CA1-005 SecurityX+ beta: 17/05

Earlier this week, someone posted on Reddit. https://www.reddit.com/r/CompTIA/comments/1csbgmg/new_comptia_beta_exam_ca1005_securityx_available/

In short, SecurityX+ is the rebranding of CASP+. The beta for the lastest version goes live in a few hours.

Get on that!

Find more posts tagged with

Comments

FluffyBunny

Important: Objectives (under development) for the PT1-003 and CA1-005 beta exams can be found here -> https://www.comptia.org/training/resources/exam-objectives/exam-objectives-under-development

JDMurray

Did you already take the SecurityX beta exam?

FluffyBunny

I did, I did!

-> Short review of the CA1-005 CASP+ / SecurityX beta

shochan

Taking mine in late July

JDMurray

I completed the CompTIA SecurityX certification beta exam (CA1-005) yesterday. Given 118 exam items to complete in three hours, I finished in a little over two hours. The exam scores will be released when the SecurityX exam itself is officially released (in December 2024?).

Most of the exam items were scenario-based and rather detailed to read. (I was genuinely mentally drained after the exam.) It was the usual "pick out the information most useful for choosing the correct answer option(s) and disregarding the rest" style of exam items. With some items it seemed quicker to read the answer options first and then read the item scenario afterwards.

I did a quick study for the exam by copying the SecurityX beta objectives into ChatGPT 4o and asking for explanations within the context of CompTIA CASP+ certification. The result was an annotated list of SecurityX exam objectives. That was enough for me to determine what to brush-up on, which included: COBIT, ITIL, SAST/DAST/IAST/RASP, CI/CD, DMARC/DKIM/SPF, TPM vs HSM, SAE, Model Inversion, Code stylometry, and Confused Deputy. (Yes, that last one is supposedly a real thing.)

As it turned out, there are a lot of acronyms on this (beta) exam. I highly recommend knowing and understanding all of the acronyms in the SecurityX objectives glossary.

Something familiar to the CASP/CASP+ exam is the need to read log files. This skill is a necessity for SecurityX too. The PBQs (Performance-Based Questions) were very basic and tested the understanding of concepts rather than how to do something practical in the world of security administration. And yes, a couple of them were rather confusing, as they appeared too easy to complete.

A new domain added is AI. This is not surprising considering AI is part of the future of many new CompTIA certs. SecurityX Domain 1.5 has some very interesting topics in the legality, attacks from, threats to, risks, and abuses of AI. You should have a basic foundation in the types and functional parts of AI too.

In conclusion, SecurityX is a (yet another) rebranding of the CompTIA CASP/CASP+ certification. I really like the exam content and it is still a difficult exam. I'm not sure if using cert names ending in "X" will establish any real brand recognition. I wonder if CompTIA had considered going with Security++, Network++, A++, etc. Just a thought.

shochan

I took it Sunday afternoon from home...I have no idea if I passed or not, I had several tough questions that I had no clue about...I think if you miss less than 30 questions, you will pass it...I guess we will have to wait for results in about 6mos. Now, off to study again for Pentest+ beta in a couple of weeks.

Abiodun1991

It is interesting group and I am going to contribute