From the course: CompTIA Advanced Security Practitioner (CASP+) (CAS-004) Cert Prep

About the exam

From the course: CompTIA Advanced Security Practitioner (CASP+) (CAS-004) Cert Prep

Start my 1-month free trial Buy for my team

About the exam

- The CompTIA Advanced Security Practitioner exam consists of four domains or areas of knowledge that you're going to receive questions on when you sit for your certification exam. Domain 1 is security architecture, and it makes up 29% of your exam questions. This domain is focused on your ability to integrate network and security components, as well as the implementation of security controls for hosts, mobile devices, and small-form factor devices. Domain 2 is security operations, and it makes up 30% of your exam questions. This domain is focused on your ability to conduct threat management and vulnerability management activities, your ability to implement incident response and recovery procedures, and how you might conduct security assessments using appropriate tools. Domain 3 is security engineering and cryptography, and it's going to make up 26% of your exam questions. This domain is focused on your ability to integrate hosts, storage, network, and applications into a secure enterprise architecture using on-premise, cloud, virtualization, and cryptographic technologies. Domain 4 is governance, risk, and compliance, and it makes up 15% of your exam questions. This domain is focused on your ability to analyze security risks and frameworks that come along with the specific industry threats and organizational requirements as you're executing your risk management strategies. Now in this course, we're going to be focusing exclusively on "Domain 1: Security Architecture." So remember to complete all four courses in this series before you take your CASP+ exam. Now, Domain 1 has eight main objectives that we're going to fully explore within this course. First, we have objective 1.1, which states that given a scenario, you must analyze the security requirements and objectives to ensure an appropriate secure network architecture for a new or existing network. Second, we have objective 1.2, which states that given a scenario, you must analyze the organizational requirements to determine the proper infrastructure security design. Third, we have objective 1.3, which states that given a scenario, you must integrate software applications securely into an enterprise architecture. Fourth, we have objective 1.4. This states that given a scenario, you must implement data security techniques for securing enterprise architectures. Fifth, we have objective 1.5, which states that given a scenario, you must analyze the security requirements and objectives to provide the appropriate authentication and authorization control. Sixth, we have objective 1.6, which states that given a set of requirements, you must implement secure cloud and virtualization solutions. Seventh, we have objective 1.7, which states that you must explain how cryptography and public key infrastructure, or PKI, is going to support security objectives and requirements. And eighth, we have objective 1.8, which states that you must explain the impact of emerging technologies on enterprise security and privacy. Now, as we go through this domain, we're not going to be covering these objectives in the same order as they're presented on the CompTIA official exam objectives, which you can download from lesson two of this course. But instead, we're going to cover each of them throughout the course in a more logical order for you to learn the concepts. At the beginning of each section, I'm going to state which objectives are going to be covered in the videos for that section of the course, and each video is going to be titled with the objective listed in parentheses after its name for easy reference. This way, you can study a particular objective or concept if you need to before your exam. Now on test day when you sit down to take the exam, you're going to be getting a mixture of questions from across all four domains and their objectives. Also, some exam questions might even combine objectives from different domains into a single question to test your knowledge more in depth. When you sit down to take the CASP+ certification at the testing center or online using the web proctoring service, you're going to have 165 minutes to answer up to 90 questions. For the most part, you're going to be answering multiple choice questions, but you're also going to have a few multiple select questions where they ask you to pick two or three correct answers for a given question. And you're also going to have a handful of performance-based questions too. These PBQs, or simulations, as a lot of students like to call them, will require you to perform some kind of on-the-job function in a simulated environment. For example, the exam might ask you to create a few firewall rules to block or allow certain ports into a given network, and then you're going to use your mouse or keyboard to be able to go and perform those actions on a simulated firewall using a graphical user interface. Or, they might ask you to select the proper risk controls to apply to a given server in order to mitigate some vulnerabilities or risks that are found on that machine. And you'll do this by dragging and dropping different items from a list of mitigations onto the appropriate server. Now, don't worry too much about the simulations just yet though. I'm going to make sure you're well prepared for them before you sit down for the real certification exam by covering all the concepts needed to answer these type of questions during our time together. Now, as far as the number of questions you're going to get on exam day, you may have noticed that I said up to 90 questions. In truth, you're going to receive somewhere between 70 and 90 questions. If you get more simulations, you're going to get less multiple choice questions, and vice versa. Now, most candidates are going to see between 3 and 5 simulations on the exam, and roughly 75 to 85 multiple choice questions come exam day. Also, when you take the exam, those simulations will be the first 3 to 5 questions you receive on the exam, and the rest of the exam will contain the multiple choice or multiple select questions. Now, the CASP+ exam, unlike other CompTIA certification exams, does not provide you with a numerical score on your exam. Instead, you're going to receive a grade of either pass or fail with no scaled scoring being given to you once you finish the exam. That said, to pass the exam, you need to score roughly about an 80 to 85%, or higher on test day. Now, to take the exam, you do have to pay an exam fee to cover the cost of testing, and you do this by purchasing an exam voucher. You can do this by going to store.comptia.org, and buying it from their web store. In the CompTIA store, you're going to be seeing vouchers that cost about 450 to $500, but this does vary depending on where you live in the world because CompTIA uses regional vouchers and location-based pricing. Now, if you'd like to save a little bit of money on your exam voucher, you can do that by going to diontrain.com/vouchers, and purchase your voucher directly from us. Because we're a certified platinum-level CompTIA delivery partner, and we help tens of thousands of students every year pass their CompTIA exams, they provide us with a discount rate for the exam vouchers, and we pass the savings onto our students. So, if you take that one extra step of going to diontrain.com/vouchers to purchase your exam voucher from us, you're going to save an extra 10% or so off the regular price, and you're going to receive access to our searchable video library that you can use for your last minute studying before you take your exam as a free bonus. Now, with all the basics out of the way, let's get started learning all about "Domain 1: Security Architecture" in this CASP+ course. (upbeat music)

Contents