CompTIA/CASP

anyone excited for this test?
I received an email about them looking for beta testers to sit in on the test for free...
anyone planning on taking it?

I would, but I dont think I meet their requirements.

PDF for more info- http://bit.ly/g9ljC6

Find more posts tagged with

Comments

Bl8ckr0uter

I am excited. The objectives look pretty amazing.

demonfurbie

looks like some were between sscp and cissp

ill take a beta

veritas_libertas

If I got a beta voucher I would take it. Otherwise forget it. If you are going to spend money on certification go for what is already well known to HR.

Everyone

I was asked to attend something in Chicago to help develop this exam. It was a week long thing and I really wanted to do it, but was unable to.

I just got the e-mail inviting me to take the beta exam too. They list an authorized testing center in my city, but when I went to register for the exam, the closest testing center that has it is 400 miles away! They only have 2 days open for it too. I'm not driving 400 miles to take a beta exam.

I'm really annoyed that I can't register to take it at my local testing center.

Asif Dasl

Looks like this is US only

kriscamaro68

Everyone wrote: »

I was asked to attend something in Chicago to help develop this exam. It was a week long thing and I really wanted to do it, but was unable to.

I just got the e-mail inviting me to take the beta exam too. They list an authorized testing center in my city, but when I went to register for the exam, the closest testing center that has it is 400 miles away! They only have 2 days open for it too. I'm not driving 400 miles to take a beta exam.

I'm really annoyed that I can't register to take it at my local testing center.

Ya it was kinda lame. I would have to drive about 100 miles. Thats not gonna happen. I think I will pass.

Ryan82

I looked into taking this as well, but I definitely don't think it's worth me crossing an ocean to take.

colemic

Same here, nothing local. I would be on the just-under edge of what they are wanting for experience... pretty steep requirements actually for a cert.

Everyone

Well the cert is meant to be a step up from their Security+. If anyone takes it, please post up your thoughts on the test.

colemic

Everyone wrote: »

Well the cert is meant to be a step up from their Security+. If anyone takes it, please post up your thoughts on the test.

10 years of IT with 5 specifically in security, that's one helluva step up from Security+.

Asif Dasl

colemic wrote: »

10 years of IT with 5 specifically in security, that's one helluva step up from Security+.

Which probably means it won't get recognition with HR for starters and test takers won't take it cause it costs too much, has poor recognition and probably has to be recertified every 3 years. Oh and it's CompTIA and not ISC2. But then I might be a bit pessimistic!

Everyone

They're trying to compete with CISSP. CISSP requires 5 years of specific security experience. I don't think it will take that long to be recognised because it's CompTIA. They're already recognised for their other certs.

Do you people really think that every cert out there should be for people with no IT experience to take as an attempt to get into IT?

I hate running into people with all sorts of certs but no experience that have no clue what they're talking about or doing.

These kinds of certs have more credibility for those of us that have been in IT for a while. Although I'd still take a CISSP over this one, and I don't see that changing, at least not any time soon. There's no endorsement requirement for this one like the CISSP has. That's one of the things I like about the CISSP, is you have to get an endorsement from someone who already has one, before you can get yours. To me, that makes it mean a lot more.

colemic

Everyone wrote: »

Do you people really think that every cert out there should be for people with no IT experience to take as an attempt to get into IT?

Of course not. But how many other certs have 10 years experience as a requirement?

I would be cool with just 5 years of related security experience , so that it mirrored the CISSP. I just feel that 10 is a bit much. As is, it dwarfs the CISSP requirements by doubling minimum time requirement.

Asif Dasl

I find it interesting that for an exam that has strict requirements that it has a closed beta with exam takers who may not have the same requirements listed for all the other exam takers.

erpadmin

The target participant is a technical security practitioner with 10 years of experience in IT, and at least 5 years of hands-on information security design and implementation experience at the enterprise level.

If you fit the profile of the target candidate for the CompTIA Advanced Security Practitioner, and you are able to travel to one of the confirmed VUE testing centers, we do hope you will take the exam. The CompTIA exam code for the CASP beta, for registration purposes, is CA1-001.

Let's look at the first quote...

"The target participant" means that they would prefer that someone has that experience, but I didn't read anywhere in those quotes that it's a requirement to take the Beta, much unlike the CISSP. I don't think CompTIA is going to be a stickler on that. If you aren't a target participant, it's not going to stop you from still taking the BETA.

The only security thing I do is maybe assign NTFS permissions and request CA certs from Verisign, to then implement in my Weblogic servers...there were other things that I do that would qualify me taking the CISSP. But I'm not solely an IT Security professional...but I do practice it.

Asif Dasl

Thanks for clarifying erpadmin. It's a target audience rather than strict requirements.

erpadmin

While downloading the objectives so that I can read later (I am not going to let this distract me from my 640 studies), here's another quote from Comptia....

The CompTIA Advanced Security Practitioner (CASP) Certification is a vendor-neutral credential. The CASP exam is an internationally targeted validation of advanced-level security skills and knowledge. While there is no [FONT=Times New Roman,Times New Roman][FONT=Times New Roman,Times New Roman]required [/FONT][/FONT]prerequisite, the CASP certification is intended to follow CompTIA Security+ or equivalent experience and has a technical, ―hands-on‖focus at the enterprise level.

http://www.comptia.org/Libraries/Exam_Objectives/casp_objectives.sflb.ashx

(Many of us, myself included, qualify...

)

Everyone

colemic wrote: »

Of course not. But how many other certs have 10 years experience as a requirement?

I would be cool with just 5 years of related security experience , so that it mirrored the CISSP. I just feel that 10 is a bit much. As is, it dwarfs the CISSP requirements by doubling minimum time requirement.

It's 10 years overall IT with 5 years of security experience. As others have already pointed out, it's not a strict requirement, more of a suggestion. You can still take the test without it. They are just saying the test is geared for people with that level of experience. If you go and take it and you don't have that level of experience, you may have a harder time passing it.

That being said, I don't think it's going to be a very good beta test if a bunch of people with no experience go take it and fail. I'm guessing they only sent these invites out to people who already have their Security+ certification, possibly to those who have had it for a few years already, hoping they would fit what they're looking for.

colemic

My bad, I misread it, I thought those were the prereqs for the test.

Lash81

I took the Beta exam last Friday. It just closed out today so my input won't help anyone. It was 92 questions that were more in depth than the CISSP. I went in thinking it would be another easy compTIA cert like the security+ or network+ but it had some good technical questions. I would say if you all ready have the CISSP then this exam won't do much for you but if you have a security+ and you want more of a management cert without getting your CISSP then this is up your alley and is what I think COMPTIA is aiming for.

colemic

Thanks for the review... when you say more in depth, are you talking more technical, or more nit-picky, 'which of these is the BEST' kind of questions?

demonfurbie

ty for the review

ill still wait till comptia gets it DoD and gets over the starter cert company stigma ... mostly the DoD thing

grauwulf

I went into the exam totally cold and got quite a doozy, especially in comparison to other CompTIA offerings. Overall I was very impressed with this exam.

Thoughts:
Based on my set of questions; I think that this exam is a pretty good gauge of your abilities to function as a well rounded security professional. Without breaking the NDA I will say that some of the questions I got were very technical, some where very focused on management, and a portion was related to network design (which I was very happy to see). There was at least 1 question that I'm certain nobody who hasn't actually 'done it' in the real world will be able to get. I was also happy that while the exam maintained vendor neutrality overall, I did receive questions that had some very useful vendor focused material.

Some of the questions lacked a bit to be desired in the wording category, but that's just about any certification exam. Overall I think this is a pretty good evaluation exam for a 'general security person'. Maybe a system architect, or sys admin. I would be quite impressed if a run of the mill CTO could pass this test without a boot camp or brain ****.

Going in with no study at all I left with a 60/40 feeling as to if I passed. That is to say, not knowing what the pass margin is (some tests are 50%, some are 90%) I felt like I did decently.

Finally I would like to say that all any certification actually validates is that you can pass a test. Maybe even by simple luck. Certs don't make you good, but if you are good certs can help to prove it, and they can also be a good career investment.

Who am I?
I'm brand new to the board so it's fair to ask 'OK, so who the hell are you to give us your opinion?' I have been a software engineer, architect, and/or team lead for a little over 13 years. I have 2 degrees and 2 academic certificates in comp sci & information security. I currently hold about a dozen active certifications including: C|EH, C|HFI, Security+, Linux+, Project+, iNet+, SCJP, SCWCD, [and the list goes on, 'all' of these areas were useful to in my CASP test]. I am not an expert by any stretch of the imagination. I've been around the block a few times and I've taken these types of tests before. So there, that's me.

I'm enjoying your board, keep up the good work.

Priston

sounds like CompTIA is making it for the DoD

grauwulf

Priston wrote: »

sounds like CompTIA is making it for the DoD

CompTIA's Security+ examination is approved for DoD 8570.1m compliance at IAT levels 1 & 2. In order for the CASP to be considered for that they will have to add a renewal / continuing ed component, but they've already done that with Sec+ (Security+ce) so I don't think it's off the table.

ChooseLife

grauwulf wrote: »

Who am I?

A good fellow, indeed. Thanks for the thoughtful review!

Heny '06

Is this an invitation only cert at the moment since its in Beta mode? I'd like to take it.

grauwulf

Heny '06 wrote: »

Is this an invitation only cert at the moment since its in Beta mode? I'd like to take it.

Yep, the beta test was by invite. I think you can take the beta test if you want, but it's only available at a few locations and it will cost you about $330. Also, as a beta exam you wont get your score until the exam goes public later this year (October or November).

I would recommend waiting until some study guides start showing up so you can have something to work from as well as towards. Then again, if you're up for it jump in there and go get it.

Priston

http://www.comptia.org/Libraries/Exam_Objectives/casp_objectives.sflb.ashx

erpadmin

I got the Cancellation notification today. CompTIA will not allow me to take the exam tomorrow.

Just as well, I guess...