✓  Identify various types of threats, attacks, and vulnerabilities, including malware, social engineering, and application attacks.

✓  Utilize security technologies and tools, such as firewalls, intrusion detection systems, and endpoint security, to protect systems.

✓  Design secure network architectures, implement secure systems, and apply secure protocols for architecture and design.

✓  Manage identity and access concepts, including authentication, authorization, and accounting, to ensure secure access control.

✓  Assess and manage risk through risk analysis, mitigation strategies, and business continuity planning.

✓  Apply cryptography concepts, including encryption algorithms, public key infrastructure (PKI), and digital signatures, to secure data.

✓  Implement compliance and operational security measures, including security policies, procedures, and best practices.

• Exam version: V5

• Exam series code: CAS-005

• Launch date: December 17, 2024

• Number of questions: maximum of 90, a mix of multiple-choice and performance-based questions

• Retirement: usually three years after launch (estimated 2027)

• Duration: maximum of 165 minutes

• Passing score: pass/fail only; no scaled score

• Languages: English, with other languages to be determined

• Recommended experience: minimum of 10 years of general hands-on IT experience, including 5 years of hands-on security, with Network+, Security+, CySA+, Cloud+, and PenTest+ or equivalent knowledge

• NICE and DoD 8140 work roles: security architect, systems requirements planner, security control assessor, research and development specialist, and more