CASP Prep

SaSkillerSaSkiller Member Posts: 337 ■■■□□□□□□□
Havent really considered this certification, but wondering. I have several years of experience in IT security, but wondering what prep material would be best for this cert?
OSWP, GPEN, GWAPT, GCIH, CPT, CCENT, CompTIA Trio.

Comments

  • yoba222yoba222 Member Posts: 1,237 ■■■■■■■■□□
    Haven't yet done this particular CompTIA cert but I've done a few of their others. One nice thing about CompTIA certs is the all-in-one books usually cover everything. My guess would be Mike Meyer's or whoever wrote the Sybex book. Not sure about lab sims though.
    A+, Network+, CCNA, LFCS,
    Security+, eJPT, CySA+, PenTest+,
    Cisco CyberOps, GCIH, VHL,
    In progress: OSCP
  • Z0sickxZ0sickx Member Posts: 180 ■■■□□□□□□□
    For me personally to pass his exam i had to use the Sybex Book + CERT Guide+ITPROtv. You need to understand the concepts very well. for example if you see IPsec you need to know more then what it does but all the pieces that is used to make it work and other protocols that work with it. Take the hardest practice you get from the book and multiply it by x2 and thats CASP for 80 questions
  • PersianImmortalPersianImmortal Member Posts: 124 ■■□□□□□□□□
    Z0sickx wrote: »
    For me personally to pass his exam i had to use the Sybex Book + CERT Guide+ITPROtv. You need to understand the concepts very well. for example if you see IPsec you need to know more then what it does but all the pieces that is used to make it work and other protocols that work with it. Take the hardest practice you get from the book and multiply it by x2 and thats CASP for 80 questions

    Agreed.

    I used the Pearson Cert Guide by Abernathy, Chris Rees CASP Lessons on Pluralsight, and Kelly Handerhan's CASP overview on Cybrary.it. While all of these materials were fantastic and definitely helped me pass the exam, none really prepare you for the technical aspect of the exam (i.e. looking at logs and determining the type of attack or the best solution to remediate a vulnerability). They are however more than adequate in prepping for management, business, and risk related questions.

    For the technical aspects of the exam, what I found most helpful was to go over the objectives and google practical examples for each bullet point that I wasn't familiar with (i.e. XACML, SOAP, ESP vs AH, etc...)
  • SaSkillerSaSkiller Member Posts: 337 ■■■□□□□□□□
    Thanks, how long did you guys study for?
    OSWP, GPEN, GWAPT, GCIH, CPT, CCENT, CompTIA Trio.
  • stryder144stryder144 Member Posts: 1,684 ■■■■■■■■□□
    Following this thread, as I am taking it next month.
    The easiest thing to be in the world is you. The most difficult thing to be is what other people want you to be. Don't let them put you in that position. ~ Leo Buscaglia

    Connect With Me || My Blog Site || Follow Me
  • IgetitgirlIgetitgirl Member Posts: 11 ■□□□□□□□□□
    [FONT=&amp]Hello,
    I took the CASP CAS-002 exam on 13 August 2017 and passed. Thanks to the other members on this forum for recommending looking at additional study material. Although I have higher level certifications, this exam was very challenging. Challenging from the perspective that it is broad and technical. I have all the years of experience and I had to pull out my old CISCO router since I don’t do those task now on a daily basis. My exam was 77 questions and I had 165 minutes to complete the exam. I know COMPTIA states 90 questions but it was only 77.

    BLUF, if you are just a theory person or manager, you probably will not pass this exam. You need to understand security from a hands-on and technical perspective. If I put something on the computer screen such as an attack or a physical network diagram with missing security controls, etc, you need to be able to identify the issue quickly and solve the problem. Execute stopping the attack. Put the right security controls on the network in the right location (WAF, IDS, NIDS/NIPS, Patch Server, FW, AV Server, etc).


    Most of my simulations and drag and drops were up front. I had 10 out the gate and about two more later in the exam. The longest simulation questions was looking at code in a server log, then identify the attack, identify the host, and identify the attacking machine. After identifying the correct attack, go to the router (s) and stop the attack. If you are an ethical hacker or work network management (routers, reviewing logs, etc), then you do not need to do any additional studying for these type of questions. Just ensure you know the different types of attacks and know what they look like in execution (XSS, SQL injection, integer overflow, buffer overflow, ping of death, etc). Ethical Hackers should be good to go in this area. If you don’t have tools to practice take some of the Cybrary or YOUTUB Video courses to re-familiarize yourself on this content. You also need to be familiar with every objective they identify in the CompTIA objectives. Go download a copy from COMPTIAs website. You will be broadly tested on them all. Know your acronyms. Nothing is spelled out on the exam so you need to know XSS=Cross Site Scripting. Know the difference in RFQ, RFP, RFI, and when they are used.

    I used two books but only for definitions because industry terms mean different things with different security certification organizations (COMPTIA, ISC2, ISACA, EC-COUNCIL, SANS, etc.). The two books I used were: [/FONT]


    [FONT=&amp]1. CompTIA Advanced Security Practitioner (CASP) CAS-002 Cert Guide[/FONT][FONT=&amp] by Abernathy, Robin


    [/FONT]

    [FONT=&amp]2. CASP CompTIA Advanced Security Practitioner Study Guide: Exam CAS-002[/FONT][FONT=&amp] by Gregg, Michael

    I used the Michael Gregg book the most and I answered all of the questions in the books. I also, pulled out my CEH lab books again.

    Just FYI, my experience level is over 10 years hands on and over 20 years total. I hold the following industry certs before taking the CASP exam: CISA, CISM, CEH, CHFI, CIH, CNDA, ECSA, CWTS, CCDA, ITIL, Network+, A+[/FONT]


    [FONT=&amp]I hope this helps and best wishes.icon_cheers.gif[/FONT]
  • IgetitgirlIgetitgirl Member Posts: 11 ■□□□□□□□□□
    I studied about 6 weeks 2 hours a night.
Sign In or Register to comment.