Other 2.0 sections had minor changes. The existing risk mitigation section (2.3) picked up a Data Loss Prevention (DLP) topic as a technology control. The existing security training section (2.6) picked up topics on role-based training and training metrics to validate compliance and security posture.
CompTIA released the CompTIA Advanced Security Practitioner certification on September 15, 2011. "The CompTIA Advanced Security Practitioner (CASP) Certification is a vendor-neutral credential. The CASP certification is intended to follow CompTIA Security+. The CompTIA Advanced Security Practitioner certification was accredited by the (ISO) and the (ANSI) on December 13, 2011. The CASP exam will certify that the successful candidate has the technical knowledge and skills required to conceptualize, design, and engineer secure solutions across complex enterprise environments. The CompTIA Advanced Security Practitioner (CASP) Certification is aimed at an IT security professional who has a minimum of 10 years' experience in IT administration including at least 5 years of hands-on technical security experience. "
CompTIA first used performance based testing in the CompTIA Advanced Security Practitioner (CASP) exam when it was released in beta format. It has continued to be a part of the CASP exam since.