I passed my CASP Exam today. While this is great, i wanted to share my experience, which will hopefully help some of you.
Overall:
First of all, was it worth it to spend the 402 USD on this Cert?
Absolutely yes.
The Argument i was reading about the most is that it is not a door opener for your Job search except you want to work in an DoD environment (the cert meets the Department of Defense (DoD) 8570.01-M Requirements; IAT Level III, IAM Level II and IASAE II)
I agree the cert is not really a bargain, but the material you will need to study exceed a Security+ by far and will help you with the preparation for the CISSP if that is the direction you want to go. I don't look at a cert as just another item on a resume, it should reflect your knowledge and experience. I believe what comptia put together is a excellent cert, testing all aspects of your security knowledge.
Questionable for me is just if the exam is not to short. Just read the extensive list objectives of the cert, and ask yourself if this can be tested with only 80 questions.
Study:
When i started actively studying for the
CASP certification it was with much surprise how little training material is out there.
I counted 3! Books at amazon.com which handle the CASP CAS-002 certification.
Furthermore there is no real good video material, certainly not to the standard what you would be used to if you did a Network+ or Security+ Exam and learned with professor messer's free training videos.
I ended up buying the following book:
CompTIA Advanced Security Practitioner (CASP) CAS-002 Cert Guide by Robin Abernathy and Troy McMillan.
Turned out that all i needed. The book is excellent written, addressed all aspects of the CASP Objectives and is easy and interesting to read. I can only highly! recommend this book.
I have read a lot of forum entries about books not handling all the questions. This book handles all the multiple choice questions you will encounter are are handled within this book and if you study right you will be able to apply the learned to answer all multiple choice questions.
My personal Tip: Read the questions carefully and answer what is asked from the perspective of security if not otherwise defined. Don't assume or read more into the questions. What i mean by that is simple, the best solution for a question from a security perspective is A, from a financial perspective A might be not reasonable and from a management perspective A is a nightmare.
You need to read the question carefully and answer it only on what information is provided to you. DON'T assume
The second aspect of the Exam is the performance based questions. I truly liked them, shame there were not more.
The only item i can suggest here is experience in designing and implementing hands-on security solutions. Without revealing anything about the exam, you will need experience otherwise you will be lost on that part of the exam.
Conclusion:
The CASP cert is not on the same level as a CISSP, but in all fairness i don't believe it even attempts to be. It is an excellent stepping stone to get to a CISSP Certification. It is with much surprise that there is not more hype around this cert, but i can only recommend taking it. I think Comptia has done an excellent job on the exam, given that broad scope of the Cert.
Don't let the lack of training materials or hype let you get discouraged about this cert. With the learned you will be an improved asset to your company.
Good luck all.
