The CASP certification is an international, vendor-neutral exam that proves competency in enterprise security; risk management;research and analysis; and integration of computing, communications, and business disciplines.

The exam covers the technical knowledge and skills required to conceptualise, design, and engineer secure solutions across complex enterprise environments. It involves applying critical thinking and judgment across a broad spectrum of security disciplines to propose and implement solutions that map to enterprise drivers. For more detailed information, download the exam objectives.

While there is no required prerequisite, the CASP certification is intended to follow CompTIA Security+ or equivalent experience and has a technical, hands-on focus at the enterprise level.

CompTIA is an ANSI accredited Certifier – 0731. The CASP program is included in the scope of this accreditation. The CASP certification may be kept current through the CompTIA Continuing Education program.

Course Content

Lesson 1: The Enterprise Security Architecture

Topic 1A: The Basics of Enterprise Security
Topic 1B: The Enterprise Structure
Topic 1C: Enterprise Security Requirements
Lesson 2: Enterprise Security Technology

Topic 2A: Common Network Security Components and Technologies
Topic 2B: Communications and Collaboration Security
Topic 2C: Cryptographic Tools and Techniques
Topic 2D: Advanced Authentication
Lesson 3: Enterprise Resource Technology

Topic 3A: Enterprise Storage Security Issues
Topic 3B: Distributed, Shared, and Virtualized Computing
Topic 3C: Cloud Computing and Security
Lesson 4: Security Design and Solutions

Topic 4A: Network Security Design
Topic 4B: Conduct a Security Assessment
Topic 4C: Host Security
Lesson 5: Application Security Design

Topic 5A: Application Security Basics
Topic 5B: Web Application Security
Lesson 6: Managing Risk, Security Policies, and Security Procedures

Topic 6A: Analyze Security Risk
Topic 6B: Implement Risk Mitigation Strategies and Controls
Topic 6C: Implement Enterprise-Level Security Policies and Procedures
Topic 6D: Prepare for Incident Response and Recovery
Lesson 7: Enterprise Security Integration

Topic 7A: The Technology Life Cycle
Topic 7B: Inter-Organizational Change
Topic 7C: Integrate Enterprise Disciplines to Achieve Secure Solutions
Lesson 8: Security Research and Analysis

Topic 8A: Perform an Industry Trends and Impact Analysis
Topic 8B: Perform an Enterprise Security Analysis

Course Objectives

Upon successful completion of this course, students will be able to:

  • identify enterprise security fundamentals.
  • apply enterprise security technology solutions.
  • identify enterprise resource technologies and the potential security implications for these resources.
  • design security solutions.
  • identify application security design issues such as best practices for development and testing as well as threat mitigation techniques.
  • manage risk, security policies, and security procedures within an enterprise.
  • integrate security solutions within an enterprise.
  • conduct security research and analysis.

Exam Information

Number of Questions 80 (Maximum)
Length of Test 165 minutes
Passing score Pass/Fail only. No scaled score.
Recommended experience 10 years experience in IT administration, including at least 5 years of hands-on technical security experience
Languages English
Exam Code CAS-001

Skills Assessment

Make an Enquiry