+ Reply to Thread
Results 1 to 11 of 11
  1. Junior Member
    Join Date
    Sep 2015
    Location
    N/A
    Posts
    28

    Certifications
    ITIL V3 Foundations, Security+, Network+, CASP, Linux+, CEH, CHFI, CNDA, CISSP
    #1

    Default Passed CASP (CAS-002) (8/19/2016)

    Hey guys,

    Yesterday, I passed the CASP exam. I'm happy to report that it was on my first attempt (thank you Jesus).

    I mention this because I know this isn't the case for most people. In fact, days prior, I was psyching myself out reading the number of failed attempts others have had. Well, the truth is that this exam is just freaking hard. So, don't feel bad. If I did it, it's just a matter of time when you guys/girls pass.

    Anyway, this post is about what I did to prepare, and what I thought of the exam.

    The materials I used included books, practice questions, and videos. Letter grades are next to them.

    Books:
    • Pearon's Cert Guide (Abernathy & McMillan) (B+)
    • Sybex Study Guide: Exam CAS-002 (Gregg) (B)
    Videos:
    • Cybrary.it (A)
    • Udemy (B)
    • FedVTE (C)
    • IT Pro TV (F)
    Website:
    • GoConqr.com (used to make flash cards & quizzes)

    What I thought of the materials:

    The books, at best, were both good. Not great, just good. Personally, the issue I found were that some of the more complicated topics were explained in one book, but then left out in the other. Similarly, some of the more high-level topics were explained better in one book, but then completely nuked in the other. So, if you can, try getting both of these as I used one over the other based on the topic.

    To get started, I highly recommend the cybrary.tv videos. The instructor, Kelly, conveyed topics in a easy to understand format. Just don't mind the audio/video quality as it's pretty bad. It's kind of hard to cry when something is free, right?

    Visually, Udemy helped with some of the more technical topics. It had a really nice presentation. The only issue I found was that the instructor/narrator was a bit monotone. And by bit, I mean a lot. As in, every bit of that video (see what I did there?). So, personally, I found myself tuning out quite frequently, and then replaying the videos.

    FedVTE is free for those working closely with the government. I'm a DoD contractor, so with my issued CAC card, I was able to sign up. I believe you can also sign up if you are a veteran (thank you for your service). Anyway, the FedVTE was good too. However, it was a bit too slow-paced. It's a video series of an instructor giving the course to students in a classroom environment. So, there's a lot of having to wait for everyone to get it. For example, rhetorical questions end up being answered. Granted, deeper discussions come from it, but it just made each section longer than it should have been. If you're on a tight deadline, this might not be the way. Again, this is my personal opinion. I didn't get to complete all the videos, but I supplemented it with the PDF docs from each video topic.

    ITPRO.tv was bad with regards to the CAS-002. I only did a 7-day trial, which you can't get unless you email them asking for it (Thank you ITPRO.tv). The issue wasn't with the website, but the instructor they chose for the CAS-002. The instructor was very smart and experienced, but he followed no real structure for students. This definitely felt more like I was listening to a podcast. The instructor loved to talk, but I just didn't feel like I can retain everything he was talking about. Each video is like 45 minutes long, where he does not stop talking. Mind you there's a co-instructor/host with him who never chimes in. Thinking about it, it was a bit cringe-worthy, in terms of the vibe. I didn't have time to check out their other courses, but with their hefty price tag, I don't think I can recommend the CAS-002 series from this site. I know they've been recommended on techexams before, but this is just my personal take away. If you're still interested, please give their 7-day trial a shot.


    Now, about the exam:


    Overall, the exam was pretty brutal. I had a total of 80 questions, with ~8 simulators, including drag and drops.

    I found myself thinking: Oh, with 2 hours and 30 minutes, I have plenty of time - to - Oh, I have 10 minutes left to review the 60 questions I flagged, great.

    The vast majority of questions were lengthy and required you to read carefully through the scenario and figure out the best possible answer.

    Know the following: SOAP, SAML, SPML, SDLC, SSDLC, Waterfall, Agile, SLE, ALE, ARO, ROI, SCADA, SAN, NAS, FCOE, etc... Basically, you want to know, understand, and be able to explain things like this. It's not about remembering the acronyms, but being able to explain the concept. In fact, I didn't even bothe trying to remember acronyms, but remembers what each one did.

    Also, be able to identify the differences between XSS, SQL Injection, Brute Force, Buffer Overflow, Integer overflow, and more... My last job was more technical, and so a lot of this was familiar to me. However, the exam still required me to know subtle differences between some of the code you'll see.


    Summary:

    Personally, I feel this is a difficult exam because it has the person pull from experience, rather than from memorized acronyms. I currently work as an Information Systems Security Officer, where much of the CASP stuff sort of pertained to me. Looking back, I feel like about 80% of the questions I had to pull from on the job experience. I work closely with an Information Systems Security Manager and a Chief Information Officer. So, a lot of what's in this exam is meant for people in this line of work. I got lucky having been hired and told I needed to get this within 6 months. I had planned on getting it right away, but the job put me on some crazy travel plans with very little runway to study and pass the exam. However, since it's summer, things have relaxed. I took about 2 solid weeks (~6 hours each weekday, more on weekends) and studied my butt off. I turned off Steam, ignored the GF, and just studied.

