+ Reply to Thread
Results 1 to 13 of 13
  1. Junior Member
    Join Date
    Apr 2012
    Posts
    8
    #1

    Default My Experience With CompTIA's CASP Exam (Pt. II)!

    All -

    First, I apologize due to my previous posting disappearing. Not sure what happened there.

    I thought I would post my thoughts and experience with the new CASP exam. There was so little information out there on what to expect and this forum had a few valuable postings that helped me out. Ergo, I figured I would at least return the favor and tell you about my experience.

    About me: I've been in the IT industry for about 7 years. I'm in a incident response / risk management position that isn't overly technical but gives me enough knowledge to be able to hold my own. Currently, I hold the standard CompTIA certs (e.g. A+, Net+, Sec+, Server+) and picked up my CISSP last year. I also have a few investigative certs (e.g. CCE, EnCE, ACE). I'm also studying for the CISA that I hope to pass in June. I have a bachelors and masters in an IT related discipline.

    Why I took the CASP: I had some 'use it or lose it' money for my education and burned it on the CASP. I fully recognize that this cert won't take me places; however, resume fluff never hurts and I try to get at least 1 - 2 certs per year.

    What I did to study: I bought the Sybex CASP book. Generally, I love the Sybex books because they come with a decent test bank and a good book. Same thing with this CASP book; however, you could tell the book was rushed as it was filled with spelling/grammar/formatting errors. Highly recommend the book when you consider there aren't many other alternatives. Also, I bought the ucertify test package. Again, I've used them in the past and ucertify was most helpful. All in all, I studied for two weeks.

    My Experience: Overall, the test was quality. It wasn't insanely hard, but it had some challenging components. There were only a handful of true 'brain dump' style questions that are common on other CompTIA tests. Comparing it to the CISSP, it was more technical and less managerial. The questions were in a format that required in-depth knowledge of several areas in order to fully understand and provide an answer. My understanding is that CompTIA is trying put this in between the Security+ and the CISSP; I feel the test achieves this goal. I also didn't like the pass/fail grade. I passed but have no idea by how much. In typical CompTIA fashion, the printout stated the objectives that I missed. The printout identified about 15 objectives leading me to believe I got about 80% correct.

    I did like the simulation questions. The simulation questions, like most of the test, require a lot of knowledge from different areas in order to get them right. I'm making the assumption they're also partial credit. Knowing the labs at the end of the Sybex book are very helpful for the simulation questions. There were about six simulation questions.

    Out of the 2.5 hours (I think?), I used almost two hours. If you're a slow reader or are bad at prioritising, you're going to have a rough time.

    CompTIA recommends some experience to take this cert. I can honestly say that there were several questions that my work experience helped me through. Not essential, but darn helpful.

    Other CASP thoughts: Why get this exam? At the current time it has zero recognition and has yet to gain very much traction. At ~$350 a pop, it's some pricey fluff to get to your resume. A quick search on Monster.com is also telling: 880 hits on CISSP; 1 on CASP and it's unrelated to CompTIA's cert. Unless CompTIA gets a DoD approval and more people get certified, it's not worth it. If you have to get a certification beyond Sec+, go big and get your CISSP. Don't have the experience? Get the CISSP Associate (cert pending the work experience).

    Hope this helps someone out there and good luck with whatever path you take.
    Last edited by questiontheknown; 04-23-2012 at 07:20 PM.
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member
    Join Date
    Mar 2012
    Posts
    123
    #2
    Quote Originally Posted by questiontheknown View Post
    I did like the simulation questions. The simulation questions, like most of the test, require a lot of knowledge from different areas in order to get them right. I'm making the assumption they're also partial credit. Knowing the labs at the end of the Sybex book are very helpful for the simulation questions. There were about six simulation questions.
    First thank you for your review. There are very less CASP info on the net.I didn't know about simulation questions. Please tell me more.
    Reply With Quote Quote  

  4. Senior Member cyberguypr's Avatar
    Join Date
    May 2007
    Location
    Chicago, IL
    Posts
    5,768

    Certifications
    GCFE, GCED, GCIH, CISSP, CCSP, and others that should never be mentioned
    #3
    Excellent review. Thanks.
    Reply With Quote Quote  

  5. Junior Member
    Join Date
    Apr 2012
    Posts
    8
    #4
    Quote Originally Posted by crashdump View Post
    First thank you for your review. There are very less CASP info on the net.I didn't know about simulation questions. Please tell me more.
    Hi there -

    The scenario was above and beyond the typical multiple choice answer. It would give you a graphical representation of the topic (network schematic, etc.)

    I'll try to avoid just giving away the scenario questions (that I remember) and try to give you a made up example.

    An example may involve providing a network schematic and asking you to state what ports need to be open on certain devices in order to allow a service to pass. You can then select the devices in order to learn configurations of each of the settings. So, if the question said, "Diagnose why SSH services aren't connecting to Server A," you then need to look at the diagram, determine where SSH is disabled (required knowledge of what port SSH operates on, perhaps how to modify a firewall list and diagnose issues, what devices may be blocking SSH, etc.), and play with the interactive components of the scenario to correct the problem.

    The simulation questions don't require any additional studying. You should know how to answer the questions based on studying the CASP material or from your work experience. Also, the labs at the end of the Sybex book are somewhat worthwhile and prep you for examples you may face in the scenario.

    Also, CompTIA's CASP recommendation of 10 years IT administration experience is nuts. If you're not prepared for this test after a few years hands on experience and some studying, you may not be working on computers. Five years is probably more appropriate for the CISSP.

    Hope this helps.
    Last edited by questiontheknown; 04-24-2012 at 04:44 PM.
    Reply With Quote Quote  

  6. Senior Member quinnyfly's Avatar
    Join Date
    Mar 2008
    Location
    Brisbane, Australia
    Posts
    239

    Certifications
    A+, Network+, Security+ ce, Server+, CIW - Network Technology Associate, CIW - Web Security Professional
    #5
    Thank you for sharing the info, very insightful and helpful for people such as myself who are looking at taking this cert to renew my Sec+ in about 2 yrs.

    Congratz on the pass and thanks again.
    Reply With Quote Quote  

  7. Registered Member Darril's Avatar
    Join Date
    May 2009
    Location
    Virginia Beach, VA
    Posts
    1,569

    Certifications
    MCT, A+, Net+, Security+, CASP, SSCP, CISSP, MCSE, MCITP...
    #6
    Congratulations on the pass and thanks for taking the time to do a thoughtful review.

    I've heard rumors that CompTIA is planning on doing "performance-based" questions on the next A+ exam (220-801 and 220-802). They won't be anywhere near the difficulty of the CASP, but they may be using a simular simulation style that you saw on the CASP.

    Good luck on the CISA.
    Reply With Quote Quote  

  8. Junior Member
    Join Date
    Sep 2004
    Posts
    14
    #7
    1) congratulation on passing.

    2) I have found the sybex book to be **awful**. Not only poorly edited, but loaded with inaccuracies. You can find my review on amazon. I have completely given up on the sybex book, and I am using the outline to look up subjects on wikipedia. Wikipedia is far better written, and far more accurate, and it costs less. The sybex book is pure garbage.

    3) To answer your question:
    > Why get this exam? At the current time it has zero recognition and has yet to gain very much traction.

    I think a lot has to do with DoD directive 8570.01-M. Environments that are regulated by that directive require something more than the Sec+ for tech-3, or manager-2 positions. There is a *lot* of business to be had here, I don't think CompTIA likes to see ISC2 getting all that business.
    Reply With Quote Quote  

  9. Member
    Join Date
    May 2013
    Location
    Overseas
    Posts
    36

    Certifications
    CEH, GCIH, GCWN, GPEN, GSEC, GCIA, GSNA, CCNA, CASP, A+, N+, Sec +, MCSA, Masters in IT - Telecom from UMUC
    #8

    Default Passed CASP today

    Unknown is totally correct on how the test is based. I am a DoD employee and this cert will replace CISSP.


    Cheers,

    CASP, Security +, Network+, A+, CCNA, MCSA.
    Reply With Quote Quote  

  10. Sarge da_vato's Avatar
    Join Date
    Jan 2013
    Location
    Online
    Posts
    442

    Certifications
    CISSP, CISM, CASP, CCENT, A/N/S+, C|EH, C|HFI
    #9
    I'm not sure I agree with you on this but I do think this cert will start gaining some traction in the next year or two. Congrats on your pass
    Reply With Quote Quote  

  11. Member
    Join Date
    May 2013
    Location
    Overseas
    Posts
    36

    Certifications
    CEH, GCIH, GCWN, GPEN, GSEC, GCIA, GSNA, CCNA, CASP, A+, N+, Sec +, MCSA, Masters in IT - Telecom from UMUC
    #10
    Thank you vato lol. But it is replacing the CISSP, because it costs the Dod more money than CASP to train and test. And with the current pinch, the Dod is doing whatever it can to save on costs.
    Reply With Quote Quote  

  12. Senior Member Psyco32's Avatar
    Join Date
    Feb 2011
    Location
    Alexandria, VA
    Posts
    103

    Certifications
    CISSP, C|EH, GCFA, GCIA, GSEC, GCIH, GSNA, GCWN, Sec+, ITIL, TCSE
    #11
    Guys, CASP is NOT going to replace the CISSP. As a matter of fact, CASP was just added to 8570.01M cert baseline:

    DoD 8570 Information Assurance Workforce Improvement Program

    DoD removed SANS courses GSE (REALLY BAD to remove this) and GISF also. Moving foward from DIACAP to DIARMF maybe DoD may make more changes to it's baselines though.
    Reply With Quote Quote  

  13. Certification Invigilator Forum Admin JDMurray's Avatar
    Join Date
    Jul 2003
    Location
    Surf City USA
    Posts
    10,596
    Blog Entries
    50

    Certifications
    GSEC, EnCE, CISSP, SSCP, CEH (ANSI), CASP, CCNA, CCENT, CWSP, CWNA, CWTS, Security+, Server+, Network+, A+, DHTI+, PDI+, MSIT InfoSec
    #12
    I think the idea is of removing the CISSP because it is overkill for the knowledge requirements for 8570.01. Mid-level InforSec certs, like CASP and SSCP, are more aligned with what the DoD needs. I'm also thinking that CEHv8 has been beefed-up specifically to keep it from getting the boot off 8570.01 for being too simplistic.

    The GSE was removed because the GCIH was already on 8570.01 and is part of the GSE requirements, so it really made no sense to have both. Besides, the GSE is an enormous challenge to acquire, somewhat like the CCIE. The GSE is for InfoSec SMEs and is way, way overkill for the generalized, compartmentalized workforce covered by 8570.01.
    Moderator of the InfoSec, CWNP, IT Jobs, Virtualization, Java, and Microsoft Developers forums at www.techexams.net
    --
    Blog: www.techexams.net/blogs/jdmurray
    LinkedIn: www.linkedin.com/in/jamesdmurray
    Twitter: www.twitter.com/jdmurray
    Reply With Quote Quote  

  14. Junior Member
    Join Date
    Mar 2010
    Posts
    4

    Certifications
    A+ Network + Security +
    #13
    Thanks for the info .....even if its a few years l8
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks