CSA+....Any word on DoD certification and what category it will fall under
I have been scouring the internet for some info on this. I know we are still waiting for the CSA+ to be blessed off on for the DoD to put it in the 8140 framework.
Besides a current approval timeline, I have not been able to find anything on where it is going to fall under on the framework. I am military and am trying to apply for a position in a different occupational field. Certs add great "weight" to my application packet and I have CASP so that covers IAT III, IAM II, and IASAE II. Finishing my degree in Feb. isn't going to hurt either. (I cannot wait for this wild ride to come to an end so I can get my weekends back!)
I would like to add another cert to the mix to strengthen my packet since I am at a bit more of a disadvantage than others as my current job is not IT related. I am wondering if anyone knows if the CSA+ is slated to fall under any of the CSSP areas like the CEH and if so, will it cover all the areas CEH does? I am paying out of pocket for my certs so I am not about to drop $950 down for the privilege of sitting for the CEH.
Besides a current approval timeline, I have not been able to find anything on where it is going to fall under on the framework. I am military and am trying to apply for a position in a different occupational field. Certs add great "weight" to my application packet and I have CASP so that covers IAT III, IAM II, and IASAE II. Finishing my degree in Feb. isn't going to hurt either. (I cannot wait for this wild ride to come to an end so I can get my weekends back!)
I would like to add another cert to the mix to strengthen my packet since I am at a bit more of a disadvantage than others as my current job is not IT related. I am wondering if anyone knows if the CSA+ is slated to fall under any of the CSSP areas like the CEH and if so, will it cover all the areas CEH does? I am paying out of pocket for my certs so I am not about to drop $950 down for the privilege of sitting for the CEH.
Comments
it says they are hoping to hear back from the DoD in the Spring.
The CSA+ is very Blue Team oriented in my opinion. I would speculate it will fall into the CSSP boxes along with those the CEH is in. I do not believe Comptia has a cert satisfying any of those requirements and this is probably their way of trying to get in on that. Again; this is just total speculation on my part. I already have the CEH and am planning on taking the CSA+ very soon.
Connect With Me || My Blog Site || Follow Me
palmett0....I saw that too. From what I got out of it, it seems like spring meant spring of this year which has past. There was also talk of maybe an answer on its validation in 1-5 months. I am more interested in where it will fall in the framework. I too think it should fall under CSSP somewhere, but as you pointed out it is very blue team and with CompTIA puking out the CPT+ I wonder how it is all going to tie together. It makes me think that the CSA+ will not cover as many areas as the CEH. If the CSA+ covers just one area under CSSP as opposed to say, 3 or 4 of the 4, I think I will find myself reallocating my time and $ elsewhere. I have a few months before I submit my packet so I am trying to plan out my future for the short term.
I agree with you on the cost vs potential benefit.
I may be wrong but back when I took the CEH, EC Council wanted candidates to have a certain number of years (2 I think) in IT security experience and asked for a manager's letter of reference written on official company letterhead to vouch you were a valid candidate to take the exam. Just something to think about. Your degree program may satisfy that requirement.
Best of luck! Having the CASP should help you out for IAT3 posts. That and/or CISSP are both on my to-do list; but I don't feel ready for them yet.
Connect With Me || My Blog Site || Follow Me
Also for CEH, you couldn’t qualify for the exam only route as you don’t have the experience...it requires two years to self study. You would have to take a course so it would actually be more expensive.
There is another option you could try. SANS offers a work study program..makes course $1,100 plus any travel. You would have to be able to attend in person though so that might not be feasible...I just bring it up because the material is fantastic and would make you standout as I’m sure nobody changing probably has one from GIAC.
Reading: SANS SEC560
Upcoming Exam: GPEN
xxxkaliboyxxx.... I understand that certs are not the end all be all, that is why I am finishing my degree and also getting some OJT right now in IT/IA to make a strong packet.
I appreciate everyone chiming in on this.
Connect With Me || My Blog Site || Follow Me
Praise the lord!
Still deciding on which book to study. Safaribooks has all of them.
I read the All in One. It is an ok source but I feel as if it could have gone into more detail on some topics. I am considering getting another book to go through before taking the exam. I too purchased a voucher. Thanks for the link stryder144!
Hey man, I'm with you on that one. If your unit isn't paying and I wouldn't suggest using your GI bill for the CEH, go for the CSA+. That's awesome for the CSA+, since I have my own issues with EC-Council that I don't need to voice here.
TBH LSagee, no one gives a *$*# about CompTIA or C|EH outside of DoD. It's all about CISSP, Sans and actual knowledge in the private sector. That was my biggest shocked when I went 100 percent private. What you mean you don't care my star on my airborne wings! LOL.
I believe ITPRO.TV has a CSA+, get a free trial and watch the 20 hour video.
Reading: SANS SEC560
Upcoming Exam: GPEN
I thumbed through a few books on Safaribooks this weekend and brushed up on some attacks, logs, and relevant applications. CASP was still pretty fresh in my mind so I think I put in a total of 5 hours of study. Honestly, I was burnt out from the CASP so I just didn’t have the will power to commit to meaningful study.
Long story short, I passed CSA+ this morning! Total test time was about 75 min. If you have passed the CASP, this test is not terribly difficult. Almost all the questions are straightforward and are not tricky if you use the process of elimination. I will say I was not impressed with the PBQs though. One in particular had me going WTF I am I looking at?!
My CompTia security trifecta is complete! Finished in 11 months with 6 month break for a total of 5 months of actual study. Now I am going to take a break from certs for a little bit. I just don’t have enough mojo in my tank to do both cert study and college.
Final thought, if you have passed CASP and can read logs, and know basic utilities like nmap you will do fine on the CSA+.
Connect With Me || My Blog Site || Follow Me
I realize you leaned on your knowledge from the previous exam prep, but in your opinion did you find any of the CSA+ books on Safari more useful than the others?
[FONT="]IAT Level II, CSSP Analyst, CSSP Infrastructure Support, and CSSP Incident Responder, CSSP Auditor[/FONT]
Where did you see this information?
edit: nevermind found it here https://www.comptia.org/about-us/newsroom/press-releases/2017/10/17/comptia-csa-certification-approved-for-dod-information-assurance-workforce-improvement-program
Yeah, the CSA+ is the new best bang for your buck in the DoD sector, good stuff.
Reading: SANS SEC560
Upcoming Exam: GPEN
https://iase.disa.mil/iawip/Pages/iabaseline.aspx
Currently Working On: CCNA
2018 Certs: CAP, C|EH
Future Certs: PenTest+,
https://certification.comptia.org/it-career-news/post/view/2017/11/29/dod-approves-comptia-cybersecurity-analyst-why-it-matters?utm_source=Marketo&utm_medium=Email&utm_campaign=NL-2017-12-IT-Careers.Email%201&mkt_tok=eyJpIjoiWldJMFpXTTBPVFJsWXpZdyIsInQiOiJrYURjTW1GUmJPemNXY2RsTkNlQUNFZVwvemVKK3l0OGNScUZOZGlGMEJYNTNDRkJwN2dpZlNHWVwvUERLQzNxZ2VJU3IzbjVqdEJBNzJ2bDk1OGdGWk5PMDVkZlRFXC92aGNiN2NXdTJyb0kxOGpsR0FLU2VtRGp0Y1lEMXZ3b2FkTSJ9
Forum Admin at www.techexams.net
--
LinkedIn: www.linkedin.com/in/jamesdmurray
Twitter: www.twitter.com/jdmurray
DoD skill level wise is far below the baseline in the industry. Any Joe Smole off the street with a clearance and a certification for the job can get it. Most won't be able to compete in the private sector to be honest.
Most DoD jobs when I interviewed, I interviewed for an instructor job at DLI in Monterey, Cali, you would think their technical interview would be top notch, nope! It was a joke. Needless to say, they selected me. I ended up going private. Most good companies are good at spotting bs in technical interviews. DoD, not so much.
Another example is the biggest dirtbag I have ever met, got a job at fort Campbell GS9, I assume clearance, disability preference, blah, blah. Once you are in, it will take an act of God, literally to get fired.
Reading: SANS SEC560
Upcoming Exam: GPEN
This matches my DoD experiences with as well. They were more interested in placing a warm body with a clearance and the right certs in a chair to meet their contract obligations rather than being the best. I went private and doubt I'd go back.
Security+, eJPT, CySA+, PenTest+,
Cisco CyberOps, GCIH, VHL,
In progress: OSCP
To be perfectly candid. It’s always a numbers game. Quantity over quality. I could probably go on several rants but will opt not to.
OP, what MOS are you switching to? 25D? 17 whatever?