Looking to take the CASP

Hey, guys.
New to the forums. I've been poking around for awhile, but haven't actually stuck my head in before now.

I'm Sec+ certified, and that's it. Unfortunately, due to a lack of information, and a failure to be interested in it, I missed my window to convert my cert over to CE, and it looks like I'm out of options. I can either retake the exam, or pick up the CASp. I'm currently in the Military, and in a position that requires me to have Sec + (and non-CE certs aren't recognized any more)

So, back in September, I had a one week (four day) CASp class, followed by an Exam. I wasn't prepared for it, simply put. I've been in the field for about 4 years, but I've been idling most of that time, and in positions that didn't actually require any technical knowledge. Now I'm looking to change that.

Luckily, I'm a very fast learner, and retain knowledge particularly well. By the end of those very short four days, I was ready to give the test a shot (free voucher, doesn't hurt to try, right?)
I failed.

I know it was the Simulations that did me in. I felt comfortable with enough of the questions and answers that I'm certain I would have passed the test otherwise, but for several (read: 2-4) of the simulations, I was either entirely lost, or was simply guessing. Partly, it was a simple lack of knowing commands, and I was able to sit there and poke around until I managed to get some information, but it was never enough to feel like I deserved even partial credit.

I have another voucher waiting for me to take advantage of it, and I'm in a position again where I can start studying again. So my question is, what -specific- materials would be most benefitial to me on those simulations? Links and actual book names most appreciated, but any info at all would be helpful. I'm about to get out of the Army, and I'd like all of the earlier CompTIA certs after I get out (Net+, A+ etc) but since I feel like I'm already so close to getting CASp, and the voucher is waiting, I'm looking to get it first.

Thanks, guys. I'm hoping I can knock this one out of the park next time.
Michael

Find more posts tagged with

Comments

paxaddict

Oh, forgot to mention, we studied out of the Sybex book in the class, and I still have mine. That book had some good info, helped me understand the concept behind some of the stuff I needed to know, but didn't do a thing in helping me prepare for those simulations. They totally blindsided me.

da_vato

PM me your email and I'll send you some material that might help. As far as books I used the sybex book and wasn't to happy with it. The official comptia material is really dry as well.

What is your rank? I found that this test was presented in a managerial format. If you've worked in staff, it's like dealing with your battalion co, xo or csm... You can't tell them what to do, so how do you guide them to do the right thing? If you've been an ncoic of s6 then you know what I mean and how to address the test.

If you've only been a sgt and below you'll struggle with the test as you'll want to give the technical answer which will be incorrect.

paxaddict

I'm still too new to send PMs, unfortunately, but unless I'm mistaken, I should be able to receive.

I'm a SPC, and have worked help desk at S6, as well as Automations. Currently I'm the team leader of the IA section for.. a relatively large and condensed area. I wont get into any more detail than that. This position has definitely tested my IT skills and knowledge more than any position before this, and has helped me to see the Managerial side of things a bit more clearly.

That being said, the level of managerial questions, and the subjective answers, on this test are definitely outside of my wheelhouse. However, as I said, I'm an extremely responsive learner and feel that I made up for it on the test itself. The questions were certainly difficult, but not impossible. I feel that I did a pretty good job of understanding that I need to pick the answer they want, not the one that I think is right.

Those simulations, though. Killed me.

I share your opinions on the Sybex book. My instructer actually spent some time at the beginning of the class sending us to different pages with a sharpie so we could just cross out, or correct, blatently wrong information.
Aside from the that, I entirely agree with other opinions I've seen here on the forums about this book, in that it feels very rushed, with a plethora of spelling and grammar mistakes. Leaving it poorly edited, and exceptionally dry.

My instructor didn't use the book very much, honestly, except as a rough guide for his syllabus. Leaving us to read the book on our own time, in conjunction with the lesson he happened to be teaching on a given day.

JDMurray

OK paxaddict, you can PM now.

I really like the CASP sims because they basically mirrored the kind of work I do every day in a network security operations. I think the sims would be very unfamiliar to anyone who didn't have experience working in network operations roles.

itguy1979

Any study information you can suggest for the SIMS?

da_vato

I would suggest start by reading:
CompTIA Performance Based Questions - InfoSec Institute

CASP sims are more scenario based where you have to look at a network topology and identify stuff like the attacker, victim and so on. I can assure you that there is nothing tricky about them, if you know networking you'll do ok. Other sims are drag and drop type... I remember having one command prompt that needed a really simple command (took me a bit to identify the command it was so simple haha).

Bottom line is if you understand the CASP material the sims are no problem at all, so I wouldn't stress over them.

paxaddict

De_Vato, some good info there. I know that the first time I took it, having know the md5sum command, as mentioned in that article, would have helped immensely. My major problem is that I just didn't know a lot of the commands. I've never needed to traverse a network at that level. So while I've got the management down to level that should be passing, my networking experience, or lack thereof, is holding me back.

tprice5

Those sims are pretty tough. I remember one where (trying not to violate NDA here) you had to traverse DMZs and subnets identifying certain properties of systems and where they belong. Muy difficulte'.

da_vato wrote: »

I found that this test was presented in a managerial format.

While I can agree that the test is primarily management based in the multiple choice questions, they certainly are not for the sims.

With that being said, I'm not positive but I am pretty sure you can fail all the sims and still pass the exam if you ace the multiple choice. So I wouldn't focus all of your studying on just the sims.

(Let me know if I'm stepping outside of NDA and I'll edit.)

da_vato

tprice5, thank you for correcting me, you are right the sims are very technical and the multiple choice are more managerial.

If networking is a weakness you will have a rough time then. You need to understand the OSI model plus what and how stuff is taking place at each level. More times than not that knowledge will be your best asset for troubleshooting infrastructure/network issues as well. So I would definitely spend some time strengthening your networking knowledge for this exam and your career.

As far as commands go I don't believe you need to know that many for the exam... Definitely remember the one you just referred to.

wikiget

The CASP material is the amalgamation of knowledge for CompTIAs three core certs (A+, Net+, Sec+) to include advanced security knowledge above and beyond Security+. Therefore, to pass you need to understand the core concepts in A+ (PC hardware and software functions), Net+ (OSI, TCP/IP architecture, Commonly used Ports and Protocols), Sec+ (Purpose and use of basic security devices, Malware types, Basic Incident Handling Procedures) and the CASP material.

Furthermore, the prize of the Cybex book isn't the Multiple choice material. It's the labs in the back of the book.

I liked CASP. I think that technical certs should be less multiple choice and more simulations. Partially because the sims are less likely to be data dumped, and partially because it shows knowledge above and beyond just theory. Although sims will not be perfect either, it's better than having to hand-hold an alphabet soup certified person through basic knowledge because he (might) only understand the theory of security (commonly referred to as "Paper-Tigers" and "Certified in Name Only (CiNOs)").

Also a fair warning, DoD is retiring the 8570 in lieu of the NICE-derived Cyber workforce framework (ETA: between now and fiscal year 2020). So, no one knows what will be required when that cut over occurs (or when for that matter). Theoretically, it was supposed to happen when DIACAP retires (in favor of DIARMF), but I don't have any more info.

JDMurray

For those interested in the new DoDD 8140, there is this thread: http://www.techexams.net/forums/security-certifications/86366-dod-8570-01-m-revision-some-updates.html

...and this slide deck: http://www.afcea.org/events/west/13/documents/CyberspaceWorkforceKeith.pdf

darrel15

Thanks for sharing the information. I found the information very helpful.