I recently completed CompTIA Advanced Security Practitioner (CASP) training. The CASP certification is an international, vendor-neutral exam that proves competency in enterprise security; risk management; research and analysis; and integration of computing, communications, and business disciplines. The CASP is essentially a technical version of the ISC(2) CISSP (Certified Information Systems Security Professional) and is a DoD 8570 directive (IA Technical Level III) approved certification. I have held a CISSP certification since November 2001 and have recently been refreshing and upgrading a number of my certifications.
The CISSP has more policy and managerial topics covered under its objectives whereas CASP is more hands-on, technical and task oriented. One way to look at it is that CISSP explains ‘Why?’ and CASP lets you know ‘How?’
I will be spending time studying for the next 2-3 weeks before taking the exam. The CASP exam is notoriously difficult with only a 20% first-time pass rate. The exam is full of performance based questions which utilize simulators in a lab configuration. The CASP exam is also expensive at nearly $400.00 USD to take vs. the CISSP which cost $600.00 USD.
I’ll update this post once I’ve taken the exam and share my experience. Wish me luck!