CASP Beta Results Out

Darril

I took the CASP beta exam back in May and heard from them yesterday. I passed. Wooo Hooo! I'm interested to see how well this cert will be received or embraced. As a side note, I queried CompTIA and they told me that all the workshops are completed for this so we should start to see more news soon.

If you're interested, I did do a couple of blogs on CASP.
CompTIA Advanced Security Practitioner (Beta Exam) My Experience
CompTIA Advanced Security Practitioner (CASP)

Darril Gibson

demonfurbie

if you write a book for it ill take it

Everyone

Congrats!

I'm still upset that I missed out on both the chance the help write this exam, and take the beta.

Paperlantern

demonfurbie wrote: »

if you write a book for it ill take it

HA! nice, yeah, I would love a book on this. Your Sec+ one helped me ace that exam. However I think I will be taking CASP before any books can really be written on it, I'm on a CISSP track right now with a target of mid january and im hoping to take CASP late October to kind of get a feel for how i'm doing on my trek to the CISSP. I am bookmarking these blog links though and look forward to reading them.

Congrats as well on the pass, I hope to join you soon.

grauwulf

how were you notified? I've read that people would be notified by their testing centers and not by comptia and I haven't seen any results for my test yet.

Thanks and Congrats!

Update - Nevermind - I just checked on certmetrics and I have results

apr911

LUCKY!

I still havent gotten my results for CASP. My Pearson VUE Profile just says "Taken," my Comptia profile doesnt list the exam at all and I havent gotten any email about it as of yet either

Guess Ill just have to wait a little longer.

grauwulf wrote: »

Update - Nevermind - I just checked on certmetrics and I have results

The frowny face when discussing having received results is never a good sign... Sorry grauwulf. Any thoughts on what you might do? (i.e. Think you might retake it?) If I dont pass, Im just planning on letting it go. I didnt really need it in the 1st place but figured it was free so might as well take it

Darril

I don't see myself writing a book on CASP, at least not very soon. However, I did just post a blog with ten practice test questions that I wrote a while ago for the CASP exam . You can see them here: CompTIA Advanced Security Practitioner (CASP) Practice Questions

Darril Gibson
blog

Blog

Paperlantern

Thanks for the praccy Qs Darril, it appears I do have a little ways to go before I take CASP getting only 6 of them right. But, that is to be expected as I am only on the very beginning of my journey.

bugme1

It would be nice to see your PROOF that you have your results. Pearson Vue has NOT received the results from CompTIA and CompTIA has not posted the results. The state that results will be posted the first week in October 2011 so next week.

Darril

bugme1 wrote: »

It would be nice to see your PROOF that you have your results. Pearson Vue has NOT received the results from CompTIA and CompTIA has not posted the results. The state that results will be posted the first week in October 2011 so next week.

If you're looking for PROOF of your own results, one way is to log into CompTIAs site from here:
https://www.certmetrics.com/comptia/login.aspx

If you're looking for PROOF of my results, you can check it out here:
https://www.certmetrics.com/comptia/public/transcript.aspx?transcript=W7R0VS4K1BB41WNQ

Darril Gibson
blog

KrisA

As I don't agree that you should have to prove yourself, esp to someone with 1 post, I will say that anyone who passes a beta test going in "almost" blind, that is impressive. Well Done Sir.

jts1234

I took the released exam, and passed. My passing status was posted to the certmetrics portal, but I have some reason to believe that they are still working on a few things behind the scenes. The downloadable PDF of my certificate, for example, lists the date I passed the test but not the expiration date. Anybody else with that problem?

Also: I never received the usual "please confirm your mailing address" email. I just obsessively signed in to the portal until the sucker showed up.

Tom

veritas_libertas

Darril wrote: »

If you're looking for PROOF of your own results, one way is to log into CompTIAs site from here:
https://www.certmetrics.com/comptia/login.aspx

If you're looking for PROOF of my results, you can check it out here:
https://www.certmetrics.com/comptia/public/transcript.aspx?transcript=W7R0VS4K1BB41WNQ

Darril Gibson
blog

I see that it's a CompTIA CE certification. What are they going to require to re-certify?

demonfurbie

my thoughts on this cert are some what mixed

i love that its comptia (already known but for starter certs) and i can take it any were unlike other security certs

it all depends on if DoD puts this on the same level as the CISSP

Heny '06

Did you use any studying material? And if so what was it, thank you.

jts1234 wrote: »

I took the released exam, and passed. My passing status was posted to the certmetrics portal, but I have some reason to believe that they are still working on a few things behind the scenes. The downloadable PDF of my certificate, for example, lists the date I passed the test but not the expiration date. Anybody else with that problem?

Also: I never received the usual "please confirm your mailing address" email. I just obsessively signed in to the portal until the sucker showed up.

Tom

jts1234

Heny '06 wrote: »

Did you use any studying material? And if so what was it, thank you.

I took the objectives that CompTIA publishes on their site, made a mind map of everything I wasn't sure of, and researched it. I think I spent an hour or two on that. I also spent a few minutes going over all of the acronyms.

...I'm more from the server side of things, so I learned about MPLS and a number of other new things.

I don't believe any actual study guides are out yet.

Tom

Darril

For some reason, the CE never jumped out at me. I just double-checked and certmetrics shows an expiration date of 2017-May-10, six years after I took it. I also downloaded the certificate and it shows the expiration date six years out. However, none of the CE documentation (at least that I saw) shows any reference to CASP.

However, a six year expiration makes me wonder about other things.

• It could be that CompTIA is moving away from certification for life on all their certs.
• It doesn't meet the three year requirement for ANSI/ISO/IEC 17024 that CompTIA said required this for A+, Net+, and Security+
• I wonder if a six-year expiration will prevent an update to DoD 8570 from including CASP

In comparison, CISSP expires after three years, though it can be renewed through continuing education credits and annual payments. I think that in order for the CASP cert to become popular, it really needs to be considered on a level comparable to CISSP. That won't happen overnight, but it could be CompTIA is testing the waters now, and in a couple of years, they'll change the expiration to three years.

In the meantime, I'll see if I can log some credits for some security related blog articles and some security related books. I'm betting that all the same CE activities (http://www.comptia.org/Libraries/Certification_Documents/CE_Charts.sflb.ashx) will apply for CASP as they do for the other CE-based certs.

Darril Gibson
blog

jts1234

Darril wrote: »

For some reason, the CE never jumped out at me. I just double-checked and certmetrics shows an expiration date of 2017-May-10, six years after I took it. I also downloaded the certificate and it shows the expiration date six years out. However, none of the CE documentation (at least that I saw) shows any reference to CASP.

This is starting to be a bit bizarre, as mine shows an expiration date three years out in Certmetrics, but still shows a blank expiration date on the PDF certificate. :




I'll go back to my previous statement--that I think CompTIA is still working on a few things in the back room...

Tom

Darril

jts1234 wrote: »

I'll go back to my previous statement--that I think CompTIA is still working on a few things in the back room...

Tom

Agreed. We're sure to see more information on this once they figure out their plan...

Darril

Darril

I received the score report in the mail. CompTIA is giving a little more feedback than I thought they would, which is good. It does just give a Pass/Fail indication instead of a score, but then it states :

"You incorrectly answered one or more questions in the following objective areas:"
followed by the objective number and title like:
4.1 Integrate enterprise disciplines to achieve secure solutions

I don't quite remember what this objective was about back in May, but if you get this printout right after taking the exam, it will be useful, especially if you don't pass the first time.

Darril Gibson
Security cert blog

SephStorm

• I wonder if a six-year expiration will prevent an update to DoD 8570 from including CASP

I don't think 8570 sets the re-certification period for the certificate vendor, instead I think they only have to require re-certification, DoD sets its own recert period.

Darril

SephStorm wrote: »

[/LIST]I don't think 8570 sets the re-certification period for the certificate vendor, instead I think they only have to require re-certification, DoD sets its own recert period.

I agree, that 8570 does not set the recertification period for the vendor, and the DoD can set its own recert period.

However, I think that the DoD values certifications that follow standards. When CompTIA created the renewal requirement for A+, Net+, Sec+, they met the ANSI/ISO/IEC 17024 standard. There were several indications that this was done by CompTIA to ensure these certifications remained in the 8570 list of certifications. If they remained as "lifetime" certifications, they may not have remained in an 8570 revision or update. I can't find it now, but I read somewhere that ANSI/ISO/IEC 17024 required recertification within five years, so a six-year recertification period resulted in CASP not meeting the standard.

All that said, my original thought ("I wonder if a six-year expiration will prevent an update to DoD 8570 from including CASP") is moot. Thanks to Tom's post (jts1234), it looks like CompTIA is using a three-year expiration for people currently taking it. I just got lucky with a six-year expiration for taking the beta.

Darril Gibson
Security+ blog

SephStorm

ah got it. So my question to you would be, when people say its more technical, does that mean it has questions on implementing security technologies?

Darril

I'm not sure what you're comparing it to when you say "more technical", but I don't remember any specific implementation questions.

I reread my blog on the experience (CompTIA Advanced Security Practitioner (Beta Exam) My Experience) to help me remember, and it reminded me that technical command line knowledge and ability was required to answer some questions. For example, question 2 on this page (CompTIA Advanced Security Practitioner (CASP) Practice Questions) hints at the technical knowledge required. Not only did I need the knowledge, but I needed to know how to navigate the command line and execute commands to get the correct answer. Certainly technical knowledge in other areas is required, but navigating the command line is one example.

Darril Gibson
Security+ blog

spiderjericho

I'd say this exam, as vendor neutral as it is, is definitely more technical than say the CISSP (which is more theory and management decision making). If the test taker isn't familiar with access-control lists/firewalls, windows command line, the best places to place network infrastructure/security equipment, etc they're going to be in for a sad face at the end of the exam.

Darril

This link was posted by seansd in the Security+ forum and shows that CASP is making it into the CE documentation.
CompTIA Continuing Education - CompTIA IT Pro Community
The page also shows a good summary of their program.

Darril Gibson
Security+ blog

badrottie

spiderjericho wrote: »

I'd say this exam, as vendor neutral as it is, is definitely more technical than say the CISSP (which is more theory and management decision making). If the test taker isn't familiar with access-control lists/firewalls, windows command line, the best places to place network infrastructure/security equipment, etc they're going to be in for a sad face at the end of the exam.

Which is why I doubt that it will obtain the same recognition as the CISSP (less theory, more vendor specific/technical aspects)--in the short term.

The two information security heavyweights, (ISC)2 and ISACA, have established their market value proposition for their certification offerings. CompTIA's marketing team has their work cut out for them if they hope to elevate it to the same level of recognition as the CISSP, CISM, PMP, etc.

There are other certificates that are already well recognized (SANS GIAC being a very good example) and are in direct competition.

If it is to have value in the marketplace, the CASP has to be sufficiently differentiated from the competition, or otherwise it will die. Information Security is littered with failed certification standards that did not gain sufficient traction. Time will tell.