    If you don't have the experience, just know it may take more time to study. Look over the objectives and know what these things are. Again, be in a place where you're able to explain things on a high-level, but also be able to understand technical concepts and techniques.

    Also, just thought about this, I am doing my Master's program at WGU, and I felt I was able to pull a lot from the stuff I learned there.

    I have a lot of school to catch up with. So, as of now, I'm taking a break from certs. I might go after my CISSP, but in all honestly, I'm pretty burned out. My peers are doing CCNA and others, and they seem to be having way more fun studying for those. So, there's a chance I'll be doings something more technical.

    Hope this helps, thanks guys!
    Last edited by momolicious; 08-20-2016 at 06:32 AM. Reason: formatting
    Reply With Quote Quote  

  2. SS -->
  3. Junior Member
    Join Date
    Dec 2015
    Posts
    15

    Certifications
    B.Sc, MCSE - CPI, MCSA (2003, 2008, 2012, 2016), MCITP:SA, Security+, CASP
    #2
    Great job! Congrats!
    Reply With Quote Quote  

  4. Senior Member 636-555-3226's Avatar
    Join Date
    Jul 2015
    Posts
    882

    Certifications
    Lots of security certifications, yet the more I learn, the further I have to go...
    #3
    Congrats. Lots of people knock CompTIA exams for being for noobs, but posts like this help give the org some street cred
    Reply With Quote Quote  

  5. CIO
    CIO is offline
    Senior Member CIO's Avatar
    Join Date
    Dec 2013
    Location
    Houston, TX
    Posts
    142

    Certifications
    SSCP, CompTIA A+, CompTIA Security+
    #4
    Congrats on the pass. were there any config type of questions where the test taker would need to know Cisco R/S commands, Linux commands, etc..
    Reply With Quote Quote  

  6. Junior Member
    Join Date
    Sep 2015
    Location
    N/A
    Posts
    28

    Certifications
    ITIL V3 Foundations, Security+, Network+, CASP, Linux+, CEH, CHFI, CNDA, CISSP
    #5
    CIO,

    I didn't encounter any commands that you would have to do off memory. However, being able to identify basic Linux and Cisco IOS commands will not hurt. Personally, it would help if you're aware of the differences, as in being able to tell them apart.

    Quote Originally Posted by CIO View Post
    Congrats on the pass. were there any config type of questions where the test taker would need to know Cisco R/S commands, Linux commands, etc..
    Reply With Quote Quote  

  7. Junior Member
    Join Date
    Sep 2015
    Location
    N/A
    Posts
    28

    Certifications
    ITIL V3 Foundations, Security+, Network+, CASP, Linux+, CEH, CHFI, CNDA, CISSP
    #6
    Homer,

    Thanks and I hear ya. I do think CompTIA exams are coming around. They've definitely matured over the years. I think you can see that with their rollout of the Cybersecurity exam, which is suppose to be the bridge between Security + and CASP, which may be appropriate as it's a big gap in terms of required knowledge and years of experience.

    Quote Originally Posted by 636-555-3226 View Post
    Congrats. Lots of people knock CompTIA exams for being for noobs, but posts like this help give the org some street cred
    Reply With Quote Quote  

  8. Junior Member
    Join Date
    Sep 2015
    Location
    N/A
    Posts
    28

    Certifications
    ITIL V3 Foundations, Security+, Network+, CASP, Linux+, CEH, CHFI, CNDA, CISSP
    #7
    Thanks JC for the kind words!

    Quote Originally Posted by JC Denton View Post
    Great job! Congrats!
    Reply With Quote Quote  

  9. Senior Member danny069's Avatar
    Join Date
    Nov 2012
    Location
    NYC
    Posts
    999

    Certifications
    A+, Security+, ACMT, CASP, CEH, CCNA R&S, A.S. & B.S. Cyber Security Systems/Digital Forensics, M.S. Cyber Security
    #8
    Congrats! Good luck on your future certs!
    I am a Jack of all trades, Master of None
    Reply With Quote Quote  

  10. I drink and I know things Ertaz's Avatar
    Join Date
    Jan 2006
    Posts
    673

    Certifications
    CISSP, CASP, CSA+, GPEN, CCNA Cyber Ops, Security+, MCP
    #9
    Congrats man! I've said before that for me this exam was more difficult than the CISSP.
    Reply With Quote Quote  

  11. Senior Member DAVIS NGUYEN's Avatar
    Join Date
    May 2013
    Location
    Atlanta, GA
    Posts
    1,438

    Certifications
    CASP, SEC+, NET+, A+, NST, CST, ACE...
    #10
    Congrats!
    Reply With Quote Quote  

  12. There is no spoon. p@r0tuXus's Avatar
    Join Date
    Nov 2016
    Location
    KCMO
    Posts
    519

    Certifications
    ITIL-F, A+, S+, CCNA
    #11
    Congrats & Great Thread! Going for this next so it definitely helps!
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks