CompTIA Advanced Security Practitioner (CASP+)(CAS-004)

CISSP’ or the ‘Certified Information Systems Security Professional’, CISM or the ‘Certified Information Systems Auditor’, CASP or the ‘CompTIA Advanced Security Practitioner’ and CCISO or ‘Certified Chief Information security officer’ are all Information security domain’s leading certifications.

CISSP:

‘CISSP’ or the ‘Certified Information Systems Security Professional’ from (ISC)² is the ultimate certification that all cybersecurity professionals aim to achieve in their career. Earning the CISSP demonstrates that you have the capability to “effectively design, implement and manage a best-in-class cybersecurity program” (CISSP – The World’s Premier Cybersecurity Certification)

The CISSP exam covers almost every aspect of Information security in a broad way. It is popularly referred to as the certification that is “a mile wide and an inch deep”!! The CISSP is a much more technical and operational certification than other certifications.

In order to pass the CISSP exam, the candidate needs to have mastery of the following eight domains to pass the exam.

1. Security and Risk Management Domain
2. Asset Security Domain
3. Security Architecture and Engineering Domain
4. Communication and Network Security Domain
5. Identity and Access Management (IAM) Domain
6. Security Assessment and Testing Domain
7. Security Operations Domain
8. Software Development Security

CCISO

The ‘Certified Chief Information Security Officer’or CCISO program is a leadership program designed by EC-Council. It is aimed at promoting middle level cyber security professionals to Executive leaders. It is also aimed at Executive leaders to sharpen their skills. It is a natural progression after the CISSP certification for all CISO’s and aspiring CISOs.

Domains:

There are five domains in the CCSIO program

1. Governance and risk management
2. Information Security Controls, Compliance and Audit management
3. Security Program management and operations
4. Information Security core competencies
5. Strategic planning, finance, procurement and vendor management

CISM:

The ‘Certified Information Security Manager’ from ISACA is for Information security professionals who would like to move from being a team player in the InfoSec domain to a manager.  Unlike, the CISSP, the CISM is a management focused exam and enables InfoSec professionals to move from the technical realm into management.

The average salary of CISM certified professionals in the US is $118K.

“CISM is accredited by the American National Standards Institute (ANSI) under ISO/IEC 17024:2012” (Take your career to the next level – with CISM) 

Domains in the CISM exam:

There are four domains in CISM exam and they are much more focused than the CISSP. They are:

1. Information Security Governance (24%)
2. Information Risk Management (30%)
3. Information Security Program Development and Management (27%)
4. Information Security Incident and Management (19%)

The CASP+ certification is compliant with ISO 17024 standards and approved by the US DoD(Department of Defense) to meet directive 8140/8570.01-M requirements.

Job roles that require CASP+:

While the CASP+ certification would benefit all professionals in the InfoSec domain, the following job roles definitely require CASP+:

1. Security architect
2. Technical lead analyst
3. Application Security Engineer
4. Security Engineer