+ Reply to Thread
Results 1 to 17 of 17

Thread: Passed Today

  1. Junior Member
    Join Date
    Aug 2016
    Posts
    6

    Certifications
    Security+, CCNA, Network+, A+, CHFI, CEH, CASP
    #1

    Default Passed Today

    I passed today...77 questions...9 or 10 simulations.

    I've been lurking on this forum for a while and I have to say the opinions on the difficulty of this certificate are absolutely true. I genuinely feel that I would not have passed if I had not been working in the security field for the last six years. There is no easy question on the CASP. Everything is practical. You don't need to know what SAML is, you need to know how and when it's implemented. You don't need to define a WAF, you need to know when it's applicable to use and where to put it in a network. The questions are wordy, and you're usually asked for the BEST or MOST <something> answer.

    My recommendation to those who are planning on studying is to read through the study guide (I used Pearson Vue) and then google "<term> real-life example". Watch as many videos that show implementation as you can. If you don't do this work in your career that's the only way you'll get the exposure needed to pass the test.

    I'm starting a new contract with an employer that was forcing me to get 8570 IAM Level 2 so I tested for this in a little over a month. I initially thought I would have six months but they kept pressuring me to move up my time table. I think I'm finally going to take a few weeks off and then study for the RHCSA. I've always felt deficient in Linux and it's the first cert in a long time that I've wanted to get on my own and am interested. I'd be willing to answer any questions you guys have. Thanks.
    Reply With Quote Quote  

  2. SS -->
  3. Junior Member
    Join Date
    Mar 2017
    Location
    Louisville, KY
    Posts
    19

    Certifications
    A+, Network+, Security +, ITIL Foundations
    #2

    Default Location of examples

    I'm having trouble identifying Buffer Overflow attacks
    XSS
    CSRF
    Smurf
    Where did you go to locate real world examples of these?
    Reply With Quote Quote  

  4. Junior Member
    Join Date
    Aug 2016
    Posts
    6

    Certifications
    Security+, CCNA, Network+, A+, CHFI, CEH, CASP
    #3
    My avenue of choice was Youtube. Search for "XSS examples" or "CSRF examples". It's really that simple and watch a few different videos. Hope that helps. Good luck!
    Reply With Quote Quote  

  5. Senior Member shochan's Avatar
    Join Date
    Sep 2016
    Location
    AR
    Posts
    405

    Certifications
    A+, Network+, i-Net+, Server+, Security+, MCP 70-210, Novell CNA 5.0
    #4
    Quote Originally Posted by apisky4 View Post
    I'm having trouble identifying Buffer Overflow attacks
    XSS
    CSRF
    Smurf
    Where did you go to locate real world examples of these?
    SkillSoft has a pretty good examples of this on the CASP training - under Applications Vulnerabilities & Security Controls - IF you have access to this.
    2017 -> Cloud+ beta (Oct), Linux+ 103 (Dec)
    2018 ->Linux+ 104, CCNA CyberOps (July Cohort)
    Reply With Quote Quote  

  6. Senior Member DAVIS NGUYEN's Avatar
    Join Date
    May 2013
    Location
    Atlanta, GA
    Posts
    1,431

    Certifications
    CASP, SEC+, NET+, A+, NST, CST, ACE...
    #5
    Congrats!
    Reply With Quote Quote  

  7. Tecnomancer trojin's Avatar
    Join Date
    May 2013
    Location
    Ireland
    Posts
    105

    Certifications
    A+,S/S/S+,N+, CASP,CSA+,CCNA R/S & Sec & Cyber OPS, SSCP,EMC NetWorker Specialist,SNIA SCSE,Prince 2,EITCA-IS,F5 BIG-IP CA/ASM, Intel Sec NSP
    #6
    Quote Originally Posted by apisky4 View Post
    I'm having trouble identifying Buffer Overflow attacks
    XSS
    CSRF
    Smurf
    Where did you go to locate real world examples of these?
    Damn Vulnerable Web Application (DVWA)

    DVWA - Damn Vulnerable Web Application
    Reply With Quote Quote  

  8. Junior Member Registered Member
    Join Date
    Jun 2017
    Posts
    2
    #7
    Congrats! I test tomorrow and have watching videos and take practice exams and going over my weak areas. I'm having trouble with the SLE and ALE formulas. Any advice you can offer will be great!
    Reply With Quote Quote  

  9. Junior Member Registered Member
    Join Date
    Jun 2017
    Posts
    2
    #8

    Default Failed the CASP today....

