Posted by: Ed Tittel
For those not already in the know, the Department of Defense (DoD) has approved the CompTIA Advanced Security Professional (CASP) credential for addition to its baseline list of acceptable information security/information assurance certifications for the following levels:
- IAT Level III (Information Assurance Workforce Technical Level III): A description of this level of attainment is available at IA Academy and in the 8570.01-M Manual.
- IAM II (Information Assurance Management Level II): A description of this level of attainment is available at IA Academy and in the 8570.01-M Manual.
- IASAE Level I and II (Information Assurance Workforce System Architect and Engineer, Level I and Level II) IA Academy links for L1 and L2 at left, and also covered in the 8570.01-M Manual.
What makes this decision interesting is discussed very nicely in a 2/23/2013 article on Steve Linthicum’s Certification Site entitled “CASP-CompTIA Advanced Security Practitioner News” wherein the author opines as follows:
“What will ‘sell’ this exam to DOD employees and contractors seeking to meet the requirement of DOD Directive 8570.0 is the fact that it’s cost ($379) is substantially less than (ISC)2 charges for the CISSP exam ($599), coupled with at least a perception that it is easier than the CISSP.”
Currently study guides for the CASP are available from Sybex (Michael Gregg and Billy Haines, February 2012) and McGraw-Hill (Wm. Arthur Conklin, Gegory White, and Dwayne Williams, September 2012), and both books get pretty good reviews. If you can meet the CASP experience requirements (10 years in IT administration, including 5 or more years of hands-on technical security experience), the exam includes 80 questions (versus 250 questions for the CISSP) over a 2.5 hour period (versus 6 hours for CISSP). That’s probably the primary source for the belief that the CASP exam is easier than the CISSP, cost issues notwithstanding. This could be a great option for those who want to (or must) meet mandatory DoD IA certification requirements. For more information, I blogged about the CASP at PearsonITCertification on June 1, 2011 in a post entitled “CompTIA Ventures Beyond Entry-Level with CASP Credential.”