While CompTIA is widely known for their foundational coverage of networking and security, they are now developing a more advanced security certification, the CompTIA Advanced Security Practitioner (CASP). While this advanced security certification is still in the development phase, what is known is that it is targeted at individuals with ten years experience with a minimum of five years of actual hands on work.
The Advanced Security Practitioner certification will cover a body of knowledge that includes key security knowledge. To become certified, CASP exam candidates will need to pass one exam that covers the following domains:
- Enterprise Security
- Risk Management, Policy/Procedure, and Legal
- Research and Analysis
- Integration of Computing, Communications, and Business Disciplines
I believe that there is a real place for the CASP certification. I like the concept of vendor neutral certifications and there is a real gap between most of the entry-level security certifications that cover foundational knowledge and higher-level certifications such as CISSP, CISA, and CISM. While we certainly need high-level cyber security experts to lead, organize, and control, there’s also a real need for people that have hands on experience at securing critical infrastructure. How well this CompTIA certification covers all aspects of IT security won’t be known until the complete outline is released.