Passed: Wireshark Certified Network Analyst (WCNA)

Passed the exam earlier this week!

A little background on me... I'm a recent grad with a bachelors degree in a business/IT field, and have roughly 2 years IT experience all of which has been service desk type duties. My only cert prior to this was Security+.

I had very little knowledge of protocols and network analysis when I started studying, so the bulk of my knowledge came from the materials I used to self-study (along with some Googling when I came across something in the text that I didn't recognize).

The books I used in order:
Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems by Chris Sanders
Wireshark Network Analysis (Second Edition): The Official Wireshark Certified Network Analyst Study Guide by Laura Chappell
Wireshark Certified Network Analyst Exam Prep Guide (Second Edition) by Laura Chappell

The study guide goes a lot more in-depth than what is required for the exam, which isn't a bad thing--especially since I expect to use it as a reference moving forward. The questions on the exam were very similar to those in the exam prep guide.

Overall I learned A LOT from the studying, and I've already found the knowledge gained to be useful at work. Not to mention it's been pretty fun diagnosing network problems and performance issues that were thoroughly confusing even our network infrastructure guy!

Find more posts tagged with

Comments

danny069

Wow congrats! Great job, was the exam tough? How long did you study for?

Deathmage

Congrats, I'm intrigued as to it's difficulty and where you go to take the exam? - I use wireshark all the time but never knew there was a certification!!!!

Launchpad

Thanks guys!

I didn't find it to be that difficult, and finished all 100 questions in 30 minutes. But I think that was mostly because the study materials were VERY thorough and effective in preparing me for the exam. I tested at a Kryterion testing center.

It's worth noting that a good portion of the exam and study materials are focused on general protocol analysis with questions about TCP, ICMP, network forensics, etc. There's a lot more to it than just Wireshark.

I'm a pretty slow reader and I studied for about 4 months but if you're already somewhat familiar with the material you wouldn't need nearly that much time. The study guide alone is fairly time consuming as it's 900+ pages and has numerous review questions and sample trace files.

jvrlopez

Is the certification more in line with network connectivity diagnosis or network traffic analysis in regards to security? A mixture of both?

docrice

In my experience, I'd say it's a mixture of both but more towards understanding protocols and diagnosis. Many networking professionals unfortunately don't spend a lot of time looking at packets and rely more on information and output that the equipment relays to them, and I find it slows things down from a troubleshooting perspective.

Launchpad

jvrlopez wrote: »

Is the certification more in line with network connectivity diagnosis or network traffic analysis in regards to security? A mixture of both?

It covers both but places a little more emphasis on network troubleshooting. A full list of the exam topics and objectives can be found here starting on page 12: http://wiresharktraining.com/files/wsucertinfopkJuly2012.pdf

Edit: as docrice said it's largely focused on general understanding of protocols and analysis/diagnostic skills, which could be applicable both to troubleshooting and security

AwesomeGarrett

Congratulations!!!

In definitely interested as I'm unfamiliar with advanced tools Wireshark has to offer. I remember working in the NOC and taking packet captures for the voice guys and we could playback the entire call from the wireshark capture.

I thought that was pretty cool, still do.

JamesKurtovich

Congrats.

I'll have to look into this. We use Wireshark in our environment often.

jensmith592

Good Job!

H3||scr3am

Congratulations on this one, it's been on my radar for some time, but I feel it's not well recognized in the field and the RoI would be low because of that, but I may pursue it later for a fun learning opportunity

stryder144

H3||scr3am wrote: »

...but I may pursue it later for a fun learning opportunity

Spoken like a true IT guy!!! My wife doesn't understand where the fun is in learning all of these different things.

@Launchpad...thanks for sharing with us both the success and the materials you used. Congrats and good luck in your future endeavors.

ccnpninja

Awesome!

Launchpad

H3||scr3am wrote: »

Congratulations on this one, it's been on my radar for some time, but I feel it's not well recognized in the field and the RoI would be low because of that, but I may pursue it later for a fun learning opportunity

I would say it's more valuable to people earlier in their career, which is why I pursued it. Long-term I'm looking to get into security and wanted to show an understanding of protocols and packet analysis.

coffeeluvr

Congratulations!

