I passed CAS-003!!

I have been a long time lerker and created an account because there really has not been any recent posts about the CASP. First off, I was under the gun to get this certification rather quickly. I failed once after studying for a few months, and just retook the exam today. I still thought I failed. As for my background, I am a a contractor for the DoD as a sys admin right now, and have 6 years of experience in numerous analyst/sysadmin/security roles. I have A BS in Computer Information Systems as well as an MBA in Information Security management. As far as certs are concerned, I have A+, Security+, MCSA Server 2012, and MCSE Server/Cloud infrastructure. Right off the bat I want to say this. Do not attempt to **** this test. The few who did in my shop failed miserably, and even ones from the most "popular sites" contained completely wrong answers from what I could see when they were studying. So what did I use?

Sybex CAS-002 Study Guide- Read this front to back, it was old but a lot of the concepts still apply.

Wiley CAS-003 Study guide -Read this cover to cover. Did the practice questions. Well worth the money.

Cybrary CASP Course - This course is nowhere near what you need to pass. However, I would highly suggest researching security analysis and application security. I have only taken programming in college, and had to brush up on it to understand some of the code and sql analysis questions on the test.

The Exam- There were 4 sims right off the bat. Two drag and drops (know SAML, OTP, Kerberos, Gap control, All the different cloud models including community vs private and Iaas, SaaS, and Paas). The third sim was download a file, verify the hash, and install. Only download from HTTPS sites. If the hash mismatches its not the right one, if the hash matches and the install flags untrusted after you attempt to execute it, its wrong. It has to be trusted and the hash has to match. Once installed go on to the next sim. The Redhat sim was the hardest and definitely brush up on the names of different services (do not go beyond this, the commands are available in help and pretty straight forward. ps -A lists the services. You kill the services it requests (I ended up doing httpd, mysql, lpd, wpa,bluetooth, and sendmail) by PID based on what the question was asking. You then use chkconfig --list to see what services are running at level 3 (means they will re-enable at restart) and you use chkconfig --level 3 <service name> off to turn off the services you just killed. Once you do this, the sim is done and you can move on. You do not have to do anything with ports and anyone telling you otherwise is lying, there are only two commands you can even run in the Redhat sim and you can't grep crap. IT IS NOT HARD.

Here is my strategy for the questions: Think of what you would do as a technician. That answer is wrong. Think of what a manager would do. That answer is wrong. What would the DoD or private sector professionals do in this situation? That answer is wrong. Whatever is left over is the BS CompTIA answer, and that is how you pass this exam! In all seriousness, know your stuff. Brush up on SQL and basic coding security, a bit of quantitative analysis and qualitative definitions, etc. The "think as manager" advice for the CISSP definitely applies here, but there is another that I think REALLY applies here. Do not solve problems, and "think about who you are talking to". If you are drafting a report, guess who sees it? Senior management. Senior management does not know your technobabble that you use on a day-to-day basis. They communicate in terms of risk and dollar sense.

I am going to get a beer. This test sucked. I know I am not much help with the questions, but I hope I at least shed some light on the sims as noone else really talked about them in detail in quite a while. Here is to joining the club of idiots who pay an obscene amount of money to say they are security professionals!

Find more posts tagged with

Comments

Infosec_Sam

Congratulations on the pass, and enjoy the beer!! It sounds like after your experience you might need more than one, but I'll leave that up to you. The CASP+ is one that I'm hoping to shoot for at some point, so I'm grateful you took the time to write this up! The no-BS summary gave me a good chuckle.

Certinator

Congrats!

dinkz210

Congrats on the pass. I recently took it about two weeks ago and had all the same sims you just posted about. I studied for only about two weeks, needless to say I failed. I have been searhcing for the answer for the redhat PBQ, thank you very much for that info, I could not find it anywhere. I am reattempting next week. On the side note, I have been studying and earning Certs non-stop since last june, so the two weeks study time I thought was good enough seeing how I just passed SSCP right before and some others. So basically non stop studying. You are spot on, this is a completely diffent mind set you have to go in with compared to test I have taken. Again thanks for the insigh, I hope I get the same Sims becuase now I know for sure what to do. Congrats again. Ill keep everyone posted, test next Wednesday.

CASPChallenged

Busy Variation,

I also took the CASP exam and ran into the hash download question and the hardening of the server. Is there anywhere I can get additional training on these modules. I didn't pass either module and that caused my exam failure. The other 2 that where drag and drop where easy.

But I seriously want to practice the mods because I am not really a command line guy. Can you provide any assistance?

busy_variation

You don't need to be a command line guy. You only have to use the commands listed in help. there are like 4.

md5sum.exe and sha1sum.exe are the applications that were supposedly downloaded to that directory. You know which one to use right off the bat by looking at the bit length of the hash value when you first open up the lab. The directions say the only commands available to you are the ones listed. do not think beyond the scope of the test. The purpose is to make sure you know how to download safely from the interwebs without infecting yourself. You look for https (this eliminates like 3 of em), one of the https sites flags for a certificate, you say no and move on, there are like 3 left at this point. download the installer.exe run md5sum.exe to ensure the hash matches. one does not match, delete it. the md5sum should match, it should be downloaded from an https site, and when you run installer.exe it should not flag you or an error. Not a hard lab. And for linux, you literally only use the 3-4 commands listed in help. look above to my first post. disable services it lists that are not related to what the server actually is used for.

jimmyhooh

Busy-- is the simulation red hat tough

srobi

I just took CASP 003 today. Wow! Definitely need to study more!

I felt like I did the downloads performance correctly, ran the download, first looked at just the HTTPS ones, but the Hash didn’t match on any of them. How is that possible?

So while I know we should download from https, they all had wrong hash, so I went w one that upon running install.exe seemed less harmful. Maybe 5.

I did the dir, install md5sum, got the hash but it didn’t match.

itdept

Congrats on the pass