+ Reply to Thread
Results 1 to 8 of 8

Thread: CASP Prep

  1. Senior Member
    Join Date
    Feb 2015
    Location
    Tampa, FL
    Posts
    278

    Certifications
    GPEN/GCIH/CEH
    #1

    Default CASP Prep

    Havent really considered this certification, but wondering. I have several years of experience in IT security, but wondering what prep material would be best for this cert?
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member yoba222's Avatar
    Join Date
    Jun 2013
    Posts
    428

    Certifications
    LFCS, GCIH, eJPT, CCNA, CAPM, Sec+, Net+, A+
    #2
    Haven't yet done this particular CompTIA cert but I've done a few of their others. One nice thing about CompTIA certs is the all-in-one books usually cover everything. My guess would be Mike Meyer's or whoever wrote the Sybex book. Not sure about lab sims though.
    Reply With Quote Quote  

  4. Senior Member
    Join Date
    Nov 2015
    Posts
    105

    Certifications
    CASP,CISSP, C|EH, Security+
    #3
    For me personally to pass his exam i had to use the Sybex Book + CERT Guide+ITPROtv. You need to understand the concepts very well. for example if you see IPsec you need to know more then what it does but all the pieces that is used to make it work and other protocols that work with it. Take the hardest practice you get from the book and multiply it by x2 and thats CASP for 80 questions
    Reply With Quote Quote  

  5. Member PersianImmortal's Avatar
    Join Date
    Sep 2016
    Posts
    65

    Certifications
    Ph.D Candidate, MA, BA, CASP, Security+, Project+, Network+, Mobility+, CCNA-Security, CCENT
    #4
    Quote Originally Posted by Z0sickx View Post
    For me personally to pass his exam i had to use the Sybex Book + CERT Guide+ITPROtv. You need to understand the concepts very well. for example if you see IPsec you need to know more then what it does but all the pieces that is used to make it work and other protocols that work with it. Take the hardest practice you get from the book and multiply it by x2 and thats CASP for 80 questions
    Agreed.

    I used the Pearson Cert Guide by Abernathy, Chris Rees CASP Lessons on Pluralsight, and Kelly Handerhan's CASP overview on Cybrary.it. While all of these materials were fantastic and definitely helped me pass the exam, none really prepare you for the technical aspect of the exam (i.e. looking at logs and determining the type of attack or the best solution to remediate a vulnerability). They are however more than adequate in prepping for management, business, and risk related questions.

    For the technical aspects of the exam, what I found most helpful was to go over the objectives and google practical examples for each bullet point that I wasn't familiar with (i.e. XACML, SOAP, ESP vs AH, etc...)
    Reply With Quote Quote  

  6. Senior Member
    Join Date
    Feb 2015
    Location
    Tampa, FL
    Posts
    278

    Certifications
    GPEN/GCIH/CEH
    #5
    Thanks, how long did you guys study for?
    Reply With Quote Quote  

  7. Senior Member stryder144's Avatar
    Join Date
    Nov 2012
    Location
    Denver, CO
    Posts
    1,288

    Certifications
    CompTIA A+, Network+, Security+, Server+, Linux+ and CSA+; MCSA: Windows 7, ITIL Foundations
    #6
    Following this thread, as I am taking it next month.
    The easiest thing to be in the world is you. The most difficult thing to be is what other people want you to be. Don't let them put you in that position. ~ Leo Buscaglia

    Connect With Me || My Blog Site || Follow Me
    Reply With Quote Quote  

  8. Junior Member
    Join Date
    Aug 2017
    Location
    Washington DC
    Posts
    11

    Certifications
    CISA CISM CASP CIH CEH CHFI ECSA CNDA CCDA CWTS ITIL Network+ A+
    #7

    Default Passed the CASP Aug 2017

    Hello,
    I took the CASP CAS-002 exam on 13 August 2017 and passed. Thanks to the other members on this forum for recommending looking at additional study material. Although I have higher level certifications, this exam was very challenging. Challenging from the perspective that it is broad and technical. I have all the years of experience and I had to pull out my old CISCO router since I don’t do those task now on a daily basis. My exam was 77 questions and I had 165 minutes to complete the exam. I know COMPTIA states 90 questions but it was only 77.

    BLUF, if you are just a theory person or manager, you probably will not pass this exam. You need to understand security from a hands-on and technical perspective. If I put something on the computer screen such as an attack or a physical network diagram with missing security controls, etc, you need to be able to identify the issue quickly and solve the problem. Execute stopping the attack. Put the right security controls on the network in the right location (WAF, IDS, NIDS/NIPS, Patch Server, FW, AV Server, etc).


    Most of my simulations and drag and drops were up front. I had 10 out the gate and about two more later in the exam. The longest simulation questions was looking at code in a server log, then identify the attack, identify the host, and identify the attacking machine. After identifying the correct attack, go to the router (s) and stop the attack. If you are an ethical hacker or work network management (routers, reviewing logs, etc), then you do not need to do any additional studying for these type of questions. Just ensure you know the different types of attacks and know what they look like in execution (XSS, SQL injection, integer overflow, buffer overflow, ping of death, etc). Ethical Hackers should be good to go in this area. If you don’t have tools to practice take some of the Cybrary or YOUTUB Video courses to re-familiarize yourself on this content. You also need to be familiar with every objective they identify in the CompTIA objectives. Go download a copy from COMPTIAs website. You will be broadly tested on them all. Know your acronyms. Nothing is spelled out on the exam so you need to know XSS=Cross Site Scripting. Know the difference in RFQ, RFP, RFI, and when they are used.

    I used two books but only for definitions because industry terms mean different things with different security certification organizations (COMPTIA, ISC2, ISACA, EC-COUNCIL, SANS, etc.). The two books I used were:


    1. CompTIA Advanced Security Practitioner (CASP) CAS-002 Cert Guide by Abernathy, Robin



    2. CASP CompTIA Advanced Security Practitioner Study Guide: Exam CAS-002 by Gregg, Michael

    I used the Michael Gregg book the most and I answered all of the questions in the books. I also, pulled out my CEH lab books again.

    Just FYI, my experience level is over 10 years hands on and over 20 years total. I hold the following industry certs before taking the CASP exam: CISA, CISM, CEH, CHFI, CIH, CNDA, ECSA, CWTS, CCDA, ITIL, Network+, A+


    I hope this helps and best wishes.
    Reply With Quote Quote  

  9. Junior Member
    Join Date
    Aug 2017
    Location
    Washington DC
    Posts
    11

    Certifications
    CISA CISM CASP CIH CEH CHFI ECSA CNDA CCDA CWTS ITIL Network+ A+
    #8
    I studied about 6 weeks 2 hours a night.
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks