+ Reply to Thread
Page 2 of 3 First 12 3 Last
Results 26 to 50 of 56

Thread: CompTIA/CASP

  1. Member
    Join Date
    May 2011
    Posts
    94

    Certifications
    CCISO, CISSP, GPEN, CEH, CHFI, SCJP, SCWCD, and many more
    #26
    Quote Originally Posted by Priston View Post
    sounds like CompTIA is making it for the DoD
    CompTIA's Security+ examination is approved for DoD 8570.1m compliance at IAT levels 1 & 2. In order for the CASP to be considered for that they will have to add a renewal / continuing ed component, but they've already done that with Sec+ (Security+ce) so I don't think it's off the table.
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member ChooseLife's Avatar
    Join Date
    Feb 2011
    Location
    runlevel 3
    Posts
    926

    Certifications
    BCSc Network Security, VCP, MCSA:Sec, CCNA:Sec, GIAC GSEC, Sec+, ITIL-f
    #27
    Quote Originally Posted by grauwulf View Post
    Who am I?
    A good fellow, indeed. Thanks for the thoughtful review!
    Reply With Quote Quote  

  4. IT ***** (LawFirm)
    Join Date
    Nov 2010
    Posts
    107

    Certifications
    A+, Security+, Network+, Project+, ITILv3, ISO2000, ISO27002, SSCP
    #28
    Is this an invitation only cert at the moment since its in Beta mode? I'd like to take it.
    Reply With Quote Quote  

  5. Member
    Join Date
    May 2011
    Posts
    94

    Certifications
    CCISO, CISSP, GPEN, CEH, CHFI, SCJP, SCWCD, and many more
    #29
    Quote Originally Posted by Heny '06 View Post
    Is this an invitation only cert at the moment since its in Beta mode? I'd like to take it.
    Yep, the beta test was by invite. I think you can take the beta test if you want, but it's only available at a few locations and it will cost you about $330. Also, as a beta exam you wont get your score until the exam goes public later this year (October or November).

    I would recommend waiting until some study guides start showing up so you can have something to work from as well as towards. Then again, if you're up for it jump in there and go get it.
    Reply With Quote Quote  

  6. Guest
    Join Date
    Oct 2010
    Posts
    952

    Certifications
    A+, Network+, CCNA
    #30
    A.A.S. in Networking Technologies
    A+, Network+, CCNA
    Reply With Quote Quote  

  7. PMP-Wannabe! erpadmin's Avatar
    Join Date
    May 2010
    Posts
    4,133

    Certifications
    A+, Network+, Security+, Project+, MCTS 70-680, MCITP:EA or MCSA:WS2K8, Bachelor of Science, IT - Networks Design and Management
    #31
    I got the Cancellation notification today. CompTIA will not allow me to take the exam tomorrow.

    Just as well, I guess...
    Reply With Quote Quote  

  8. Senior Member never2late's Avatar
    Join Date
    Jul 2010
    Location
    VA
    Posts
    122

    Certifications
    A+, Sec+, Project+, MCTS: 70-680, CCNA, CCNA-Security
    #32
    Quote Originally Posted by grauwulf View Post
    I went into the exam totally cold and got quite a doozy, especially in comparison to other CompTIA offerings. Overall I was very impressed with this exam.

    Thoughts:
    Based on my set of questions; I think that this exam is a pretty good gauge of your abilities to function as a well rounded security professional. Without breaking the NDA I will say that some of the questions I got were very technical, some where very focused on management, and a portion was related to network design (which I was very happy to see). There was at least 1 question that I'm certain nobody who hasn't actually 'done it' in the real world will be able to get. I was also happy that while the exam maintained vendor neutrality overall, I did receive questions that had some very useful vendor focused material.

    Some of the questions lacked a bit to be desired in the wording category, but that's just about any certification exam. Overall I think this is a pretty good evaluation exam for a 'general security person'. Maybe a system architect, or sys admin. I would be quite impressed if a run of the mill CTO could pass this test without a boot camp or brain dump.

    Going in with no study at all I left with a 60/40 feeling as to if I passed. That is to say, not knowing what the pass margin is (some tests are 50%, some are 90%) I felt like I did decently.

    Finally I would like to say that all any certification actually validates is that you can pass a test. Maybe even by simple luck. Certs don't make you good, but if you are good certs can help to prove it, and they can also be a good career investment.

    Who am I?
    I'm brand new to the board so it's fair to ask 'OK, so who the hell are you to give us your opinion?' I have been a software engineer, architect, and/or team lead for a little over 13 years. I have 2 degrees and 2 academic certificates in comp sci & information security. I currently hold about a dozen active certifications including: C|EH, C|HFI, Security+, Linux+, Project+, iNet+, SCJP, SCWCD, [and the list goes on, 'all' of these areas were useful to in my CASP test]. I am not an expert by any stretch of the imagination. I've been around the block a few times and I've taken these types of tests before. So there, that's me.

    I'm enjoying your board, keep up the good work.
    I agree with grauwulf assumptions. The test, which I took today, was more in-depth than any other CompTIA test but more geared towards the management side. A lot of policy and procedures, the "best" answer out of the choices, and, to my surprise, even networking scenarios and simulations. Unlike grauwulf, I left feeling as though I may have got 50% of the questions correct with a healthy dose of educated guesses. This was more than I expected but also what I hoped. A lot of these cert tests are predictable but this one made me think. Like others, I went in cold without trying to anticipate the criteria.
    Reply With Quote Quote  

  9. EC Council #1 fan colemic's Avatar
    Join Date
    Apr 2010
    Location
    Tejas, Baby!
    Posts
    1,531

    Certifications
    CISSP, CISA, GIAC 2700, MCSE:Security, CEH, CHFI, CCNA:Security, CCENT, Sec+, Net+, ITIL v3 Foundations
    #33
    Surprised you had sims... wouldn't have expected that. And you think it was more management-geared, but was expected to be more technical in nature.
    Reply With Quote Quote  

  10. Member
    Join Date
    May 2011
    Posts
    94

    Certifications
    CCISO, CISSP, GPEN, CEH, CHFI, SCJP, SCWCD, and many more
    #34
    Quote Originally Posted by colemic View Post
    Surprised you had sims... wouldn't have expected that. And you think it was more management-geared, but was expected to be more technical in nature.
    Even better: The simulation environments are very rich. It's not a 100% mirror of a real system but it's close enough to let you actually work. Much better than the simulators I've seen in some other technical exams. Miles better than the CHFI sims (some of which I couldn't even make out -EDIT- I don't know how much of that was the testing center's $5 monitor and how much was EC. not an admonishment of the exam, just an observation). The only real problem I had with the simulations was that they were very much 'open ended', and the questions/tasks were as well.

    For example, I had one question to the effect of "select the best tool to loosen this nut" and in the simulated tool box there are: pliers, screwdrivers, wrenches (metric and sae), adjustable wrenches, a blow torch, and a chisel.

    Depending on the nut in question you might want a wrench, or you may need a blow torch. It can be very confusing. The best advice I can offer on those types of questions is to 'not' add any information. In the absence of data we have a tendency to fill in the gaps with what seems to make the best sense to us. If you try to guess what the questions are really getting at you will end up chasing your own tail. I ended up doing this a bit on some questions that asked you to design a XYZ. There are just so many different ways to set things up that it's very easy to get caught up in the 'well it depends' game.

    The more I think about it the more interested to see my exam report. October/November is just so far away
    Reply With Quote Quote  

  11. Senior Member
    Join Date
    Nov 2005
    Posts
    300

    Certifications
    CISSP-ISSEP, CCSP, C|EH, Security+, A+, Network+, Linux+
    #35
    Do you all think it would it be a waist of time to get this cert after getting the CISSP? (Kind of like getting the Net+ after CCNA)
    Reply With Quote Quote  

  12. um yea i know some stuffs demonfurbie's Avatar
    Join Date
    Jul 2010
    Location
    alabama
    Posts
    1,798

    Certifications
    mct: 70-680, a+, network+, security+ (comptia tri-force) project+, ciw foundations, ciw javascript something
    #36
    Quote Originally Posted by mog27 View Post
    Do you all think it would it be a waist of time to get this cert after getting the CISSP? (Kind of like getting the Net+ after CCNA)
    it depends isc2 may take it for the credits needed to keep the cissp
    Reply With Quote Quote  

  13. Avo
    Avo is offline
    Junior Member Registered Member
    Join Date
    Sep 2011
    Posts
    2
    #37
    I also took the Beta CASP test and I got the results last Friday that I passed. I am studying for the CISSP, which probably helped a lot. Was it tougher than S+? Yes, much. Will it be tougher than the CISSP? Dunno yet, but probably not.
    Reply With Quote Quote  

  14. Senior Member xirtlook's Avatar
    Join Date
    Jan 2011
    Location
    Baltimore, MD
    Posts
    123

    Certifications
    Too Many
    #38
    I havent taken, it but if it builds momentum, I might take this instead of C|EH.

    however I would rather save my money/time for CISSP and OCSP (backtrack)
    Reply With Quote Quote  

  15. Senior Member
    Join Date
    Nov 2010
    Location
    Maryland
    Posts
    780

    Certifications
    A+, Net+, Sec+, CCNA, CCNP, CCDP, CISSP, CISM, CISA, CEH, MCSE 2003, MCTIP 2008, Bachelor of Science IT
    #39
    So I took the exam today. I managed to pass (not sure how or what score). I got 15 questions out of 73 wrong.

    I think I could've done a lot better if I had some sort of study material like a book or videos. There were concepts like securing a web server, database server, the CASP methodoly for defense in depth and network defense placement and a few other things I wasn't really solid on.

    I had four simulations. My recommendation learn windows command line, know how to compile/write ACLs, be familiar with well-known ports, including microsoft (RDP, LDAP, CIFS, etc).

    I'd say it's a hybrid exam of CISSP/SCCP management decisions (like security policies, risk management, Disaster Recovery, Enviornmental controls etc), CEH server vulnerabilities (Web, database, MiTM, etc) and Security+ concepts.

    I wouldn't say it's a hard test. It's like any Comptia exam, where you can use the process of elimination. The main issue is not having study materials.

    The only thing I used to study for the test was the Preplogic Security+, SCCP and CISSP quick study guides, Darril's practice test and the actual Exam objectives (and used Google to look up the topics).

    I really don't think it's a CISSP "hard" exam. You're not using a scantron, pencil, 250 questions, 6 hours and getting mind ducked.

    The two positives are you immediately know if you pass or fail and the inclusion of simulations/drag and drops. It's almost Cisco like.

    And I can see the DoD adopting it for the 8570 requirements. But I guess we'll have to wait and see.
    Last edited by spiderjericho; 10-12-2011 at 09:33 AM.
    Reply With Quote Quote  

  16. Registered Member Darril's Avatar
    Join Date
    May 2009
    Location
    Virginia Beach, VA
    Posts
    1,569

    Certifications
    MCT, A+, Net+, Security+, CASP, SSCP, CISSP, MCSE, MCITP...
    #40
    Congratulations, and thanks for the comprehensive post on your experience.

    Darril Gibson
    Security+ blog
    Reply With Quote Quote  

  17. Senior Member
    Join Date
    Nov 2010
    Location
    Maryland
    Posts
    780

    Certifications
    A+, Net+, Sec+, CCNA, CCNP, CCDP, CISSP, CISM, CISA, CEH, MCSE 2003, MCTIP 2008, Bachelor of Science IT
    #41
    Darril, were you able to use the exam as credit toward your CISSP?

    I think that was one of the main reasons why I took it since it could apply to compTIA continuing education and possibly CISSP.
    Reply With Quote Quote  

  18. Registered Member Darril's Avatar
    Join Date
    May 2009
    Location
    Virginia Beach, VA
    Posts
    1,569

    Certifications
    MCT, A+, Net+, Security+, CASP, SSCP, CISSP, MCSE, MCITP...
    #42
    I didn't try to use this as a CISSP continuing education credit, and I don't know if it can be.

    Can you use it as a one-year waiver for CISSP (reducing the five-year experience requirement to four years)? This page (https://www.isc2.org/credential_waiver/default.aspx) only lists Security+ and not CASP, but I wouldn't surprised at all if CASP is added in the next year or so.

    HTH,

    Darril Gibson
    Security+ blog
    Reply With Quote Quote  

  19. Senior Member
    Join Date
    Nov 2010
    Location
    Maryland
    Posts
    780

    Certifications
    A+, Net+, Sec+, CCNA, CCNP, CCDP, CISSP, CISM, CISA, CEH, MCSE 2003, MCTIP 2008, Bachelor of Science IT
    #43
    If they allow CEHv7, Sec+ 301, etc as education credits, why couldn't they allow an intermediate security examination as credit? IMO, it should be worth at least 60 hours.
    Reply With Quote Quote  

  20. Senior Member xirtlook's Avatar
    Join Date
    Jan 2011
    Location
    Baltimore, MD
    Posts
    123

    Certifications
    Too Many
    #44
    Congratulations on passing. I think I might change my gears after I get my CCNP. Think I'm going to just suck it up and sit in for the CEH and CASP.

    It would be ashame to let what I learned in the last 2-3 years goto waste. If anything it'll be a great stepping stone, and prep for CISSP.

    I really liked your explanation, "hybrid of CISSP/SCCP".

    sounds much better than CISSP lol.

    I'll sit in for this sometime next summer.
    Reply With Quote Quote  

  21. Senior Member
    Join Date
    Nov 2010
    Location
    Maryland
    Posts
    780

    Certifications
    A+, Net+, Sec+, CCNA, CCNP, CCDP, CISSP, CISM, CISA, CEH, MCSE 2003, MCTIP 2008, Bachelor of Science IT
    #45
    The best advice I can give is take the CEH before the CASP. The database, web server, attack types, etc are present on the CASP and since there's no book to prepare you for the exam.

    Honestly, CASP is a lot easier than CISSP. It's a third of the time, half the questions and a whole lot less management questions.

    If you've passed CCNA, CEH and Sec+, you can pass CASP (as long as you look over the exam objectives and practice file management and troubleshooting in the command line, understand the placement of network infrastructure equipment, etc).
    Reply With Quote Quote  

  22. Member jayc71's Avatar
    Join Date
    Oct 2010
    Location
    NoVA
    Posts
    90

    Certifications
    CISSP, CCSK, Sec+, ITIL, ScrumMaster, AWS-CSA (Pro/Associate)/SysOps/Developer (Associate), Google+, Education: MSIS, BSIT
    #46
    I hear the CASP is a more technology focused exam than the CISSP, what advice would you all give to someone who passed the CISSP & Sec+ when it comes to sitting the CASP? Should I focus on the CEH materials?
    -Justin

    Next up, CCSP.
    Reply With Quote Quote  

  23. Senior Member
    Join Date
    Nov 2010
    Location
    Maryland
    Posts
    780

    Certifications
    A+, Net+, Sec+, CCNA, CCNP, CCDP, CISSP, CISM, CISA, CEH, MCSE 2003, MCTIP 2008, Bachelor of Science IT
    #47
    You can literally walk in and take the test. The only advice is to look at the objectives and research the subject if you don't know it. But if you were motivated, I'd say do CEH then CASP. A lot of CEH topics blur into CASP (and just maybe brush up on some of the domains from CISSP). The experience is definitely going to be less intense than the CISSP (a six-hour bubble test, about a four-week wait for the results and then creating a resume and getting endorsed compared to a 73-question test, computer-based exam, immediate results of pass or failure).
    Reply With Quote Quote  

  24. Member jayc71's Avatar
    Join Date
    Oct 2010
    Location
    NoVA
    Posts
    90

    Certifications
    CISSP, CCSK, Sec+, ITIL, ScrumMaster, AWS-CSA (Pro/Associate)/SysOps/Developer (Associate), Google+, Education: MSIS, BSIT
    #48
    Quote Originally Posted by spiderjericho View Post
    You can literally walk in and take the test. The only advice is to look at the objectives and research the subject if you don't know it. But if you were motivated, I'd say do CEH then CASP. A lot of CEH topics blur into CASP (and just maybe brush up on some of the domains from CISSP). The experience is definitely going to be less intense than the CISSP (a six-hour bubble test, about a four-week wait for the results and then creating a resume and getting endorsed compared to a 73-question test, computer-based exam, immediate results of pass or failure).
    Well that's refreshing. I looked over the objectives and felt like I would have a good chance at passing with a bit of brushing up on the subjects I don't deal with regularly. I've been waiting to hear what others who have taken the exam have to say. The C|EH is on my list as well and I feel comfortable with the material mostly, but I do need some lab time before I'd feel comfortable sitting the exam. When the CASP was announced it sounded like it might be interesting and my inner geek has been wanting to try it out just cause it's there.
    Last edited by jayc71; 11-11-2011 at 11:57 PM.
    -Justin

    Next up, CCSP.
    Reply With Quote Quote  

  25. Senior Member
    Join Date
    Nov 2010
    Location
    Maryland
    Posts
    780

    Certifications
    A+, Net+, Sec+, CCNA, CCNP, CCDP, CISSP, CISM, CISA, CEH, MCSE 2003, MCTIP 2008, Bachelor of Science IT
    #49
    If I had the choice between the CASP and one of your VCPs or MCTS, I'd take one of those any day. Like it's been stated, it's more a resume padder versus highly sought after exam.

    I think they should implement maybe five simulations/scenarios in the exam, increase it to 100 questions (no reason why the Net+, Sec+, etc have more questions), figure out the 8570.10 specifics and market it to all hell.

    Right now, it's less regarded than the CEH (or maybe on the same level), GIAC, CISSP, etc.
    Reply With Quote Quote  

  26. Member jayc71's Avatar
    Join Date
    Oct 2010
    Location
    NoVA
    Posts
    90

    Certifications
    CISSP, CCSK, Sec+, ITIL, ScrumMaster, AWS-CSA (Pro/Associate)/SysOps/Developer (Associate), Google+, Education: MSIS, BSIT
    #50
    Quote Originally Posted by spiderjericho View Post
    Right now, it's less regarded than the CEH (or maybe on the same level), GIAC, CISSP, etc.
    That's pretty much the kicker right there, the exam is new and not highly sought after the moment...and it costs over $300. (discount, I know...but still it's pricey) I have passed the CISSP, so until (if?) the CASP gains some respect in the industry, and really among the HR types that screen resumes, it's hard to justify the price of the exam. IMO, if CompTIA wants to get some mass market appeal and respect to these kinds of 'higher level' exams, they need to drop the price and spend a lot on advertising to make the cert more desirable.
    -Justin

    Next up, CCSP.
    Reply With Quote Quote  

+ Reply to Thread
Page 2 of 3 First 12 3 Last

Social Networking & Bookmarks