Options
CASP studying/Experiences
I've seen the threads in the forum regarding how some of you pass and failed so i'm looking for your experiences. I went through all the lectures on Cybrary.it and though the material was laid out in easy and concise terms. Going through the CompTIA CASP 002 troy mcmillian book there is A LOT of information so i am having trouble discerning whats important and whats not. With the CISSP i understood it was in mile wide inch deep with a management type view which made answer practice questions "easier" with the CASP I do not know how to answer the questions as Technical vs management.
also how technical do i need to understand things? i feel to much of my time is being devoted to comprehending everything under the hood. for example IPsec
· Internet protocol security is a suite of protocols that establish a secure channel between two devices
· Commonly implemented over VPNs
· Provides traffic analysis protection by determining the algorithms to use and implementing any cryptographic keys required
· IP sec includes Authentication Header (AH) encapsulating security payload (ESP) and security associations
· AH provides provides authentication and integrity
· ESP provides authentication, integrity, and encryption (confidentiality)
· A Security Association (SA) is a record of device configuration that needs to participate in a IPsec communication
· Security Parameter index (SPI) is a type of table that tracks different SA used and ensures that a devices uses the appropriate SA to communicat with another device
o Each device has is own SPI
· IPsec runs in 2 modes
o Transport mode- Protects only message payload
o Tunnel mode- protects the payload, routing, and header information
o Both can be used for gateway to gateway or host to host IPsec Communication
· IPsec does not determine which hashing or encryption algorithm is used
· Internet key exchange (IKE) is a combination of OAKLEY and Internet Security and Key management Protocol (ISAKMP), is the key exchange method this is commonly used by Ipse
· OAKLEY is a key establishment protocol that is based on Diffie-Hellman
· ISAKMP was stabled to set up and manage SA’s
· IKE with IPsec provides authentication and key exchange
to what depth do i need to understand things? i'm getting wrapped around the axle here trying to understand things
Thanks
also how technical do i need to understand things? i feel to much of my time is being devoted to comprehending everything under the hood. for example IPsec
· Internet protocol security is a suite of protocols that establish a secure channel between two devices
· Commonly implemented over VPNs
· Provides traffic analysis protection by determining the algorithms to use and implementing any cryptographic keys required
· IP sec includes Authentication Header (AH) encapsulating security payload (ESP) and security associations
· AH provides provides authentication and integrity
· ESP provides authentication, integrity, and encryption (confidentiality)
· A Security Association (SA) is a record of device configuration that needs to participate in a IPsec communication
· Security Parameter index (SPI) is a type of table that tracks different SA used and ensures that a devices uses the appropriate SA to communicat with another device
o Each device has is own SPI
· IPsec runs in 2 modes
o Transport mode- Protects only message payload
o Tunnel mode- protects the payload, routing, and header information
o Both can be used for gateway to gateway or host to host IPsec Communication
· IPsec does not determine which hashing or encryption algorithm is used
· Internet key exchange (IKE) is a combination of OAKLEY and Internet Security and Key management Protocol (ISAKMP), is the key exchange method this is commonly used by Ipse
· OAKLEY is a key establishment protocol that is based on Diffie-Hellman
· ISAKMP was stabled to set up and manage SA’s
· IKE with IPsec provides authentication and key exchange
to what depth do i need to understand things? i'm getting wrapped around the axle here trying to understand things
Thanks
Comments
-
Options
OctalDump
Member Posts: 1,722
Yeah, it's entirely possible that you will get a question that comes down to understanding what AH is or AH vs ESP or Transport mode vs Tunnel mode. So, this level of detail isn't necessarily overkill. But if you know everything at that level of detail, it will be a pretty easy exam, and you'd probably be not too far from being prepared for something harder.
They do cover a lot of ground, so it can be tough if you have fairly narrow experience. You need a bit of Windows, Linux, Cisco along with general theory. You need some web, some understanding of common attack types and what they look like, some of that fun risk basic risk assessment stuff. Lots of little bits and pieces.
The sims in the exam are relatively straight forward if you have the hands on experience, but they do cover a range of things.
Also, the 2 'official' books aren't that great. Since they cover a lot of various topics, they do get some stuff wrong, or don't explain it as well as they could. I'd recommend reading another book as well (which goes to greater depth, but isn't as 'flawed'): Information Security the Complete Reference, 2nd edition
My impression of the exam was that the pass mark was lower than I thought: I honestly was a little surprised I passed.2017 Goals - Something Cisco, Something Linux, Agile PM -
OptionsZ0sickx
Member Posts: 180 ■■■□□□□□□□
Yeah, it's entirely possible that you will get a question that comes down to understanding what AH is or AH vs ESP or Transport mode vs Tunnel mode. So, this level of detail isn't necessarily overkill. But if you know everything at that level of detail, it will be a pretty easy exam, and you'd probably be not too far from being prepared for something harder.
They do cover a lot of ground, so it can be tough if you have fairly narrow experience. You need a bit of Windows, Linux, Cisco along with general theory. You need some web, some understanding of common attack types and what they look like, some of that fun risk basic risk assessment stuff. Lots of little bits and pieces.
The sims in the exam are relatively straight forward if you have the hands on experience, but they do cover a range of things.
Also, the 2 'official' books aren't that great. Since they cover a lot of various topics, they do get some stuff wrong, or don't explain it as well as they could. I'd recommend reading another book as well (which goes to greater depth, but isn't as 'flawed'): Information Security the Complete Reference, 2nd edition
My impression of the exam was that the pass mark was lower than I thought: I honestly was a little surprised I passed.
Thanks, the way i go about studying is reading the typing out the important aspects in a structured way, its why its slowing me down study wise at least in the cryptography section i'm on now