and current. This helps candidates stay updated with new technologies and emerging trends in IT security, making it a valuable tool for specialists who have already completed a CompTIA certification. In the case of CASP+, candidates must ensure that they maintain their certification every three years by completing qualifying activities and earning 75 CEUs; at least 50 percent of each chosen activity content must relate to one or more exam objectives for the certification they’re renewing. Choose the option that works best for you here. You must pay CE fees before submitting your completed activities. Due dates are based on your CE renewal cycle, not the calendar year and amount to $50 per year, or $150 every three years.
Best way to train for the CASP+ exam
Individual learners will find, of course, CompTIA’s CASP+ CAS-004 Certification Study Guide helpful to prepare for the examination. The text gives a good understanding of what is covered in all domains the exam is based on. However, learners can choose the best option for their needs and learning style by reviewing the offer of a reputable training provider to better tailor their preparation.
The CASP+ certification is in demand, and the outlook for certified professionals with the related “technical knowledge and skills required to conceptualize, engineer, integrate and implement secure solutions across complex environments to support a resilient enterprise” is good with employers valuing this credential and access to above-average IT salaries and vast tech career paths.
- CompTIA Advanced Security Practitioner (CASP+), CompTIA
- What Renewal Options Are Available to You?, CompTIA
- CASP+ 003 vs. 004: What’s the Difference?, CompTIA
- CASP+ CAS-004 Certification Study Guide, CompTIA
- How Do I Get My CASP+ Certification?, CompTIA
- What is CompTIA CASP+ Certification?, CompTIA
- 7 Ways to Prep for a CompTIA Exam, CompTIA
- Continuing Education (CE) Program, CompTIA
- CAS-004 Exam Objectives, CompTIA
- Certification Exam Policies, CompTIA
- Certification Retake Policy, CompTIA
- Take an Exam Online, CompTIA
- Buy CompTIA Exam, CompTIA
- Candidate ID Policy, CompTIA
- After Your Exam, CompTIA