For those that took the CASP before the CISSP

yoba222

Would you do it all over again or instead do CISSP only?

I'm definitely going after the CISSP next year. But now that I've got nearly all the CompTIA certs done, I'm considering the CASP before taking the CISSP. Common sense tells me not to bother. But I'm still thinking about it .

Not interested in an 8570 checkbox. I don't really need either cert and I wouldn't be paying for either. I do work in the infosec field and participate in pretty much every domain.

tedjames

I earned SSCP after Security+. I'm working on CISSP now. I used CASP materials when preparing for SSCP. I also used SSCP and CISSP materials just to reinforce certain topics that I was unsure about. CASP and SSCP are practitioner certifications. Do you really need one of those? I see you have lots of others. Good ones. Do you think that CASP will add anything to your knowledge base or skillset, much less make you more marketable? I'd go for CISSP. And then when you have time, look over the CASP objectives and see if you actually need it. Could be that just having the knowledge behind it will suffice.

lucky0977

In retrospect, I should've gone straight to the CISSP but was scared of paying $600 and failing so went with the CASP which was $350 at the time. Couple months later I moved into an ISSM role and my company funded the the entire cost of training for CISSP so it worked out in the end.

As tedjames mentioned above, the CASP is still considered an exam for practitioners while the majority of the CISSP exam is a high level overview designed more for managers/directors rather than the worker bees in the trenches.

CyberJosh95

I would do it all over again. CASP helped me gain/verify my technical knowledge, while CISSP is helping me learn how to think like a manager. CISSP passed two weeks ago and will help me get a management position when I don't feel like being technical anymore.

yoba222

I think I may read a CASP book as CISSP prep, but ultimately won't take the CASP exam. Thanks for all the feedback; this really helped refocus my perspective.

tedjames

yoba222 wrote: »

I think I may read a CASP book as CISSP prep, but ultimately won't take the CASP exam. Thanks for all the feedback; this really helped refocus my perspective.

I used this one to prep for SSCP (along with other materials), and it really helped:

https://www.amazon.com/CompTIA-Advanced-Security-Practitioner-Study/dp/1118930843/ref=sr_1_2?ie=UTF8&qid=1535114393&sr=8-2&keywords=gregg+casp

A new version is being released next year.

ThePawofRizzo

tedjames wrote: »

I used this one to prep for SSCP (along with other materials), and it really helped:

https://www.amazon.com/CompTIA-Advanced-Security-Practitioner-Study/dp/1118930843/ref=sr_1_2?ie=UTF8&qid=1535114393&sr=8-2&keywords=gregg+casp

A new version is being released next year.

I'm taking SSCP next week, and using this book, the All-in-One, and the CBK. The CBK is a bit dry, but this book was a more pleasant read.

As for CASP vs. CISSP. I plan on doing both in the future. Not sure in which order, but likely CASP first, so I can renew it with CISSP. With all the CEs one has to get for these certifications anymore, if nothing else getting exams to cover CEs can be worth it. And honestly, I work with a couple CISSPs that could use the practitioner knowledge from CASP or Pentest+.

tedjames

ThePawofRizzo wrote: »

I work with a couple CISSPs that could use the practitioner knowledge from CASP or Pentest+.

I think it's a good idea to be as well-rounded as you can in security. That's my goal, anyway.

CyberJosh95

tedjames wrote: »

I think it's a good idea to be as well-rounded as you can in security. That's my goal, anyway.

I love this statement. Its highly frustrating when my leadership doesn't understand whats going on or cant put two and two together.