CompTIA SecurityX (CAS-005) Online Training & Certification Prep
CompTIA SecurityX (formerly CASP+) is the expert-level, vendor-neutral certification for senior security architects, engineers, and practitioners who design and implement enterprise security solutions — not just advise on them. Boost eLearning's CAS-005 course combines advanced technical curriculum with Live Labs and Certified Partner instructors, backed by our Pass Guarantee.
Course Overview
CompTIA SecurityX (exam code CAS-005) is the successor to CompTIA CASP+ and sits at the apex of the CompTIA cybersecurity certification pathway. It targets senior security practitioners — architects, engineers, and technical leads — who are responsible for designing, implementing, and integrating security solutions across complex enterprise environments, rather than managing teams or setting policy at an executive level.
CAS-005 is structured around four high-level domains: Security Architecture, Security Engineering, Security Operations, and Security Program Management and Oversight. Each domain is tested entirely through performance-based questions — there are no multiple-choice items. Candidates must demonstrate the ability to analyse ambiguous scenarios, make defensible technical decisions, and communicate rationale, replicating the cognitive demands of senior practitioner roles.
The CAS-005 content reflects the current enterprise security landscape: zero-trust architecture design, secure cloud-native and hybrid infrastructure, DevSecOps pipeline integration, advanced threat hunting and incident response, supply chain risk management, and governance alignment with NIST CSF 2.0, ISO 27001, and applicable regulatory frameworks. The curriculum does not assume a single vendor stack — solutions are evaluated and compared across the market.
Boost eLearning’s SecurityX course is delivered by Certified Partner instructors with senior security architecture and engineering backgrounds. Boost Live Labs are integral to the course: students configure zero-trust network segments, deploy SIEM and SOAR integrations, analyse real threat intelligence, and work through incident response simulations — skills that are examined directly in CAS-005’s performance-based format.
SecurityX is DoD 8140-approved for IAT Level III and IAM Level III roles. It is the highest-level technical cybersecurity certification CompTIA offers and is designed to remain current through CompTIA’s CE (Continuing Education) programme rather than requiring a retest cycle.
What You'll Learn
- Design zero-trust network architectures for enterprise environments, including microsegmentation, identity-aware proxies, and continuous verification
- Architect and implement secure cloud-native, hybrid, and multi-cloud infrastructure across AWS, Azure, and GCP
- Integrate security controls into DevSecOps pipelines including SAST, DAST, SCA, and container image scanning
- Design cryptographic solutions appropriate to data classification, compliance requirements, and quantum-resistance considerations
- Lead incident response operations for advanced persistent threat (APT) scenarios including threat hunting, forensic triage, and stakeholder communication
- Evaluate and select security tooling (SIEM, SOAR, EDR, UEBA, NDR) based on technical requirements and integration constraints
- Assess and manage supply chain security risk across third-party software, hardware, and managed service providers
- Align security programme design to NIST CSF 2.0, ISO 27001, SOC 2, PCI DSS, and sector-specific regulatory frameworks
- Perform threat modelling (STRIDE, PASTA, MITRE ATT&CK) for complex system architectures and translate outputs into security controls
- Communicate technical security decisions and risk acceptance rationale to executive and board-level stakeholders
- Evaluate identity and access management architectures including federation, SCIM provisioning, PAM, and passwordless authentication
Who This Course Is For
- Senior security engineers and architects designing enterprise security solutions
- Security operations leads transitioning into architecture or engineering roles
- Technical security practitioners targeting DoD 8140 IAT Level III or IAM Level III compliance
- Security consultants and principal advisors who need a vendor-neutral expert credential
- CompTIA CISSP-track professionals seeking a technically rigorous alternative or complement to management-focused certifications
- Cloud and DevOps engineers taking on security architecture responsibilities in their organisations
Course Outline
- Zero-trust architecture: NIST SP 800-207 principles, pillars, and maturity model
- Microsegmentation strategies: network-based, host-based, and workload-based
- Identity-aware proxy and software-defined perimeter (SDP) design
- SASE and SSE architecture components and vendor evaluation
- Secure network architecture patterns for hybrid and multi-cloud environments
- CAS-005 exam format: fully performance-based, question types, and time management
- Cloud shared-responsibility model applied to architecture decisions
- Cloud security posture management (CSPM) and cloud workload protection (CWPP)
- IAM design for AWS, Azure, and GCP: least privilege, role hierarchies, federated identity
- Container security: image hardening, registry scanning, Kubernetes RBAC and network policies
- Serverless and microservices security patterns
- Data security in cloud: encryption at rest/transit, KMS, tokenisation, DLP controls
- Algorithm selection: symmetric, asymmetric, hashing, and MAC u2014 current standards and deprecation timeline
- PKI architecture: root CA, intermediate CAs, certificate lifecycle, and auto-renewal
- HSM integration and key escrow considerations
- Quantum-resistant cryptography: NIST PQC standards (CRYSTALS-Kyber, CRYSTALS-Dilithium) and migration planning
- TLS 1.3 configuration, HSTS, certificate transparency, and OCSP stapling
- Integrating security into CI/CD pipelines: GitHub Actions, GitLab CI, and Jenkins security plugins
- SAST tools: Semgrep, SonarQube, Checkmarx u2014 integrating into pull request gates
- DAST and IAST: OWASP ZAP, Burp Suite Enterprise in automated pipelines
- Software composition analysis (SCA) and SBOM generation (SPDX, CycloneDX)
- Secrets management: HashiCorp Vault, AWS Secrets Manager integration patterns
- Container image scanning and runtime security (Trivy, Falco, Sysdig)
- Enterprise IAM architecture: LDAP, Active Directory, Azure AD/Entra ID, and Okta federation
- SAML 2.0, OAuth 2.0, and OpenID Connect: protocol mechanics and implementation pitfalls
- SCIM provisioning and JIT access patterns
- Privileged Access Management (PAM): CyberArk, BeyondTrust, and vault-based credential management
- Passwordless authentication: FIDO2/WebAuthn, passkeys, and enterprise rollout considerations
- MFA architecture: TOTP, push-based, hardware tokens, and phishing-resistant MFA
- MITRE ATT&CK framework: navigating the matrix, mapping detections, and measuring coverage
- SIEM architecture and log source onboarding: Splunk, Microsoft Sentinel, and Elastic SIEM
- Writing detection rules: Sigma rules, KQL, and SPL for common ATT&CK techniques
- SOAR platform design: playbook architecture, integration patterns, and human-in-the-loop workflows
- Threat intelligence operationalisation: STIX/TAXII feeds, TIP integration, and IOC lifecycle management
- Threat hunting hypothesis-driven methodology and operational cadence
- IR lifecycle: preparation, identification, containment, eradication, recovery, lessons learned
- Digital forensics fundamentals: chain of custody, disk imaging, memory acquisition
- Ransomware incident response: isolation, negotiation decisions, recovery orchestration
- APT investigation: lateral movement detection, persistence mechanism identification, timeline reconstruction
- Tabletop exercise design and execution for executive and technical stakeholders
- Regulatory notification timelines: GDPR 72-hour rule, SEC incident disclosure requirements
- NIST CSF 2.0: governance function and updated framework tiers and profiles
- ISO 27001:2022 Annex A controls: key changes and implementation
- Supply chain risk management (SCRM): NIST SP 800-161 Rev. 1, software supply chain attacks
- Third-party risk management: vendor assessment, contractual security requirements, continuous monitoring
- Risk quantification: FAIR methodology and communicating residual risk to the board
- CAS-005 PBQ walkthroughs, exam strategy, and full timed practice assessment session
About the Certification Exam
- Exam code
- CAS-005
- Length
- 165 minutes
- Questions
- Maximum 90 questions (performance-based questions only u2014 no multiple-choice)
- Passing score
- Pass/Fail (CompTIA does not publish a numeric cut score for CAS-005; scoring is criterion-referenced)
- Exam cost
- ~$509 USD
- Where
- Pearson VUE test centres or online remote proctoring
The certification exam fee is paid separately to the testing provider and is not included in the course price unless stated otherwise.
Live Labs Included
Hands-on practice on real environments
This course includes Live Labs — direct access to real hardware and cloud environments so you build the skills the exam actually tests.
- Array
- Array
- Array
- Array
- Array
- Array
Pass Guarantee Included
Complete this course and if you don't pass the certification exam on your first attempt, we'll refund your course fee or give you a free retake — your choice.
