Passed CASP CAS-002 5-11-2018
That test was harder than the CISSP! Studied the Pearson CAS-002 book by McMillan and did the tests from the CD. Also watched the Kelly Handerhann CASP videos @ Cybrary.it and the McMillan CASP video on SafariBooksOnLine. Close to the same material as the CISSP, but a little more technical. The test though, wow--more experience based than study material. It is doable, but many of the questions asked were no where near the material I studied. (Can someone help Troy out with his vocabulary?). CCSK and CRISC next.
Comments
-
PCTechLinc Member Posts: 646 ■■■■■■□□□□Awesome on the difficult pass! I've heard mixed reviews about that exam. A coworker of mine took the CAS-001 test, and he said that if you focused on the lab sims, the questions weren't too hard. I do have an opinion-based question for you: after already having CISSP, what made you decide to go for CASP? I was thinking about doing that too, but not sure if I will get the ROI I would like.Master of Business Administration in Information Technology Management - Western Governors University
Master of Science in Information Security and Assurance - Western Governors University
Bachelor of Science in Network Administration - Western Governors University
Associate of Applied Science x4 - Heald College -
Ertaz Member Posts: 934 ■■■■■□□□□□I also thought the CASP to be more difficult than the CISSP. CASP was way more technical. Congrats on the Pass! What's next?
-
roxer Member Posts: 130 ■■■□□□□□□□PCTechLinc wrote: »Awesome on the difficult pass! I've heard mixed reviews about that exam. A coworker of mine took the CAS-001 test, and he said that if you focused on the lab sims, the questions weren't too hard. I do have an opinion-based question for you: after already having CISSP, what made you decide to go for CASP? I was thinking about doing that too, but not sure if I will get the ROI I would like.
Thanks!! I get the ROI thing-I am trying to retool myself in InfoSec for potential consulting work. Finding senior level jobs at my age is getting hard and I hate my company. The new CIO (new CEOs best friend) is an Agile programming idiot trying to run the department with that mentality--it is crashing fast. But I had to pass the Security+ and CySA+ to satisfy two classes with Southern New Hampshire University (In my last term this month! Woot!!). So I decided to go ahead and do the CASP to round out the certification and I had the knowledge from the CISSP still in my head. From another point of view, I satisfy .gov cert requirements if something comes available. So YMMV, but for me it was a step in the right direction.
I see you have the MS infoSec and Assurance and now taking the MBA with IT from WGU. Which would you recommend? I will start a Masters after I finish my SNHU degree. What was required for the MBA and does it cost more than the other? -
roxer Member Posts: 130 ■■■□□□□□□□I also thought the CASP to be more difficult than the CISSP. CASP was way more technical. Congrats on the Pass! What's next?
Thanks a lot @Ertaz. Yeah, that was a bear. More technical and sometimes outright confusing, but a good test nonetheless. I have learned alot going through this cycle. I was amazed at how much I did know just from my 20 years in IT. I am going for the CCSK now and then the CRISC when the next ISACA cycle starts. CCSP and then finally either Project+ or CAPM. PMP is too rigid and CAPM is also a respected PM cert. -
PersianImmortal Member Posts: 124 ■■□□□□□□□□Congratulations!!!! And I completely agree, the CASP was harder than the CISSP, but for me the CISSP was more nerve-wracking when I was taking it possibly due my pre-conceived notions of the difficulty of the test. I don't have test anxiety at all, but I was definitely anxious while taking the CISSP... I'm curious, though, how do you think the CASP measures in difficulty to the CISM? (I'm hoping to go for it in early 2019)
-
roxer Member Posts: 130 ■■■□□□□□□□PersianImmortal wrote: »Congratulations!!!! And I completely agree, the CASP was harder than the CISSP, but for me the CISSP was more nerve-wracking when I was taking it possibly due my pre-conceived notions of the difficulty of the test. I don't have test anxiety at all, but I was definitely anxious while taking the CISSP... I'm curious, though, how do you think the CASP measures in difficulty to the CISM? (I'm hoping to go for it in early 2019)
Thanks very much @PersianImmortal. I studied for the CISM using the Krag videos from MegaMind. Then I was able to watch another from MM on CISSP. They both had a few of the same questions/answers in their lessons, but the selected answers were different. I reached out to MM to understand why. Their explanation was:
"The CISSP and the CISM are two different exams, two different purposes.
Questions have to be taken into context, they are not truly black and white.
CISM is for information security management, higher level, strategic.
CISSP is general security for IT professionals, not just management and is more technical."
So, CISSP is related more to overall risk and the RMF whereas CISM is concerned with strategic management of keeping the business moving forward. The identical question concerning risk can be asked for both certifications with totally different answers. I would study the CISM QB for that exam--it is nothing like either the CISSP or the CASP. It is almost heavily IT management where cost-benefit analysis is the underlying factor in almost everything. So focus is on BCP, DRP, BIA, Risk Analysis and such. I hope that answered your question without being too preachy. -
PersianImmortal Member Posts: 124 ■■□□□□□□□□Thanks Roxer!! So far I've purchased the all-in-one CISM guide and at first glance I definitely agree, the CISM material has a far more managerial tone than the CISSP. Good to know about the CBA, I'll keep that in mind as I'm reading along, and I'll look into the Krag videos as well. Thanks again for the info and advice!
-
Info_Sec_Wannabe Member Posts: 428 ■■■■□□□□□□roxer!
IMHO, CISSP is harder due to the manner in which ISC2 asked or framed the questions such that it can be subject to various interpretations whereas the CASP is, I would say, more direct to the point or straight-forward on what the question is really asking. Just my 0.02.X year plan: (20XX) OSCP [ ], CCSP [ ] -
averageguy72 Member Posts: 323 ■■■■□□□□□□Congrats!CISSP / CCSP / CCSK / CRISC / CISM / CISA / CASP / Security+ / Network+ / A+ / CEH / eNDP / AWS Certified Advanced Networking - Specialty / AWS Certified Security - Specialty / AWS Certified DevOps Engineer - Professional / AWS Certified Solutions Architect - Professional / AWS Certified SysOps Administrator - Associate / AWS Certified Solutions Architect - Associate / AWS Certified Developer - Associate / AWS Cloud Practitioner
-
PCTechLinc Member Posts: 646 ■■■■■■□□□□Thanks!! I get the ROI thing-I am trying to retool myself in InfoSec for potential consulting work. Finding senior level jobs at my age is getting hard and I hate my company. The new CIO (new CEOs best friend) is an Agile programming idiot trying to run the department with that mentality--it is crashing fast. But I had to pass the Security+ and CySA+ to satisfy two classes with Southern New Hampshire University (In my last term this month! Woot!!). So I decided to go ahead and do the CASP to round out the certification and I had the knowledge from the CISSP still in my head. From another point of view, I satisfy .gov cert requirements if something comes available. So YMMV, but for me it was a step in the right direction.
I see you have the MS infoSec and Assurance and now taking the MBA with IT from WGU. Which would you recommend? I will start a Masters after I finish my SNHU degree. What was required for the MBA and does it cost more than the other?
All degrees at WGU are based on time, not credit units, so if you take the full 2 years they would cost the same.
The way I separate the degrees is that the MS InfoSec is tech-focused sprinkled with management. The MBA is business-focused sprinkled with tech. I took both because I didn't know much about business, plus it seems that companies today want someone with EVERYTHING, so I guess I'm doing that a little at a time.Master of Business Administration in Information Technology Management - Western Governors University
Master of Science in Information Security and Assurance - Western Governors University
Bachelor of Science in Network Administration - Western Governors University
Associate of Applied Science x4 - Heald College