+ Reply to Thread
Results 1 to 19 of 19
  1. Senior Member Mike-Mike's Avatar
    Join Date
    Aug 2010
    Location
    Louisville, KY
    Posts
    1,848

    Certifications
    CISSP, HDI-SCA, ITIL V3 Foundations, A+, Network+, Security+, MCP, MCDST, CCENT, CCNA, Project+, CCNA Security, MCTS: Windows 7 Config, CEH, CHFI
    #1

    Default CASP vs ECSA vs CISA?

    I have a chance for work to pay for a bootcamp for security cert. The ones that fit schedule/price the best are CASP or ECSA or CISA?


    I realize this is vague questioning, but which has the most skill benefit? The cert ROI isn't really relevant since I'm not paying for it, and I dont see me changing jobs anytime soon. I'm looking for the one that will teach me the most that can be applicable to my Security Analyst role, which is pretty much all facets of Security for the company.


    I'm leaning towards CASP or ECSA, even though I think CISA is the more respected cert, but I dont know what kind of hands on skills I will learn from it
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member danny069's Avatar
    Join Date
    Nov 2012
    Location
    NYC
    Posts
    999

    Certifications
    A+, Security+, ACMT, CASP, CEH, CCNA R&S, A.S. & B.S. Cyber Security Systems/Digital Forensics, M.S. Cyber Security
    #2
    I would go for the CISA if I were you. It comes up in job searches more often and probably more expensive training.
    Reply With Quote Quote  

  4. Senior Member Mike-Mike's Avatar
    Join Date
    Aug 2010
    Location
    Louisville, KY
    Posts
    1,848

    Certifications
    CISSP, HDI-SCA, ITIL V3 Foundations, A+, Network+, Security+, MCP, MCDST, CCENT, CCNA, Project+, CCNA Security, MCTS: Windows 7 Config, CEH, CHFI
    #3
    Well I agree to an extent, but I think you missed my point...

    I like my company - location, job, pay, all things are pretty great

    I'm not paying for it, so the expense doesn't really matter, unless I just want to juice my company for as much as possible. But I dont, any money saved there will just go to more training for me later, or something I need, equipment, etc.... And I have only been here a few months, and this is my first official Security gig, so I'm more interested in security skills than getting my resume noticed. I already get way more recruiter calls than I want as is, 15 years technical experience, AS, BS, MS, 22 certs... my phone rings all the time... in fact someone called while I typed this...

    point being, my pay is pretty good, I like my job and I just want to buckle down and get real skills, basically get as close as an expert as I can over the next few years here at this company. And there will be more money for training later.

    Unless I'm mistaken, I do not think the CISA is very technical right? After doing some quick googling, I think CASP is more overall Security and ECSA is more Pentesting. So I might be leaning CASP.

    but I don't have any of these certs, so I could be incorrect
    Reply With Quote Quote  

  5. Senior Member
    Join Date
    Jul 2015
    Location
    Island on the other side of Pacific pond
    Posts
    964

    Certifications
    C****, C***, C**
    #4
    IMO, CISA is auditing with technical knowledge while ECSA seems more focused on how to write pen test reports.
    You can try EC-Council Certified Security Analyst Assessment | EC-Council to get a feel of ECSA knowledge required.
    The CISA assessment is at http://www.isaca.org/certification/c...ssessment.aspx


    CASP may not be as well recognized; however it is being positioned for hands-on security practitioners and as an intermediate cert between Security+ and CISSP. You are right in that CASP is more overall security, and most of the domains overlaps with those in CISSP. In fact, I took both CASP and CISSP exams within weeks of each other. Main difference is the graphical and command line simulation questions in CASP, and more infosec management focus in CISSP.

    If you are looking for hands-on knowledge and possibly taking CISSP (if you have not) in future, I say go for CASP.
    Still undecided? Check out http://www.techexams.net/blogs/jdmur...xperience.html
    Last edited by Mike7; 10-01-2015 at 03:57 PM. Reason: Add ECSA assessment
    Reply With Quote Quote  

  6. Senior Member danny069's Avatar
    Join Date
    Nov 2012
    Location
    NYC
    Posts
    999

    Certifications
    A+, Security+, ACMT, CASP, CEH, CCNA R&S, A.S. & B.S. Cyber Security Systems/Digital Forensics, M.S. Cyber Security
    #5
    Yeah CISA is geared towards 'management' nothing technical. CASP (in wide mile deep) is an in depth version of Security+ (inch deep mile wide), if you wanted technical out of the three, it would be ECSA.
    Reply With Quote Quote  

  7. Senior Member
    Join Date
    Jul 2015
    Location
    Island on the other side of Pacific pond
    Posts
    964

    Certifications
    C****, C***, C**
    #6
    Besides, ECSA, there is also E|NSA (Network Security Administrator).

