+ Reply to Thread
Results 1 to 21 of 21
  1. Junior Member
    Join Date
    Aug 2016
    Posts
    14
    #1

    Default Is CASP easier than CISSP?

    Is CASP easier than CISSP? What material or books to you recommend for CASP?
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member
    Join Date
    Oct 2016
    Location
    NJ
    Posts
    352

    Certifications
    CCNP R&S, CCNA(Security/Data Center), PCNSE 7, MCITP: Exchange 2010
    #2
    I'm not going to be much help since I have not taken either exam, but there is CASP material available for free from Cybrary.

    https://www.cybrary.it/course/comptia-casp/
    Reply With Quote Quote  

  4. I drink and I know things Ertaz's Avatar
    Join Date
    Jan 2006
    Posts
    673

    Certifications
    CISSP, CASP, CSA+, GPEN, CCNA Cyber Ops, Security+, MCP
    #3
    Quote Originally Posted by Ranjnas View Post
    Is CASP easier than CISSP? What material or books to you recommend for CASP?
    I took the CISSP first and studied more for it. It is definitely more broad than the CASP, but it's much less in-depth. CASP is more about the technologies than about procedures. There is a lot of overlap between the two, but passing both requires separate materials. I recommend the pearson book for CASP and the Sybex book for the CISSP. Search the forums here. There are several threads here with notes on what it takes to pass the exam.
    Reply With Quote Quote  

  5. Senior Member
    Join Date
    Aug 2016
    Location
    Arizona (not a native)
    Posts
    103

    Certifications
    CISSP, CASP, GCFA, C|EH v8, C|NDA, RDRP (Registered DoD RMF Practitioner), Sec+, MCSE-NT4, A+
    #4
    I sat CASP in July 2016 and CISSP in October 2016. I thought CASP was easier than CISSP. CISSP + renewal fees to CompTIA will renew CASP if you sit CISSP second. CASP counts as 1 year of the 5 year experience requirement for CISSP. If you don't have enough paid experience to fit into the CISSP domains, you won't be a full CISSP. (Associate of ISC2 instead) There's that to consider too. (By now you're seeing my pro-CASP bias. CASP makes a nice foundation for CISSP study and you are fully CASP certified as soon as you pass.)

    I agree with Ertaz on the book recommendations. If the Sybex book lags too much for you, try Eric Conrad's (Conrad, Meisnar, and Feldman) CISSP Study Guide 3rd ed. The SSCP CISSP forum is full of CISSP advice.
    Reply With Quote Quote  

  6. Senior Member
    Join Date
    Jul 2015
    Location
    Island on the other side of Pacific pond
    Posts
    969

    Certifications
    C****, C***, C**
    #5
    I took CISSP and CASP within 3 weeks of each other. There is quite a lot of overlap between the two.

    CASP has simulation questions which you will find challenging if you do not have network and systems operations experience. The theoretical questions are fairly straight forward in CASP when compared to CISSP.

    Do the CASP first and CISSP later. Use the CISSP to fulfil CASP CPE renewal requirements.
    Reply With Quote Quote  

  7. Senior Member
    Join Date
    Jun 2011
    Location
    Maryland
    Posts
    190

    Certifications
    GWAPT, CISSP, eJPT, CEH, Sec+, ITIL-F, BS:IS
    #6
    Quote Originally Posted by Mike7 View Post
    I took CISSP and CASP within 3 weeks of each other. There is quite a lot of overlap between the two.

    CASP has simulation questions which you will find challenging if you do not have network and systems operations experience. The theoretical questions are fairly straight forward in CASP when compared to CISSP.

    Do the CASP first and CISSP later. Use the CISSP to fulfil CASP CPE renewal requirements.
    Think CASP is worth it for someone that already has the CISSP? I have never heard anyone talk about it outside of these forums. And yet I keep pondering about it.
    Last edited by ZzBloopzZ; 11-09-2016 at 11:11 PM.
    Reply With Quote Quote  

  8. Senior Member
    Join Date
    May 2016
    Posts
    1,647
    #7
    From a national job perspective with the locale wide open, you are looking at ~1,000 position on Indeed listing it in their job req.

    CEH ~2,200

    CISSP ~11,500
    Reply With Quote Quote  

  9. Senior Member
    Join Date
    Jul 2015
    Location
    Island on the other side of Pacific pond
    Posts
    969

    Certifications
    C****, C***, C**
    #8
    CASP is good for that 8570/8140 DoD position and the simulation questions makes it more a "performance-based" and less of a paper-based certification.

    The simulations may not be very in-depth but do cover areas such as network switching, firewalls and patching. I expect a CASP to be more hands-on and will not be surprised if a CISSP is unable to do network subletting.
    Reply With Quote Quote  

  10. Senior Member
    Join Date
    Aug 2016
    Location
    Arizona (not a native)
    Posts
    103

    Certifications
    CISSP, CASP, GCFA, C|EH v8, C|NDA, RDRP (Registered DoD RMF Practitioner), Sec+, MCSE-NT4, A+
    #9
    Subnetting / subletting? Gadzooks, have you no subnet calculator or an IPV6 network? I have 4 certs (Sec+, C|EH, TCP/IP in the Enterprise aka MS MCP/MCSE, CASP) where subnetting could have come up, but I don't think I've ever had to do it for a test.
    Reply With Quote Quote  

  11. Senior Member Moldygr33nb3an's Avatar
    Join Date
    Jul 2016
    Posts
    194

    Certifications
    A+, Network+, Security+, Project+, CSA+, CASP, CEHv9, CCNET, CCNA R&S
    #10
    Quote Originally Posted by ZzBloopzZ View Post
    Think CASP is worth it for someone that already has the CISSP? I have never heard anyone talk about it outside of these forums. And yet I keep pondering about it.
    No.

    CASP was designed for government to supplement the CISSP requirement without having the 5 years of mandatory experience.

    If you have the CISSP, you're good.

    I merely did my CASP as a stepping stone to the CISSP. Plus I wanted to master CompTIA's certs. Thank OCD
    Last edited by Moldygr33nb3an; 11-10-2016 at 08:36 PM.
    Working on: CCNA - Security, eJPT

    Next: OSCP, CCNP

    All your certifications are belong to us.
    Reply With Quote Quote  

  12. Senior Member
    Join Date
    Jul 2015
    Location
    Island on the other side of Pacific pond
    Posts
    969

    Certifications
    C****, C***, C**
    #11
    Quote Originally Posted by trueshrewkmc View Post
    Subnetting / subletting? Gadzooks, have you no subnet calculator or an IPV6 network? I have 4 certs (Sec+, C|EH, TCP/IP in the Enterprise aka MS MCP/MCSE, CASP) where subnetting could have come up, but I don't think I've ever had to do it for a test.
    Subnetting.. typo..
    What I mean is that if you ask a CISSP about network subnets, he may not be able to answer you.
    Reply With Quote Quote  

  13. Senior Member
    Join Date
    Aug 2016
    Location
    Arizona (not a native)
    Posts
    103

    Certifications
    CISSP, CASP, GCFA, C|EH v8, C|NDA, RDRP (Registered DoD RMF Practitioner), Sec+, MCSE-NT4, A+
    #12
    I have to re-study subnetting every time I encounter it. It just never stuck with me. After my endorsement's done, I guess I'll be another CISSP (she) who can't answer the subnetting question. Maybe I'll just call for a CASP or a Cisco certified person to answer that subnetting question.
    Reply With Quote Quote  

  14. Senior Member
    Join Date
    Jan 2016
    Location
    Honolulu
    Posts
    163

    Certifications
    Sec+,Net+, ITIL V3 Foundation, BBA,MBA University of Hawaii ,CASP, CSM
    #13
    I took CASP to meet my requirement for a DOD job. I was hedging... if I didn't pass then I would be out of a job. So I figured why not start with CASP and then go CISSP. I missed both exams before, however life has relaxed a bit and I was able to focus more .

    CASP was completed Sep 16th 2016
    CISSP was completed November 5th 2016

    My advice ..... if you need to hedge then you can go CASP then CISSP like I did. If you just need CISSP then go for that . I felt that CASP was a nice warm-up ( confidence boost) one I passed it . The confidence boost I think helped with CISSP .
    Reply With Quote Quote  

  15. Senior Member
    Join Date
    Jun 2011
    Location
    Maryland
    Posts
    190

    Certifications
    GWAPT, CISSP, eJPT, CEH, Sec+, ITIL-F, BS:IS
    #14
    Quote Originally Posted by trueshrewkmc View Post
    I have to re-study subnetting every time I encounter it. It just never stuck with me. After my endorsement's done, I guess I'll be another CISSP (she) who can't answer the subnetting question. Maybe I'll just call for a CASP or a Cisco certified person to answer that subnetting question.
    I also have to re-learn subnetting everytime too. I understand the overall concept of it, but the rare few times I needed it I would just use an online calculator. Same with converting bits to decimals, never needed to use that in real life.
    Reply With Quote Quote  

  16. Senior Member
    Join Date
    Jul 2015
    Location
    Island on the other side of Pacific pond
    Posts
    969

    Certifications
    C****, C***, C**
    #15
    For some reason, I get subnetting questions in my exams. Guess I was lucky.
    Anyway, heard this story about a CISSP who failed the Security+ exam.
    Reply With Quote Quote  

  17. Senior Member Moldygr33nb3an's Avatar
    Join Date
    Jul 2016
    Posts
    194

    Certifications
    A+, Network+, Security+, Project+, CSA+, CASP, CEHv9, CCNET, CCNA R&S
    #16
    I sat down and watched the ipv4 subnetting courses on CBT Nuggets. Mastered the **** out of it. I could subnet the entire world with one IP address if asked....

    .....then a week went by.


    Pretty much forgot it all....


    Watch the videos again.... This time I could subnet the galaxy with half an ip address.


    Then a week would go by and I would forget it.


    I did this - I'm not even kidding - 3 times.

    Here I sit. Feeling handicapped. Show me an IPv4 IP address and i'll just scratch my head. Masks and prefixes stuck, but don't you dare ask me to subnet a single IP address.

    I think I'll learn it again. I learn it quicker every time.

    *SIGH*
    Working on: CCNA - Security, eJPT

    Next: OSCP, CCNP

    All your certifications are belong to us.
    Reply With Quote Quote  

  18. Senior Member
    Join Date
    Jul 2015
    Location
    Island on the other side of Pacific pond
    Posts
    969

    Certifications
    C****, C***, C**
    #17
    This week, I had to connect to a subnet and proceed to add a static route with the correct subnet.
    Noticed that a PC had a 169.254.X.X IP address.
    My ISP DNS was under DDoS attack so I configured my DNS to 8.8.8.8. In a previous engagement, a security consultant told us to block connections from 8.8.8.8 but was unable to explain why.
    A co-worker was troubleshooting connectivity issues and asked why internet IP is unable to connect to his box at 172.31.X.X.
    While looking through firewall logs, I noticed a lot of connections to 17.0.0.0/8 subnet. Who is using a iOS device?

    I still use a subnet calculator for some calculations.
    Apply what you learn and you will remember.
    Last edited by Mike7; 11-17-2016 at 12:24 AM.
    Reply With Quote Quote  

  19. Senior Member Moldygr33nb3an's Avatar
    Join Date
    Jul 2016
    Posts
    194

    Certifications
    A+, Network+, Security+, Project+, CSA+, CASP, CEHv9, CCNET, CCNA R&S
    #18
    Help me out Mike. Why would a PC be getting a 169 address unless the DHCP server was down? Plus wouldn't NAT alone still provide a host with a private 192 address? Assuming this device is in a SOHO hiding behind a router. I'm failing to see the how an ISP DNS server would affect a host in a LAN? Was this before NAT?
    Reply With Quote Quote  

  20. Senior Member
    Join Date
    Jul 2015
    Location
    Island on the other side of Pacific pond
    Posts
    969

    Certifications
    C****, C***, C**
    #19
    My bad, the above are all unrelated scenarios that involve networks, so do not link them today.

    The point is having network knowledge can help in security work. A SANS instructor recalled that in her first job, she reported an attack from internet IP address of 192.168.X.X. . Having a CISSP does not mean you are a security guru. Neither does it mean that a CASP is very technical hands-on What we can agree is that CASP exam is more technical while CISSP is more managerial in their exam focus. The more you learn, the more you realize you do not know.
    Last edited by Mike7; 11-17-2016 at 03:02 AM.
    Reply With Quote Quote  

  21. Senior Member GeekyChick's Avatar
    Join Date
    Sep 2016
    Location
    Colorado
    Posts
    264

    Certifications
    BSCS, CCNA, Sec+, Net+
    #20
    Quote Originally Posted by Moldygr33nb3an View Post
    I sat down and watched the ipv4 subnetting courses on CBT Nuggets. Mastered the **** out of it. I could subnet the entire world with one IP address if asked....

    .....then a week went by.


    Pretty much forgot it all....


    Watch the videos again.... This time I could subnet the galaxy with half an ip address.


    Then a week would go by and I would forget it.


    I did this - I'm not even kidding - 3 times.

    Here I sit. Feeling handicapped. Show me an IPv4 IP address and i'll just scratch my head. Masks and prefixes stuck, but don't you dare ask me to subnet a single IP address.

    I think I'll learn it again. I learn it quicker every time.

    *SIGH*

    That is hilarious!! Sounds familiar too! I forget way too fast. Also, I always have a problem with the broadcast address and I don't know why.
    Reply With Quote Quote  

  22. Senior Member Moldygr33nb3an's Avatar
    Join Date
    Jul 2016
    Posts
    194

    Certifications
    A+, Network+, Security+, Project+, CSA+, CASP, CEHv9, CCNET, CCNA R&S
    #21
    Agree. I know some CISSP's that know their stuff. I also know CISSPs that sat through a bootcamp and couldn't tell you the difference between a Trojan and worm. I'm a project manager so I don't get the hands on as much as I want. All my hands-on is done at home behind the scenes. As much as I love my job, I want to dump the presentations and spreadsheets and get back into the fray.
    Working on: CCNA - Security, eJPT

    Next: OSCP, CCNP

    All your certifications are belong to us.
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks