CompTIA's newest certification exam, the CompTIA Advanced Security Practitioner (CASP), is now in beta. The beta exam is available free of charge to qualified candidates by using a discount code available by writing to casp@comptia.org. To be a qualified candidate, you must be a security professional with 10 years experience in IT and five years of day-to-day enterprise-level security experience. The beta will only be available until 400 exams have been given, so you are strongly encouraged to contact CompTIA soon.
The exam, which is intended to build on Security + even though it is not a prerequisite, is divided into the following four domains and weights:
| Domain | Weight | Top Level Objectives |
| Enterprise Security | 40% | Distinguish which cryptographic tools and techniques are appropriate for a given situation |
| Distinguish and select among different types of virtualized, distributed and shared computing | ||
| Explain the security implications of enterprise storage | ||
| Integrate hosts, networks, infrastructures, applications and storage into secure comprehensive solutions | ||
| Distinguish among security controls for hosts | ||
| Explain the importance of application security | ||
| Given a scenario, distinguish and select the method or tool that is appropriate to conduct an assessment | ||
| Risk Management, Policy / Procedure and Legal | 24% | Analyze the security risk implications associated with business decisions |
| Execute and implement risk mitigation strategies and controls | ||
| Explain the importance of preparing for and supporting the incident response and recovery process | ||
| Implement security and privacy policies and procedures based on organizational requirements | ||
| Research and Analysis | Analyze industry trends and outline potential impact to the enterprise | |
| Carry out relevant analysis for the purpose of security the enterprise | ||
| Integration of Computing, Communications and Business Disciplines | 22% | Integrate enterprise disciplines to achieve secure solutions |
| Explain the security impact of inter-organizational change | ||
| Select and distinguish the appropriate security controls with regard to communications and collaboration | ||
| Explain advanced authentication tools, techniques and concepts | ||
| Carry out security activities across the technology life cycle |
