SlideShare uma empresa Scribd logo

CompTIA CASP+ | Everything you need to know about the new exam

Infosec
Infosec

Want to be an advanced cybersecurity practitioner? Then CompTIA’s CASP+ certification may be the perfect fit for you. The popular certification is getting an overhaul heading into 2022 to ensure it validates the most relevant and in-demand skills — from security architecture and operations to engineering and governance.

Tecnologia
1 de 24
Meet the panel Director, Certification Product Management CompTIA Jeff Peters Director of Content Marketing Infosec Patrick Lane
Today’s webcast ➢ Industry changes ➢ CompTIA CASP+ (CAS-004) overview ➢ CompTIA career pathway ➢ CASP+ CAS-004 exam changes ➢ CompTIA training resources ➢ Q&A
Free resources Free resources from CompTIA and Infosec Downloads  CompTIA cybersecurity career pathway  CompTIA CASP+ exam outline Webinars  Network+  Security+  CySA+  PenTest+
Industry changes
State of cybersecurity: A global view The global cybersecurity market size is projected to grow from $217.9B currently to $345.4B in five years, a 9.7% increase. Across global organizations, projected growth is due to increasing awareness and investments in cybersecurity infrastructure across multiple verticals. Growth: The need for endpoint and VPN security measures, as well as increased demand for cyber hygiene practices Opportunities: Increasing adoption of IoT-based security software to increase demand for cybersecurity solutions Challenge: Properly designing and implementing cybersecurity solutions  Number of cybersecurity incidents worldwide: 32,000  Global industry sector most targeted by cyber espionage: manufacturing  Areas with the biggest shortage of cybersecurity skills: senior-level cybersecurity positions
CompTIA CASP+ overview
CompTIA CASP+ certification Architect, engineer, integrate and implement secure solutions across complex environments to support a resilient enterprise Use monitoring, detection, incident response and automation to proactively support ongoing security operations in an enterprise environment Apply security practices to cloud, on-premises, endpoint and mobile infrastructure, while considering cryptographic technologies and techniques Consider the impact of governance, risk and compliance requirements throughout the enterprise The CompTIA CASP+ certification exam will verify the successful candidate has the knowledge and skills required to:
CASP+ candidate profile Primary job roles ➢ Security architect ➢ Senior security engineer Secondary job roles ➢ Cyber risk analyst ➢ SOC manager ➢ Security analyst ➢ IT cybersecurity specialist / InfoSec specialist Recommended experience ➢ 10 years of IT administration ➢ Five years hands-on, technical security experience
CompTIA career pathway CompTIA certifications align with the skill sets needed to support and manage IT infrastructure. Enter where appropriate for you. Consider your experience and existing certifications or course of study.
CASP+ CAS-004 exam
How industry changes affected the exam objectives  Expanded cloud security architecture, engineering and operations tasks in hybrid environments.  More GRC techniques to prove an organization’s overall cybersecurity resiliency against the next attack; this skill is very important for regulations (such as PCI-DSS, NIST, HIPPA), which recommend or require a cybersecurity resiliency score. More foundational GRC concepts were removed and are taught earlier in the cybersecurity career pathway (Security+).  More focus on senior security engineering tasks and security architecture.  Redistribution of the previous research development and collaboration domain into multiple domains, wherever R&D and collaboration were applied. CASP+ qualifies advanced skills required of security architects and senior security engineers to effectively design, implement and manage cybersecurity solutions on complex enterprise networks. 80% of topics are similar, and 20% have been updated to include:
Exam objectives: What’s new?  Exam purpose and audience are similar  Fewer domains: 4 versus 5  More objectives: 28 versus 19 due to break down of larger CAS-003 objectives into multiple objectives to improve instructional design  Reduced page count: one fewer page of material due to removal of outdated tech, reorganization and topic updates
Exam domains: What's new? CAS-004 CAS-003 Exam domains % Exam domains % 1.0 Security architecture 29% 2.0 Enterprise security architecture 25% 2.0 Security operations 30% 3.0 Enterprise security operations 20% 3.0 Security engineering and cryptography 26% 4.0 Technical integration of enterprise security 23% 4.0 Governance, risk and compliance 15% 1.0 Risk management 19% Redistributed R&D across domains as needed 5.0 Research, development and collaboration 13%
1.0 Security architecture CAS-004 New objectives 1.1 Given a scenario, analyze the security requirements and objectives to ensure an appropriate, secure network architecture for a new or existing network. 1.2 Given a scenario, analyze the organizational requirements to determine the proper infrastructure security design. 1.3 Given a scenario, integrate software applications securely into an enterprise architecture. 1.4 Given a scenario, implement data security techniques for securing enterprise architecture. 1.5 Given a scenario, analyze the security requirements and objectives to provide the appropriate authentication and authorization controls. 1.6 Given a set of requirements, implement secure cloud and virtualization solutions. 1.7 Explain how cryptography and public key infrastructure (PKI) support security objectives and requirements. 1.8 Explain the impact of emerging technologies on enterprise security and privacy.
2.0 Security operations CAS-004 New objectives 2.1 Given a scenario, perform threat management activities. 2.2 Given a scenario, analyze indicators of compromise and formulate an appropriate response. 2.3 Given a scenario, perform vulnerability management activities. 2.4 Given a scenario, use the appropriate vulnerability assessment and penetration testing methods and tools. 2.5 Given a scenario, analyze vulnerabilities and recommend risk mitigations. 2.6 Given a scenario, use processes to reduce risk. 2.7 Given an incident, implement the appropriate response. 2.8 Explain the importance of forensic concepts. 2.9 Given a scenario, use forensic analysis tools.
3.0 Security engineering and cryptography CAS-004 New objectives 3.1 Given a scenario, apply secure configurations to enterprise mobility. 3.2 Given a scenario, configure and implement endpoint security controls. 3.3 Explain security considerations impacting specific sectors and operational technologies. 3.4 Explain how cloud technology adoption impacts organizational security. 3.5 Given a business requirement, implement the appropriate PKI solution. 3.6 Given a business requirement, implement the appropriate cryptographic protocols and algorithms. 3.7 Given a scenario, troubleshoot issues with cryptographic implementations.
4.0 Governance, risk and compliance CAS-004 New objectives 4.1 Given a set of requirements, apply the appropriate risk strategies. 4.2 Explain the importance of managing and mitigating vendor risk. 4.3 Explain compliance frameworks and legal considerations, and their organizational impact. 4.4 Explain the importance of business continuity and disaster recovery concepts.
CASP CAS-004 exam information Item Description Exam code CAS-004 Release date October 6, 2021 Availability Worldwide Testing provider Pearson VUE Testing Centers and OnVUE Question Types Performance based (simulated with virtual coming soon) and multiple choice No. of Questions Maximum of 90 questions Length of Test 165 minutes Passing Score 750 (on a scale of 100-900) Languages English, others to follow Recommended Experience A minimum of ten years of general hands-on IT experience, with at least five years of broad hands-on security experience Accreditation ISO/ANSI 17024 approved; U.S. DoD 8140/8570.01-M approved
CompTIA training resources
Get certified with Infosec Skills Train for your CompTIA certification with Infosec Skills: Infosec Skills subscription: ➢ 130+ role-based learning paths (e.g., ITF+, A+, Network+, Security+, CySA+ PenTest+, CASP+) ➢ 100s of hands-on labs in cloud-hosted cyber ranges ➢ Custom certification practice exams and skill assessments Infosec Skills live boot camp: ➢ Live, instructor-led training (in-person or live online) ➢ Certification exam voucher ➢ 90 day extended access to recordings of daily lessons, plus all materials in Infosec Skills ➢ Exam Pass Guarantee infosecinstitute.com/skills
Get certified with Infosec Skills And the winner for a one-year subscription to Infosec Skills is … infosecinstitute.com/skills (Valued at $299)
Questions?
About us Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. www.infosecinstitute.com

Recomendados

CompTIA CySA+ certification (CS0-003) changes: Everything you need to know
CompTIA CySA+ certification (CS0-003) changes: Everything you need to knowCompTIA CySA+ certification (CS0-003) changes: Everything you need to know
CompTIA CySA+ certification (CS0-003) changes: Everything you need to know
Infosec
 
CompTIA PenTest+: Everything you need to know about the exam
CompTIA PenTest+: Everything you need to know about the examCompTIA PenTest+: Everything you need to know about the exam
CompTIA PenTest+: Everything you need to know about the exam
Infosec
 
When and How to Set up a Security Operations Center
When and How to Set up a Security Operations CenterWhen and How to Set up a Security Operations Center
When and How to Set up a Security Operations Center
Komand
 
Rothke rsa 2012 building a security operations center (soc)
Rothke rsa 2012 building a security operations center (soc)Rothke rsa 2012 building a security operations center (soc)
Rothke rsa 2012 building a security operations center (soc)
Ben Rothke
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Edureka!
 
NIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewNIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An Overview
Tandhy Simanjuntak
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for Executives
Krist Davood - Principal - CIO
 
WHY SOC Services needed?
WHY SOC Services needed?WHY SOC Services needed?
WHY SOC Services needed?
manoharparakh
 

Recomendados

CompTIA CySA+ certification (CS0-003) changes: Everything you need to know
CompTIA CySA+ certification (CS0-003) changes: Everything you need to knowCompTIA CySA+ certification (CS0-003) changes: Everything you need to know
CompTIA CySA+ certification (CS0-003) changes: Everything you need to know
Infosec
 
CompTIA PenTest+: Everything you need to know about the exam
CompTIA PenTest+: Everything you need to know about the examCompTIA PenTest+: Everything you need to know about the exam
CompTIA PenTest+: Everything you need to know about the exam
Infosec
 
When and How to Set up a Security Operations Center
When and How to Set up a Security Operations CenterWhen and How to Set up a Security Operations Center
When and How to Set up a Security Operations Center
Komand
 
Rothke rsa 2012 building a security operations center (soc)
Rothke rsa 2012 building a security operations center (soc)Rothke rsa 2012 building a security operations center (soc)
Rothke rsa 2012 building a security operations center (soc)
Ben Rothke
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Edureka!
 
NIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewNIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An Overview
Tandhy Simanjuntak
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for Executives
Krist Davood - Principal - CIO
 
WHY SOC Services needed?
WHY SOC Services needed?WHY SOC Services needed?
WHY SOC Services needed?
manoharparakh
 
Security Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SMESecurity Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SME
AlienVault
 
The Next Generation of Security Operations Centre (SOC)
The Next Generation of Security Operations Centre (SOC)The Next Generation of Security Operations Centre (SOC)
The Next Generation of Security Operations Centre (SOC)
PECB
 
Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]
David Sweigert
 
Cyber Security For Organization Proposal PowerPoint Presentation Slides
Cyber Security For Organization Proposal PowerPoint Presentation SlidesCyber Security For Organization Proposal PowerPoint Presentation Slides
Cyber Security For Organization Proposal PowerPoint Presentation Slides
SlideTeam
 
Netpluz Managed SOC - MSS Service
Netpluz Managed SOC - MSS Service Netpluz Managed SOC - MSS Service
Netpluz Managed SOC - MSS Service
Netpluz Asia Pte Ltd
 
SOC and SIEM.pptx
SOC and SIEM.pptxSOC and SIEM.pptx
SOC and SIEM.pptx
SandeshUprety4
 
Security operation center
Security operation centerSecurity operation center
Security operation center
MuthuKumaran267
 
Cyber security career development paths
Cyber security career development pathsCyber security career development paths
Cyber security career development paths
Chelsea Jarvie
 
SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1
Priyanka Aash
 
What is SIEM? A Brilliant Guide to the Basics
What is SIEM? A Brilliant Guide to the BasicsWhat is SIEM? A Brilliant Guide to the Basics
What is SIEM? A Brilliant Guide to the Basics
Sagar Joshi
 
SOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterSOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations Center
Michael Nickle
 
From SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity ChasmFrom SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity Chasm
Priyanka Aash
 
NIST Cybersecurity Framework (CSF) 2.0: What has changed?
NIST Cybersecurity Framework (CSF) 2.0: What has changed?NIST Cybersecurity Framework (CSF) 2.0: What has changed?
NIST Cybersecurity Framework (CSF) 2.0: What has changed?
Andrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
 
Threat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalThreat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formal
Priyanka Aash
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center Fundamental
Amir Hossein Zargaran
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)
Ahmad Haghighi
 
Roadmap to security operations excellence
Roadmap to security operations excellenceRoadmap to security operations excellence
Roadmap to security operations excellence
Erik Taavila
 
Cybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architectureCybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architecture
Priyanka Aash
 
2 Security Architecture+Design
2 Security Architecture+Design2 Security Architecture+Design
2 Security Architecture+Design
Alfred Ouyang
 
Integrated Security Operations Center (ISOC) for Cybersecurity Collaboration
Integrated Security Operations Center (ISOC) for Cybersecurity CollaborationIntegrated Security Operations Center (ISOC) for Cybersecurity Collaboration
Integrated Security Operations Center (ISOC) for Cybersecurity Collaboration
Priyanka Aash
 
Meeting Today’s IT Support Challenges with CompTIA A+
Meeting Today’s IT Support Challenges with CompTIA A+Meeting Today’s IT Support Challenges with CompTIA A+
Meeting Today’s IT Support Challenges with CompTIA A+
CompTIA
 
2023.06 - CompTIA Security+ Everything you need to know about the new exam .pptx
2023.06 - CompTIA Security+ Everything you need to know about the new exam .pptx2023.06 - CompTIA Security+ Everything you need to know about the new exam .pptx
2023.06 - CompTIA Security+ Everything you need to know about the new exam .pptx
Infosec
 

Mais conteúdo relacionado

Mais procurados

Security Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SMESecurity Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SME
AlienVault
 

Mais procurados (20)

Security Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SMESecurity Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SME
 
The Next Generation of Security Operations Centre (SOC)
The Next Generation of Security Operations Centre (SOC)The Next Generation of Security Operations Centre (SOC)
The Next Generation of Security Operations Centre (SOC)
 
Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]
 
Cyber Security For Organization Proposal PowerPoint Presentation Slides
Cyber Security For Organization Proposal PowerPoint Presentation SlidesCyber Security For Organization Proposal PowerPoint Presentation Slides
Cyber Security For Organization Proposal PowerPoint Presentation Slides
 
Netpluz Managed SOC - MSS Service
Netpluz Managed SOC - MSS Service Netpluz Managed SOC - MSS Service
Netpluz Managed SOC - MSS Service
 
SOC and SIEM.pptx
SOC and SIEM.pptxSOC and SIEM.pptx
SOC and SIEM.pptx
 
Security operation center
Security operation centerSecurity operation center
Security operation center
 
Cyber security career development paths
Cyber security career development pathsCyber security career development paths
Cyber security career development paths
 
SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1
 
What is SIEM? A Brilliant Guide to the Basics
What is SIEM? A Brilliant Guide to the BasicsWhat is SIEM? A Brilliant Guide to the Basics
What is SIEM? A Brilliant Guide to the Basics
 
SOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterSOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations Center
 
From SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity ChasmFrom SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity Chasm
 
NIST Cybersecurity Framework (CSF) 2.0: What has changed?
NIST Cybersecurity Framework (CSF) 2.0: What has changed?NIST Cybersecurity Framework (CSF) 2.0: What has changed?
NIST Cybersecurity Framework (CSF) 2.0: What has changed?
 
Threat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalThreat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formal
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center Fundamental
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)
 
Roadmap to security operations excellence
Roadmap to security operations excellenceRoadmap to security operations excellence
Roadmap to security operations excellence
 
Cybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architectureCybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architecture
 
2 Security Architecture+Design
2 Security Architecture+Design2 Security Architecture+Design
2 Security Architecture+Design
 
Integrated Security Operations Center (ISOC) for Cybersecurity Collaboration
Integrated Security Operations Center (ISOC) for Cybersecurity CollaborationIntegrated Security Operations Center (ISOC) for Cybersecurity Collaboration
Integrated Security Operations Center (ISOC) for Cybersecurity Collaboration
 

Semelhante a CompTIA CASP+ | Everything you need to know about the new exam

2023.06 - CompTIA Security+ Everything you need to know about the new exam .pptx
2023.06 - CompTIA Security+ Everything you need to know about the new exam .pptx2023.06 - CompTIA Security+ Everything you need to know about the new exam .pptx
2023.06 - CompTIA Security+ Everything you need to know about the new exam .pptx
Infosec
 
CompTIA CASP Objectives
CompTIA CASP ObjectivesCompTIA CASP Objectives
CompTIA CASP Objectives
sombat nirund
 

Semelhante a CompTIA CASP+ | Everything you need to know about the new exam (20)

Meeting Today’s IT Support Challenges with CompTIA A+
Meeting Today’s IT Support Challenges with CompTIA A+Meeting Today’s IT Support Challenges with CompTIA A+
Meeting Today’s IT Support Challenges with CompTIA A+
 
2023.06 - CompTIA Security+ Everything you need to know about the new exam .pptx
2023.06 - CompTIA Security+ Everything you need to know about the new exam .pptx2023.06 - CompTIA Security+ Everything you need to know about the new exam .pptx
2023.06 - CompTIA Security+ Everything you need to know about the new exam .pptx
 
Meeting the Cybersecurity Skills Challenge with CompTIA Security+
Meeting the Cybersecurity Skills Challenge with CompTIA Security+Meeting the Cybersecurity Skills Challenge with CompTIA Security+
Meeting the Cybersecurity Skills Challenge with CompTIA Security+
 
Presentation_Borne
Presentation_BornePresentation_Borne
Presentation_Borne
 
Closing the Gap for Advanced Enterprise Cybersecurity Skills with CompTIA Adv...
Closing the Gap for Advanced Enterprise Cybersecurity Skills with CompTIA Adv...Closing the Gap for Advanced Enterprise Cybersecurity Skills with CompTIA Adv...
Closing the Gap for Advanced Enterprise Cybersecurity Skills with CompTIA Adv...
 
Cyber-Security Certifications
Cyber-Security CertificationsCyber-Security Certifications
Cyber-Security Certifications
 
CISSP Vs. CISA Which is better for you.pdf
CISSP Vs. CISA Which is better for you.pdfCISSP Vs. CISA Which is better for you.pdf
CISSP Vs. CISA Which is better for you.pdf
 
What’s New in CYSA+ Exam (CSO-002).pdf
What’s New in CYSA+ Exam (CSO-002).pdfWhat’s New in CYSA+ Exam (CSO-002).pdf
What’s New in CYSA+ Exam (CSO-002).pdf
 
Looking Forward to PCI DSS v4.0
Looking Forward to PCI DSS v4.0Looking Forward to PCI DSS v4.0
Looking Forward to PCI DSS v4.0
 
Keeping the World Connected with CompTIA Network+
Keeping the World Connected with CompTIA Network+Keeping the World Connected with CompTIA Network+
Keeping the World Connected with CompTIA Network+
 
Adapting IT Operations with CompTIA Cloud+
Adapting IT Operations with CompTIA Cloud+Adapting IT Operations with CompTIA Cloud+
Adapting IT Operations with CompTIA Cloud+
 
CS0-002 Exam Questinos | CS0002 Guidebook
CS0-002 Exam Questinos | CS0002 GuidebookCS0-002 Exam Questinos | CS0002 Guidebook
CS0-002 Exam Questinos | CS0002 Guidebook
 
CompTIA CASP Objectives
CompTIA CASP ObjectivesCompTIA CASP Objectives
CompTIA CASP Objectives
 
CompTIA 220-802 Dumps
CompTIA 220-802 DumpsCompTIA 220-802 Dumps
CompTIA 220-802 Dumps
 
CMMC Breakdown
CMMC BreakdownCMMC Breakdown
CMMC Breakdown
 
Certifications in IT fields
Certifications in IT fieldsCertifications in IT fields
Certifications in IT fields
 
CompTIA CAS-002 VCE Outline
CompTIA CAS-002 VCE OutlineCompTIA CAS-002 VCE Outline
CompTIA CAS-002 VCE Outline
 
CompTIA PenTest+ Exam (PT0-001) Exam Review
CompTIA PenTest+ Exam (PT0-001) Exam ReviewCompTIA PenTest+ Exam (PT0-001) Exam Review
CompTIA PenTest+ Exam (PT0-001) Exam Review
 
Best Cloud Computing Course | SCTS Cloud Course - Texceed
Best Cloud Computing Course | SCTS Cloud Course - TexceedBest Cloud Computing Course | SCTS Cloud Course - Texceed
Best Cloud Computing Course | SCTS Cloud Course - Texceed
 
Cisco CCNP Data Center
Cisco CCNP Data CenterCisco CCNP Data Center
Cisco CCNP Data Center
 

Mais de Infosec

AWS Certified DevOps Engineer: What it is and how to get certified
AWS Certified DevOps Engineer: What it is and how to get certifiedAWS Certified DevOps Engineer: What it is and how to get certified
AWS Certified DevOps Engineer: What it is and how to get certified
Infosec
 
AWS Cloud Operations Administrator: What it is and how to get certified
AWS Cloud Operations Administrator: What it is and how to get certifiedAWS Cloud Operations Administrator: What it is and how to get certified
AWS Cloud Operations Administrator: What it is and how to get certified
Infosec
 
AWS Certified Security - Specialty: What it is and how to get certified
AWS Certified Security - Specialty: What it is and how to get certifiedAWS Certified Security - Specialty: What it is and how to get certified
AWS Certified Security - Specialty: What it is and how to get certified
Infosec
 
AWS Certified Solutions Architect Webinar.pptx
AWS Certified Solutions Architect Webinar.pptxAWS Certified Solutions Architect Webinar.pptx
AWS Certified Solutions Architect Webinar.pptx
Infosec
 
Infosec and AWS - A new way to train for your AWS certification (1).pptx
Infosec and AWS - A new way to train for your AWS certification (1).pptxInfosec and AWS - A new way to train for your AWS certification (1).pptx
Infosec and AWS - A new way to train for your AWS certification (1).pptx
Infosec
 
How AI and ChatGPT are changing cybersecurity forever.pptx
How AI and ChatGPT are changing cybersecurity forever.pptxHow AI and ChatGPT are changing cybersecurity forever.pptx
How AI and ChatGPT are changing cybersecurity forever.pptx
Infosec
 
Learning ≠ Education: How people really learn and what it means for security ...
Learning ≠ Education: How people really learn and what it means for security ...Learning ≠ Education: How people really learn and what it means for security ...
Learning ≠ Education: How people really learn and what it means for security ...
Infosec
 
Join the hunt: Threat hunting for proactive cyber defense.pptx
Join the hunt: Threat hunting for proactive cyber defense.pptxJoin the hunt: Threat hunting for proactive cyber defense.pptx
Join the hunt: Threat hunting for proactive cyber defense.pptx
Infosec
 
Threat hunting foundations: People, process and technology.pptx
Threat hunting foundations: People, process and technology.pptxThreat hunting foundations: People, process and technology.pptx
Threat hunting foundations: People, process and technology.pptx
Infosec
 
How to do application security right
How to do application security rightHow to do application security right
How to do application security right
Infosec
 
A public discussion about privacy careers: Training, certification and experi...
A public discussion about privacy careers: Training, certification and experi...A public discussion about privacy careers: Training, certification and experi...
A public discussion about privacy careers: Training, certification and experi...
Infosec
 

Mais de Infosec (20)

AWS Certified DevOps Engineer: What it is and how to get certified
AWS Certified DevOps Engineer: What it is and how to get certifiedAWS Certified DevOps Engineer: What it is and how to get certified
AWS Certified DevOps Engineer: What it is and how to get certified
 
AWS Cloud Operations Administrator: What it is and how to get certified
AWS Cloud Operations Administrator: What it is and how to get certifiedAWS Cloud Operations Administrator: What it is and how to get certified
AWS Cloud Operations Administrator: What it is and how to get certified
 
AWS Certified Security - Specialty: What it is and how to get certified
AWS Certified Security - Specialty: What it is and how to get certifiedAWS Certified Security - Specialty: What it is and how to get certified
AWS Certified Security - Specialty: What it is and how to get certified
 
AWS Certified Solutions Architect Webinar.pptx
AWS Certified Solutions Architect Webinar.pptxAWS Certified Solutions Architect Webinar.pptx
AWS Certified Solutions Architect Webinar.pptx
 
Infosec and AWS - A new way to train for your AWS certification (1).pptx
Infosec and AWS - A new way to train for your AWS certification (1).pptxInfosec and AWS - A new way to train for your AWS certification (1).pptx
Infosec and AWS - A new way to train for your AWS certification (1).pptx
 
How AI and ChatGPT are changing cybersecurity forever.pptx
How AI and ChatGPT are changing cybersecurity forever.pptxHow AI and ChatGPT are changing cybersecurity forever.pptx
How AI and ChatGPT are changing cybersecurity forever.pptx
 
NCSAM 2023 Webinar.pptx
NCSAM 2023 Webinar.pptxNCSAM 2023 Webinar.pptx
NCSAM 2023 Webinar.pptx
 
Skills training value: How to differentiate your staff and your organization ...
Skills training value: How to differentiate your staff and your organization ...Skills training value: How to differentiate your staff and your organization ...
Skills training value: How to differentiate your staff and your organization ...
 
Learning ≠ Education: How people really learn and what it means for security ...
Learning ≠ Education: How people really learn and what it means for security ...Learning ≠ Education: How people really learn and what it means for security ...
Learning ≠ Education: How people really learn and what it means for security ...
 
Security awareness training - 4 topics that matter most
Security awareness training - 4 topics that matter mostSecurity awareness training - 4 topics that matter most
Security awareness training - 4 topics that matter most
 
Join the hunt: Threat hunting for proactive cyber defense.pptx
Join the hunt: Threat hunting for proactive cyber defense.pptxJoin the hunt: Threat hunting for proactive cyber defense.pptx
Join the hunt: Threat hunting for proactive cyber defense.pptx
 
Threat hunting foundations: People, process and technology.pptx
Threat hunting foundations: People, process and technology.pptxThreat hunting foundations: People, process and technology.pptx
Threat hunting foundations: People, process and technology.pptx
 
How to do application security right
How to do application security rightHow to do application security right
How to do application security right
 
A public discussion about privacy careers: Training, certification and experi...
A public discussion about privacy careers: Training, certification and experi...A public discussion about privacy careers: Training, certification and experi...
A public discussion about privacy careers: Training, certification and experi...
 