    The material covered (as per EC-Council Network Security Administrator Exam Information) seems to be for someone who is in charge of securing infrastructure and network.
    Reply With Quote Quote  

  8. Senior Member
    Join Date
    Jan 2012
    Posts
    101
    #7
    Why do people keep bringing up Ec-Council? They are a joke, a bad joke at that! There tests are pathetically easy, require no real world skills, and the company is so poorly ran is almost laughable. And this is coming from someone with two Ec-Council certs! Heck, what kind of SECURITY company reuses passwords AFTER they have been compromised? Ec-Council! On the topic at hand, CISA is about IT auditing, though it is very popular. Id recommend the CASP.

    So Who Hacked EC-Council Three Times This Week? ? InfoSec News
    Reply With Quote Quote  

  9. Senior Member danny069's Avatar
    Join Date
    Nov 2012
    Location
    NYC
    Posts
    999

    Certifications
    A+, Security+, ACMT, CASP, CEH, CCNA R&S, A.S. & B.S. Cyber Security Systems/Digital Forensics, M.S. Cyber Security
    #8
    CISA would be my first choice, then CASP, then ECSA.
    Reply With Quote Quote  

  10. Senior Member Mike-Mike's Avatar
    Join Date
    Aug 2010
    Location
    Louisville, KY
    Posts
    1,848

    Certifications
    CISSP, HDI-SCA, ITIL V3 Foundations, A+, Network+, Security+, MCP, MCDST, CCENT, CCNA, Project+, CCNA Security, MCTS: Windows 7 Config, CEH, CHFI
    #9
    Quote Originally Posted by Mike7 View Post
    Besides, ECSA, there is also E|NSA (Network Security Administrator).

    .
    That does look more like what I'm interested in, but that's not available from the training provider
    Reply With Quote Quote  

  11. Senior Member Mike-Mike's Avatar
    Join Date
    Aug 2010
    Location
    Louisville, KY
    Posts
    1,848

    Certifications
    CISSP, HDI-SCA, ITIL V3 Foundations, A+, Network+, Security+, MCP, MCDST, CCENT, CCNA, Project+, CCNA Security, MCTS: Windows 7 Config, CEH, CHFI
    #10
    Quote Originally Posted by jfitzg View Post
    Why do people keep bringing up Ec-Council? They are a joke, a bad joke at that! There tests are pathetically easy, require no real world skills, and the company is so poorly ran is almost laughable. And this is coming from someone with two Ec-Council certs!

    I also have the CEH and CHFI, and I thought they were terrible. However Pentesting is on the horizon for me at my role, probably mid-2016. So I figured it might be useful, and there were limited options available from the training company we are using.

    So i'm still leaning CASP at this point.

    Mike7 - good call, I will try the practice tests and see if that helps me make up my mind. I need to make a decision today
    Reply With Quote Quote  

  12. Senior Member Mike-Mike's Avatar
    Join Date
    Aug 2010
    Location
    Louisville, KY
    Posts
    1,848

    Certifications
    CISSP, HDI-SCA, ITIL V3 Foundations, A+, Network+, Security+, MCP, MCDST, CCENT, CCNA, Project+, CCNA Security, MCTS: Windows 7 Config, CEH, CHFI
    #11
    Quote Originally Posted by Mike7 View Post
    You can try EC-Council Certified Security Analyst Assessment | EC-Council to get a feel of ECSA knowledge required.
    l

    That was very deceptive. It was 50 questions, the first 10 to 15 were all terrible. Asking names of laws and acts, and standard terminology. But the last 3/4s or so was pretty good. Asking specifics about Snort, Nessus, and Metasploit.

