CWSP Impressions
The CWNP Program gave their CWSP (certified wireless security professional) exam a refresh earlier this year, and I finally got a chance to take the test a while back. I found it to be a good exam that requires deep knowledge of the 802.11i amendment.
The CWSP certification is one of three professional level certifications from the CWNP Program. CWNP's professional level certifications require the candidate to pass the CWNA (certified wireless network administrator) exam along with a professional level exam. The three professional level exams are CWSP, CWAP (analysis)1 and CWDP (design). Currently only the CWSP exam is available, with the other two exams scheduled to be available later this year or early next year.
This is the fourth version of the CWSP exam, and in my opinion it is in line with versions two and three of the exam. If I had to give exact ratings, it would be the best of the four versions by a narrow margin over version two.
It is almost unfair to compare version one with the subsequent three versions because it was offered before the 802.11i amendment was approved. Version one had too much material on VPNs, way too much material on Kerberos (which should have never been included on a wireless certification exam) and too many questions that had the potential to lead to subjective answers.
Version two was a massive improvement. The reason why I'd place it below version four is that it was too focused on 802.11i and (WIDS) wireless intrusion detection systems. If you knew those two areas inside and out, you were just about assured of getting certified. It was great for me because I know 802.11i, but I felt that it strayed too far from testing a candidate's practical knowledge of WLANs.
The CWNP pulled back a bit from 802.11i and WIDS when they released version three of the test, which was good. Unfortunately they added 802.11r and WPS (Wi-Fi Protected Setup), which was bad. Neither of these things should be on a wireless certification test that is aimed at people who work with enterprise-class WLANs. 802.11r was science-fiction throughout CWSPv3's lifespan (and is still sci-fi with few exceptions today) and WPS is a pure consumer technology. I guess they could have justified including WPS at a basic level, but asking detailed questions about things things like WPS Enrollee setup was just a bad idea.
In this current version, the CWNP Program has removed questions about WPS details completely and (at least as far as I could tell) scaled back the amount of material on 802.11r. The removal of that material did cause me to have flashbacks to version two because it made 802.11i and WIDS huge parts of the test again.
The current version's place at the top of my list is in large part because of the evolution in WLAN security. Today there are just more topics to discuss than there were for version two in 2005. The CWNP Program did a good job taking advantage of those additional topics in making a more well-rounded test.
There was one downside to the latest version of the CWSP exam. Some questions are wrong. Now, that may sound like a big deal, but I thought it was a minor problem. The places where the exam is wrong were all having to do with 802.11i, and if you know 802.11i inside and out you will be able to tell what the CWNP Program was looking for when they wrote the questions. I know that may be too forgiving, but the way I see it a certification exam's top job is to test candidates for both real world knowledge and an understanding of the technology in a fair way. Having questions that get the technology wrong is less than ideal, but as long as someone who understands the technology would still end up with the correct answer, I think the exam is doing its job.
When it comes to the topic of exam preparation, I think the CWSP Study Guide is a good place to start. Now, I must admit that I just went and took the test after flipping through the 802.11r and WPS information (I was unaware that WPS had been removed from the exam at the time I took it). Since then, however, I've had a chance to teach a few boot camp courses from the study guide and I have found that it does a good job of laying out all of the exam topics in an easy to understand manner.
The last thing I want to mention is that when I have taught the previously referenced boot camp courses, I sometimes get asked whether studying and taking the CWSP test is worth it. For me, the answer has been a resounding yes. It is always hard to say how must direct effect a certification will have on any one person's career, but I value the certification process because now I can do my own studying of wireless vulnerabilities and attack tools when they are announced or released. For example, without getting the CWSP certification I doubt there is any way I would have had the incentive to learn enough about 802.11i that I could poo-poo the supposed TKIP vulnerability that was publicized a couple of years ago.
1 Full disclosure: I am a co-author of the forthcoming CWAP study guide from Sybex. I wrote the chapters on medium contention and power management.
The CWSP certification is one of three professional level certifications from the CWNP Program. CWNP's professional level certifications require the candidate to pass the CWNA (certified wireless network administrator) exam along with a professional level exam. The three professional level exams are CWSP, CWAP (analysis)1 and CWDP (design). Currently only the CWSP exam is available, with the other two exams scheduled to be available later this year or early next year.
This is the fourth version of the CWSP exam, and in my opinion it is in line with versions two and three of the exam. If I had to give exact ratings, it would be the best of the four versions by a narrow margin over version two.
It is almost unfair to compare version one with the subsequent three versions because it was offered before the 802.11i amendment was approved. Version one had too much material on VPNs, way too much material on Kerberos (which should have never been included on a wireless certification exam) and too many questions that had the potential to lead to subjective answers.
Version two was a massive improvement. The reason why I'd place it below version four is that it was too focused on 802.11i and (WIDS) wireless intrusion detection systems. If you knew those two areas inside and out, you were just about assured of getting certified. It was great for me because I know 802.11i, but I felt that it strayed too far from testing a candidate's practical knowledge of WLANs.
The CWNP pulled back a bit from 802.11i and WIDS when they released version three of the test, which was good. Unfortunately they added 802.11r and WPS (Wi-Fi Protected Setup), which was bad. Neither of these things should be on a wireless certification test that is aimed at people who work with enterprise-class WLANs. 802.11r was science-fiction throughout CWSPv3's lifespan (and is still sci-fi with few exceptions today) and WPS is a pure consumer technology. I guess they could have justified including WPS at a basic level, but asking detailed questions about things things like WPS Enrollee setup was just a bad idea.
In this current version, the CWNP Program has removed questions about WPS details completely and (at least as far as I could tell) scaled back the amount of material on 802.11r. The removal of that material did cause me to have flashbacks to version two because it made 802.11i and WIDS huge parts of the test again.
The current version's place at the top of my list is in large part because of the evolution in WLAN security. Today there are just more topics to discuss than there were for version two in 2005. The CWNP Program did a good job taking advantage of those additional topics in making a more well-rounded test.
There was one downside to the latest version of the CWSP exam. Some questions are wrong. Now, that may sound like a big deal, but I thought it was a minor problem. The places where the exam is wrong were all having to do with 802.11i, and if you know 802.11i inside and out you will be able to tell what the CWNP Program was looking for when they wrote the questions. I know that may be too forgiving, but the way I see it a certification exam's top job is to test candidates for both real world knowledge and an understanding of the technology in a fair way. Having questions that get the technology wrong is less than ideal, but as long as someone who understands the technology would still end up with the correct answer, I think the exam is doing its job.
When it comes to the topic of exam preparation, I think the CWSP Study Guide is a good place to start. Now, I must admit that I just went and took the test after flipping through the 802.11r and WPS information (I was unaware that WPS had been removed from the exam at the time I took it). Since then, however, I've had a chance to teach a few boot camp courses from the study guide and I have found that it does a good job of laying out all of the exam topics in an easy to understand manner.
The last thing I want to mention is that when I have taught the previously referenced boot camp courses, I sometimes get asked whether studying and taking the CWSP test is worth it. For me, the answer has been a resounding yes. It is always hard to say how must direct effect a certification will have on any one person's career, but I value the certification process because now I can do my own studying of wireless vulnerabilities and attack tools when they are announced or released. For example, without getting the CWSP certification I doubt there is any way I would have had the incentive to learn enough about 802.11i that I could poo-poo the supposed TKIP vulnerability that was publicized a couple of years ago.
1 Full disclosure: I am a co-author of the forthcoming CWAP study guide from Sybex. I wrote the chapters on medium contention and power management.
Thanks for the favorable public opinion, Ben. While I embrace your positivity, here at CWNP, we all take it very seriously to hear that a question (or two) may be inaccurate. Of course, we're all human, so a mistake may be inevitable, but we work hard to avoid them. I hope you left comments on the exam, and if so, we may have already reviewed them. If not, we'll get to them soon and evaluate them with additional weight. If we confirm the inaccuracy, we'll update the exam ASAP. After all, you are a CWNE. :) Thanks again for the kind words about the exam.
ReplyDeleteThanks, Marcus. I did leave comments on the exam when I took it. Glad you liked the piece.
ReplyDeleteThanks for an awesome review Ben. Been working towards this guy and lookingo forward to an opportunity to take it soon.
ReplyDeleteDarby