Learn intrusion detection: Using Zeek and Elastic for incident response
Learn intrusion detection: Using Zeek and Elastic for incident responseLearn intrusion detection: Using Zeek and Elastic for incident response
Learn intrusion detection: Using Zeek and Elastic for incident response
 
Get started in cybersecurity in 2022
Get started in cybersecurity in 2022Get started in cybersecurity in 2022
Get started in cybersecurity in 2022
 
CompTIA network+ | Everything you need to know about the new exam
CompTIA network+ | Everything you need to know about the new examCompTIA network+ | Everything you need to know about the new exam
CompTIA network+ | Everything you need to know about the new exam
 
Isaca career paths - the highest paying certifications in the industry
Isaca career paths - the highest paying certifications in the industryIsaca career paths - the highest paying certifications in the industry
Isaca career paths - the highest paying certifications in the industry
 
CMMC case study: Inside a CMMC assessment
CMMC case study: Inside a CMMC assessmentCMMC case study: Inside a CMMC assessment
CMMC case study: Inside a CMMC assessment
 
CMMC rollout: How CMMC will impact your organization
CMMC rollout: How CMMC will impact your organizationCMMC rollout: How CMMC will impact your organization
CMMC rollout: How CMMC will impact your organization
 

Último

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 

Último (20)

Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 

CompTIA CASP+ | Everything you need to know about the new exam

  • 1.
  • 2. Meet the panel Director, Certification Product Management CompTIA Jeff Peters Director of Content Marketing Infosec Patrick Lane
  • 3. Today’s webcast ➢ Industry changes ➢ CompTIA CASP+ (CAS-004) overview ➢ CompTIA career pathway ➢ CASP+ CAS-004 exam changes ➢ CompTIA training resources ➢ Q&A
  • 4. Free resources Free resources from CompTIA and Infosec Downloads  CompTIA cybersecurity career pathway  CompTIA CASP+ exam outline Webinars  Network+  Security+  CySA+  PenTest+
  • 6. State of cybersecurity: A global view The global cybersecurity market size is projected to grow from $217.9B currently to $345.4B in five years, a 9.7% increase. Across global organizations, projected growth is due to increasing awareness and investments in cybersecurity infrastructure across multiple verticals. Growth: The need for endpoint and VPN security measures, as well as increased demand for cyber hygiene practices Opportunities: Increasing adoption of IoT-based security software to increase demand for cybersecurity solutions Challenge: Properly designing and implementing cybersecurity solutions  Number of cybersecurity incidents worldwide: 32,000  Global industry sector most targeted by cyber espionage: manufacturing  Areas with the biggest shortage of cybersecurity skills: senior-level cybersecurity positions
  • 8. CompTIA CASP+ certification Architect, engineer, integrate and implement secure solutions across complex environments to support a resilient enterprise Use monitoring, detection, incident response and automation to proactively support ongoing security operations in an enterprise environment Apply security practices to cloud, on-premises, endpoint and mobile infrastructure, while considering cryptographic technologies and techniques Consider the impact of governance, risk and compliance requirements throughout the enterprise The CompTIA CASP+ certification exam will verify the successful candidate has the knowledge and skills required to:
  • 9. CASP+ candidate profile Primary job roles ➢ Security architect ➢ Senior security engineer Secondary job roles ➢ Cyber risk analyst ➢ SOC manager ➢ Security analyst ➢ IT cybersecurity specialist / InfoSec specialist Recommended experience ➢ 10 years of IT administration ➢ Five years hands-on, technical security experience
  • 10. CompTIA career pathway CompTIA certifications align with the skill sets needed to support and manage IT infrastructure. Enter where appropriate for you. Consider your experience and existing certifications or course of study.
  • 12. How industry changes affected the exam objectives  Expanded cloud security architecture, engineering and operations tasks in hybrid environments.  More GRC techniques to prove an organization’s overall cybersecurity resiliency against the next attack; this skill is very important for regulations (such as PCI-DSS, NIST, HIPPA), which recommend or require a cybersecurity resiliency score. More foundational GRC concepts were removed and are taught earlier in the cybersecurity career pathway (Security+).  More focus on senior security engineering tasks and security architecture.  Redistribution of the previous research development and collaboration domain into multiple domains, wherever R&D and collaboration were applied. CASP+ qualifies advanced skills required of security architects and senior security engineers to effectively design, implement and manage cybersecurity solutions on complex enterprise networks. 80% of topics are similar, and 20% have been updated to include:
  • 13. Exam objectives: What’s new?  Exam purpose and audience are similar  Fewer domains: 4 versus 5  More objectives: 28 versus 19 due to break down of larger CAS-003 objectives into multiple objectives to improve instructional design  Reduced page count: one fewer page of material due to removal of outdated tech, reorganization and topic updates
  • 14. Exam domains: What's new? CAS-004 CAS-003 Exam domains % Exam domains % 1.0 Security architecture 29% 2.0 Enterprise security architecture 25% 2.0 Security operations 30% 3.0 Enterprise security operations 20% 3.0 Security engineering and cryptography 26% 4.0 Technical integration of enterprise security 23% 4.0 Governance, risk and compliance 15% 1.0 Risk management 19% Redistributed R&D across domains as needed 5.0 Research, development and collaboration 13%
  • 15. 1.0 Security architecture CAS-004 New objectives 1.1 Given a scenario, analyze the security requirements and objectives to ensure an appropriate, secure network architecture for a new or existing network. 1.2 Given a scenario, analyze the organizational requirements to determine the proper infrastructure security design. 1.3 Given a scenario, integrate software applications securely into an enterprise architecture. 1.4 Given a scenario, implement data security techniques for securing enterprise architecture. 1.5 Given a scenario, analyze the security requirements and objectives to provide the appropriate authentication and authorization controls. 1.6 Given a set of requirements, implement secure cloud and virtualization solutions. 1.7 Explain how cryptography and public key infrastructure (PKI) support security objectives and requirements. 1.8 Explain the impact of emerging technologies on enterprise security and privacy.
  • 16. 2.0 Security operations CAS-004 New objectives 2.1 Given a scenario, perform threat management activities. 2.2 Given a scenario, analyze indicators of compromise and formulate an appropriate response. 2.3 Given a scenario, perform vulnerability management activities. 2.4 Given a scenario, use the appropriate vulnerability assessment and penetration testing methods and tools. 2.5 Given a scenario, analyze vulnerabilities and recommend risk mitigations. 2.6 Given a scenario, use processes to reduce risk. 2.7 Given an incident, implement the appropriate response. 2.8 Explain the importance of forensic concepts. 2.9 Given a scenario, use forensic analysis tools.
  • 17. 3.0 Security engineering and cryptography CAS-004 New objectives 3.1 Given a scenario, apply secure configurations to enterprise mobility. 3.2 Given a scenario, configure and implement endpoint security controls. 3.3 Explain security considerations impacting specific sectors and operational technologies. 3.4 Explain how cloud technology adoption impacts organizational security. 3.5 Given a business requirement, implement the appropriate PKI solution. 3.6 Given a business requirement, implement the appropriate cryptographic protocols and algorithms. 3.7 Given a scenario, troubleshoot issues with cryptographic implementations.
  • 18. 4.0 Governance, risk and compliance CAS-004 New objectives 4.1 Given a set of requirements, apply the appropriate risk strategies. 4.2 Explain the importance of managing and mitigating vendor risk. 4.3 Explain compliance frameworks and legal considerations, and their organizational impact. 4.4 Explain the importance of business continuity and disaster recovery concepts.
  • 19. CASP CAS-004 exam information Item Description Exam code CAS-004 Release date October 6, 2021 Availability Worldwide Testing provider Pearson VUE Testing Centers and OnVUE Question Types Performance based (simulated with virtual coming soon) and multiple choice No. of Questions Maximum of 90 questions Length of Test 165 minutes Passing Score 750 (on a scale of 100-900) Languages English, others to follow Recommended Experience A minimum of ten years of general hands-on IT experience, with at least five years of broad hands-on security experience Accreditation ISO/ANSI 17024 approved; U.S. DoD 8140/8570.01-M approved
  • 21. Get certified with Infosec Skills Train for your CompTIA certification with Infosec Skills: Infosec Skills subscription: ➢ 130+ role-based learning paths (e.g., ITF+, A+, Network+, Security+, CySA+ PenTest+, CASP+) ➢ 100s of hands-on labs in cloud-hosted cyber ranges ➢ Custom certification practice exams and skill assessments Infosec Skills live boot camp: ➢ Live, instructor-led training (in-person or live online) ➢ Certification exam voucher ➢ 90 day extended access to recordings of daily lessons, plus all materials in Infosec Skills ➢ Exam Pass Guarantee infosecinstitute.com/skills
  • 22. Get certified with Infosec Skills And the winner for a one-year subscription to Infosec Skills is … infosecinstitute.com/skills (Valued at $299)
  • 24. About us Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. www.infosecinstitute.com