Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

What is the “CASP”? A technical security

advertisement 
About NetCom Learning
•
•
•
•
Founded: 1998
Trained over 90% of the Fortune 500
Serviced over 50,000 professionals
Authorized Vendor Training: over 20 leading technology
vendors
– Microsoft, Cisco, CompTIA, PMI, Autodesk, Citrix...
• Custom training solutions at client locations & live online
training
• CompTIA Platinum Training Partner
• Microsoft Worldwide Partner of the Year
• Inc. 5000 Fastest Growing Private Companies in US
www.netcomlearning.com
GoToWebinar Controls
2
v1.1
CASP Certification
What is the “CASP”?
• A technical security certification for the technical
“lead” in an enterprise organization
• The focus is on technical, and on enterprise
• Vendor neutral
• Targets at least 5 years of technical security
experience
• Intended for the security professional who loves the
application of security, and who is good enough, and
senior enough, to be thinking about the business as
a whole, and the security impact of business
decisions
4
Identifying the Need for an
Advanced Security Certification
5
Growing Global Importance of Security
62%
47%
46%
47%
35%
33%
Lower Half Priority
19%
Middle Priority
2008
Upper Half Priority
5%
7%
2010
2012
Source: CompTIA’s 8th Annual Information Security Trends study Base: 1,400 IT and
business executives responsible for security
6
The Rising Cost of Human Error
Cause of security incidents / breaches
50% of respondents
Technology
Error
believe human error will
increase significantly or
moderately as a factor over
next two years.
41%
59%
Human
Error
Primary Sources of Human
Error:
- Failure to comply with
company security
policies
- Lack of security expertise
- Lack of security training
- Lack of resources
7
Improving the IT Security Workforce
More technology-specific training
Probably
Definitely
Net
59%
32%
91%
More frequent training
62%
More recognition/financial rewards for IT staff
that complete a security certification
63%
Having more IT staff complete a security
certification
52%
23%
18%
24%
85%
81%
76%
More vendor-neutral security training
58%
18%
76%
More instructor-led training
59%
17%
76%
8
Key Findings – Advanced Security
An advanced level security exam
would be good to pursue.
The exam should be performance-based.
The exam should be part of a vendor certification
(as an elective).
The advanced security exam should concentrate on
new technologies that demand a concentration in
security aspects, such as IPv6, VoIP, and SaaS.
Acceptance of the exam depends on Government
general acceptance of the new certification and
applicability to 8570.
9
POLLS
10
CASP Development
Targeted at IA Technical Level III and IA Management Level II of the US
DoD Directive 8570.1-M
Designed for the Technical Security Lead in Large, Multi-location
0rganizations
The Next Step for Technical Security Professionals on the Path
to CISSP/Product-Specific Certification.
The First in CompTIA’s Mastery Series of Exams
Primary market: U.S
Secondary markets: Germany, Malaysia, Japan
11
Target Audience and Job Roles
Information
Systems Security
Engineer
ISSO, IASO
Network Security
Engineer
(Information Systems
Security Officer/Information
Assurance Security Officer)
Target Audience
Security Analyst
IT security professionals with a
minimum of 10 years experience in
IT administration and at least 5
years of hands-on technical
security experience
Security Manager
or Information
Assurance
Manager (IAM)
Security Architect
Security Consultant
Security Assessor
12
Job Roles and Responsibilities
IT Security Job Role
Information Systems Security Engineer
Network Security Engineer
Security Architect
Security Consultant
Security Assessor
Security Manager or Information
Assurance Manager (IAM)
Security Analyst
Major Responsibilities
• Detailed design and build of security programs, systems engineering with a security
perspective.
• Security systems design.
• Interprets security requirements to non-security staff.
• Detailed design and build of network security devices, security network programs, network
engineering with a security perspective.
•Security network design. Interprets network security requirements to non-security staff.
•Creates, conceptualizes, and builds security systems to meet business drivers.
•Includes application level, network level, and systems level security.
•Provides end-to-end traceability between business drivers and security solutions.
•Provides advice and guidance related to interpreting, implementing and complying with
security best practices, while addressing complex situations and issues.
•Evaluates compliance and assesses vulnerabilities.
•Decision maker, has overall responsibility for maintaining security in his/her area of
responsibility.
• Analyzes security practices, controls and operational security events. Configures and
monitors security services.
ISSO, IASO (Information Systems Security
• Security generalist that performs auditing, security design, provides security
Officer, Information Assurance Security
advice/consulting, reviews change requests, and addresses operational security.
Officer)
13
CASP Exam Focus
CASP Focus
Design and
Build of
Security
Solutions
Why
Security
Measures
are Taken
Security
Impact of
Business
Decisions
Application
rather than
Definition
15
CompTIA Exam Overview
Exam Coverage
Enterprise Security
Risk Mgmt, Policy/Procedure
and Legal
Research & Analysis
Integration of Computing,
Communications, and
Business Disciplines
1 Blended Exam
Multiple choice
Scenario based
Performance based
•
CASP Knowledge and Skills
Subjects include
ANSI/ISO Accreditated
in Anticipation of 8570
Approval
IPV6 and VOIP. Address
SAAS in an objective that
includes Security in SLA’s
with vendors providing
services.
•
The CASP exam will certify that the successful
candidate has the technical knowledge and
skills required to conceptualize, design, and
engineer secure solutions across complex
enterprise environments.
•
The candidate applies critical thinking and
judgment across a broad spectrum of security
disciplines to propose and implement solutions
that map to enterprise drivers
16
CASP Exam Information
Exam Requirement
• 1 exam, blended format
Exam Detail
• Part Number: CAS-001
• Number of Questions: Up to 80
• Exam Length: 150 minutes
Recommended Experience
• 5 years of technical security experience at the enterprise
level.
Price
• Introductory Price
$329 Non-Member.
Languages
• English initially
17
CASP Objectives
Domain
Percent of
Examination
Enterprise Security
40%
Risk Mgmt, Policy/Procedure and Legal
24%
Research & Analysis
14%
Integration of Computing,
Communications, and Business
Disciplines
22%
Total
100%
18
Performance Based Questions
Highlights
• For performance based items, the CASP
candidate will be given a scenario/problem,
and will be prompted to push a button to
launch a simulated environment that is
created via software.
PerformanceBased Question
Description
• The simulated environment should be familiar
to a security professional with the level of
experience recommended for the CASP exam.
• Once the simulation is launched, the candidate
will need to perform whatever tasks s/he
believes appropriate, based on the given
scenario and the tools/information that are
provided in the question.
19
CASP Discussion Points
Highlights
• The exam will have up to 80 questions. One of
several “forms” of the exam is presented to each
candidate. The number of questions may vary
from one form to the next, up to 80.
Pass Fail
Exam
• All forms are internally balanced for objective
weight and question difficulty, but the number
of questions may differ.
• For this reason, a single scaled score for the
CASP exam is not workable, and a Pass or Fail
score will be awarded.
• All candidates will receive a report showing the
objective areas where questions were missed
and further study or experience is needed.
20
CASP certified – as of March 2012
• Global launch of the CASP, with courseware
available, on February 21, 2012
• 219 CASP certified professionals (including beta
participants)
• Early movers – security professionals from
– U.S. government contractors
• SAIC, Northrop Grumman, General Dynamics, Booz Allen
– U.S. Air Force, Army, Navy, Dept. of Homeland Security
– CenturyLink, Rackspace, Hewlett-Packard, Microsoft, IBM
21
CASP Testimonial
22
CASP learning
Printed courseware for
Instructor and Student
CompTIA Platinum Training Partner
23
Authorized CASP Certification Training
• ComTIA Advanced Security Practitioner (CASP)
–
–
–
–
5 days certification training
Books included
Testing center in the training facility
CompTIA Certified Instructors
• Class Dates
– May 14th New York City (LOT compatible)
– May 21st Las Vegas (LOT or Travel Package)
– July 9th New York (LOT compatible)
24
World Innovation Forum
New York 2012
World Innovation Forum 2012 (www.netcomlearning.com/wif)
• June 20th – June 21st 2012, New York City Center
• 11 world renowned experts and practitioners
www.netcomlearning.com
Q&A
26
v1.3
CASP Certification
For more information contact:
comptia@netcomlearning.com
www.netcomlearning.com
Related documents
A systematic review of interventions for children with cerebral palsy
A systematic review of interventions for children with cerebral palsy
CASP
CASP
CASP - California Association of School Psychologists
CASP - California Association of School Psychologists
(CASP) and Speech Sample Analyses
(CASP) and Speech Sample Analyses
Data release: U–Pb detrital zircon data from Arctic Russia (2015). By
Data release: U–Pb detrital zircon data from Arctic Russia (2015). By
Mid Jurassic to Early Cretaceous review – Part 2: Kuhn Ø and
Mid Jurassic to Early Cretaceous review – Part 2: Kuhn Ø and
SANS Security 528
SANS Security 528
ppt - Carnegie Mellon University
ppt - Carnegie Mellon University
Origin of the Vorkuta lava flow and geological implications for crustal
Origin of the Vorkuta lava flow and geological implications for crustal
Origin of the Vorkuta lava flow and geological implications for crustal
Origin of the Vorkuta lava flow and geological implications for crustal
A GIS database of the Fossil Record of the Sverdrup Basin Part 1
A GIS database of the Fossil Record of the Sverdrup Basin Part 1
expert center
expert center
Download
advertisement