+ Reply to Thread
Results 1 to 24 of 24
  1. Junior Member LSagee's Avatar
    Join Date
    May 2016
    Posts
    26

    Certifications
    Security+, CSA+, CASP
    #1

    Default CSA+....Any word on DoD certification and what category it will fall under

    I have been scouring the internet for some info on this. I know we are still waiting for the CSA+ to be blessed off on for the DoD to put it in the 8140 framework.

    Besides a current approval timeline, I have not been able to find anything on where it is going to fall under on the framework. I am military and am trying to apply for a position in a different occupational field. Certs add great "weight" to my application packet and I have CASP so that covers IAT III, IAM II, and IASAE II. Finishing my degree in Feb. isn't going to hurt either. (I cannot wait for this wild ride to come to an end so I can get my weekends back!)

    I would like to add another cert to the mix to strengthen my packet since I am at a bit more of a disadvantage than others as my current job is not IT related. I am wondering if anyone knows if the CSA+ is slated to fall under any of the CSSP areas like the CEH and if so, will it cover all the areas CEH does? I am paying out of pocket for my certs so I am not about to drop $950 down for the privilege of sitting for the CEH.
    Reply With Quote Quote  

  2. SS -->
  3. Junior Member
    Join Date
    Jun 2016
    Posts
    18

    Certifications
    CSA+, SSCP, MCTS, CEH, Sec+, AESA
    #2
    On the Comptia site here: https://certification.comptia.org/it...tions-answered

    it says they are hoping to hear back from the DoD in the Spring.
    The CSA+ is very Blue Team oriented in my opinion. I would speculate it will fall into the CSSP boxes along with those the CEH is in. I do not believe Comptia has a cert satisfying any of those requirements and this is probably their way of trying to get in on that. Again; this is just total speculation on my part. I already have the CEH and am planning on taking the CSA+ very soon.
    Reply With Quote Quote  

  4. Senior Member
    Join Date
    May 2013
    Posts
    1,205

    Certifications
    GWAPT, GSEC, Associate of (ISC)2, C|EH, CCNA:Security, CCNA:R&S, CCENT, Security+, Network+
    #3
    Did I miss something? Why do you have Security+ AND CASP but you work in something not IT? Are you in IA? CISSP is the gold standard for 8570...do you have a computing environment certification?
    Reply With Quote Quote  

  5. Senior Member stryder144's Avatar
    Join Date
    Nov 2012
    Location
    Denver, CO
    Posts
    1,282

    Certifications
    CompTIA A+, Network+, Security+, Server+, Linux+ and CSA+; MCSA: Windows 7, ITIL Foundations
    #4
    It looks like he has them in order to add weight to his retraining package.
    The easiest thing to be in the world is you. The most difficult thing to be is what other people want you to be. Don't let them put you in that position. ~ Leo Buscaglia

    Connect With Me || My Blog Site || Follow Me
    Reply With Quote Quote  

  6. Junior Member LSagee's Avatar
    Join Date
    May 2016
    Posts
    26

    Certifications
    Security+, CSA+, CASP
    #5
    TechGuru....I am trying to reclass into the cyber field. Since my main job is non-IT, I am working my butt off to have a competitive packet as others who are applying for the field I am trying to get into are in IT. I am finding that just having the CASP and a soon to be BS in Cyber Security is far beyond what most people have so I feel pretty good about my chances but the military has a way of making just about anything a secondary consideration. I do not have an environment cert. I am finishing a class in Linux though that pretty much covers Linux+ so I have been debating whether to try for Linux+ (and get the ITIL cert) or do CSA+. I studied for 2-3 weeks for CASP while doing my job and school and though it was hard and frustrating, it was not extremely overwhelming since it was within the scope of my degree. Looking at the CSA+ rubric, I am familiar with most of the topics from my previous classes so I don't see much study time needed, maybe a week or two. I just don't want to spend money on the CSA+ if it won't be on the DoD checklist as I will be working on my capstone around the time I would take the cert test. Linux+ on the other hand seems like I will need to invest considerably more time to complete and I am not sure of the ROI on that in the military.

    palmett0....I saw that too. From what I got out of it, it seems like spring meant spring of this year which has past. There was also talk of maybe an answer on its validation in 1-5 months. I am more interested in where it will fall in the framework. I too think it should fall under CSSP somewhere, but as you pointed out it is very blue team and with CompTIA puking out the CPT+ I wonder how it is all going to tie together. It makes me think that the CSA+ will not cover as many areas as the CEH. If the CSA+ covers just one area under CSSP as opposed to say, 3 or 4 of the 4, I think I will find myself reallocating my time and $ elsewhere. I have a few months before I submit my packet so I am trying to plan out my future for the short term.
    Reply With Quote Quote  

  7. Junior Member
    Join Date
    Jun 2016
    Posts
    18

    Certifications
    CSA+, SSCP, MCTS, CEH, Sec+, AESA
    #6
    Quote Originally Posted by LSagee View Post
    TechGuru....I am trying to reclass into the cyber field. Since my main job is non-IT, I am working my butt off to have a competitive packet as others who are applying for the field I am trying to get into are in IT. I am finding that just having the CASP and a soon to be BS in Cyber Security is far beyond what most people have so I feel pretty good about my chances but the military has a way of making just about anything a secondary consideration. I do not have an environment cert. I am finishing a class in Linux though that pretty much covers Linux+ so I have been debating whether to try for Linux+ (and get the ITIL cert) or do CSA+. I studied for 2-3 weeks for CASP while doing my job and school and though it was hard and frustrating, it was not extremely overwhelming since it was within the scope of my degree. Looking at the CSA+ rubric, I am familiar with most of the topics from my previous classes so I don't see much study time needed, maybe a week or two. I just don't want to spend money on the CSA+ if it won't be on the DoD checklist as I will be working on my capstone around the time I would take the cert test. Linux+ on the other hand seems like I will need to invest considerably more time to complete and I am not sure of the ROI on that in the military.

    palmett0....I saw that too. From what I got out of it, it seems like spring meant spring of this year which has past. There was also talk of maybe an answer on its validation in 1-5 months. I am more interested in where it will fall in the framework. I too think it should fall under CSSP somewhere, but as you pointed out it is very blue team and with CompTIA puking out the CPT+ I wonder how it is all going to tie together. It makes me think that the CSA+ will not cover as many areas as the CEH. If the CSA+ covers just one area under CSSP as opposed to say, 3 or 4 of the 4, I think I will find myself reallocating my time and $ elsewhere. I have a few months before I submit my packet so I am trying to plan out my future for the short term.
    I agree with you on the cost vs potential benefit.
    I may be wrong but back when I took the CEH, EC Council wanted candidates to have a certain number of years (2 I think) in IT security experience and asked for a manager's letter of reference written on official company letterhead to vouch you were a valid candidate to take the exam. Just something to think about. Your degree program may satisfy that requirement.

    Best of luck! Having the CASP should help you out for IAT3 posts. That and/or CISSP are both on my to-do list; but I don't feel ready for them yet.
    Last edited by palmett0; 10-10-2017 at 05:56 AM.
    Reply With Quote Quote  

  8. Senior Member stryder144's Avatar
    Join Date
    Nov 2012
    Location
    Denver, CO
    Posts
    1,282

    Certifications
    CompTIA A+, Network+, Security+, Server+, Linux+ and CSA+; MCSA: Windows 7, ITIL Foundations
    #7
    If you take the CEH through an approved training organization EC-Council will wave the two year requirement.
    The easiest thing to be in the world is you. The most difficult thing to be is what other people want you to be. Don't let them put you in that position. ~ Leo Buscaglia

    Connect With Me || My Blog Site || Follow Me
    Reply With Quote Quote  

  9. Senior Member
    Join Date
    May 2013
    Posts
    1,205

    Certifications
    GWAPT, GSEC, Associate of (ISC)2, C|EH, CCNA:Security, CCNA:R&S, CCENT, Security+, Network+
    #8
    When would your reclass happen? I would assume Security+ would be common but I agree your CASP has to put you ahead. If you did a CE, I probably wouldn’t do Linux I would do Windows or Cisco as you are more likely to run into one of those than Linux.

    Also for CEH, you couldn’t qualify for the exam only route as you don’t have the experience...it requires two years to self study. You would have to take a course so it would actually be more expensive.

    There is another option you could try. SANS offers a work study program..makes course $1,100 plus any travel. You would have to be able to attend in person though so that might not be feasible...I just bring it up because the material is fantastic and would make you standout as I’m sure nobody changing probably has one from GIAC.
    Reply With Quote Quote  

  10. Senior Member xxxkaliboyxxx's Avatar
    Join Date
    Dec 2013
    Location
    Austin, Texas
    Posts
    424

    Certifications
    GCIH, C|EH, Sec+, eJPT, SCCC
    #9
    Those certs make you a good candidate for 25B, IT Specialist. The Cyber defender and the Cyber Ops look at more than just certification. My old supervisor, who had the certs and came from the 25B field failed. I believe there is rank, performance and a few other things. Why not just get the C|EH?
    Studying: LFCS
    Reading
    : Python Crash Course
    Upcoming Exam: GWAPT

    https://realworlditsecurity.wordpress.com
    Reply With Quote Quote  

  11. Senior Member
    Join Date
    Jul 2015
    Posts
    449
    #10
    I could see it popping up in the 50's. No idea when it would happen though, but those look to be the ones that relate to what CSA+ covers.
    Reply With Quote Quote  

  12. Junior Member LSagee's Avatar
    Join Date
    May 2016
    Posts
    26

    Certifications
    Security+, CSA+, CASP
    #11
    Concerning CEH, my understanding is Skillport (which is free for mil) meets the requirements for approved training so that part is covered. The price is the sticking point. I would love to get some SANS under my belt but again, the price is the sticking point, $650ish was rough enough to stomach, but $900+ is just ridiculous for CEH and my unit is not authorized to fund it. Contrary to popular opinion, I don’t have a ton of money to throw around with my enlisted pay. I submit my packet mid next year, if approved I will be able to reclass. I believe you are right about Linux, I am probably going to skip it as the DoD is mainly a Windows environment. I’ll let them pay for Linux when I get to that bridge and they need me to cross it.

    xxxkaliboyxxx.... I understand that certs are not the end all be all, that is why I am finishing my degree and also getting some OJT right now in IT/IA to make a strong packet.

    I appreciate everyone chiming in on this.
    Last edited by LSagee; 10-10-2017 at 03:14 PM.
    Reply With Quote Quote  

  13. Senior Member stryder144's Avatar
    Join Date
    Nov 2012
    Location
    Denver, CO
    Posts
    1,282

    Certifications
    CompTIA A+, Network+, Security+, Server+, Linux+ and CSA+; MCSA: Windows 7, ITIL Foundations
    #12
    The DISA site has the latest listing of approved certifications. It now includes the CSA+.
    The easiest thing to be in the world is you. The most difficult thing to be is what other people want you to be. Don't let them put you in that position. ~ Leo Buscaglia

    Connect With Me || My Blog Site || Follow Me
    Reply With Quote Quote  

  14. Senior Member mikey88's Avatar
    Join Date
    Jul 2017
    Location
    Seattle, WA
    Posts
    151

    Certifications
    Security+, Network+, Server+
    #13
    Quote Originally Posted by stryder144 View Post
    The DISA site has the latest listing of approved certifications. It now includes the CSA+.
    Praise the lord! GCIH now level 3?
    2017 Goals: Security+ [] Server+ []
    2018 Goals: CCNA R/S, Security [ ]
    Reply With Quote Quote  

  15. Junior Member LSagee's Avatar
    Join Date
    May 2016
    Posts
    26

    Certifications
    Security+, CSA+, CASP
    #14
    Good find! That sealed the deal for me. I just bought my voucher and am going to test out on the earliest date possible I can get once I get my voucher number. I know some people have their qualms about CompTIA but in terms of DoD recognition, paying $203 for a CSA+ voucher vs $950 for a CEH voucher (plus possible additional expenses)...its a no brainer.

    Still deciding on which book to study. Safaribooks has all of them.
    Last edited by LSagee; 10-11-2017 at 04:16 PM.
    Reply With Quote Quote  

  16. Junior Member
    Join Date
    Jun 2016
    Posts
    18

    Certifications
    CSA+, SSCP, MCTS, CEH, Sec+, AESA
    #15
    Quote Originally Posted by LSagee View Post
    Good find! That sealed the deal for me. I just bought my voucher and am going to test out on the earliest date possible I can get once I get my voucher number. I know some people have their qualms about CompTIA but in terms of DoD recognition, paying $203 for a CSA+ voucher vs $950 for a CEH voucher (plus possible additional expenses)...its a no brainer.

    Still deciding on which book to study. Safaribooks has all of them.
    I read the All in One. It is an ok source but I feel as if it could have gone into more detail on some topics. I am considering getting another book to go through before taking the exam. I too purchased a voucher. Thanks for the link stryder144!
    Reply With Quote Quote  

  17. Senior Member xxxkaliboyxxx's Avatar
    Join Date
    Dec 2013
    Location
    Austin, Texas
    Posts
    424

    Certifications
    GCIH, C|EH, Sec+, eJPT, SCCC
    #16
    Quote Originally Posted by LSagee View Post
    Good find! That sealed the deal for me. I just bought my voucher and am going to test out on the earliest date possible I can get once I get my voucher number. I know some people have their qualms about CompTIA but in terms of DoD recognition, paying $203 for a CSA+ voucher vs $950 for a CEH voucher (plus possible additional expenses)...its a no brainer.

    Still deciding on which book to study. Safaribooks has all of them.
    Hey man, I'm with you on that one. If your unit isn't paying and I wouldn't suggest using your GI bill for the CEH, go for the CSA+. That's awesome for the CSA+, since I have my own issues with EC-Council that I don't need to voice here.

    TBH LSagee, no one gives a *$*# about CompTIA or C|EH outside of DoD. It's all about CISSP, Sans and actual knowledge in the private sector. That was my biggest shocked when I went 100 percent private. What you mean you don't care my star on my airborne wings! LOL.

    I believe ITPRO.TV has a CSA+, get a free trial and watch the 20 hour video.
    Studying: LFCS
    Reading
    : Python Crash Course
    Upcoming Exam: GWAPT

    https://realworlditsecurity.wordpress.com
    Reply With Quote Quote  

  18. Junior Member LSagee's Avatar
    Join Date
    May 2016
    Posts
    26

    Certifications
    Security+, CSA+, CASP
    #17
    Hi everyone.

    I thumbed through a few books on Safaribooks this weekend and brushed up on some attacks, logs, and relevant applications. CASP was still pretty fresh in my mind so I think I put in a total of 5 hours of study. Honestly, I was burnt out from the CASP so I just didn’t have the will power to commit to meaningful study.

    Long story short, I passed CSA+ this morning! Total test time was about 75 min. If you have passed the CASP, this test is not terribly difficult. Almost all the questions are straightforward and are not tricky if you use the process of elimination. I will say I was not impressed with the PBQs though. One in particular had me going WTF I am I looking at?!

    My CompTia security trifecta is complete! Finished in 11 months with 6 month break for a total of 5 months of actual study. Now I am going to take a break from certs for a little bit. I just don’t have enough mojo in my tank to do both cert study and college.

    Final thought, if you have passed CASP and can read logs, and know basic utilities like nmap you will do fine on the CSA+.
    Reply With Quote Quote  

  19. Senior Member stryder144's Avatar
    Join Date
    Nov 2012
    Location
    Denver, CO
    Posts
    1,282

    Certifications
    CompTIA A+, Network+, Security+, Server+, Linux+ and CSA+; MCSA: Windows 7, ITIL Foundations
    #18
    Congrats! Awesome job!
    The easiest thing to be in the world is you. The most difficult thing to be is what other people want you to be. Don't let them put you in that position. ~ Leo Buscaglia

    Connect With Me || My Blog Site || Follow Me
    Reply With Quote Quote  

  20. Junior Member
    Join Date
    Jun 2016
    Posts
    18

    Certifications
    CSA+, SSCP, MCTS, CEH, Sec+, AESA
    #19
    Congrats!
    I realize you leaned on your knowledge from the previous exam prep, but in your opinion did you find any of the CSA+ books on Safari more useful than the others?
    Reply With Quote Quote  

  21. Junior Member LSagee's Avatar
    Join Date
    May 2016
    Posts
    26

    Certifications
    Security+, CSA+, CASP
    #20
    Sorry I can't really say. I just jumped around the 3 books on Safari, mainly looking at the review questions. I didn't spend enough time in them to even give an assessment of first impressions.
    Reply With Quote Quote  

  22. Junior Member
    Join Date
    May 2017
    Posts
    8
    #21
    CSA has been approved and is now in the following categories:
    IAT Level II, CSSP Analyst, CSSP Infrastructure Support, and CSSP Incident Responder, CSSP Auditor
    Reply With Quote Quote  

  23. Member
    Join Date
    Feb 2017
    Location
    Washington
    Posts
    56

    Certifications
    CEHv9, OSWP, eJPT, A+, Security+, Linux+, LPIC-1, CCENT, Linux Essentials
    #22
    Quote Originally Posted by Esmillo View Post
    CSA has been approved and is now in the following categories:
    IAT Level II, CSSP Analyst, CSSP Infrastructure Support, and CSSP Incident Responder, CSSP Auditor
    Where did you see this information?

    edit: nevermind found it here https://www.comptia.org/about-us/new...vement-program
    Last edited by airzero; 10-21-2017 at 02:51 AM.
    Reply With Quote Quote  

  24. Senior Member xxxkaliboyxxx's Avatar
    Join Date
    Dec 2013
    Location
    Austin, Texas
    Posts
    424

    Certifications
    GCIH, C|EH, Sec+, eJPT, SCCC
    #23
    Quote Originally Posted by airzero View Post
    Where did you see this information?

    edit: nevermind found it here https://www.comptia.org/about-us/new...vement-program
    Yeah, the CSA+ is the new best bang for your buck in the DoD sector, good stuff.
    Studying: LFCS
    Reading
    : Python Crash Course
    Upcoming Exam: GWAPT

    https://realworlditsecurity.wordpress.com
    Reply With Quote Quote  

  25. Junior Member Registered Member
    Join Date
    Feb 2016
    Location
    Louisiana
    Posts
    1

    Certifications
    A+, Network+, Security+
    #24
    Looks like DISA finally updated the baseline on their site. Glad there is finally a competitor to the CEH.

    https://iase.disa.mil/iawip/Pages/iabaseline.aspx
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks