More Certs...

the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
I was looking up information on Wireshark and seems they will be providing certifications now...not enough certs out there!

Laura Chappell's Wireshark University
WIP:
PHP
Kotlin
Intro to Discrete Math
Programming Languages
Work stuff

Comments

  • astorrsastorrs Member Posts: 3,139 ■■■■■■□□□□
    the_Grinch wrote: »
    I was looking up information on Wireshark and seems they will be providing certifications now...not enough certs out there!

    Laura Chappell's Wireshark University
    Laura is a Wireshark god, I would expect the CBTs to be very technical and informative as a result.
  • malcyboodmalcybood Member Posts: 900 ■■■□□□□□□□
    Yeah try watching some of her training videos on Youtube.

    Links here

    Laura Chappell's Wireshark University
  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    the_Grinch wrote: »
    I was looking up information on Wireshark and seems they will be providing certifications now...not enough certs out there!

    Laura Chappell's Wireshark University

    Bookmarked, thanks!
  • Laura_CLaura_C Member Posts: 2 ■□□□□□□□□□
    Well... thought I'd jump in here and explain the 'why' regarding the Wireshark Certified Network Analyst program...

    Too many IT folks out there know how to install/configure a TCP/IP network, but do not truly understand how TCP/IP (and common apps) communicate. Some folks know how to capture traffic using a variety of analyzers, but cannot decipher the communications to point to where the problem lies. These really should be fundamental skills acquired by all serious IT folks.

    The Wireshark Certified Network Analyst test validates a candidate's ability to differntiate between normal and abnormal communications, and - in the case of abnormal communications - spot the possible cause of the problem or the next step in problem resolution.

    The test consists of a set of multiple choice, free form and lab-based questions. In many cases, candidates must open a trace file, identify the cause of a communication fault and successfully answer a question based on their findings. The test is run in a virtual environment, where the candidate has access to Wireshark and all the features they would have at their fingertips when onsite.

    In my ideal (packet-colored) world, I'd like to see network analysis be taught during the basic courses on networking - to visualize the traffic often helps understand how it works.

    As a side note... we are going to open Chappell University on or about February 1st (the same target date for the certification public release). Chappell University is my new venture to create affordable, dynamic training on a variety of topics including network analysis, troubleshooting, security, network forensics, host forensics, traceback/reconnaissance, network mapping, decoys/deception, OS stack behavior, private investigation services, federal/state cybercrime reporting/cooperation, and more. We currently have over 100 labs ready to go and I'm creating more every day. I'm always listening for new topics to develop/record/train on, so feel free to email me your thoughts at lchappell@packet-level.com.

    Now go eat some candy, Grinch! <g>
  • the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    Thanks for explaining the cert and process behind it more! I guess my main fear is it not taking off (hoping it does). Don't see that being an issue, but one never knows. Again thanks for the info!
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
  • Laura_CLaura_C Member Posts: 2 ■□□□□□□□□□
    Well... here's a tidbit for you... as we also wondered if a cert would be welcomed. Currently we have over 3,000 people on the waiting list to take the exam. I believe the interest is most definitely linked to Wireshark's most definite triumph as the defacto standard in network analysis - they are up to over 500,000 downloads a month now.

    -Laura
  • JDMurrayJDMurray Admin Posts: 13,101 Admin
    Any vendor looking to produce certifications for their own products should understand the great lengths they will need to go in protecting the intellectual property of their exams. Certifications are worthless if the exam's IP can be easily copied and distributed across the Internet. Testing controls must also be in place to insure that the person who receives the certification is the person who actually took the exam.

    Product vendors may typically start with certification exams that are Web-based, open book, and can be taken from the comfort of one's home. This model relieves the need of the vendor to partner with Prometric or Vue as testing centers and saves the vendor a lot of money. It also makes the exams very easy to change in a moment's notice.

    However, in this model, it is impossible to protect the information that is appearing on the screen. It will be copied and distributed along with the best guess as to the correct answer. It is also impossible to verify who is actually taking the exam. And open book certifications only test how well a candidate is able to look up information, and not necessarily what they know or how well they can apply their knowledge. The lack of authentication, confidentiality, and integrity controls in this model makes it one to be avoided.

    One other issue is exam cost. A cert vendor may only be thinking of business customers when they put a very large price tag on each certification exam. Many business products (e.g., VMWare, Snort, Wireshark) have a hobbyist fan-base that simply can't afford $300 per exam (or $3000 with mandatory training class). Having two tiers of exams--one for hobbyists and one for professionals--is a better solution for all.

    Oh--and wait until you discover how much it actually costs to write really good, high-quality exam items. Ask the (ISC)2 about that. ;)
  • AhriakinAhriakin Member Posts: 1,799 ■■■■■■■■□□
    Good points JD but they do have to start somewhere. I don't know how hard it is to get your exams into the Prometrics of the world but I imagine it is not cheap.
    Anyway I welcome a formalized Wireshark certification, it definitely should become one of the bread and butter security/network management certifications (as long as it's integrity can be protected as JD has pointed out - just not, after mentioning the ISC(2), with a similar good-old-boys-club attitude of recommendations ;)...yes I beat the old horse, hah ), it's useful for almost all aspects of networking in some way or another.
    Thanks for posting here Laura.
    We responded to the Year 2000 issue with "Y2K" solutions...isn't this the kind of thinking that got us into trouble in the first place?
  • mikej412mikej412 Member Posts: 10,086 ■■■■■■■■■■
    JDMurray wrote: »
    Having two tiers of exams--one for hobbyists and one for professionals--is a better solution for all.
    I'd go one step further -- an Expert Level with a Proctored Lab Exam. And it could even be something as simple as sitting down with a proctor, Wireshark, and an exam trace file and answering the question "what do you see?" Of couse there would have to be a few interesting issues in the trace file :D
    JDMurray wrote: »
    The lack of authentication, confidentiality, and integrity controls in this model makes it one to be avoided.
    I finally decided to get Cisco Certifications because of the CCIE Lab Exams -- yet I've met CCIEs who don't even seem to have the skills of a competent CCNP -- so no model is perfect.

    Hopefully there would such a large set of practical questions that it would be too much work for the **** vendors to "document" them all, but there would still be the "hired test taker" issue.
    JDMurray wrote: »
    One other issue is exam cost. A cert vendor may only be thinking of business customers when they put a very large price tag on each certification exam. Many business products (e.g., VMWare, Snort, Wireshark) have a hobbyist fan-base that simply can't afford $300 per exam (or $3000 with mandatory training class). Having two tiers of exams--one for hobbyists and one for professionals--is a better solution for all.
    If the 4 DVDs I saw on the web site (at $300 each) are the self-study option -- the price didn't even make me blink. As for the exam price.... I could see a WireShark Certification being worth more than an A+ or Network+ Certification, but not if its something "that guy on the helpdesk who has all the those certifications" gets first.
    :mike: Cisco Certifications -- Collect the Entire Set!
  • JDMurrayJDMurray Admin Posts: 13,101 Admin
    Ahriakin wrote: »
    Good points JD but they do have to start somewhere.
    And it's best not to start in a bad place. Once damaged, PR is very time-consuming and expensive to recover.
    Ahriakin wrote: »
    I don't know how hard it is to get your exams into the Prometrics of the world but I imagine it is not cheap.
    A secure exam situation that does not rely on dedicated exam hosting centers is also possible. The (ISC)2 found a different exam administration solution, but it's not without its drawbacks too.
  • Uchiha SasukeUchiha Sasuke Member Posts: 42 ■■□□□□□□□□
    I have her DVD course and I must say WOoow it's very nice material ;)

    Excellent combination with Cisco :)
    ;)
  • KasorKasor Member Posts: 934 ■■■■□□□□□□
    I will look at this one since I'm using this product at work. It will be something that good to know.
    Kill All Suffer T "o" ReBorn
  • TurgonTurgon Banned Posts: 6,308 ■■■■■■■■■□
    Laura_C wrote: »
    Well... thought I'd jump in here and explain the 'why' regarding the Wireshark Certified Network Analyst program...

    Too many IT folks out there know how to install/configure a TCP/IP network, but do not truly understand how TCP/IP (and common apps) communicate. Some folks know how to capture traffic using a variety of analyzers, but cannot decipher the communications to point to where the problem lies. These really should be fundamental skills acquired by all serious IT folks.

    The Wireshark Certified Network Analyst test validates a candidate's ability to differntiate between normal and abnormal communications, and - in the case of abnormal communications - spot the possible cause of the problem or the next step in problem resolution.

    The test consists of a set of multiple choice, free form and lab-based questions. In many cases, candidates must open a trace file, identify the cause of a communication fault and successfully answer a question based on their findings. The test is run in a virtual environment, where the candidate has access to Wireshark and all the features they would have at their fingertips when onsite.

    In my ideal (packet-colored) world, I'd like to see network analysis be taught during the basic courses on networking - to visualize the traffic often helps understand how it works.

    As a side note... we are going to open Chappell University on or about February 1st (the same target date for the certification public release). Chappell University is my new venture to create affordable, dynamic training on a variety of topics including network analysis, troubleshooting, security, network forensics, host forensics, traceback/reconnaissance, network mapping, decoys/deception, OS stack behavior, private investigation services, federal/state cybercrime reporting/cooperation, and more. We currently have over 100 labs ready to go and I'm creating more every day. I'm always listening for new topics to develop/record/train on, so feel free to email me your thoughts at lchappell@packet-level.com.

    Now go eat some candy, Grinch! <g>

    Very interesting. Laura I will drop you an email about this. I like the material you have contributed to in Cisco Press. It's true that the mechanisms of TCP/IP are often lost on many IT professionals. TCP handshaking is just one area that gives people problems. A lack of understanding there can lead to spurious interpretation of firewall logs for example. There are many other rudimentary elements of networking that many people need to work on particulary in the 'state machine' topics. A little college can help there if you study data comms and books by writers such as Stevens and Stallings.

    How does this track stack up against say Sniffer exams in terms of the goals you are setting?
Sign In or Register to comment.