CompTIA Advanced Security Practitioner (CASP+) is an advanced-level cybersecurity certification for security architects and senior security engineers charged with leading and improving an enterprise’s cybersecurity readiness.

Why is CASP+ Different?

  • CASP+ is the only hands-on, performance-based certification for advanced practitioners — not managers — at the advanced skill level of cybersecurity. While cybersecurity managers help identify what cybersecurity policies and frameworks could be implemented, CASP+ certified professionals figure out how to implement solutions within those policies and frameworks.
  • Unlike other certifications, CASP+ covers both security architecture and engineering – CASP+ is the only certification on the market that qualifies technical leaders to assess cyber readiness within an enterprise, and design and implement the proper solutions to ensure the organization is ready for the next attack.
  • Man working in a room full of computers.

    About the Exam

    The new CASP+ (CAS-004) exam will launch October 6, 2021!

    CASP+ is an advanced-level cybersecurity certification covering technical skills in security architecture and senior security engineering in traditional, cloud, and hybrid environments, governance, risk, and compliance skills, assessing an enterprise’s cybersecurity readiness, and leading technical teams to implement enterprise-wide cybersecurity solutions. Successful candidates will have the knowledge required to:

  • Architect, engineer, integrate, and implement secure solutions across complex environments to support a resilient enterprise
  • Use monitoring, detection, incident response, and automation to proactively support ongoing security operations in an enterprise environment
  • Apply security practices to cloud, on-premises, endpoint, and mobile infrastructure, while considering cryptographic technologies and techniques
  • Consider the impact of governance, risk, and compliance requirements throughout the enterprise
  • CASP+ is compliant with ISO 17024 standards and approved by the US DoD to meet directive 8140/8570.01-M requirements. Regulators and government rely on ANSI accreditation, because it provides confidence and trust in the outputs of an accredited program. Over 2.3 million CompTIA ISO/ANSI-accredited exams have been delivered since January 1, 2011.

    What Skills Will You Learn?


    Security Architecture

    Expanded coverage to analyze security requirements in hybrid networks to work toward an enterprise-wide, zero trust security architecture with advanced secure cloud and virtualization solutions.


    Security Operations

    Expanded emphasis on newer techniques addressing advanced threat management, vulnerability management, risk mitigation, incident response tactics, and digital forensics analysis.


    Governance, Risk, and Compliance

    Expanded to support advanced techniques to prove an organization’s overall cybersecurity resiliency metric and compliance to regulations, such as CMMC, PCI-DSS, SOX, HIPAA, GDPR, FISMA, NIST, and CCPA.


    Security Engineering and Cryptography

    Expanded to focus on advanced cybersecurity configurations for endpoint security controls, enterprise mobility, cloud/hybrid environments, and enterprise-wide PKI and cryptographic solutions.

    Organizations That Use CASP+


    Jobs That Use CASP+

    Security Architect

    Senior Security Engineer

    SOC Manager

    Security Analyst

    Exam Details

    Exam Codes
    Launch Date
    April 2, 2018
    October 6, 2021
    Exam Description

    CASP+ covers the technical knowledge and skills required to conceptualize, engineer, integrate and implement secure solutions across complex environments to support a resilient enterprise.

    CASP+ covers the technical knowledge and skills required to architect, engineer, integrate, and implement secure solutions across complex environments to support a resilient enterprise while considering the impact of governance, risk, and compliance requirements. 
    Number of Questions
    Maximum of 90 questions
    Type of Questions
    Multiple-choice and performance-based
    Length of Test
    165 Minutes
    Passing Score
    This test has no scaled score; it’s pass/fail only.
    Recommended Experience
    A minimum of ten years of experience in IT administration, including at least five years of hands-on technical security experience. 
     A minimum of ten years of general hands-on IT experience, with at least five years of broad hands-on security experience.
    English and Japanese
    English, Japanese to follow
    February, 2022
    Usually three years after launch 
    Testing Provider 

    Get Practice Questions and Exam Objectives
    I'm interested in receiving:

    CASP+ CAS-004:
    What’s in this version

    Information security threats are on the rise globally. Organizations are increasingly concerned over the lack of adequately trained senior IT security staff’s ability to effectively lead and manage the overall cybersecurity resiliency against the next attack. Updates to CASP+ qualify advanced skills required of security architects and senior security engineers to effectively design, implement, and manage cybersecurity solutions on complex enterprise networks.

    How does CASP+ Compare?



    (ISC)2 Certified Information Systems Security Professional (CISSP)

    GIAC Certified Enterprise Defender (GCED)
    ISACA Certified Information Security Manager (CISM)
    Performance Based Questions


    Experience Level
    Exam Focus
    Cybersecurity Practitioner Skills, Architect & Engineer
    Cybersecurity Management Skills
    Cybersecurity Practitioner Skills, Engineer
    Cybersecurity Management Skills
    Vendor Neutral


    Exam Preparation

    CompTIA offers a wealth of certification training designed for exam success. Find out more and explore all training options.

    Study Guides for CASP+

    Developed by CompTIA for the CompTIA certification candidate, study guides are available in print or eBook format and packed with informative and engaging content tied to exam objectives.



    Instructor-Led Training

    Whether you’re looking for in-classroom or live online training, CompTIA offers best-in-class instructor-led training for both individuals and teams. You can also find training among CompTIA’s vast network of Authorized Training Partners.


    Training for You   Training for Your Groups   CompTIA Training Partners 


    Keep your certification up to date with CompTIA’s Continuing Education (CE) program. It’s designed to be a continued validation of your expertise and a tool to expand your skillset. It’s also the ace up your sleeve when you’re ready to take the next step in your career.

    Get the most out of your certification
    Information technology is an incredibly dynamic field, creating new opportunities and challenges every day. Participating in our Continuing Education program will enable you to stay current with new and evolving technologies, and remain a sought-after IT and security expert.

    The CompTIA Continuing Education program
    Your CompTIA Advanced Security Practitioner (CASP+) certification is good for three years from the date of your exam. The CE program allows you to extend your certification in three-year intervals, through activities and training that relate to the content of your certification. Like CASP+ itself, CASP+ CE also carries globally-recognized ISO/ANSI accreditation status. 

    It’s easy to renew
    You can participate in a number of activities and training programs — including higher certifications — to renew your CASP+ certification. Collect at least 75 Continuing Education Units (CEUs) in three years and upload them to your certification account. Your CASP+ will automatically renew when you do this!

    Want more details? Learn more about the CompTIA Continuing Education program.

    iconHowToRenew CASP can be renewed.


    CEUs needed for renewal

    Renew Now

    CompTIA Advanced Security Practitioner (CASP+) (CAS-003) Purchase Options

    CompTIA CASP+ Exam Voucher
    CompTIA CASP+ Exam Retake
    CompTIA Labs for CASP+ (CAS-003)
    eBook – The Official CompTIA CASP+ Self-Paced Study Guide (CAS-003)



    Basic Bundle



    Deluxe Labs Bundle



    CASP+ occupies a strongly-needed niche. I feel that it’s one of the most important certifications that I hold.

    Weylin Piegorsh,
    Computer Sciences Corporation

    In my environment, military defense, CASP+ is what service members and defense contractors need for their highest level IA-III security admin privileges.

    Nadean Tanner,
    Ironhorse University

    The person with the certification is the one who is going to get hired.

    Robert Blanchard,
    director of support services, Aspen Skiing Co.

    I needed to establish my career. In this profession, a person who has certifications is more recognized in the market.

    Wanderley Martins,
    CASP-certified Senior Security Specialist, Capgemini-Brazil