    hmmmmmmmmmmmm
    Reply With Quote Quote  

  13. Senior Member Mike-Mike's Avatar
    Join Date
    Aug 2010
    Location
    Louisville, KY
    Posts
    1,848

    Certifications
    CISSP, HDI-SCA, ITIL V3 Foundations, A+, Network+, Security+, MCP, MCDST, CCENT, CCNA, Project+, CCNA Security, MCTS: Windows 7 Config, CEH, CHFI
    #12
    Quote Originally Posted by Mike7 View Post
    .
    The CISA assessment is at CISA Self-Assessment Exam
    CISA is what I thought it was, not for me at the moment. Maybe in a year or two, but that's not really where my interest is, seems like something I would get to make me more marketable, or if I plan on branching out to other areas

    Currently I want to be as technical as possible
    Reply With Quote Quote  

  14. Senior Member Mike-Mike's Avatar
    Join Date
    Aug 2010
    Location
    Louisville, KY
    Posts
    1,848

    Certifications
    CISSP, HDI-SCA, ITIL V3 Foundations, A+, Network+, Security+, MCP, MCDST, CCENT, CCNA, Project+, CCNA Security, MCTS: Windows 7 Config, CEH, CHFI
    #13
    Based on this for CASP - CASP Sample Questions - Get Certified Get Ahead

    it seems to be what I'm looking for
    Reply With Quote Quote  

  15. Senior Member Mike-Mike's Avatar
    Join Date
    Aug 2010
    Location
    Louisville, KY
    Posts
    1,848

    Certifications
    CISSP, HDI-SCA, ITIL V3 Foundations, A+, Network+, Security+, MCP, MCDST, CCENT, CCNA, Project+, CCNA Security, MCTS: Windows 7 Config, CEH, CHFI
    #14
    Reply With Quote Quote  

  16. Senior Member Mike-Mike's Avatar
    Join Date
    Aug 2010
    Location
    Louisville, KY
    Posts
    1,848

    Certifications
    CISSP, HDI-SCA, ITIL V3 Foundations, A+, Network+, Security+, MCP, MCDST, CCENT, CCNA, Project+, CCNA Security, MCTS: Windows 7 Config, CEH, CHFI
    #15
    Seems like CASP is the winner, with ECSA as a close 2nd. They are on different dates, so I think i will request CASP, and if there is a conflict with those dates, go with ECSA
    Reply With Quote Quote  

  17. Senior Member danny069's Avatar
    Join Date
    Nov 2012
    Location
    NYC
    Posts
    999

    Certifications
    A+, Security+, ACMT, CASP, CEH, CCNA R&S, A.S. & B.S. Cyber Security Systems/Digital Forensics, M.S. Cyber Security
    #16
    Good luck on the CASP Mike! I'm taking that next after my CEH.
    Reply With Quote Quote  

  18. Senior Member Mike-Mike's Avatar
    Join Date
    Aug 2010
    Location
    Louisville, KY
    Posts
    1,848

    Certifications
    CISSP, HDI-SCA, ITIL V3 Foundations, A+, Network+, Security+, MCP, MCDST, CCENT, CCNA, Project+, CCNA Security, MCTS: Windows 7 Config, CEH, CHFI
    #17
    Thanks I sent the request for approval, with ECSA as the backup. I'll update when I get confirmation


    Another bonus with CASP is that I can use Skillport and CBTnuggets prior to the bootcamp so I'm not going in blind
    Last edited by Mike-Mike; 10-01-2015 at 09:12 PM. Reason: added stuff
    Reply With Quote Quote  

  19. Senior Member
    Join Date
    Jul 2015
    Location
    Island on the other side of Pacific pond
    Posts
    964

    Certifications
    C****, C***, C**
    #18
    @Mike-Mike. Great! You have made an informed decision.
    I look forward to your CASP review.
    Reply With Quote Quote  

  20. Junior Member Registered Member
    Join Date
    Oct 2016
    Location
    Maryland
    Posts
    3

    Certifications
    CompTIA Secuirty+, C|EH
    #19
    ESCA v9 is where it's at. Ec-Council completely revamped their certs. Now to pass the ECSA, you have to perform a pentest and submit it.

    So now in order it's ECSA>CASP>CISA.

    CISA is auditing stuff and pretty boring, ECSA is pentesting and security analyst stuff and pretty fun, CASP is a little of both, though more on the Information Assurance side.
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks