Passed CASP: my thoughts

aftereffectoraftereffector Senior MemberMember Posts: 525
I am usually a pretty quick test taker, but I used all but two minutes of the allotted time on this one. Part of that was me being a dumbass and way overthinking the simulation questions (they weren't that hard). I have no idea how much my margin of passing was - until I got the score report with that oh-so-welcome "PASS" in the middle of my screen, I was certain I'd failed. On the Security+ exam, I could read a question and immediately throw out two of the answers - sometimes even three; however, on this one, I had to read each answer, often multiple times, and try to figure out degrees of "betterness". For example, a question would look a lot like this:

Company A is merging with Company B. Company A sells oranges out of a fruit cart, and Company B sells parakeets online. How will the two companies merge their security systems?
Company A will put a padlock on their fruit cart and give Company B the key.
B: Company A will put a combination lock on the fruit cart and encode the combination in a database within Company B's private network.
C: Company B will sell parakeets from a separate section of Company A's fruit cart.
D:Company B will establish a MOU with Company A to establish security responsibilities between both companies.

...where my typical reaction was "huh?" and then "what the heck are they talking about?" I'm guessing that CISSP will just be more of the same - fortunately I will not be attempting that for a little while!

I think that if CASP was administered by anyone other than CompTIA, it would get a lot more credibility among the InfoSec community. As it is, people think "oh it must be a harder Security+" when it really shares very little with that test - in my opinion, CASP is to Sec+ as Net+ is to A+. They cover some of the same topics, but in very different ways from very different viewpoints.

I'm definitely not stopping my InfoSec management track with CASP. CISSP was always, and will continue to be, my goal, but by going after the CASP I have DOD 8570 checked and can hopefully use that to get an entry level position that will allow me to back up my certs with practical experience. SSCP would have been a good option as well, but I already had the CASP book, so I went for it. If I'd failed this test, I do not think I would have gone back for a retest.
CCIE Security - this one might take a while...


Sign In or Register to comment.