Exciting Changes to the CompTIA Advanced Security Practitioner (CASP+) Certification! 003 vs. 004

The CompTIA Advanced Security Practitioner (CASP+) certification is a vendor-neutral credential and internationally focused compliance certification of advanced-level cybersecurity skills and knowledge. It is the only hands-on, performance-based certification for advanced practitioners and covers both security architecture and engineering.

To address the latest technologies and meet the needs of the industry, CompTIA constantly reviews the content of its certifications, including the CASP+. It is now more reflective of cybersecurity architecture and engineering, and focuses more on leading teams to design, troubleshoot, and implement cybersecurity solutions.

The new CASP+ (CAS-004) exam will launch on October 6, 2021, with new exam objectives that focus on the most up-to-date and current skills needed for the following tasks:

– Architect, Engineer, integrate and implement secure solutions across complex environments to support a resilient enterprise

– Use monitoring, detection, incident response, and automation to proactively support ongoing security operations in an enterprise environment

– Apply security practices to cloud, on-premises, endpoint, and mobile infrastructure, while considering cryptographic technologies and techniques

– Consider the impact of governance, risk, and compliance requirements throughout the enterprise

The new recommended experience of a minimum of ten years of general hands-on IT experience, with at least five years of broad hands-on security experience. Compared to CAS-003’s minimum of ten years of experience in IT administration, including at least five years of hands-on technical security experience. 


The coverage of the exam domains has only some slight changes which it has been rearranged into four domains instead of five.

20% of the certification was updated to include the following:

Security Architecture: Expanded coverage for analysis of hybrid network security requirements to work towards a zero-trust security architecture across the enterprise with advanced and secure cloud and virtualization solutions

Security Operations: Increased focus on newer techniques that address advanced threat management, vulnerability management, risk mitigation, incident response tactics, and digital forensics

Security Engineering and Cryptography: Expanded to focus on advanced cybersecurity configurations for endpoint security controls, enterprise mobility, hybrid/cloud environments, and cryptographic and PKI solutions for the entire enterprise

Governance, Risk and Compliance: Expanded to support advanced techniques for demonstrating compliance and resilience metrics of a company’s overall cybersecurity, such as CMMC, PCI-DSS, SOX, HIPAA, FISMA, NIST and CCPA

As you prepare for the test, consider the exam objectives as your items to learn. Cybersecurity has become a critical function, which is why CompTIA is constantly reviewing exam content and updating questions to ensure relevance and exam integrity.

Learn more about the new CASP+ (CAS-004) here.

You can find the exam voucher here.

You can find the CASP+ course here.

Related Articles