Magic Johnson

Looking in to doing this, are the two books (study guide and exam prep) enough to pass the exam?

shodown

I agree the RoI is not going to be huge, but what you learned combined with what you already do will be huge. I use wireshark at least once a week. I'm pretty sure if I buckled down and really learned the program its a lot more I could do with it.

dsgm

Congrats i have been looking into this, even bought the course on udemy when it was on sale for 19 dollars, been watching it recently too

Congrats again

Magmadragoon

Congrats, I need to look into the exam for myself.

UnixGuy

Congrats! I'm reading this book Wireshark Certified Network Analyst Exam Prep Guide (Second Edition) by Laura Chappell

will see how I go

Remedymp

What is the cost of the exam and is this exam hosted at Prometric or PearsonVue?

UnixGuy

Have you guys tried the CBT nuggets for Wireshark?

Magic Johnson

Remedymp wrote: »

What is the cost of the exam and is this exam hosted at Prometric or PearsonVue?

It's $299. Kryterion run the exams, I've checked in my country the same place that did my CCNA (a PearsonVue) does the WCNA too.

Magic Johnson

UnixGuy wrote: »

Have you guys tried the CBT nuggets for Wireshark?

I have them, was going to make a start this week before I get the books.

UnixGuy

Magic Johnson wrote: »

I have them, was going to make a start this week before I get the books.

Me too! I'm reading (skimming) through the book. the first few chapters I think I'm gonna skip them and head straight to the specifics of protocols. I feel that I can learn the different options/filters/coloring etc later. I think I'm better off practicing analysing certain protocols and pick up the filters/colors/..etc as I go.

I'll give the CBTs a go once I have time (running out of time with full time work/study/demanding hobbies/friends).

Launchpad

UnixGuy wrote: »

Me too! I'm reading (skimming) through the book. the first few chapters I think I'm gonna skip them and head straight to the specifics of protocols. I feel that I can learn the different options/filters/coloring etc later. I think I'm better off practicing analysing certain protocols and pick up the filters/colors/..etc as I go.

I'll give the CBTs a go once I have time (running out of time with full time work/study/demanding hobbies/friends).

Sounds like you're using the Study Guide, not the Exam Prep Guide you linked to earlier. The former is a comprehensive study guide while the latter is a much shorter book comprised only of practice questions.

Personally I did not use the CBTs but I'm sure they would be helpful.

Magic Johnson

Well my books arrived. Nearly 1000 pages of the Study Guide, followed by a whole host of questions in the Exam Prep book.

The only thing I'm wary about is the lack of support. With the CCNA the help on here was absolutely invaluable. I'm kind of on my own with this, but to be fair I'm expecting it to be slightly easier than the above. We shall see...

docrice

There's a reason why the WCNA and traffic dissection isn't discussed as much here. Protocol analysis is a very complementary skill in networking, one that I find many network engineers lack. There are too many CCNAs and CCNPs who understand appliance management rather than what happens on the actual wire. It's a fundamental disconnect in really understanding traffic behavior.

Laura Chappell has written a very good book which covers the material in relative plain English. It's a ton better than reading obscure-sounding RFC documents and trying to make sense what they're trying to convey.

Mike-Mike

This thread has solidified that this is the next cert for me

Mike-Mike

Launchpad wrote: »

Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems by Chris Sanders
Wireshark Network Analysis (Second Edition): The Official Wireshark Certified Network Analyst Study Guide by Laura Chappell
Wireshark Certified Network Analyst Exam Prep Guide (Second Edition) by Laura Chappell

Did you get the hard copies? Do they come with anything extra? Normally I get the hard copies because they come with a disc full of questions, but the Kindle version is always cheaper. If these do not come with any extras, I might just get the Kindle versions

also, any suggested order of books?

docrice

Not to downplay any enthusiasm, but almost no one recognizes the WCNA (which is a shame, really). People may have heard of Wireshark, but the cert itself is virtually unknown. From a training perspective, I personally consider learning the WCNA material just as important as the CCNA in regards to networking education, if perhaps not more.

However, the exam is a bit pricy and so from a resume-alphabet ROI, it provides little in the short-term until the rest of the world starts recognizing it. That said, I didn't find the WCNA to be a very grueling exam.