Security Focused: CompTIA’s CASP Vs. CISSP

By | March 13, 2014

casp, cissp, comptia advanced security, it certification examsAs Information Security industry is more on the rise now than ever before, it’s time we take a closer look at the most popular advanced security certifications. Today we focus on CASP (The CompTIA Advanced Security Practitioner) Certification and the way it fits into the whole security certifications map. Simply speaking, should you opt for it, or go for something else?

While Cisco is now redesigning and re-adjusting its Security track, it does not compete with CASP that much. The way the way Cisco and CompTIA certifications compare remains the same: Cisco certifications are vendor-based, and focus entirely on Cisco solutions and technology. CompTIA certifications, on the other hand, are vendor-neutral, and focus on the general security approaches, technologies and solutions. So, CASP’s direct competition would be CISSP (which was one of the best paid IT certifications last year by the way), and not Cisco. But before comparing CASP to CISSP further, let’s take a closer look at this CompTIA certification and the exam it requires.

The CompTIA Advanced Security Practitioner (CASP) Certification And Exam

Like other CompTIA credentials, the Advanced Security Practitioner (CASP) Certification is vendor-neutral. While it does not have any formal prerequisites, it requires candidates to have 10+ years of experience. This is a way more advanced step after the CompTIA Security+ certification.

The CASP exam is an internationally targeted validation of advanced-level security skills and knowledge. As mentioned earlier, the CASP certification is intended to follow CompTIA Security+ or equivalent experience and has a technical, hands-on focus at the enterprise level.

The CASP exam validates that the successful candidate has the technical knowledge and skills required to conceptualize, design, and engineer secure solutions across complex enterprise environments. Successful candidates apply critical thinking and judgment across a broad spectrum of security disciplines to propose and implement solutions that map to enterprise drivers.

The CASP exam consists of 80 queries covering the following areas:

  • Enterprise Security
  • Risk Mgmt, Policy/Procedure and Legal
  • Research & Analysis
  • Integration of Computing, Communications, and Business Disciplines

Detailed CASP exam blueprint can be downloaded from the CompTIA website.

So how does CASP compare to CISSP? The latter is widely recognized, and is often considered to be the global standard for security professional certifications. Many IT professionals choose CISSP as it’s perceived to carry more weight and be more popular among employers.

This is partially explained by the fact that CISSP has been around much longer that CASP, but also by the fact that the CISSP exam is much longer and significantly harder, as many experts state. CISSP exam is 6 hour long and consists of 250 queries (CASP exam consists of 80 queries and lasts 2 hours). Candidates are also required to have verified prior experience, and, after they pass the exam, they need to acquire a written authorization from someone who holds the certification and thinks they’re worthy of holding the certification.

So what are the benefits of CompTIA’s Advanced Security Practitioner (CASP) certification? The US Department of Defense has recognized CASP as certification required for its employees at a IAT-3 or IAM-2 level. While it’s evident that CISSP certification is more comprehensive and offers more knowledge about information security. Yet, CompTIA’s CASP has its clear benefits (easier and cheaper exam, no formal prerequisites, easier to obtain, no written recommendations required, etc) and can be a huge career booster for experienced IT security professionals in the government structures and business enterprises alike.

Leave a Reply