CASP+ (CAS-003)

Obtaining CompTIA CASP+ Premiere Cybersecurity Certification

The purpose of this post is to explain the process behind what guided me to the CASP+ 003 and tips and tricks I learned from accomplishing this achievement.

Background: CASP+ was going to eventually catch up to me because I’ve initially started down the rabbit hole of DoD 8570 now known as DoD 8140 outlining the cybersecurity roles and requirements for US Government contractors. While I didn’t pursue any opportunities directly engaging in the US Government leaving the military the city I’ve relocated to have an abundance of government subcontractors with this requirement.

Approach: Like any certification I took on in 2021, I’ve started with gathering requirements to determine the most effective measure. Surprisingly Discord groups from Reddit r/CASP and r/CompTIA provided excellence feedback and guidance on the process. I’ve identified the All-in-One book (link below) was a pillar in following this path. Additionally I’ve selected to participate in the Onward-to-Opportunity to pursue CISSP+ and the training had much similar overlap. I started initially prepping by skimming the book chapter by chapter around June of 2021, initially it felt like refresh coming off of CySA+ from 2020 just some familiarize more conceptual and in depth. I’ve rescheduled my initial exam from October 3rd to December 3rd due to obtaining Azure Certifications which came into my focus. Once the time set in I started about one hour a day reading for thirty minutes and listening to Jason Dion’s LinkedIn Course at 2x speed. Any section that felt weak such as the in-depth SDLC and Encryption I’ve focused on those which helped with pocket prep.

The great thing they didn’t tell you when pursuing certifications is to focus on PBQ’s luckily with the purchase of the All-in-One book you have access via a code to PBQ’s through TotalSem and I highly recommend it. Prep material was keen in this because from what I’ve been told you could answer every question correct but miss two PBQ’s and automatically failed. Due to this I purchased the official CompTIA Labs for CASP+003 which was overkill in my opinion as the more in depth your background with cloud has a lot of overlap in server management/administration. To each is own in the background, the focus on risk management is heavy as is with CISSP so you’d likely have to brush up on knowledge of NIST 800-53 and understand BCP, what I’ve enjoyed most is this felt like what a SOC Manager should know in knowledge. While everyone’s career ambitions differ this is what the audience target felt like for me, I’ve spent upwards of 30-50 hours of prep in total the day.

Recommendations:

Never underestimate CompTIA they are known for tough exams and this one comes as the most in-depth they have to date prior to the new iteration CASP+ 004. If you have Sec+ and CySA+ this should be pretty good foundation in building blocks to solidify that curriculum further. Highly suggest having at least one of the two prior to attempting to challenge the exam.

Links

Book that I read consistently!

Application (PocketPrep) Android iOS

https://play.google.com/store/apps/details?id=com.pocketprep.android.itcybersecurity&hl=en_US&gl=US