The Department of Defense (DOD) has begun including the security certification known as "CompTIA Advanced Security Practitioner" (CASP) in its accepted roster of industry-based security exams to prove technical skills, the trade group says.
Terry Erdle, executive vice president, skills certification, CompTIA
CompTIA came up with CASP last year and it's the toughest technical exam related to networking security it's ever introduced, says Terry Erdle, executive vice president, skills certification. The DOD had provided input to CompTIA regarding what it wanted in a networking security exam and has now accepted CASP for accreditation under what's known as the U.S. Department of Defense Information Assurance Workforce Improvement Program.
[ BY THE NUMBERS: Obama's 2013 IT budget: Less for DOD, less overall ]
The rules for that are spelled out under the DOD's 8570.01-M criteria, and CASP is now is now said to be approved as a baseline certification for Information Assurance Technical Level III, IS Manager Level II and IA Systems Architect and Engineer Levels I and II.
The DOD has required both employees and contractors to obtain various industry-based certifications to perform certain functions in DOD data centers and networks, and the CASP exam -- if you can pass it -- is now also a certification that will apply.
It's recommended that anyone wanting to take the CASP exam have a minimum of 10 years of experience in IT administration and at least five years of hands-on technical experience.
The CASP, about 2.5 hours, consists of 80 questions given in a computer-based setting that involve some hands-on skills demonstration, such as simulated firewalls. It's intended to be vendor-neutral. The scope of CASP appears to be extensive, testing the applicant's knowledge of enterprise security; risk management, policy and legal procedures, research and analysis; and business-oriented understanding in regards to computing and communications.
"It's very technical," says Erdle. Subjects include cryptography and certificate management, virtualization security, knowledge of enterprise storage, vulnerability management, SCADA, VoIP and IP6 protocols, and a broad swatch of host- and network-based security used in applications and for remote access.
There are about 8,000 testing centers run by Pearson Vue that offer the CASP exam, as well as other tests, on a schedule basis. The cost for the CASP tests is about $379.
Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security. Twitter: @MessmerE. Email: firstname.lastname@example.org.