CASP+ Sneak Peek May 4, 2021

[Stephen Schneiter]

The next release for CompTIA CASP+ will be available in August of 2021. Join the CompTIA Instructor Network and special guests @Lee McWhorter and Patrick Lane as they take a Sneak Peek into changes with the new exam vs. the current version. We will discuss how to cover the content with students and suggest various labs to let students gain hands-on experience as they prepare for certification.

What: two-hour webinar investigating updated certification
When: Thursday May 4st 10:00 a.m. CST
Where: ON24
Who: Lee McWhorter, Covered6
Registration: http://bit.ly/CASPPlus004-SP

 

[Steve Linthicum]

Just registered. Will be nice to see Lee.

 

[Mallia]

Registered. it will be great series.

 

[Hod Berman]

Registered!

 

[Mohammed B]

Registered.

 

[Ivan Jude Busgano]

Registered. This is exciting!

=)

 

[Tess Sluijter]

I'm still salty I couldn't take the CASP+ Beta. One day CompTIA, one day!

 

[Vishal]

Anyone else having issues connecting to the CASP+ sneak peek session?

 

[Vishal]

Nvm to many tabs open.

 

[Mallia]

I am watching the session. Its great info with some taste of pentest.

 

[Rick Butler]

Sorry I missed this one today. Watching the re-run right now. /r

 

[Hod Berman]

I'm still salty I couldn't take the CASP+ Beta. One day CompTIA, one day!

Hey Tess, Did you attend the sneak peek? There is a survey link to possibly be invited to take the CASP+ beta.

 

[Tess Sluijter]

Hey Tess, Did you attend the sneak peek? There is a survey link to possibly be invited to take the CASP+ beta.

Thanks! That got sorted out with thanks to our friendly neighborhood Spiderman @Stephen Schneiter .

I was in the sneak peek, but the survey link also stipulates US-residents only. That's one of the reasons I didn't get in to begin with But Stephen was awesome (still is) and helped me out.

 

[Hod Berman]

Thanks! That got sorted out with thanks to our friendly neighborhood Spiderman @Stephen Schneiter .

I was in the sneak peek, but the survey link also stipulates US-residents only. That's one of the reasons I didn't get in to begin with But Stephen was awesome (still is) and helped me out.

That is fantastic news. Glad to hear.

 

[Lee McWhorter]

Thanks everyone for coming! Was a blast and I can't wait to teach the TTT later this year!

 

[Tess Sluijter]

Here's a few things I took away from the CAS-004 beta.

• On MacOS the instruction on PBQs (performance based questions) to ctrl-click for multiple selections does not work. On MacOS that is a right-click. The usual replacement cmd-click also did not work. The proctor did not have a solution for me, so questions that require multiple selections on MacOS are an automatic (partial) fail. @Stephen Schneiter this is something we REALLY have to take up with CompTIA and PV.
• There was a post-exploit question about persistence where "the attacker got root on windows". That by and of itself is an error, but it muddied the whole question: should I look for Unix-based answers, or Windows? Because which part of the question was wrong? Windows, or root?
• There was a question about SSH access log analysis, which did not show the actual logging. There was a question, there was a bit of explanation, but the actual logs were not shown.
• Many questions were frustrating to parse: the language or formulation used, made it hard to piece together the situation / question. Some questions I had to reread five times.
• Many questions about vulnerabilities focus on "input validation" as the "correct, best solution". In many cases it is not. For SQLi, it's parametrized queries. For XXE, it's disabling unsafe features and settings like external entity parsing.
• A good thing: no questions stood out as being out-dated. There's no antiquated stuff and plenty of cloud.