CASP in June?
Finished the CISSP at the End of March. Waiting on endorsement review now. I have 20 years of experience doing Unix/Windows/Cisco Firewall (Prior certs in HPUX, Alcatel switching, Cisco Certified Security Professional) in a manufacturing and telecom environment. I've tossed around about which cert to pursue next. I plan to do the CASP while I'm waiting for my GPEN class to start. I suppose this is a trophy cert, since I don't really need it for my job. I want to have it as a hedge as I believe it does showcase tangible practitioner/assessor skills. I'm doing the Cybrary videos now. Waiting on the Pearson CASP book to come back in stock.
My thoughts are:
Only having ~80 questions is pretty appealing.
Comptia's questioning on SEC+ seemed very straight forward, so while the depth is greatly increased for CASP, the questions will be direct.
The amount of overlap with what I've already studied with the CISSP seems to be significant.
For those of you that have both:
What were your motivations for getting both?
What are your thoughts on how the content of two exams (CASP, CISSP) differ?
Have you ever been asked about your CASP cert in a job interview?
My thoughts are:
Only having ~80 questions is pretty appealing.
Comptia's questioning on SEC+ seemed very straight forward, so while the depth is greatly increased for CASP, the questions will be direct.
The amount of overlap with what I've already studied with the CISSP seems to be significant.
For those of you that have both:
What were your motivations for getting both?
What are your thoughts on how the content of two exams (CASP, CISSP) differ?
Have you ever been asked about your CASP cert in a job interview?
Comments
I am going to order the book Pearson book Friday. I'm just excited to be back in a professional development mode in my career. I will schedule the test after that.
The other thing which probably made a difference for me is that I had recently sat CCNA Security and CEH, which both cover some of the more practical aspects. I had also resat Security+ about 5 months previous.
Thank you for the book recommendation. I am going to fiddle with the md5sum command a little and practice the ACLs on my cisco router as prep. Any other suggestions for lab work?
Doing the Sec+ and CASP would be a waste of time at this point, unless you wanted to get into something specific job wise.
I figure I'm most of the way there now. I am going to finish CASP. GPEN will be along in the next few months whenever they say go on the funding. Then I could do the cloud stuff. After the CISSP everything is just resume padding and CPEs.
Honestly, I didn't do any specific lab work to prepare, just a few years of working with these techs and these kinds of problems. It does run the whole gamut, across technologies and up and down. Mostly it is relatively simple technical questions, but they might interrelate so that you might need a bit of command line with some knowledge of web security and antivirus or something. There's questions that might ask about configuring this device, and also about where you might place a device or devices in an architecture.
Thanks man! Best wishes to you as well. Please let me know what you think of the exam.
Hey congrats on your pass. I just finished the Cybrary course on Friday. I am on FedVTE now. I'm kind of excited to take an exam where there are ewer than 250 questions.
The content in the Pearson book is good, but the practice exam quality is pretty poor. There are quite a few inaccuracies. Is that the only practice exam source you used, and if so, what did you think of it?
Good to know. The only thing that really concerns me is the sims. Seems like they could be from anywhere.
Thanks man! I am in the home stretch now.
I am reading the book again. I was going to take the test this Friday, but with all the Crap going on to close out the quarter at work I'm going to put it off a couple of weeks. The good news is there is no reschedule fee.
I passed. This exam is tough. For me, I consider it tougher than the CISSP was. Don't get me wrong there were some easy questions on there, but the majority required a decent amount of thought. All I know is that it's officially whiskey Friday.
Congrats! What resources did you finally end up using total? cybary, and FedVTE, and the Pearson book (which I believe I have). Anything else? Any other thoughts or words of wisdom? lol. I plan to take this exam in about 30-60 days. How much time did you spend studying? Roughly?
I used the Pearson book and FEDVTE/CYBRARY. I had the practice exams from the book and Transcender. Both of these felt like algebra compared to the calculus of the actual exam. There really needs to be a better set of test questions that mimic the actual depth included on the exam. I was really weak on auth technologies, but the exam questions usually gave you a few absurd answers, and two that could be candidates. If I had it to do over again I would make a chart of the auth technologies, their key features, and typical usage. I read through the book as a straight shot once. Probably spent 2 hours a night over the last week.
I studied, but when you don't work with federated identities or Oauth on the regular it's kind of a bear to soak in. It's over now though! I appreciate the insight you provided.