CASP after Security+..possible?

technewtechnew Member Posts: 35 ■■■□□□□□□□
Hello Everyone 

Just need some advise. I have network + and recently passed security+ (with 820/900). I do not have any IT experience.... Do y'all think CASP might be a good next step? or am I getting ahead of myself here? If CASP might be too difficult, then what would be the next step after Sec+? may be SSCP or CySA+?
Thanks guys!

«1

Comments

  • PCTechLincPCTechLinc Member Posts: 646 ■■■■■■□□□□
    I have no experience with CySA+ or CASP, but based on the feedback I've heard about both, if you don't have any practical IT experience, those might be much more difficult than what you experienced with Security+.  Other than building up your experience, I would recommend staying around the entry-level until the more advanced technologies become second nature to you.  What you DON'T want to do is have expert-level knowledge on paper with entry-level practical experience on your Resume.  Try to keep both around the same level, in my opinion.

    In short, CySA+ or SSCP would be a good segue, but maybe add the A+ in there as well.
    Master of Business Administration in Information Technology Management - Western Governors University
    Master of Science in Information Security and Assurance - Western Governors University
    Bachelor of Science in Network Administration - Western Governors University
    Associate of Applied Science x4 - Heald College
  • charismaticxcharismaticx Member Posts: 160 ■■■■□□□□□□
    I would not advise it. CASP requires some level of intermediate experience. Work on the basics and slowly work your way up to the most advanced certs. 
    Goals: PNPT; OSCP; GPYC; GSE
  • technewtechnew Member Posts: 35 ■■■□□□□□□□
    Thanks a lot... I guess I will try to do SSCP then. 
  • shochanshochan Member Posts: 1,004 ■■■■■■■■□□
    edited December 2018
    My advice is to go after a Linux, AWS, or...do you know your hardware and software really well??  perhaps A+ is calling you...if you like servers, you might try Microsoft's MCSA (3 exams).  I almost went after the CASP myself after my Sec+, but after reading how difficult it was, I wasn't about to waste $400 and not pass it.  OH btw, it's only my opinion, mannnnn...@crking3
    Good luck!
    CompTIA A+, Network+, i-Net+, MCP 70-210, CNA v5, Server+, Security+, Cloud+, CySA+, ISC² CC, ISC² SSCP
  • technewtechnew Member Posts: 35 ■■■□□□□□□□
    Thanks shochan, you definitely bring up valid points. I was going to study Linux just to have good foundation for pen testing. Definitely will look into MCSA. 
  • spiderjerichospiderjericho Registered Users, Member Posts: 890 ■■■■■□□□□□
    Linux is a must. Without breaking NDA (and not taking 003), Linux command line and OS services/applications are necessary. Defense in depth, security architectures. How to implement controls. 

    I would definitely recommend Linux+ and CySa+ prior. The path CompTIA has laid out is good. 
  • PseudonymousPseudonymous Member Posts: 78 ■■■□□□□□□□
    I've seen a  Linkedin profile where someone had both Sec+ and CASP (not CSAP) with no experience so it's definitely possible, but I'm not sure if it will be worth it.

    I actually had this issue a couple years ago. I was thinking about getting a lot of high level certs that had no hard requirements (like forcing you to already have 5-10 years of IT Security experience), but the problem is that even if you get something like that, it likely won't do much for you because you don't have the experience to go along with it and you don't want people thinking you know more than you do.

    For example, lets say someone passes a bunch of exams gets the MCSE with no actual prior experience. An employer (HR) might see that you have your MCSE and just assume you're an expert on it just because you have the certification and hire you for a position you're not really ready for.

    I think your next step depends on where you want to go in Security. If you want to learn more fundamentals, SSCP is probably a good step. Cybersecurity? CySA+ or CCNA CyberOps. Pentesting? PenTest+ or eJPT.


    Certifications: A+, N+, S+, CCNA: CyberOps, eJPT, ITIL, etc.
  • technewtechnew Member Posts: 35 ■■■□□□□□□□
    Great advise Cameron, debating between CYSA+ And SSCP. My research shows that SSCP might be equivalent to security + ... what’s your opinion ? Is it considered higher or equivalent or security + ? 

    Thanks. 


