CompTIA AuthorisedExpert · ArchitectureCAS-005 · 2026DoD 8140 III Approved
CompTIA SecurityX CAS-005 (Expert)
The advanced practitioner certification for security architects and senior engineers — enterprise security architecture, risk management, governance and integration of emerging technologies.
⏱Duration: 5 days / 40 hrs
💻Format: Instructor-Led + Architecture Studio
🌐Delivery: On-site · Virtual · Hybrid
✅Pass rate: 92%
📅Next intake: 19 May 2026
🏛️
Enterprise architecture
Design layered defence across hybrid, multi-cloud and OT/ICS
⚖️
Governance & risk
Policy, ISO 27001, NIST CSF and supply-chain risk frameworks
🔐
Security engineering
IAM federation, PKI, cryptographic implementation choices
📝
Performance-based depth
CAS-005 is heavy on PBQs — we drill them harder than anyone
What this course is
Where security stops being the SOC.
SecurityX (CAS-005, formerly CASP+) is CompTIA's most advanced practitioner credential — the cert that proves you can design, govern and integrate security across an entire enterprise, not just operate it from a console.
At Nexperts, SecurityX is delivered in our architecture studio. Each day blends a deep technical session with a real architectural decision — designing IAM federation across two M&A entities, hardening an OT segment, picking the right crypto for a regulated workload, building a third-party risk register.
SecurityX is not a 'study harder' cert. It is a 'think harder' cert. The exam wants you to design — not recall — controls that hold up at audit.
The 2026 SecurityX (CAS-005) update doubled down on cloud-native security, supply-chain risk, AI/ML security overlays and OT/ICS integration. We cover all four with hands-on architectural decisions.
Who should take this course
🏛️
Senior security engineers
5+ years in security ready to step up to architecture and senior-engineering roles.
🔐
Security architects
Already designing controls, want the formal expert credential and the architectural toolkit.
💼
Security managers
Owning security outcomes for a business unit. SecurityX sharpens the architectural lens.
📚
CISO-track candidates
On the path to leadership. SecurityX + CISM or CISSP is the strongest mid-career duo.
🌟
Security+ / CySA+ veterans
Several years of operational experience. SecurityX is the senior-level next step.
🌈
DoD / federal contractors
SecurityX is approved under DoD 8140 III — mandatory in many federal and contractor roles.
Prerequisites
✓ 10 years general IT experience with 5 years in security (CompTIA recommendation)
✓ CompTIA Security+ and CySA+ or PenTest+ strongly advised
✓ Working knowledge of cloud (AWS / Azure) and on-prem environments
✓ Comfortable with risk frameworks (NIST, ISO 27001) at conceptual level
→ Don't meet the experience bar yet? Ask about our CySA+ → SecurityX bridge programme.
Course Curriculum
Four domains. One architect's toolkit.
SecurityX is structured into Governance / Risk / Compliance, Security Architecture, Security Engineering, and Security Operations. We deliver in architectural-decision order, so each module ends with a real design exercise.
Hands-On Architecture Studio
9 design sessions. Real enterprise scenarios.
SecurityX labs are architectural decision sessions. You receive a real-world brief, deliver a design under timer, and defend it in a peer-review session led by the instructor.
01
Third-Party Risk Register
Build a third-party risk register for 12 vendors with realistic supply-chain exposure.
GRC
02
Zero Trust Overlay
Design a Zero Trust overlay for an enterprise spanning HQ + 4 regions + cloud.
Architecture
03
Cloud Migration Risk Review
Review a cloud-migration plan. Identify the security risks. Propose mitigations.
Cloud
04
OT Network Segmentation
Design segmentation for a manufacturing OT/ICS environment with Purdue-model overlay.
OT
05
Identity Federation Design
Design federated SSO for a post-merger entity with two legacy directories.
Identity
06
PKI Modernisation
Replace a legacy 2010-era PKI with a modern hierarchy and quantum-readiness path.
Lead a 90-minute tabletop on a multi-region ransomware incident with executive press loop.
IR
09
Architecture Review Board
Defend your portfolio of designs in a peer architecture-review board.
Review
+ 11 micro-tasks. All architectural designs reviewed and annotated by the instructor.
Exam Information
One exam. Loaded with PBQs.
SecurityX (CAS-005) is up to 90 questions over 165 minutes. The exam is dense with performance-based questions and multi-step scenarios that require architectural decision-making, not recall.
CompTIA SecurityX (CAS-005) Exam
QuestionsUp to 90 (heavy PBQ + scenario)
Duration165 minutes
Passing scorePass / Fail (no scaled score)
FormatPearson VUE / Online proctored
Validity3 years (CE renewal)
Industry avg pass rate~64% first attempt
Nexperts pass rate92% first attempt
Architectural Decision Drill
Drill length6-hour structured drill
FormatWhiteboard — you design, peers review
Items practised20 architectural decisions
Common gotchasChoosing 'good' over 'best' in trade-off questions
StrategyRead the constraints before the technologies
End of day 1. Maps weak knowledge areas. Average score: 54%.
02
PBQ-Heavy Mock
Mid-course. 60% PBQs and architectural scenarios. Average score: 70%.
03
Final Clearance
Full timed simulation. Pass-grade clearance before booking. Average score: 82%.
0%
Pass Rate
92% of our SecurityX candidates pass on first attempt.
SecurityX has the toughest content of any CompTIA cert. The global first-attempt rate sits around 64%. We hit 92% by spending two-thirds of class time on architectural decision-making, not slide review.
Architecture studio20 design drills92% first attemptFree retake voucherDoD 8140 III approved
Why our pass rate is 92%
Industry average: ~64%
Most candidates revise the technology stack but never practise architectural decision-making under timer. The exam asks them to weigh trade-offs in 60 seconds, and they freeze.
Nexperts: 92%
We run an architecture studio. You design under timer. You defend under peer review. By exam day, decision-making feels routine.
Your Senior-Security Path
SecurityX is the senior practitioner credential.
SecurityX stacks with CISM or CISSP for the management lens, or pivots into specialty paths in cloud security (CCSP) or AI security (SecAI+).
Before this
Security+ + CySA+ + experience
SecurityX assumes 5+ years in security. You'll have the foundations.
Expected salary range after SecurityX: RM 14,000 – RM 22,000/month for senior security architect and lead security engineer roles.
Student Reviews
What our SecurityX graduates say.
4.7
★★★★★
84 reviews
5★
80%
4★
17%
3★
3%
★★★★★
"Toughest CompTIA cert by a mile, and Nexperts treats it that way. The architecture studio approach is genuinely the best cert prep I've experienced."
DR
Daniel Rajan
Lead Security Engineer · Maybank
✓ Passed first attempt
★★★★★
"Came in as a Security+ holder with 6 years experience. SecurityX showed me how much I'd been operating tactically without the architectural lens. Career-defining course."
NA
Nor Aishah
Senior Security Architect · PETRONAS Digital
✓ Passed first attempt
★★★★
"The OT/ICS segmentation lab was the highlight. Most security courses ignore OT completely. We took the Purdue-model patterns straight back to my company's manufacturing arm."
KW
Khairil Wan
Security Manager · Sime Darby Plantation
✓ Passed first attempt
★★★★★
"Mock-3 simulation was harder than the real exam. The architecture review board peer session was uncomfortable in the best possible way. Cleared the exam first attempt."
BH
Brendan Heng
Cybersecurity Architect · IHH Healthcare
✓ Passed first attempt
Copy page link
Share this course page with your team or save the URL for later.
