Presentation is loading. Please wait.

Presentation is loading. Please wait.

Passing the CASP - © 2012 Eric Conrad Passing the CompTIA CASP Exam Eric Conrad

Published byRandolf Watts Modified over 8 years ago

Similar presentations

Presentation on theme: "Passing the CASP - © 2012 Eric Conrad Passing the CompTIA CASP Exam Eric Conrad"— Presentation transcript:

1 Passing the CASP - © 2012 Eric Conrad Passing the CompTIA CASP Exam Eric Conrad http://ericconrad.com eric@backshore.net

2 Title of Course - © 2009 SANS 2 Passing the CASP - ©2012 Eric Conrad 2 The CASP (CAS-001) Exam The CompTIA Advanced Security Practitioner Certification Exam is a logical follow-on to Security+ –Exam is vendor-neutral According to CompTIA: The exam covers the technical knowledge and skills required to conceptualize, design, and engineer secure solutions across complex enterprise environments. It involves applying critical thinking and judgment across a broad spectrum of security disciplines to propose and implement solutions that map to enterprise drivers. 1 [1] http://certification.comptia.org/getCertified/certifications/casp.aspx

3 Title of Course - © 2009 SANS 3 Passing the CASP - ©2012 Eric Conrad 3 CASP Compared to Other Exams CASP is like a harder version of Security+ –More in-depth knowledge required –Performance-based questions also (currently) set it apart …or a more technical CISSP –Less fuzzy –Somewhat easier, depending on your strengths

4 Title of Course - © 2009 SANS 4 Passing the CASP - ©2012 Eric Conrad 4 Mastery-Level Certification CASP is CompTIA’s first mastery-level certification A higher level than their professional Series, which includes: –Security+ –Network+ –A+ –Etc...

5 Title of Course - © 2009 SANS 5 Passing the CASP - ©2012 Eric Conrad 5 CASP Prerequisites CompTIA recommends 10 years of IT experience including 5 years hands-on While there is no required prerequisite, the CASP certification is intended to follow CompTIA Security+ or equivalent experience and has a technical, ―hands-on focus at the enterprise level. 1 This is a recommendation only: no experience requirement is enforced [1] http://www.comptia.org/Libraries/Exam_Objectives/casp_objectives.sflb.ashx

6 Title of Course - © 2009 SANS 6 Passing the CASP - ©2012 Eric Conrad 6 CASP Exam Questions Must answer up to 80 questions in 150 minutes –Recent exam featured 73 questions –Questions are multiple choice and also include drag/drop simulations –Exam includes unmarked research questions that do not count towards final score Immediate pass/fail result is provided at exam completion –No numeric score is provided

7 Title of Course - © 2009 SANS 7 Passing the CASP - ©2012 Eric Conrad 7 CASP Exam Review Exam takers may flag questions for later review If there is time remaining at the end of the exam, a summary of answered questions appears –Flagged questions are highlighted Exam taker may change answers at this point: –Review any question –Review all questions

8 Title of Course - © 2009 SANS 8 Passing the CASP - ©2012 Eric Conrad 8 CASP Questions Most of the exam questions are multiple choice –Each question has 4 or more answers –Must choose the best 1, 2 or 3 answers –Number of required answers is clearly indicated Exam requires the BEST or MOST correct answer

9 Title of Course - © 2009 SANS 9 Passing the CASP - ©2012 Eric Conrad 9 Performance-based Questions Each exam will feature a number of “performance-based” questions: Performance-based questions require exam candidates to perform a task or solve a problem within a simulated IT environment to demonstrate specific knowledge or skills 1 Security+, Network+ and A+ will have these kinds of questions added shortly [1] http://certification.comptia.org/news/12-08- 07/CompTIA_Exams_to_Include_Performance-Based_Questions.aspx

10 Title of Course - © 2009 SANS 10 Passing the CASP - ©2012 Eric Conrad 10 Performance-based Questions Description Similar to (but simpler than) simulation questions featured in Cisco exams Include: –Drag-drop solution in a simulated application –Simple command-line These questions may take considerably more time to answer than multiple choice questions

11 Title of Course - © 2009 SANS 11 Passing the CASP - ©2012 Eric Conrad 11 Exam Prep: Sample Questions CompTIA has 10 CASP sample questions available –http://certification.comptia.org/Training/testingcente rs/samplequestions.aspx –Very representative of multiple choice exam questions –No official performance-based sample questions yet Darril Gibson also has unofficial (but excellent) sample CASP questions available –http://blogs.getcertifiedgetahead.com/casp-sample-questions/

12 Title of Course - © 2009 SANS 12 Passing the CASP - ©2012 Eric Conrad 12 Exam Prep: Read the Objectives Download the CASP exam objectives –http://www.comptia.org/Libraries/Exam_Obj ectives/casp_objectives.sflb.ashx Read the whole thing –Including the glossary –Understand every concept described –Be able to map every acronym, forwards and backwards

13 Title of Course - © 2009 SANS 13 Passing the CASP - ©2012 Eric Conrad 13 Exam Advice: Acronyms Are Key Mapping acronyms forwards and backwards is a key exam skill For example: “Which of the following allows logical access control to a shared drive?” A.LUN B.HBA C.iSCSI D.FCoE Answer: A. LUN (Logical Unit Number), which acts as an ACL for a networked file system

14 Title of Course - © 2009 SANS 14 Passing the CASP - ©2012 Eric Conrad 14 Exam Advice: Manage Time You will have roughly 2 minutes per question –Simulation questions will take longer –Even advanced test takers have reported some time pressure during the exam If you are stuck on a question for a long time, answer it quickly and flag it for later review Extra practice quizzing before your exam will help increase your exam speed and stamina

15 Title of Course - © 2009 SANS 15 Passing the CASP - ©2012 Eric Conrad 15 CASP Exam Outline

16 Title of Course - © 2009 SANS 16 Passing the CASP - ©2012 Eric Conrad 16 Domain 1 Enterprise Security (40% of exam) –Virtualized, distributed and shared computing –Cryptographic tools and techniques –Enterprise storage –Network infrastructure, and secure applications and storage –Host-based security –Application security –Security Assessment tools

17 Title of Course - © 2009 SANS 17 Passing the CASP - ©2012 Eric Conrad 17 Domain 2 Risk Management, Policy / Procedure and Legal (24% of exam) –Analyze the security risk implications associated with business decisions –Execute and implement risk mitigation strategies and controls –Explain the importance of preparing for and supporting the incident response and recovery process –Implement security and privacy policies and procedures based on organizational requirements.

18 Title of Course - © 2009 SANS 18 Passing the CASP - ©2012 Eric Conrad 18 Domain 3 Research & Analysis (14% of exam) –Analyze industry trends and outline potential impact to the enterprise –Carry out relevant analysis for the purpose of securing the enterprise

19 Title of Course - © 2009 SANS 19 Passing the CASP - ©2012 Eric Conrad 19 Domain 4 Integration of Computing, Communications and Business Disciplines (22% of exam) –Primary focus is on successful integration of security process into an enterprise business –Security permeates the entire enterprise –Key roles and their security responsibilities –Ensuring business communications are secured –Organizational Authentication frameworks –Ensure security is considered during the entire lifecycle of data and systems

20 Title of Course - © 2009 SANS 20 Passing the CASP - ©2012 Eric Conrad 20 Notable Topics Not on the Exam The CASP objectives are specific –And fairly exclusionary If a major topic isn’t mentioned in the objectives, there are no in-depth exam questions For example: wireless is not covered beyond general best practices –For example, encrypt data in motion

21 Title of Course - © 2009 SANS 21 Passing the CASP - ©2012 Eric Conrad 21 Scheduling an Exam Exams are held at 3 rd -party computer-based testing centers –Pearson Vue currently offers the CASP exam To schedule an exam, go to CompTIA’s exam page –http://certification.comptia.org/getCertified/certifications/casp. aspx –Click on “Find a testing center” Current US exam cost is $329 –Costs for other countries listed at: http://certification.comptia.org/Training/testingcenters/exampri ces.aspx –Exam is currently offered in English only

22 Title of Course - © 2009 SANS 22 Passing the CASP - ©2012 Eric Conrad 22 CASP Updates Other CompTIA Certs If you hold another CompTIA certification such as Security+, passing the CASP renews it Keeping CASP CEU’s up to date keeps all other CompTIA certifications current –If you have multiple CompTIA certifications you only need to pay the annual fees and earn CEU’s for the highest level certification you are renewing. By earning a ‘ce’ designation on the highest level cert you would automatically be granted ‘ce’ designations for the lower level certifications as well. 1

23 Title of Course - © 2009 SANS 23 Passing the CASP - ©2012 Eric Conrad 23 CASP Renewal The CASP certification is valid for 3 years Two renewal options: –75 Continuing Education Units (CEU) per cycle –Retaking the exam Each CEU requires roughly 1 hour of information security training –Writing or presenting information security information generates more CEUs –CEU program requires $49 annual administration fee

24 Title of Course - © 2009 SANS 24 Passing the CASP - ©2012 Eric Conrad 24 SANS Security 528 SANS Security 528 is a brand-new 5-day course covering the CASP exam We are planning to schedule a beta run in a few months, most likely in the DC area If you are interested (including outside the DC area), please let me know –If there’s enough interest in a given area, I will try and make it happen there –Email me at eric@backshore.net

25 Title of Course - © 2009 SANS 25 Passing the CASP - ©2012 Eric Conrad 25 Thank you! Email eric@backshore.net with any questions I posted a copy of these slides to http://ericconrad.com

Download ppt "Passing the CASP - © 2012 Eric Conrad Passing the CompTIA CASP Exam Eric Conrad"

Similar presentations

PRODUCT FOCUS 5/27/14 – 6/6/14 INTRODUCTION Our Product Focus for the next two weeks is CompTIA. CompTIA is most well known for serving as the backbone.

PRODUCT FOCUS 5/27/14 – 6/6/14 INTRODUCTION Our Product Focus for the next two weeks is CompTIA. CompTIA is most well known for serving as the backbone.
© 2013 The McGraw-Hill Companies, Inc. All rights reserved Mike Meyers’ CompTIA A+ ® Guide to 801: Managing and Troubleshooting PCs Fourth Edition (Exam.

© 2013 The McGraw-Hill Companies, Inc. All rights reserved Mike Meyers’ CompTIA A+ ® Guide to 801: Managing and Troubleshooting PCs Fourth Edition (Exam.
PRODUCT FOCUS 4/14/14 – 4/25/14 INTRODUCTION Our Product Focus for the next two weeks is Microsoft Office 365. Office 365 is Microsoft’s most successful.

PRODUCT FOCUS 4/14/14 – 4/25/14 INTRODUCTION Our Product Focus for the next two weeks is Microsoft Office 365. Office 365 is Microsoft’s most successful.
IGP Certification: The Next Step in Your Career

IGP Certification: The Next Step in Your Career
About NetCom Learning Founded: 1998 Trained over 90% of the Fortune 500 Serviced over 50,000 professionals Authorized Vendor Training: over 20 leading.

About NetCom Learning Founded: 1998 Trained over 90% of the Fortune 500 Serviced over 50,000 professionals Authorized Vendor Training: over 20 leading.
Www.lumension.com © Copyright 2008 - Lumension Security Lumension Security PatchLink Enterprise Reporting™ 6.4 Overview and What’s New.

© Copyright Lumension Security Lumension Security PatchLink Enterprise Reporting™ 6.4 Overview and What’s New.
Using MyMathLab Features You must already be registered or enrolled in a current MyMathLab class in order to use MyMathLab. If you are not registered or.

Using MyMathLab Features You must already be registered or enrolled in a current MyMathLab class in order to use MyMathLab. If you are not registered or.
Certified Business Process Professional (CBPP®)

Certified Business Process Professional (CBPP®)
IT Project Management, Third Edition Appendix B1 Appendix B: Advice for the Project Management Professional (PMP) Exam and Related Certifications.

IT Project Management, Third Edition Appendix B1 Appendix B: Advice for the Project Management Professional (PMP) Exam and Related Certifications.
CompTIA Strata - Green IT Certification Exam Preparation Course in a Book for Passing the CompTIA Strata - Green IT Exam - The How To Pass on Your First.

CompTIA Strata - Green IT Certification Exam Preparation Course in a Book for Passing the CompTIA Strata - Green IT Exam - The How To Pass on Your First.
The ITIL V3 Intermediate Capability Complete Certification Kit - Second Edition 1 Why bother paying extra money for all the bells and whistles that you're.

The ITIL V3 Intermediate Capability Complete Certification Kit - Second Edition 1 Why bother paying extra money for all the bells and whistles that you're.
The ITIL V3 Intermediate RCV Capability Complete Certification Kit - Second Edition - IPAD VERSION Who Knew ITIL https://store.theartofservice.com/itil-v3-release-control-and-validation-rcv-full-certification-online-learning-and-study-book-course-the-itil

The ITIL V3 Intermediate RCV Capability Complete Certification Kit - Second Edition - IPAD VERSION Who Knew ITIL
AIM-IRS Annual Business Meeting & Training Seminar Decision Making and Problem Solving.

AIM-IRS Annual Business Meeting & Training Seminar Decision Making and Problem Solving.
EMC Proven Professional. Copyright © 2012 EMC Corporation. All Rights Reserved. EMC Proven Professional INFORMATION STORAGE AND MANAGEMENT V2 Course Introduction.

EMC Proven Professional. Copyright © 2012 EMC Corporation. All Rights Reserved. EMC Proven Professional INFORMATION STORAGE AND MANAGEMENT V2 Course Introduction.
PARCC Information Meeting FEB. 27, 2014. I Choose C – Why We Need Common Core and PARCC.

PARCC Information Meeting FEB. 27, I Choose C – Why We Need Common Core and PARCC.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 18 Slide 1 Software Reuse.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 18 Slide 1 Software Reuse.
New Advanced Higher Subject Implementation Events

New Advanced Higher Subject Implementation Events
Course ILT Course Code CSN 208 Network Security. Course ILT Course Description This course provides an in-depth study of network security issues, standards,

Course ILT Course Code CSN 208 Network Security. Course ILT Course Description This course provides an in-depth study of network security issues, standards,
CompTIA Advanced Security Practitioner (CASP) IT Professionals prepared to safeguard organizations worldwide.

CompTIA Advanced Security Practitioner (CASP) IT Professionals prepared to safeguard organizations worldwide.
ITIL Managing Across the Lifecycle - eLearning Plus Exam Preparation Program 1 We offer a fully accredited, self- managed eLearning https://store.theartofservice.com/itilr-managing-across-the-lifecycle-elearning-plus-exam-preparation-program.html.

ITIL Managing Across the Lifecycle - eLearning Plus Exam Preparation Program 1 We offer a fully accredited, self- managed eLearning

Similar presentations

Ads by Google