  • technewtechnew Member Posts: 35 ■■■□□□□□□□
    Thanks spiderjericho!! Will definitely learn some Linux !
  • jcundiffjcundiff Member Posts: 486 ■■■■□□□□□□
    technew said:
    Great advise Cameron, debating between CYSA+ And SSCP. My research shows that SSCP might be equivalent to security + ... what’s your opinion ? Is it considered higher or equivalent or security + ? 

    Thanks. 


    I think it(SSCP) is a fairly significant step above the Security +


    "Hard Work Beats Talent When Talent Doesn't Work Hard" - Tim Notke
  • tripleatriplea Member Posts: 190 ■■■■□□□□□□

    I found SSCP way harder and I thought I had decent knowledge.

    If you want to get some ground level experience, this wasn't a bad way to go and I can recommend.

    Udemy networking and subnetting course 5 hours fairly practical

    Cybrary Linux Ubuntu course - 6 hours fairly practical

    Elearnsecurity ejpt junior penetration course- about 60 hours inc exam.

    Those 3 really have boosted my non windows knowledge.

  • charismaticxcharismaticx Member Posts: 160 ■■■■□□□□□□
    Hmm... now I’m a little curious about SSCP. Maybe after I’m done with CISM and Linux. 
    Goals: PNPT; OSCP; GPYC; GSE
  • ecuisonecuison Member Posts: 131 ■■■■□□□□□□
    edited December 2018
    shochan said:
    ...  I almost went after the CASP myself after my Sec+, but after reading how difficult it was, I wasn't about to waste $400 and not pass it.  Good luck!
    I can tell you are already selling yourself short.  Don't do that, if you have enough drive and motivation, determination to learn and accept what you don't know but willing to learn, you can do almost any exam out there.  It's not about the cert, it's what it take to get there.  Plus $400?   That's a deal compared what I had to pay for certifications.  I also got a rash of Sh*t a while back asking about the CASP after I passed the CISSP.  Everyone said it was a waste, or that I was cert collector.  

    Good luck!
    Accomplishments: B.S. - Business (Information Management) | CISSP | CCSP | TOGAF v9.2 Certified | Security + | Network +
  • shochanshochan Member Posts: 1,004 ■■■■■■■■□□
    well, I agree...I believe, the CASP was about to turn over to a newer exam at the time (after passing Sec+ in May 2016).  I will eventually go after it, I just need to continue learning what I have planned on taking in 2019...It might be 2020 before I take it.
    CompTIA A+, Network+, i-Net+, MCP 70-210, CNA v5, Server+, Security+, Cloud+, CySA+, ISC² CC, ISC² SSCP
  • technewtechnew Member Posts: 35 ■■■□□□□□□□
    Thanks everyone. @ ecuison , how much IT experience did you have when you passed your CISSP ? And what other certs did you already have before you took on CISSP ? 
  • ecuisonecuison Member Posts: 131 ■■■■□□□□□□
    I had about 17 years in IT and was last a Sysad before I moved over to security.  With that, I had the necessary experience in 5 out of 8 domains.  I got my Security+ back in 2005 along with my Network+.  Prior to that I had my MCP, MCSA + Security back during the Windows 2000 days long been expired.  

    When I took the CISSP, I prepared for 7 weeks with a 1 week boot camp.  Boot camp only added about 7% additional information that I didn't know.  Passed the CISSP on the first try.
    Accomplishments: B.S. - Business (Information Management) | CISSP | CCSP | TOGAF v9.2 Certified | Security + | Network +
  • MickyDeeMickyDee Member Posts: 32 ■■■□□□□□□□
    I took the CASP after the Security+, it was big step up, but it was manageable.  I "backtracked" after that and got the CySA+, which was relatively easy after getting the CASP.  I would recommend the Sec+ -> CySA+ -> CASP route if that's your plan as it all builds on one another.  Otherwise, the CASP is manageable after the Sec+ as long as you put in the study and follow the CompTIA objectives. 
  • technewtechnew Member Posts: 35 ■■■□□□□□□□
    Thanks everyone for the comments and help. I think I will go for CySA+ then CASP. 
  • spiderjerichospiderjericho Registered Users, Member Posts: 890 ■■■■■□□□□□
    I feel like the CySa+ is more blue team based...than the CASP’s sort of security engineer approach. As the analyst, you’re leveraging the technologies the engineer has designed and implemented.

    @technew that sounds like a good decision. I’d just maintain the momentum and motivation to power through all three.
  • technewtechnew Member Posts: 35 ■■■□□□□□□□
    Thanks @Spiderjericho
    @MickyDee did you have any IT experience at the time you passed CASP? 
  • MickyDeeMickyDee Member Posts: 32 ■■■□□□□□□□
    @technew, yes I have over 5+ years in an IT capacity, amongst other prior roles that were helpful with the exam.  I also looked through the CISSP material briefly while preparing for the exam.  I'm currently studying for the CISSP now, which the CASP helps prepare you for if you go down that route too.
  • technewtechnew Member Posts: 35 ■■■□□□□□□□
    Thanks mickydee
  • NetworkNewbNetworkNewb Member Posts: 3,298 ■■■■■■■■■□
    Look at jobs you want to get in your area (or ones you would like in the future) and see what they are asking for.  Don't waste your time getting something you might not need.    Get the certs they are asking for and work on building a lab and working on getting some hands on experience.   Showing employers you have built a lab and you are working on your skills will most likely impress them more than any cert.
  • technewtechnew Member Posts: 35 ■■■□□□□□□□
    Thanks @NetworkNewb. Will definitely work on that. 
  • DatabaseHeadDatabaseHead Member Posts: 2,753 ■■■■■■■■■■
    edited December 2018
    Whenever these topics are brought up I use the visual of two linear lines running through time.  You want to keep these moving up (which indicates you are increasing) however both of these lines need to be in synch or close to it.  If one get's too far out ahead or above the other you begin to put yourself at risk of losing value.  In other words make sure to keep your education tied closely with your experience.  

    The most common mistake I have seen on here (according to the folks who did this) was getting the CCNP without having any real networking experience, several of these folks were still on the "Desk".  They probably should of stayed at the CCNA level gained experience for a few years then moved into another "level" of training.  If they ended up staying in networking and ascending through experience then the CCNP makes sense then........   

    Just my two cents....
  • technewtechnew Member Posts: 35 ■■■□□□□□□□
    @DatabaseHead...thanks. I'll be doing CySA+ and then gain some experience before I go for any advance level certs!
  • LonerVampLonerVamp Member Posts: 518 ■■■■■■■■□□
    A recurring theme here is experience. I'm curious if the OP has a plan to start gaining said experience, or what is the goal of these certs and such? What do you want to do career-wise?

    Security Engineer/Analyst/Geek, Red & Blue Teams
    OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK
    2021 goals: maybe AWAE or SLAE, bunch o' courses and red team labs?
  • crking3crking3 Member Posts: 28 ■■■□□□□□□□
    MickyDee said:
    I took the CASP after the Security+, it was big step up, but it was manageable.  I "backtracked" after that and got the CySA+, which was relatively easy after getting the CASP.  I would recommend the Sec+ -> CySA+ -> CASP route if that's your plan as it all builds on one another.  Otherwise, the CASP is manageable after the Sec+ as long as you put in the study and follow the CompTIA objectives. 
    How did you prepare for casp?
  • technewtechnew Member Posts: 35 ■■■□□□□□□□
    edited December 2018
    sorry, been away from the computer from past few days. @LonerVamp , yes experience is definitely on my mind but I wanna have some basic and mid level certs under my belt before I apply for some jobs.
    This is a career change for me and unfortunately might be a good pay cut. So, my goal is to start somewhere junior - mid level instead of junior level. I know this might not come easy but I don't have to rush since my current job is pretty stable for now .....I need more time to learn and get ready for the cyber-security field.
    While working in my current job, I wanna earn some more certs and complete my MS in cybersecurity and then finally make the switch when the right opportunity comes my way. Again, this is easier said than done but that's the plan for now since my biggest hurdle is the paycut.
    I was already offered a junior level analyst job recently but had to decline due to a steep pay difference and would have been impossible for me to sustain.     
  • crking3crking3 Member Posts: 28 ■■■□□□□□□□
    How’s the studying goin !?
Sign In or Register to comment.