Later this year, CompTIA will be releasing the CompTIA Advanced Security Practitioner (CASP) certification. It is time for this certification. It’s targeted directly at individuals that have worked in security for a number of years in “hands-on” security. We are not talking about the suit and tie crowd here; this certification is for those that do the day-to-day security work that keeps networks running and secure.
Just consider the knowledge areas that CompTIA is looking at for security assessments.
The test candidate is expected to know about port scanners, vulnerability scanners, protocol analyzers, switchport analyzers, network enumerators, password crackers, fuzzing, and attack tool frameworks.
Anyone performing a security assessment needs to be able to use and understand the applications regarding many specialized tools such as exploit frameworks. One good example is Metasploit. The Metasploit Framework is an advanced platform for developing, testing, and using exploited code.
Another tool “hands-on” security professionals need to know is the sniffer. There are many sniffers available yet almost all present the same data. Some of the most basic sniffers, such as TCP dump, use a command line interface and dump captured data to the screen, while more advanced products such as Wireshark, use GUI, graph traffic statistics, track multiple sessions, and offers multiple configuration options. Regardless of the platform, the CASP must understand how to analyze network traffic. This includes TCP, UDP, IPv4 and IPv6. IPv6 is does has differences from IPv4. The IPv6 address space is 128 bits, IPv6 does not support a checksum, and does not support ARP protocol. If you are not comfortable with IPv6, now is the time to get up to speed.
I think this certification is going to meet real need in the IT security industry by addressing an area of the market that has been overlooked. How many of you are interested in the CASP?