Passed CASP: my thoughts

aftereffectoraftereffector Member Posts: 525 ■■■■□□□□□□
I am usually a pretty quick test taker, but I used all but two minutes of the allotted time on this one. Part of that was me being a dumbass and way overthinking the simulation questions (they weren't that hard). I have no idea how much my margin of passing was - until I got the score report with that oh-so-welcome "PASS" in the middle of my screen, I was certain I'd failed. On the Security+ exam, I could read a question and immediately throw out two of the answers - sometimes even three; however, on this one, I had to read each answer, often multiple times, and try to figure out degrees of "betterness". For example, a question would look a lot like this:

Company A is merging with Company B. Company A sells oranges out of a fruit cart, and Company B sells parakeets online. How will the two companies merge their security systems?
A:
Company A will put a padlock on their fruit cart and give Company B the key.
B: Company A will put a combination lock on the fruit cart and encode the combination in a database within Company B's private network.
C: Company B will sell parakeets from a separate section of Company A's fruit cart.
D:Company B will establish a MOU with Company A to establish security responsibilities between both companies.

...where my typical reaction was "huh?" and then "what the heck are they talking about?" I'm guessing that CISSP will just be more of the same - fortunately I will not be attempting that for a little while!

I think that if CASP was administered by anyone other than CompTIA, it would get a lot more credibility among the InfoSec community. As it is, people think "oh it must be a harder Security+" when it really shares very little with that test - in my opinion, CASP is to Sec+ as Net+ is to A+. They cover some of the same topics, but in very different ways from very different viewpoints.

I'm definitely not stopping my InfoSec management track with CASP. CISSP was always, and will continue to be, my goal, but by going after the CASP I have DOD 8570 checked and can hopefully use that to get an entry level position that will allow me to back up my certs with practical experience. SSCP would have been a good option as well, but I already had the CASP book, so I went for it. If I'd failed this test, I do not think I would have gone back for a retest.
CCIE Security - this one might take a while...

Comments

  • zxbanezxbane Member Posts: 740 ■■■■□□□□□□
    Congrats after,

    Another thing to add to the resume as you prepare to get out and enter the civilian world!
  • broli720broli720 Member Posts: 394 ■■■■□□□□□□
    Congrats. Definitely not an easy test.
  • JDMurrayJDMurray Admin Posts: 13,090 Admin
    Congratulations! icon_thumright.gif


    CASP is actually CompTIA's first mid-level security certification. I expect future, non-"+" CompTIA certs will look and feel very similar to CASP.
  • robaatorobaato Member Posts: 25 ■□□□□□□□□□
    Which CASP book did you use to study with?
  • aftereffectoraftereffector Member Posts: 525 ■■■■□□□□□□
    I used the McGraw-Hill book. There was a distinct change in writing style between the authors, which was a bit jarring - it went from standard McGraw-Hill fare as in the Security+ and Network+ books to a wordy business-speak more suited to Army doctrine or a position paper than a study guide. The test was written in the same style, though, so I guess it was good to get used to it.
    CCIE Security - this one might take a while...
  • JDMurrayJDMurray Admin Posts: 13,090 Admin
    I wonder if MGH reprinted some of the chapters from their Net+ and Sec+ in their CASP book. Que and Sybex were famous for doing that back in the 1980's-90's. It used to infuriate me when I would buy the latest Herbert Schildt C++ book only to find one-third of the content was taken from one of his C books, which I already owned.
Sign In or Register to comment.