    Bummed....I want to take it in another week but feeling discouraged!
    Reply With Quote Quote  

  10. Member
    Join Date
    Jul 2015
    Location
    Honolulu, Hawaii
    Posts
    79

    Certifications
    CASP, Cloud+, Mobility+, Security+, Storage+, OCPJP8, OCMJD7, Android Certified Application Developer
    #9
    Quote Originally Posted by somerbrown View Post
    Bummed....I want to take it in another week but feeling discouraged!
    Don't be discouraged! Study hard, and you'll make it next time.
    Reply With Quote Quote  

  11. Junior Member Registered Member
    Join Date
    Jul 2017
    Posts
    2
    #10
    How did you get through the simulations, I had 10 also, and the SQL, and network placement of devices got me (75K).
    Reply With Quote Quote  

  12. Junior Member
    Join Date
    Mar 2017
    Location
    Louisville, KY
    Posts
    19

    Certifications
    A+, Network+, Security +, ITIL Foundations
    #11
    How many areas of review did you have listed? I failed and am trying to determine how close I am to passing.
    Reply With Quote Quote  

  13. I'm Batman clarkincnet's Avatar
    Join Date
    Jun 2014
    Location
    Raleigh, NC
    Posts
    233

    Certifications
    CISSP, CISM, CRISC, ITIL-F 2011
    #12
    Congrats BTW! Good job passing!
    2015 Goals: CISSP [X], 2016 Goals: CISM [X], 2017 Goals: CRISC [X]
    2018 Goals: eCPPT [ ]
    Five Year Goals: CSXP, OSCP, GPEN, eWPT
    "Distrust and caution are the parents of security" - Benjamin Franklin
    Reply With Quote Quote  

  14. Junior Member Registered Member
    Join Date
    Jul 2017
    Posts
    2

    Certifications
    CEH, CCNP, CCNA Security, CCNA, Linux+, A+, Security+
    #13
    are you counting the drag and drops as simulations?
    Reply With Quote Quote  

  15. Junior Member Registered Member
    Join Date
    Jun 2017
    Posts
    1
    #14
    I took CASP last year and failed , but I took courses on CEH and found that the lessons in there would have helped ton before I took the CASP. Cybrary has a good collection of videos on the attack types on systems and on how to defend against them.

    Also, the multiple choice questions are pretty long, like almost short story long. It's a draining test.
    Reply With Quote Quote  

  16. Junior Member
    Join Date
    Aug 2017
    Location
    Washington DC
    Posts
    11

    Certifications
    CISA CISM CASP CIH CEH CHFI ECSA CNDA CCDA CWTS ITIL Network+ A+
    #15
    If you don't have hands on experience, I recommend you study network design diagrams and attacks types simultaneously. What I mean is you must understand what security control device covers in the form of vulnerabilities on the network. You need to know if the device is deployed inline or on the boundaries of the network. Does the device work on the network, on the the host, or on both. For example, you can deploy a firewall on the network or on a host based firewall (HBSS). If I give you a network diagram with a DMZ that has a web server and an email server and you only have one firewall on your network and that is placed in front of a switch for traffic coming in from the internet and you do not have any other security controls in the DMZ or anywhere else on the network and I give you a choice of a WAF, AV Server, a Patch Server, NIDS/NIPs, FW, or and IDS, which one of these devices would you choose to add and where you place it as a security measure to cover common attacks such as XXS and SQL injection? You only get one choice of device because of budget.
    Reply With Quote Quote  

  17. Junior Member
    Join Date
    Aug 2017
    Location
    Washington DC
    Posts
    11

    Certifications
    CISA CISM CASP CIH CEH CHFI ECSA CNDA CCDA CWTS ITIL Network+ A+
    #16
    Technique for long questions is go to the last 2 sentences. That is usually where the question is at on 9 out of 10 questions. That technique works for most exams
    Reply With Quote Quote  

  18. Junior Member
    Join Date
    Aug 2017
    Location
    Washington DC
    Posts
    11

    Certifications
    CISA CISM CASP CIH CEH CHFI ECSA CNDA CCDA CWTS ITIL Network+ A+
    #17
    Anything that is not multiple choice is simulation.
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks