More Certs...
the_Grinch
Member Posts: 4,165 ■■■■■■■■■■
I was looking up information on Wireshark and seems they will be providing certifications now...not enough certs out there!
Laura Chappell's Wireshark University
Laura Chappell's Wireshark University
WIP:
PHP
Kotlin
Intro to Discrete Math
Programming Languages
Work stuff
PHP
Kotlin
Intro to Discrete Math
Programming Languages
Work stuff
Comments
-
astorrs Member Posts: 3,139 ■■■■■■□□□□the_Grinch wrote: »I was looking up information on Wireshark and seems they will be providing certifications now...not enough certs out there!
Laura Chappell's Wireshark University -
malcybood Member Posts: 900 ■■■□□□□□□□Yeah try watching some of her training videos on Youtube.
Links here
Laura Chappell's Wireshark University -
dynamik Banned Posts: 12,312 ■■■■■■■■■□the_Grinch wrote: »I was looking up information on Wireshark and seems they will be providing certifications now...not enough certs out there!
Laura Chappell's Wireshark University
Bookmarked, thanks! -
Laura_C Member Posts: 2 ■□□□□□□□□□Well... thought I'd jump in here and explain the 'why' regarding the Wireshark Certified Network Analyst program...
Too many IT folks out there know how to install/configure a TCP/IP network, but do not truly understand how TCP/IP (and common apps) communicate. Some folks know how to capture traffic using a variety of analyzers, but cannot decipher the communications to point to where the problem lies. These really should be fundamental skills acquired by all serious IT folks.
The Wireshark Certified Network Analyst test validates a candidate's ability to differntiate between normal and abnormal communications, and - in the case of abnormal communications - spot the possible cause of the problem or the next step in problem resolution.
The test consists of a set of multiple choice, free form and lab-based questions. In many cases, candidates must open a trace file, identify the cause of a communication fault and successfully answer a question based on their findings. The test is run in a virtual environment, where the candidate has access to Wireshark and all the features they would have at their fingertips when onsite.
In my ideal (packet-colored) world, I'd like to see network analysis be taught during the basic courses on networking - to visualize the traffic often helps understand how it works.
As a side note... we are going to open Chappell University on or about February 1st (the same target date for the certification public release). Chappell University is my new venture to create affordable, dynamic training on a variety of topics including network analysis, troubleshooting, security, network forensics, host forensics, traceback/reconnaissance, network mapping, decoys/deception, OS stack behavior, private investigation services, federal/state cybercrime reporting/cooperation, and more. We currently have over 100 labs ready to go and I'm creating more every day. I'm always listening for new topics to develop/record/train on, so feel free to email me your thoughts at lchappell@packet-level.com.
Now go eat some candy, Grinch! <g> -
the_Grinch Member Posts: 4,165 ■■■■■■■■■■Thanks for explaining the cert and process behind it more! I guess my main fear is it not taking off (hoping it does). Don't see that being an issue, but one never knows. Again thanks for the info!WIP:
PHP
Kotlin
Intro to Discrete Math
Programming Languages
Work stuff -
Laura_C Member Posts: 2 ■□□□□□□□□□Well... here's a tidbit for you... as we also wondered if a cert would be welcomed. Currently we have over 3,000 people on the waiting list to take the exam. I believe the interest is most definitely linked to Wireshark's most definite triumph as the defacto standard in network analysis - they are up to over 500,000 downloads a month now.
-Laura -
JDMurray Admin Posts: 13,101 AdminAny vendor looking to produce certifications for their own products should understand the great lengths they will need to go in protecting the intellectual property of their exams. Certifications are worthless if the exam's IP can be easily copied and distributed across the Internet. Testing controls must also be in place to insure that the person who receives the certification is the person who actually took the exam.
Product vendors may typically start with certification exams that are Web-based, open book, and can be taken from the comfort of one's home. This model relieves the need of the vendor to partner with Prometric or Vue as testing centers and saves the vendor a lot of money. It also makes the exams very easy to change in a moment's notice.
However, in this model, it is impossible to protect the information that is appearing on the screen. It will be copied and distributed along with the best guess as to the correct answer. It is also impossible to verify who is actually taking the exam. And open book certifications only test how well a candidate is able to look up information, and not necessarily what they know or how well they can apply their knowledge. The lack of authentication, confidentiality, and integrity controls in this model makes it one to be avoided.
One other issue is exam cost. A cert vendor may only be thinking of business customers when they put a very large price tag on each certification exam. Many business products (e.g., VMWare, Snort, Wireshark) have a hobbyist fan-base that simply can't afford $300 per exam (or $3000 with mandatory training class). Having two tiers of exams--one for hobbyists and one for professionals--is a better solution for all.
Oh--and wait until you discover how much it actually costs to write really good, high-quality exam items. Ask the (ISC)2 about that. -
Ahriakin Member Posts: 1,799 ■■■■■■■■□□Good points JD but they do have to start somewhere. I don't know how hard it is to get your exams into the Prometrics of the world but I imagine it is not cheap.
Anyway I welcome a formalized Wireshark certification, it definitely should become one of the bread and butter security/network management certifications (as long as it's integrity can be protected as JD has pointed out - just not, after mentioning the ISC(2), with a similar good-old-boys-club attitude of recommendations ...yes I beat the old horse, hah ), it's useful for almost all aspects of networking in some way or another.
Thanks for posting here Laura.We responded to the Year 2000 issue with "Y2K" solutions...isn't this the kind of thinking that got us into trouble in the first place? -
mikej412 Member Posts: 10,086 ■■■■■■■■■■Having two tiers of exams--one for hobbyists and one for professionals--is a better solution for all.The lack of authentication, confidentiality, and integrity controls in this model makes it one to be avoided.
Hopefully there would such a large set of practical questions that it would be too much work for the **** vendors to "document" them all, but there would still be the "hired test taker" issue.One other issue is exam cost. A cert vendor may only be thinking of business customers when they put a very large price tag on each certification exam. Many business products (e.g., VMWare, Snort, Wireshark) have a hobbyist fan-base that simply can't afford $300 per exam (or $3000 with mandatory training class). Having two tiers of exams--one for hobbyists and one for professionals--is a better solution for all.:mike: Cisco Certifications -- Collect the Entire Set! -
JDMurray Admin Posts: 13,101 AdminGood points JD but they do have to start somewhere.I don't know how hard it is to get your exams into the Prometrics of the world but I imagine it is not cheap.
-
Uchiha Sasuke Member Posts: 42 ■■□□□□□□□□I have her DVD course and I must say WOoow it's very nice material
Excellent combination with Cisco -
Kasor Member Posts: 934 ■■■■□□□□□□I will look at this one since I'm using this product at work. It will be something that good to know.Kill All Suffer T "o" ReBorn
-
Turgon Banned Posts: 6,308 ■■■■■■■■■□Well... thought I'd jump in here and explain the 'why' regarding the Wireshark Certified Network Analyst program...
Too many IT folks out there know how to install/configure a TCP/IP network, but do not truly understand how TCP/IP (and common apps) communicate. Some folks know how to capture traffic using a variety of analyzers, but cannot decipher the communications to point to where the problem lies. These really should be fundamental skills acquired by all serious IT folks.
The Wireshark Certified Network Analyst test validates a candidate's ability to differntiate between normal and abnormal communications, and - in the case of abnormal communications - spot the possible cause of the problem or the next step in problem resolution.
The test consists of a set of multiple choice, free form and lab-based questions. In many cases, candidates must open a trace file, identify the cause of a communication fault and successfully answer a question based on their findings. The test is run in a virtual environment, where the candidate has access to Wireshark and all the features they would have at their fingertips when onsite.
In my ideal (packet-colored) world, I'd like to see network analysis be taught during the basic courses on networking - to visualize the traffic often helps understand how it works.
As a side note... we are going to open Chappell University on or about February 1st (the same target date for the certification public release). Chappell University is my new venture to create affordable, dynamic training on a variety of topics including network analysis, troubleshooting, security, network forensics, host forensics, traceback/reconnaissance, network mapping, decoys/deception, OS stack behavior, private investigation services, federal/state cybercrime reporting/cooperation, and more. We currently have over 100 labs ready to go and I'm creating more every day. I'm always listening for new topics to develop/record/train on, so feel free to email me your thoughts at lchappell@packet-level.com.
Now go eat some candy, Grinch! <g>
Very interesting. Laura I will drop you an email about this. I like the material you have contributed to in Cisco Press. It's true that the mechanisms of TCP/IP are often lost on many IT professionals. TCP handshaking is just one area that gives people problems. A lack of understanding there can lead to spurious interpretation of firewall logs for example. There are many other rudimentary elements of networking that many people need to work on particulary in the 'state machine' topics. A little college can help there if you study data comms and books by writers such as Stevens and Stallings.
How does this track stack up against say Sniffer exams in terms of the goals you are setting?