My Journey Series

My journey and CompTIA CASP+

Posted by Secure Ninja on
Me celebrating Christmas with my passion 😐

Did you mean to say CISSP?

Well, no. CISSP and CASP+ are two different certifications from two different vendors. CISSP is offered by (ISC)², and CompTIA offers CASP+.

The CompTIA Advanced Security Practitioner certification recommends 10 years of broad experience in IT, including 5 years in SecOps. From my experience in this field, I can say that the number of years in the field doesn’t equate to ‘experience’.

My motivation to obtain certifications

Let’s be clear: Obtaining certifications is the external validation of someone putting their time and effort into obtaining them. This does not mean that no certification = no motivation to grow.

While I don’t take myself seriously, I take my work and professional values very seriously. This means (but is not limited to) providing a professional service to your employer, continuing professional development, and demonstrating this to the professional network (including providing advice to mentees and supporting students at QUT through their mentorship program, which I’m a part of).

My skill set, including my professional development, is a significant factor towards my success in this field, and not being a dick compliments my overall employability.

Why is professional development crucial in cyber security?

Your tasks may not be 100% technical every time (even though the role is technical). This is visible primarily in companies that have a small cyber team or have outsourced key functions and only have an internal skeleton crew to liaise with the vendors. This can hurt your future employability since, in these scenarios, you won’t be configuring firewalls or tuning a SIEM; you would only be raising tickets for the MSP to complete this. This means you are losing valuable operational experience. The limited technical experience would limit the organisations you can work with.

If you are feeling overwhelmed while reading this and thinking “oh no!”, don’t worry. The great thing about cyber security is that there are many resources available to help you learn new things and improve your skills. Personally, I like to spend time on HTB since it keeps me sane and confident enough to understand the technical aspects of published breach reports and, at limited times, replicate it in my lab. It also allows me to mentor students who are interested in pen testing and other technical roles since they find the idea of wearing black hoodies and red teaming far more exciting than dealing with teams who want to fight you for not allowing them to wipe their corporate laptops to install Ubuntu.

I don’t recommend using platforms that offer certificates for watching videos. On the other hand, modules or pathways in HTB require you to spin up a virtual machine (VM), conduct a Capture the Flag (CTF) exercise and provide the correct answer to proceed in the course and obtain your completion mark. This process ensures that you have understood the concept and have demonstrated your technical proficiency.

Why did I choose the CASP+ certification?

After spending seven years on the operations side of cyber security, I have come to realize a few important things about myself and the industry. I consider it a blessing that I had the opportunity to work across various domains and technologies right from the beginning. Working in small teams for large organizations meant that we had to manage multiple technologies and be subject matter experts in all of them. After moving to a senior position, it was only natural for me to pursue an advanced certification.

There are a couple of other reasons why I chose the CASP+ certification.

Reason 1: Since I’m in a technical role, this certification would elevate my knowledge and skills (it did). Not just that, it would complement my current role as a senior cyber security professional and significantly help me in my interests outside of my 9-5.

Reason 2: In one of my previous blogs, I discussed the importance of determining the value that a certification brings to an individual. For instance, while an MBA or CISSP certification may hold significant value for a manager or someone in a leadership position, it may not be as relevant for a fresh graduate. The worth of a certification depends on various factors, including an individual’s role and responsibilities. Personally, I found that the CASP+ certification provided me with the most value.

Reason 3: I have taken two other certifications from CompTIA in the past, so I felt more comfortable choosing them again for my latest certification. However, the CASP+ exam was significantly different from the others. It was highly technical and challenging, focused on working with virtual machines, capture-the-flag exercises, operational technology network design validations, and more.

Preparing for my CASP-004 exam

I purchased the Exam voucher + Study guide basic bundle for AUD $933.90.

While this was initially planned to be a self-funded course, my employer kindly offered to reimburse me for the certification after I passed the exam.

While I can’t discuss the specifics of the exam, I can confirm that relying solely on the official study guide would not have allowed me to pass.

It can be an advantage if you have prior experience in Linux and CTF tournaments in addition to the technical experience you have gained over the years. It is important to emphasize again that this is a technical, hands-on exam. Simply being aware of the attack concepts by reading all the articles from Bleeping Computer or The Hacker News will do you no good.

While reading the study guide, it is worthwhile to research the technology and attack vectors with which you are unfamiliar. While it could be time-consuming, understanding the weightage given to each section will enable you to determine how much effort needs to be put into a particular chapter. Note that I mentioned the term ‘research’ and not ‘read about’.

What would I have done differently?

  1. Not scheduling my exam during the holiday period, especially the day before you are about to go on holiday.
  2. Don’t wait for a year or so to complete this blog. But trust me, I have some valid reasons, including spending time on super cool projects and Non-Cyber-Related initiatives.
  3. The closest exam centre for me for the preferred date was in a different city so I opted for the at home exam. Unfortunately, I didn’t have a working VM and thought it would be fine. It was not! Some random process decided to act out 20 minutes into the exam and the proctoring software notified me that the test is terminated. Absolute panic for 7 minutes while trying to find out what the process was and trying to fix it.
    • Finally managed to resolve the issue and waited impatiently to re-join the session.
    • While I was able to resume the exam, I wouldn’t want to go through that again.
    • Always use a clean VM for running that dodgy proctor software to ensure there is no interuption and delete the VM after use.

Feedback to CompTIA

CompTIA should market this certification more, as it is not well-known, and few employers seek it out.

Thank you for visiting and taking the time to read my articles. I enjoy writing about technology, professional development, and other interesting topics. If you have any suggestions, tips, or kind words, feel free to share them with me.

A bonus for sticking around till the end:

Cheers,

Shaine

Leave a comment