CompTIA CSA+

Fulcrum45

Never even heard of this certification until yesterday so its all new to me. https://certification.comptia.org/certifications/cybersecurity-analyst . I'll admit it looks interesting but does anyone else feel like they're just jamming another rung into the CompTIA ladder? Maybe time will tell.

LittleBIT

Thats what they said about CASP, and look useful that has become in the govt. Sector. Same with CEH.

Fulcrum45

That was something else I considered. The DoD is crazy about CompTIA (Sec+ and CASP). I wonder how long before they pick up on this one.

DatabaseHead

CEH is popular in private sector as well. ~10% of all security jobs with required or preferred, that was over 8,000 security jobs. That's quite a bit, in fact it was number 2 only to the CISSP, which was ~45% of all security positions.

Mike-Mike

Today is the official release day for CSA+, I would be interested in taking it, but I dont think there are any resources out yet

stryder144

CompTIA is still going through the process of getting the CSA+ sponsored in order to get it included in the DoDD 8140/8570. There are no resources yet but from my understanding you can use the CEH and Sec+ resources to pass the exam. I took the beta of the exam an it seemed pretty straight forward and not too difficult.

fitzlopez

stryder144 wrote: »

CompTIA is still going through the process of getting the CSA+ sponsored in order to get it included in the DoDD 8140/8570. There are no resources yet but from my understanding you can use the CEH and Sec+ resources to pass the exam. I took the beta of the exam an it seemed pretty straight forward and not too difficult.

Also did the beta $50 dlls? had to take it, I didn't have time to study for it but in preparation for my CISM I had been reading ISACA CISM 2016 material and a quick skim on the CISSP material. I just winged it, and passed. Some of the questions related to firewalls, IPS, netstat, I just tried to guess because I don't really configure that stuff day to day.

For the guys who plan on taking it:
It won't seem difficult if you have experience on practical IT security. I would rate it above the CEH on difficulty. I'd suggest the Sec+ material, and google up on the exam objectives.

cyberguypr

I hate talking about CSA cause I gotta be careful. Damn SME status!!!

The test was developed to address what I struggle with every day: people who know SOME security stuff but can't speak for tools, processes, and best practices that security analysts normally use. If you look at the objectives you'll see it cover all the hot topics: SIEM, Bro,

Security+ is of course too basic. CASP has a lot of cloud, business side topics, as well as app sec areas that an analyst doesn't really touch. In my opinion CSA fills the gap pretty well.

Remedymp

I believe it was being discussed previously on the sub-forum here.

TranceSoulBrother

I'm in a CASP class on base and the instructor passed a paper around yesterday about the CSA+ launch. They're waiting to see which way the wind blows before CECOM starts offering it through their Signal University.

PC509

Tried to do a webcast this morning about it, but it was canceled due to technical difficulties.

I'm interested in this cert and am hoping for some more insight fairly soon. And some study materials.

Ertaz

cyberguypr wrote: »

I hate talking about CSA cause I gotta be careful. Damn SME status!!!

The test was developed to address what I struggle with every day: people who know SOME security stuff but can't speak for tools, processes, and best practices that security analysts normally use. If you look at the objectives you'll see it cover all the hot topics: SIEM, Bro,

Security+ is of course too basic. CASP has a lot of cloud, business side topics, as well as app sec areas that an analyst doesn't really touch. In my opinion CSA fills the gap pretty well.

Nice work on the test. I ninja'd the beta back last summer. Now it appears CompTIA fancys me an expert because I have the security trifecta.

https://event.on24.com/event/13/57/29/7/rt/1/documents/resourceList1487096362351/comptia_csaplus_productlaunchwebinar_slides.pdf

(Slide 30)

dmoore44

Ertaz wrote: »

Nice work on the test. I ninja'd the beta back last summer. Now it appears CompTIA fancys me an expert because I have the security trifecta.

https://event.on24.com/event/13/57/29/7/rt/1/documents/resourceList1487096362351/comptia_csaplus_productlaunchwebinar_slides.pdf

(Slide 30)

What SIEM is that supposed to be on slides 24-27?

Mike7

dmoore44 wrote: »

What SIEM is that supposed to be on slides 24-27?

OSSIM
It was mentioned as one of the tool.

Tremie24

I was interested in this cert too, only because if I go through with it I can renew my other compTIA certs that have expired.

Fulcrum45

Tremie24 wrote: »

I was interested in this cert too, only because if I go through with it I can renew my other compTIA certs that have expired.

BINGO! That's exactly what I was thinking, haha. Of course it still looks pretty interesting and if nothing else, a great introduction to those of us outside the security field.

jeremywatts2005

Fulcrum45 wrote: »

BINGO! That's exactly what I was thinking, haha. Of course it still looks pretty interesting and if nothing else, a great introduction to those of us outside the security field.

I doubt people outside of security would stand much of a chance passing the CSA+ It is very sim oriented and you have to have some experience to get what is going on. If you have no experience it will be difficult to just study and pass.

Fulcrum45

jeremywatts2005 wrote: »

I doubt people outside of security would stand much of a chance passing the CSA+ It is very sim oriented and you have to have some experience to get what is going on. If you have no experience it will be difficult to just study and pass.

Where there's a will there's a way. Security on this level isn't in my day to day job description but I think it would be handy to know.