passing the casp - © 2012 eric conrad passing the comptia casp exam eric conrad [email protected]
TRANSCRIPT
Passing the CASP - © 2012 Eric Conrad
Passing the CompTIA CASP Exam
Eric Conradhttp://[email protected]
Title of Course - © 2009 SANS 2Passing the CASP - ©2012 Eric Conrad 2
The CASP (CAS-001) Exam
• The CompTIA Advanced Security Practitioner Certification Exam is a logical follow-on to Security+– Exam is vendor-neutral
• According to CompTIA:The exam covers the technical knowledge and skills required to conceptualize, design, and engineer secure solutions across complex enterprise environments. It involves applying critical thinking and judgment across a broad spectrum of security disciplines to propose and implement solutions that map to enterprise drivers.1
[1] http://certification.comptia.org/getCertified/certifications/casp.aspx
Title of Course - © 2009 SANS 3Passing the CASP - ©2012 Eric Conrad 3
CASP Compared to Other Exams
• CASP is like a harder version of Security+– More in-depth knowledge required– Performance-based questions also
(currently) set it apart • …or a more technical CISSP
– Less fuzzy– Somewhat easier, depending on your
strengths
Title of Course - © 2009 SANS 4Passing the CASP - ©2012 Eric Conrad 4
Mastery-Level Certification
• CASP is CompTIA’s first mastery-level certification
• A higher level than their professional Series, which includes:– Security+– Network+– A+– Etc...
Title of Course - © 2009 SANS 5Passing the CASP - ©2012 Eric Conrad 5
CASP Prerequisites
• CompTIA recommends 10 years of IT experience including 5 years hands-on
While there is no required prerequisite, the CASP certification is intended to follow CompTIA Security+ or equivalent experience and has a technical, ―hands-on focus at the enterprise level.1
• This is a recommendation only: no experience requirement is enforced
[1] http://www.comptia.org/Libraries/Exam_Objectives/casp_objectives.sflb.ashx
Title of Course - © 2009 SANS 6Passing the CASP - ©2012 Eric Conrad 6
CASP Exam Questions
• Must answer up to 80 questions in 150 minutes– Recent exam featured 73 questions– Questions are multiple choice and also include
drag/drop simulations– Exam includes unmarked research questions
that do not count towards final score• Immediate pass/fail result is provided at
exam completion– No numeric score is provided
Title of Course - © 2009 SANS 7Passing the CASP - ©2012 Eric Conrad 7
CASP Exam Review
• Exam takers may flag questions for later review
• If there is time remaining at the end of the exam, a summary of answered questions appears– Flagged questions are highlighted
• Exam taker may change answers at this point:– Review any question– Review all questions
Title of Course - © 2009 SANS 8Passing the CASP - ©2012 Eric Conrad 8
CASP Questions
• Most of the exam questions are multiple choice– Each question has 4 or more answers– Must choose the best 1, 2 or 3 answers– Number of required answers is clearly
indicated• Exam requires the BEST or MOST
correct answer
Title of Course - © 2009 SANS 9Passing the CASP - ©2012 Eric Conrad 9
Performance-based Questions
• Each exam will feature a number of “performance-based” questions:Performance-based questions require exam candidates to perform a task or solve a problem within a simulated IT environment to demonstrate specific knowledge or skills1
• Security+, Network+ and A+ will have these kinds of questions added shortly
[1] http://certification.comptia.org/news/12-08-07/CompTIA_Exams_to_Include_Performance-Based_Questions.aspx
Title of Course - © 2009 SANS 10Passing the CASP - ©2012 Eric Conrad 10
Performance-based Questions Description
• Similar to (but simpler than) simulation questions featured in Cisco exams
• Include:– Drag-drop solution in a simulated
application– Simple command-line
• These questions may take considerably more time to answer than multiple choice questions
Title of Course - © 2009 SANS 11Passing the CASP - ©2012 Eric Conrad 11
Exam Prep: Sample Questions
• CompTIA has 10 CASP sample questions available– http://certification.comptia.org/Training/
testingcenters/samplequestions.aspx– Very representative of multiple choice exam
questions– No official performance-based sample
questions yet• Darril Gibson also has unofficial (but
excellent) sample CASP questions available– http://blogs.getcertifiedgetahead.com/casp-sample-
questions/
Title of Course - © 2009 SANS 12Passing the CASP - ©2012 Eric Conrad 12
Exam Prep: Read the Objectives
• Download the CASP exam objectives– http://www.comptia.org/Libraries/
Exam_Objectives/casp_objectives.sflb.ashx
• Read the whole thing– Including the glossary– Understand every concept described– Be able to map every acronym,
forwards and backwards
Title of Course - © 2009 SANS 13Passing the CASP - ©2012 Eric Conrad 13
Exam Advice: Acronyms Are Key
• Mapping acronyms forwards and backwards is a key exam skill
• For example: “Which of the following allows logical access control to a shared drive?”A. LUNB. HBAC. iSCSID. FCoE
