As a digital information professional, you'll want many cyber security tools in your toolkit. One of the most popular ones is Wireshark.
Obtaining the Wireshark certification demonstrates your prowess with the packet analyzer tool not only to yourself but also to potential employers.
But how do you know if the Wireshark Certified Network Analyst (WCNA) certification is right for you?
Letβs explore what the WCNA is, what youβll be tested on, the best ways to train for the certification, and ultimately figure out if this is the right certification for you to pursue.
If youβre ready, weβre too; letβs go.
What Is WCNA (Wireshark Certified Network Analyst)?
The WCNA tests your ability to use the packet analyzer tool, Wireshark. Itβs a 100-question, pass/fail exam that will also test your understanding of TCP/IP protocols, network troubleshooting, and network security.
What Is Wireshark?
Wireshark is one of the most used network protocol analyzers on the market. Itβs free and open-source and can capture and analyze network traffic in real-time.
Itβs most often used for troubleshooting network issues, analyzing network protocols, and consolidating network safety.
Some of its core features include:
- Packet capturing traffic in human-readable form
- Real-time analysis of network traffic
- Ability to filter and search for certain network information
- Easy-to-use graphical user interface (GUI)
Originally created by developer Gerald Combs, the open-source tool was maintained and updated for years by a few dedicated developers. However, in 2022, Sysdig became Wireshark's official corporate sponsor and custodian.
Experience Level
Before taking the exam we encourage you to have hands-on experience working with the tool.
If you come from a networking background and already have professional experience with the tool you may already be ready to take the certification.
If you donβt interact with Wireshark on your job, you can find a course that will teach you about networking and how to use the network packet capture tool. Even those without a cyber background are more than capable of quickly learning how to use Wireshark.
Prior to the exam, you should understand how the open-source software works, how to capture network traffic, and how to analyze it.
Youβll also need an understanding of computer networking. If youβre new to this aspect of IT, you may consider obtaining this knowledge first through the CompTIA A+ or Network+ exams.
Primary Audience
You might consider pursuing this certification if you want to become a network engineer, SOC analyst, or penetration tester.
Wireshark is a must-know tool that cyber security professionals, network engineers, ethical hackers, cyber security analysts, and SOC analysts will use at some point in their careers.
What Does the Wireshark Certification Exam Cover?
The Wireshark certification covers four main knowledge domains:
- Wireshark Functionality
- TCP/IP Network Communications
- Network Troubleshooting
- Network Security
The four knowledge domains are broken down into 33 sections.
Most of the exam will test your ability to use Wireshark to capture and analyze different kinds of network traffic, personalize the interface, use different filters, find and read basic trace file statistics, and much more.
If you have no experience with Wireshark youβll find this exam difficult, and youβll need considerable experience with the tool in order to pass it.
That being said, if you have experience using the tool you should find this exam relatively easy.
How Do I Become WCNA Certified?
There are many different paths to becoming WNCA certified. Hereβs what that process may look like for you.
Wireshark Certification Cost
The exam has a cost of $299 USD. You must pay the full price to retake it if you fail it.
Wireshark Certification Training
This exam doesnβt require test takers to have a certain type of training before taking the exam.
However, we recommend gaining hands-on experience with the tool, whether that be on the job, in a virtual lab, or through a class. This should also be paired with the diligent study of computer networking.
You may also consider using this Wireshark cheat sheet to help you prepare for the exam.
Wireshark Certification Passing Score
You must score at least 70% to pass. If you fail, you must wait five business days before retaking it.
Youβll only have three chances to pass the exam in a calendar year.
Wireshark Certification Question Types
The WCNA certification exam consists of two types of questions.
One type is true/false questions, while the other is multiple choice. For the multiple-choice questions, only one answer can be correct.
Questions may also include images, and youβll have to answer 100 questions in two hours.
Wireshark Certification Maintenance and Expiration
The WCNA is valid for three years after passing the exam. To renew it, you must take the recertification exam to maintain its validity.
The official WCNA doesnβt provide information on how the initial exam differentiates from the recertification exam.
Should I Pursue WCNA (Wireshark Certified Network Analyst)?
Now that you know what the WCNA is, the question is whether itβs worth obtaining, which is best answered by understanding how much employers value it.
To figure that out, weβve searched for jobs that list WCNA in their job description.
When searching Indeed we found 576 jobs in the United States that want applicants to have the WCNA.
Some of the positions that want applicants to have the WCNA include:
- Cyber Security Researcher
- System Analyst
- Network Analyst
- Penetration Tester
- Network Designer/Architect
- Network Engineer
- Cyber Security Analyst
- SOC Analyst
- Incident Responder
As you can see, many different types of positions within cyber security want employees to understand Wireshark, so learning how to use this software and obtaining the certification will open many doors for you.
Those who have the Wireshark certification to their name make an average salary of $84,100 according to ZipRecruiter.
However, the position youβre applying to is a much better indicator of how much youβll make rather than the average salary of certification holders. Expect to make anything between $37,000 and $129,500.
Is there value in the WCNA?
Yes and no.
As weβve seen, 576 jobs currently require certification. However, when we query βWiresharkβ in Indeed, we find 1,021 jobs that require knowledge of this packet capture program.
Employers care most about your knowledge of the program, and theyβll look to see that youβve used it in previous jobs or via virtual labs. So, if you donβt have hands-on experience using it, you may need this certification to demonstrate your prowess.
If youβre going after computer networking certifications youβre better off obtaining CompTIA Network+ or Ciscoβs CCNA.
Employers are much more interested in talking with applicants with these certifications than the WCNA.
When querying Indeed, both Network+ and CCNA returned around 5,000 positions.
Conclusion: Is the Wireshark Certification Worth It?
Yes and no.
The key benefit to obtaining the Wireshark Certified Network Analyst certification is that it showcases your Wireshark skills to employers.
Employers no longer need to doubt your abilities after seeing the certification on your resume, which is particularly helpful to those who donβt have hands-on professional experience using this network monitoring software.
On the flip side, this certification isnβt well known. As such, hiring teams not well versed in the many cyber security certifications may gloss over it when scanning your resume.
As weβve seen there are other certifications such as CompTIA Network+ and CCNA that do a better job of catching the eye of employers.
If youβve already acquired networking certifications like Network+ and CCNA, you may consider obtaining this certification to make your resume stand out even more.
Itβs also worth considering which cyber security jobs youβre applying for. Make sure the jobs you apply to demand employees have Wireshark in their cyber toolkit.
To help you obtain the WCNA certification, we recommend joining StationXβs Accelerator Program. In this program, youβll have access to over 1,000 courses and labs, our mentorship program, one-on-one support, a personalized study roadmap, and a community of supportive and inquisitive cyber security learners such as yourself.
To better prepare for the WCNA certification exam and learn more about analyzing packets, network optimization, TCP trends, display filters, and industry certifications, consider enrolling in the following classes: