CISSP vs CASP



  • I am looking for a new cert to get. I learned alot and had a blast taking ECSA. I want a manager level cert and it looks like CISSP is what most people are getting. I've done some CISSP training and reading. It's a mile long and an inch deep. Not only that, but it is extremely boring and mostly useless to technical people. It's a $600 test and I have read that alot of people had to take 3-4 times and gained very little out if it. It's $85 a year to maintain. The test is 6 hours with 250 questions.

    According to DoD Directive 8570.1 CASP by CompTIA is an alternative to CISSP. Unfortunately many companies even non military are using DoD Directive 8570.1 as a baseline for what IT Security Professionals should have. CASP is a $400 test and has under 100 questions. I think you get about 2 hours to complete it. CASP is still relatively new (less than 2 years old) so I am not sure about longetivity or if people even know the name.

    DOD-8570-Chart.png

    Note: This chart was taken from ISC2 which is why their certs are highlighted and the others are not.



  • No advice?


  • Service Provider

    No clue here.



  • I don't know enough about either of those certifications to give good advice, but out of curiosity, at a quick glance, this is what I came up with:

    • If you are doing it for the knowledge gain, I'd choose the CISSP.

    • If you want it just to have it, then CASP.



  • Doesnt the cissp require you to have and demonstrate at least 5 years security job xp to be able to even register to take the test?



  • @momurda said in CISSP vs CASP:

    Doesnt the cissp require you to have and demonstrate at least 5 years security job xp to be able to even register to take the test?

    Yeah, but right now I have 6 years total experience.



  • @Tim_G said in CISSP vs CASP:

    I don't know enough about either of those certifications to give good advice, but out of curiosity, at a quick glance, this is what I came up with:

    • If you are doing it for the knowledge gain, I'd choose the CISSP.

    • If you want it just to have it, then CASP.

    CISSP is the most boring thing in the world, but it is pretty much a must have if you want to be in IT Security Management



  • @momurda said in CISSP vs CASP:

    Doesnt the cissp require you to have and demonstrate at least 5 years security job xp to be able to even register to take the test?

    and not quite. You just have to have experience in 2 out of the 8 domains. Even a physical security guard is eligible to claim experience as physical security is one of the domains. Also you can substitue certs such as CEH, MCSA, MCSE, Security +, etc.


  • Service Provider

    @momurda said in CISSP vs CASP:

    Doesnt the cissp require you to have and demonstrate at least 5 years security job xp to be able to even register to take the test?

    LOL. Not really. It's a joke.


Log in to reply
 

Looks like your connection to MangoLassi was lost, please wait while we try to reconnect.