• Answer: A. LUN (Logical Unit Number), which acts as an ACL for a networked file system
Title of Course - © 2009 SANS 14Passing the CASP - ©2012 Eric Conrad 14
Exam Advice: Manage Time
• You will have roughly 2 minutes per question– Simulation questions will take longer– Even advanced test takers have reported
some time pressure during the exam• If you are stuck on a question for a long
time, answer it quickly and flag it for later review
• Extra practice quizzing before your exam will help increase your exam speed and stamina
Title of Course - © 2009 SANS 15Passing the CASP - ©2012 Eric Conrad 15
CASP Exam Outline
Domain % of Exam
Enterprise Security 40
Risk Management, Policy/Procedure and Legal
24
Research & Analysis 14
Integration of Computing, Communications, and Business Disciplines
22
Title of Course - © 2009 SANS 16Passing the CASP - ©2012 Eric Conrad 16
Domain 1
• Enterprise Security (40% of exam)– Virtualized, distributed and shared computing– Cryptographic tools and techniques – Enterprise storage– Network infrastructure, and secure applications and
storage– Host-based security– Application security– Security Assessment tools
Title of Course - © 2009 SANS 17Passing the CASP - ©2012 Eric Conrad 17
Domain 2
• Risk Management, Policy / Procedure and Legal (24% of exam)– Analyze the security risk implications associated with
business decisions– Execute and implement risk mitigation strategies and
controls– Explain the importance of preparing for and
supporting the incident response and recovery process
– Implement security and privacy policies and procedures based on organizational requirements.
Title of Course - © 2009 SANS 18Passing the CASP - ©2012 Eric Conrad 18
Domain 3
• Research & Analysis (14% of exam)– Analyze industry trends and outline potential impact
to the enterprise– Carry out relevant analysis for the purpose of
securing the enterprise
Title of Course - © 2009 SANS 19Passing the CASP - ©2012 Eric Conrad 19
Domain 4
• Integration of Computing, Communications and Business Disciplines (22% of exam)– Primary focus is on successful integration of
security process into an enterprise business– Security permeates the entire enterprise– Key roles and their security responsibilities– Ensuring business communications are secured– Organizational Authentication frameworks– Ensure security is considered during the entire
lifecycle of data and systems
Title of Course - © 2009 SANS 20Passing the CASP - ©2012 Eric Conrad 20
Notable Topics Not on the Exam
• The CASP objectives are specific– And fairly exclusionary
• If a major topic isn’t mentioned in the objectives, there are no in-depth exam questions
• For example: wireless is not covered beyond general best practices– For example, encrypt data in motion
Title of Course - © 2009 SANS 21Passing the CASP - ©2012 Eric Conrad 21
Scheduling an Exam
• Exams are held at 3rd-party computer-based testing centers– Pearson Vue currently offers the CASP exam
• To schedule an exam, go to CompTIA’s exam page– http://certification.comptia.org/getCertified/
certifications/casp.aspx– Click on “Find a testing center”
• Current US exam cost is $329– Costs for other countries listed at:
http://certification.comptia.org/Training/testingcenters/examprices.aspx
– Exam is currently offered in English only
Title of Course - © 2009 SANS 22Passing the CASP - ©2012 Eric Conrad 22
CASP Updates Other CompTIA Certs
• If you hold another CompTIA certification such as Security+, passing the CASP renews it
• Keeping CASP CEU’s up to date keeps all other CompTIA certifications current– If you have multiple CompTIA certifications
you only need to pay the annual fees and earn CEU’s for the highest level certification you are renewing. By earning a ‘ce’ designation on the highest level cert you would automatically be granted ‘ce’ designations for the lower level certifications as well.1
Title of Course - © 2009 SANS 23Passing the CASP - ©2012 Eric Conrad 23
CASP Renewal
• The CASP certification is valid for 3 years• Two renewal options:
– 75 Continuing Education Units (CEU) per cycle– Retaking the exam
• Each CEU requires roughly 1 hour of information security training– Writing or presenting information security information
generates more CEUs– CEU program requires $49 annual administration fee
Title of Course - © 2009 SANS 24Passing the CASP - ©2012 Eric Conrad 24
SANS Security 528
• SANS Security 528 is a brand-new 5-day course covering the CASP exam
• We are planning to schedule a beta run in a few months, most likely in the DC area
• If you are interested (including outside the DC area), please let me know– If there’s enough interest in a given area, I will
try and make it happen there– Email me at [email protected]
Title of Course - © 2009 SANS 25Passing the CASP - ©2012 Eric Conrad 25
Thank you!
• Email [email protected] with any questions
• I posted a copy of these slides to http://ericconrad.com