Wireshark Certified Network Analyst !!
Well, I finally took the time to buckle down and take the WCNA – Wireshark Certified Network Analyst. Once I finished up with the exam I can happily say I successfully past the exam which I have to admit is pretty cool. Protocol Analysis is definitely an interesting set of technologies to learn & know, it is also extremely beneficial for troubleshooting certain types of issues.
How I studied:
Having a few years a packet analysis behind me certainly helped, however the Wireshark WCNA Books from Wireshark University are absolutely fantastic!
The network analysis book, while it is expensive is definitely worth it. To me, this book is to protocol analysis; is what Routing TCP/IP Vol I & II is to a CCIE: R/S candidate. It is a large book with great material, a book you can keep on your book shelf at an arms length for years and still use for reference. This book will also cover all the WCNA Exam Objectives, making it an important resource if you are studying for this exam. The other great piece I loved about this book was all the real world case studies, it’s one thing for a book to teach you topic but it’s completely differently for a book to show you how this knowledge is applied in the real world. At the end of each the chapter the book points you toward PCAPs to test your newly learned knowledge which are available for free off the Wireshark book website.
Once you finish with the Network Analysis book, this is where the Prep Guide comes in. I bought the prep guide the weekend before my exam and went through all the questions, using that book to judge where I stand with the objectives. I did pretty well with the Prep Guide, missing maybe 10% of all the 300 questions so I figured it was time to schedule the exam and took it later that week.
I also read through the Wireshark 101 book, which in my opinion is a good book for anyone just starting out with Wireshark or if you want to start customizing wireshark. Which I highly recommend, however if you already familiar with Wireshark I’d skip over this one.
There are also a few great YouTube channels out there, with some great Wireshark videos and even some Sharkfest videos.
Just because I finished the WCNA, does not mean I will stop posting my Wireshark Tid-Bits I’ve still got plenty more of those in store.
CCIE or Null! 
This is an awesome achievement. Many engineers say the knowledge that comes with the cert preparation outvalues the Wireshark cert exam itself. Other than reading those books, can you share some preparation tips? Are there some recommended Wireshark lab settings? or is it enough to read and learn from the official books?
Keyboard Banger
December 26, 2015 at 4:41 AM
I definitely have to agree with that having the cert is nice but knowledge of the protocols for outshines. I do hope they build out the exam in the future.
For labs, each chapter of the large WCNA prep book has a set of exercises where they ask you to look through a pcap to find the problem. The pcaps can be found here: http://www.wiresharkbook.com/studyguide.html on the left side of the page.
Good luck!
Stephen J. Occhiogrosso
December 26, 2015 at 10:19 AM
Thanks Stephen for the feedback 🙂
shadowman724
December 26, 2015 at 2:32 PM
Thanks for sharing. I plan on pursuing this cert in my spare time.
dmansr
October 19, 2017 at 11:47 PM