At a glance, the CASP+ and CISSP certifications are similar to a large extent. The truth is that they are not interchangeable, due to different objectives and somewhat disparate career paths. However, both certifications prove that the candidate has technical and advanced-level skills to maintain the security of information systems and networks.

The CISSP certification features additional skills used to perform identity and access management (IAM), security assessment and testing, and software development authority. CASP+ covers two unique areas of information security, including technical integration of enterprise security and research, development and collaboration. These are not included in the CISSP.

In this article, we’ll take a deep dive into both certifications and try to understand the nuances of the CASP+ and CISSP certifications. We’ll look at the similarities and differences between the two, as well as how to know which certification is the best fit for you.

The difference in job roles

On its face, CISSP supports more job roles than the CompTIA CASP+. The following table includes a breakdown of the different job roles between the two.

Network architectSecurity architect
Security consultantApplication security engineer
Security architectTechnical lead analyst
Security auditorSecurity engineer
Security manager
Security analyst
Security systems engineer
IT director/manager
Director of security
Chief information officer
Chief information security officer

CASP+ objectives (domains) and CISSP Common Body of Knowledge (CBK)

Whether they are objectives/domains or a Common Body of Knowledge (CBK), there is no serious difference between the two, as both terms cover the exam topics.

CompTIA CASP+ domains

DomainExam Percentage
1 — Risk Management19%
2 — Enterprise Security Architecture25%
3 — Enterprise Security Operations20%
4 — Technical Integration of Enterprise Security23%
5 — Research, Development and Collaboration13%

CISSP CAT Common Body of Knowledge (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Fakhar Imam. Read the original post at: