Security ++ , New Certification?

SephStorm · August 2010

Does anyone have the feeling that CompTIA might be doing this to fight the recert naysayers? One popular argument is that with Microsoft and Cisco certs, besides being product/vendor specific, you can say recertify by getting a higher level cert from the company. I think I remember something similar in Comptia's policy, but they don't really have a higher level cert for the BIG THREE. So by creating these "higher level" certs, they can get people to recertify, and claim that they are just doing what everyone else is.

Thoughts?

dynamik · August 2010

They already consider the Security+ to be the advanced one: CompTIA Certification Renewal Policy

And you can't renew with a more advanced exam/cert from Microsoft. You have to renew each track with the newest version of the exams/certs.

SephStorm · September 2010

really? Ouch, that must suck for people with like, every microsoft cert...

dynamik · September 2010

SephStorm wrote: »

really? Ouch, that must suck for people with like, every microsoft cert...

Like me?

Yea, I'm basically just going to keep renewing the main track every few years and let the others lapse. There's no point in me trying to remain certified in ISA, Exchange, Hyper-V, etc.

I think most people typically do the main track and one, maybe two, specializations. It's really not that bad if you're a die-hard MS guy (or gal).

steve13ad · September 2010

Comptia has requested SME's to develop questions for their new certification CASP (CompTIA Advanced Security Practitioner).

CASP

I really think this is a workaround for the legacy Security+ holders.

steve13ad · September 2010

I wonder how long the Security+ will even be around

Devilsbane · September 2010

steve13ad wrote: »

Comptia has requested SME's to develop questions for their new certification CASP (CompTIA Advanced Security Practitioner).

CASP

I really think this is a workaround for the legacy Security+ holders.

I might go to this. I wanted to get in on the Security+ one but it clashed with my schedule. Maybe I can sneak this one in...

erpadmin · September 2010

I think this exam is just to compete with exams like the CISSP and the ones under that.

Seriously, I'm not worried about it. A lot of people seem to get this as a stepping stone to the CISSP or other higher end security certs. My main reason for getting it was to complete the trinity by the end of the year, as well as get college credit for WGU.

I'm just glad I did both.

Ron Brandt · September 2010

earweed wrote: »

I'm still ticked off about no t-shirt

I'm ticked I did that survey twice and was not asked for my personal information..I thought it was a scam until I saw this posting.

Ron

demonfurbie · September 2010

it asked me for personal info but nothing in the mail as of yet

Bl8ckr0uter · November 2010

Has anyone heard anything about this?

erpadmin · November 2010

Bl8ckr0uter wrote: »

Has anyone heard anything about this?

Brother, we've been had! LMAO...do not pass Go, do not collect CompTIA T-Shirt.

Bl8ckr0uter · November 2010

erpadmin wrote: »

Brother, we've been had! LMAO...do not pass Go, do not collect CompTIA T-Shirt.

Lol I meant the test, not the shirt.

burner27 · November 2010

Security+ > CISSP?

cabrillo24 · November 2010

burner27 wrote: »

Security+ > CISSP?

This is a joke right? CISSP is a more renown and difficult certification to obtain. The test and preparation is more grueling, and you have to meet prerequisites and you're subject to an audit if selected for one. Not to mention the yearly CPE's required to maintain the certification, and annual fees. CISSPs generally command a higher salary than Security+ personnel by a large margin. Security+ is generally considered a stepping stone towards your CISSP, but it's merely a drop a in a bucket.

burner27 · November 2010

cabrillo24 wrote: »

This is a joke right? CISSP is a more renown and difficult certification to obtain. The test and preparation is more grueling, and you have to meet prerequisites and you're subject to an audit if selected for one. Not to mention the yearly CPE's required to maintain the certification, and annual fees. CISSPs generally command a higher salary than Security+ personnel by a large margin. Security+ is generally considered a stepping stone towards your CISSP, but it's merely a drop a in a bucket.

It wasn't meant as an insult to you or anyone who is on the track towards the CISSP or currently holds the certification. I was merely asking a question.

cabrillo24 · November 2010

burner27 wrote: »

It wasn't meant as an insult to you or anyone who is on the track towards the CISSP or currently holds the certification. I was merely asking as question.

I know, I was being light hearted in my initial response. No worries, hence why I elaborated more on why the CISSP is more renown.

Bl8ckr0uter · November 2010

burner27 wrote: »

Security+ > CISSP?

Nope but the CASP might be on the same level in terms of difficultly and CPEs. It seems to be aimed at the same crowd (very experience infosec pros)

cabrillo24 · November 2010

Bl8ckr0uter wrote: »

Nope but the CASP might be on the same level in terms of difficultly and CPEs. It seems to be aimed at the same crowd (very experience infosec pros)

I think if they can guard their test questions as well as ISC2 or ISACA, to the point where it is "undumpable" then it well gain a lot of respectability. Unfortunately for most of the popular (if not all) CompTIA certifications, brain **** are everywhere, thus making the market oversaturate with "certified" people.

erpadmin · November 2010

cabrillo24 wrote: »

I think if they can guard their test questions as well as ISC2 or ISACA, to the point where it is "undumpable" then it well gain a lot of respectability. Unfortunately for most of the popular (if not all) CompTIA certifications, brain **** are everywhere, thus making the market oversaturate with "certified" people.

LMAO...seriously, I don't have respect for anyone who **** period, but someone who has to **** any CompTIA exam (A+ through Security+) really must have a mental defect. That's putting it kindly too.

cabrillo24 · November 2010

erpadmin wrote: »

LMAO...seriously, I don't have respect for anyone who **** period, but someone who has to **** any CompTIA exam (A+ through Security+) really must have a mental defect. That's putting it kindly too.

Completely agree with you. Some people take short cuts, while undermining their growth. Unfortunately people don't come out and flat out say "I used ****."

This is why I like the CISSP, CISA and CISM exams, they are "undumpable" so you know if someone has any of those certifications, that they studied for it, or are the world's best guessers. The quality of the exam makes you feel as if you've entered a whole new echelon.

Bl8ckr0uter · November 2010

cabrillo24 wrote: »

Completely agree with you. Some people take short cuts, while undermining their growth. Unfortunately people don't come out and flat out say "I used ****."

This is why I like the CISSP, CISA and CISM exams, they are "undumpable" so you know if someone has any of those certifications, that they studied for it, or are the world's best guessers. The quality of the exam makes you feel as if you've entered a whole new echelon.

I'm calling BS. What makes these exams undumpable? What makes you believe that? Seriously, unless the questions change ever day and are different for every person and there is a required performance involved with the exam, I wouldn't call it undumpable. I know a few folks who have dumped the CISSP and I know a few people who haven't, but they know less about security than I do. Unless you mean that because of the experience requirement, than to that I say someone could just lie about how much experience they have.

That isn't a personal attack by any means, I am just saying that anything can be cheated.

cabrillo24 · November 2010

Bl8ckr0uter wrote: »

I'm calling BS. What makes these exams undumpable? What makes you believe that? Seriously, unless the questions change ever day and are different for every person and there is a required performance involved with the exam, I wouldn't call it undumpable. I know a few folks who have dumped the CISSP and I know a few people who haven't, but they know less about security than I do.

ISC2 doesn't recycle their questions. They have a pretty expansive repository. There are simply no short cuts with them. Many of the "****" that are out there, are retired exam questions released by ISC2 that are rip offs of their StudyScope questions.

Bl8ckr0uter · November 2010

cabrillo24 wrote: »

ISC2 doesn't recycle their questions. They have a pretty expansive repository. There are simply no short cuts with them. Many of the "****" that are out there, are retired exam questions released by ISC2 that are rip offs of their StudyScope questions.

What do you mean by recycle? Are you saying that if I take my CISSP tomorrow I will get questions that have never been used and will never be used again? I don't believe this. The amount of questions they would have to have would be insane.

Lets say there are on average 100 people taking the CISSP across the world and there are 100 questions on the test and there are 100 days out of the year you can take the test.

100 people * 100 questions = 10,000 unique questions * 100 Days (since they would need to be unique for each day) = 1,000,000 questions a year? Dude no. They recycle their questions and they aren't unique because that wouldn't be practical.

I am not knocking the CISSP, I am simply saying that it is dumpable just like any cert. That isn't going to stop me from getting the SSCP in March.

And again nothing personal but I just don't see how you can believe that, unless you know something about the test that I don't.

cabrillo24 · November 2010

Bl8ckr0uter wrote: »

What do you mean by recycle? Are you saying that if I take my CISSP tomorrow I will get questions that have never been used and will never be used again? I don't believe this. The amount of questions they would have to have would be insane.

Lets say there are on average 100 people taking the CISSP across the world and there are 100 questions on the test and there are 100 days out of the year you can take the test.

100 people * 100 questions = 10,000 unique questions * 100 Days (since they would need to be unique for each day) = 1,000,000 questions a year? Dude no. They recycle their questions and they aren't unique because that wouldn't be practical.

Just know that brain **** won't help you pass this exam. I don't exactly know how their entire process works, but it's pretty much un-dumpable. Anyone who's obtained this certification would agree. I don't know what field you're in specifically, but if you do decide to go after this certification, you'll see what I'm talking about.

Bl8ckr0uter · November 2010

cabrillo24 wrote: »

Just know that brain **** won't help you pass this exam. I don't exactly know how their entire process works, but it's pretty much un-dumpable. Anyone who's obtained this certification would agree. I don't know what field you're in specifically, but if you do decide to go after this certification, you'll see what I'm talking about.

I'll see if my opinion changes after March when I sit the baby cissp (sscp).

Ethanp · February 2011

I just read about the CompTIA Advanced Security Practitioner (CASP) certification on CompTIA's daily newsletter today. Believe it or not, I first heard about a “CompTIA Advance Security certification” back in summer 2007. Back then I heard a rumor that CompTIA wanted to make an advanced security certification in attempt to compete against ISC²’s CISSP for the DoD directive 8570. I am currently studying for the CISSP certification. Now, I am wondering if I should hold off on studying more for the CISSP, and wait till CompTIA Advanced Security Practitioner (CASP) certification comes out in October 2011. I know CompTIA. I am having a difficult time studying for the CISSP, because I do not know ISC². I wonder how long it will take for someone to write a study guide with practice questions for the CompTIA Advanced Security Practitioner (CASP) certification. Once that is written, I will be the first in line to get the study guide with practice questions and take the exam.

LinuxRacr · February 2011

cabrillo24 wrote: »

Just know that brain **** won't help you pass this exam. I don't exactly know how their entire process works, but it's pretty much un-dumpable. Anyone who's obtained this certification would agree. I don't know what field you're in specifically, but if you do decide to go after this certification, you'll see what I'm talking about.

Not true. There are people who have dumped, and gotten the CISSP in the past.

LinuxRacr · February 2011

Ethanp wrote: »

I just read about the CompTIA Advanced Security Practitioner (CASP) certification on CompTIA's daily newsletter today. Believe it or not, I first heard about a “CompTIA Advance Security certification” back in summer 2007. Back then I heard a rumor that CompTIA wanted to make an advanced security certification in attempt to compete against ISC²’s CISSP for the DoD directive 8570. I am currently studying for the CISSP certification. Now, I am wondering if I should hold off on studying more for the CISSP, and wait till CompTIA Advanced Security Practitioner (CASP) certification comes out in October 2011. I know CompTIA. I am having a difficult time studying for the CISSP, because I do not know ISC². I wonder how long it will take for someone to write a study guide with practice questions for the CompTIA Advanced Security Practitioner (CASP) certification. Once that is written, I will be the first in line to get the study guide with practice questions and take the exam.

Wow, I'm curious to see how this cert stacks up to the CISSP.

rayzer · February 2011

LinuxRacr wrote: »

Wow, I'm curious to see how this cert stacks up to the CISSP.

It's probably not easy to compare CISSP with CASP. CISSP is more of a 'management' exam, while CASP will definitely be more technical and hands-on. See this blog about it: New Year, New Certs

Security ++ , New Certification?

Comments