CASP Requirements

RufioRufio CISSP, CRISC, CCSP, CCSKV3, CCNA CYBER OPS, SECURITY+, NETWORK+Member Posts: 25 ■■■□□□□□□□
I was looking at the requirements for the exam...Do you really have to have 10 years experience (5 years application) or is that just if you do you're better off? I've past the Security+ and I'm looking for a more advanced, hands-on certification. If I can take it, I'll start preparing to take it sometime mid-end of this year.


  • ptilsenptilsen Member Posts: 2,835 ■■■■■■■■■■
    You really don't need that kind of experience. I would try Comptia's experience suggestions very loosely.

    If you have no experience, it still probably isn't the certification for you. If you have a bit of experience, SSCP is probably a better certification anyway. It is similar to CASP but is more well known and the vendor has a better reputation in the security world.

    I just can't see recommending CASP at this time. It has no market recognition whatsoever, while there is a small, but steady volume of job adds asking for SSCP.

    You might also consider C|EH or GPEN for something even more hands-on, though they both have their own flaws as well (EC-Council is nonsense and GIAC charges an arm and a leg). GSEC would also be good, but again, way too expensive.

    Really, you'd be best to focus on getting experience. Most of the certifications are meaningless without experience, which is why the SSCP requires one year of experience and CASP suggests a ridiculous amount of experience. No matter what you want to do in security, CISSP is pretty much your goal until you have it, and it will require four years of experience (for you).
    Working B.S., Computer Science
    Complete: 55/120 credits SPAN 201, LIT 100, ETHS 200, AP Lang, MATH 120, WRIT 231, ICS 140, MATH 215, ECON 202, ECON 201, ICS 141, MATH 210, LING 111, ICS 240
    In progress: CLEP US GOV,
    Next up: MATH 211, ECON 352, ICS 340
  • DarrilDarril Member Posts: 1,588
    Just to add a little, 10 years experience is a recommendation and not a requirement. They also include this sentence on the CASP page:

    "While there is no required prerequisite, the CASP certification is intended to follow CompTIA Security+ or equivalent experience and has a technical, hands-on focus at the enterprise level."

    Theoretically, you could self-study without any experience, take and pass the exam, and earn the certification. Though, this would be a very difficult route. You'll find that the CASP is quite a bit more difficult than Security+.

    In contrast, the SSCP requires a minimum of one-year of experience, and from a difficulty perspective it's between the Security+ and CASP certs.

  • MrAgentMrAgent Member Posts: 1,309 ■■■■■■■■□□
    Agreed with Darril. While the experience is definitely beneficial, it is not required.

    Darril, any plans on a book for the CASP exam?
  • DarrilDarril Member Posts: 1,588
    Not in the foreseeable future. I have several projects in the pipeline at the moment and CASP isn't one of them.
  • MrAgentMrAgent Member Posts: 1,309 ■■■■■■■■□□
    Thats too bad. Your Security+ book is awesome.
  • flash27flash27 Member Posts: 33 ■■□□□□□□□□
    Agreed, I was looking forward to a CASP material from Mr. Gibson.
  • DarrilDarril Member Posts: 1,588
    @MrAgent and @flash27. Thanks for the kind words. If only I could figure out a way to clone myself, I could do write all the books I'd like to write....
  • chickenlicken09chickenlicken09 Senior Member Member Posts: 531 ■■■■□□□□□□
    ya pity you couldnt do an icnd1&2. You would clean up with your style of writing.
  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 11,671 Admin
    I would really recommend enterprise-level IT experience for CASP. I can see a lot of people who have only worked in smaller IT shops looking at the objectives of CASP and saying to themselves, "Why would I ever need to know anything about that topic for my job?" I was very pleased with some of the topics I saw covered on my CASP exam, but they certainly aren't part of every IT person's on-the-job experience.
Sign In or Register to comment.