There just seems to be an immense lack of resources when compared to Cisco certs. Not much material to prepare with except for the huge book which I have and also some YouTube videos. With the CCNA, I could just use Boson.com and some other sources for information. I have learned a lot in WireShark, but there are still things I don't completely 100% understand, so I'm afraid to register for the exam. Sadly the WireShark school is only available to people who pass, whereas netacad is available to anyone interested. How do I know if I'm ready? asked 09 May '15, 17:54 Beldum |
2 Answers:
The "Wireshark Network Analysis (2nd edition)" book covers the curriculum you'd be expected to know for it. If you're strong in that material you should be ok. The exam itself is pretty fair and straightforward in my opinion, at least compared to most other vendors I've gone through (Cisco, Oracle, Juniper, etc.). answered 09 May '15, 18:53 Quadratic |
You should read/understand the book Quadratic mentioned and for practice questions you can use "Wireshark Certified Network Analyst Exam Prep Guide (2nd Edition)". I also recommend watching all the Sharkfest presentations. answered 10 May '15, 07:49 Roland |
@Quadratic, how would you compare it to the CCNA? I want to be one of the cool kids (not a kid just joking) and pass the WCNA on my first try. But the thing is some wireshark files when I see like 80,000 packets I don't know where to start.
Some protocols like HIP I don't fully 100% understand as well.
Well, "where to start" is always going to depend on what you're trying to accomplish. There are a lot of common problems that would cause you to open a trace file, and you should have a logical methodology for approaching each of them. For common "needle in a haystack" problems with packet captures, if you can define the "needle" within the context of a display filter, or a single TCP session that you can zoom in on, etc., as long as you are objective-oriented about opening a packet capture and as long as you're familiar with the tools at your disposal to do these things within Wireshark, you should be ok.
For the CCNA comparison, I found it far easier than Cisco exams but it's hard to fairly compare them. I wrote the CCNA when I was pretty new to the industry, so it felt "harder" but it might have really just been "newer". I wrote the WCNA after spending years as a network planner, building probe systems, and having my eyes on packet bytes every day for years, so that exam was extremely straightforward to me but that's after using the tool every day.