If you want to dive into ethical hacking and pentesting but you don’t know rudimentary networking concepts and protocols, you’re going to have a tough time. Though it doesn’t focus on security per se, every competent hacker already has these fundamental tools in their tool belt. So, naturally, a good place to start is with the CCNA exam. It will help provide a foundation upon which you can flesh out and build your hacking knowledge.
Given that Cisco is easily the largest Internet and infrastructure hardware provider in the United States, it only makes sense that their certifications are great for your career. And perhaps not other networking certification is as iconic and widely valued as the CCNA Routing and Switching certification (Cisco Certified Network Associate). The CCNA exam has undergone drastic changes as Cisco continually updates it to reflect changes in the industry.
You can either take two separate exams of the 200-120 exam, which is a composite. The composite option is 1.5 hours long and consists of 50-60 questions, which include multiple choice, true/false, and even simulated configuration exercises. As far as preparation is concerned, you have a variety of options at your disposal.
If you wish, you can actually take classes with Cisco – though I’d recommend another option because their training can be quite expensive. An alternative option is to take a CCNA exam preparation course at a college or university. Lastly, if you’re confident enough, you can simply pick up a CCNA exam prep book and study on your own. But before we talk about how much money you can expect to earn when you wield this certification, let’s talk about it’s difficulty.
Just about every prospective student and trainee asks how hard the exam is. And this is a tough question to answer, because everyone is different. So, let’s talk about the skill sets and knowledge you need to be able to pass the exam.
First off, note that the CCNA isn’t generally thought of as an extremely challenging exam. Don’t get me wrong; Cisco will try to trick you with many of the questions and put you through your paces. Given that they add simulation exercises and tricky multiple choice questions (some of them have as many as 8-10 boxes, and any number of them may be correct), the exam format is more challenging than most Comptia exams.
The CCNA exam is the first of three certifications in the Routing and Switching track. The second certification is the CCNP (Cisco Certified Network Professional). And the third certification in the Routing and Switching track is the coveted CCIE (Cisco Certified Internetwork Expert), which has sometimes been called the “doctorate of the Internet.” Naturally, the CCIE and CCNP exams are exponentially more difficult than the CCNA exam.
Also note that your degree of preparation has a heavy influenced on how difficult the exam is (duh) and by how much experience you have. If you’ve been working as a network engineer, network administrator, or some other type of I.T. role, you may already be familiar with most of the exam content, making it easier for you to absorb the material.
Personally, after months of self study, I found the exam to be challenging. Though I did pass it on my first try, I found it to markedly more difficult than the Network+ exam. But as they say, everyone is different, so there is no easy way to comment on the difficulty of the exam. My best advice is to study your rear end off and buy a few old Cisco routers and switches to practice on.
This may not be an option for some, because building your own lab can get expensive real quick. However, you can find some older Cisco models that are a couple generations behind. The commands won’t be identical, but it will provide an opportunity to play around and experiment with different protocols.
Professional Value and Marketability
Every prospective student also wants to know what’s in it form. Basically, they want to know how much money they can expect to make with any given certification. But this is a bad way to think, because a certification does not a network engineer make. With exception to high level certifications like the CCIE, you’re not going to be certified for a salary.
Furthermore, the certification doesn’t necessarily qualify you for a job. Remember, most employers are going to want to see job candidates with certifications and experience. If you think you can take a shortcut to the top by getting CCNA and CCNP certified before you’re finished with a degree, think again. In fact, I’ve even heard some people say they’d be suspicious of a candidate who had the CCNP and no real world experience.
In the lab, you control all the variables. But in the real world, you never what’s going to be thrown at you next. But this introduces the classic chicken and egg scenario. How do you get experience in the first place if you want to be an ethical hacker? My advice would be to gather as many entry-level certifications as you can, such as the CCNA, CCNA Security, Security+, and Network+ exams. Having any or all of these entry level certifications can help differentiate you from other entry level candidates.
Once you have your foot in the door, you can work your way up from there. Payscale shows data that a network engineer with the CCNA certification can expect to earn anywhere between $47,863 and $96,252 per year, but I think those figures are garbage. There are a lot of misleading outliers within that statistic. Plus, there are a lot of other factors to consider.
I think it’s more reasonable for an entry level network engineer who is CCNA certified 0-2 years of experience to make about $35,000 a year. And here’s why I say that. First of all, consider the Payscale data. There are plenty of network engineers who are CCNA certified that have higher level certifications such as the CCNP, and many of them could have years, if not decades, of experience. Also, consider that salaries are usually higher in bigger cities where the cost of living is higher.
So don’t think that the CCNA exam alone is your ticket to a high salary. It does, however, certainly make you more marketable, and it shows employers that you’re committed to your studies and chosen career. All things equal, an organization would prefer to hire a candidate who is CCNA certified over one who is not certified. Keeping that in mind, let’s take a closer look at individual exam topics.
The following is an outline and brief explanation of the knowledge needed to pass the CCNA examination.
Operation of IP Data Networks
IP (Internet Protocol, such as IPv4 and IPv6) networks dominate the Internet. In fact, you use the IP protocol every day of your life, whether you knew it or not. Every time you fire up a web browser or check your Facebook feed, networking devices heavily utilize the Internet Protocol to facilitate data communications. As such, every single competent penetration tester needs to know how IP data networks operate at an intimate level.
Currently, IPv4 still dominates the Internet. But networks are slowly transitioning towards IPv6.
LAN Switching Technologies
You absolutely need to know how LANs (Local Area Networks) operate on a technical level. For instance, you need to know what steps it takes to send data (or frames) to another host on the same subnet. In addition to MAC address structures, you’re also going to need to know LAN protocols like ARP (Address Resolution Protocol). Believe it or not, knowing how ARP works is fundamental to initiating and preventing a MitM (Man in the Middle) attack.
If you don’t know what an IP address is, you’re not going to last very long as a penetration tester. But the IP addressing schemes are actually very complex. The topic goes pretty deep, and IP addressing knowledge needs to become second nature.
For example, you’re going to need to know the difference between a public and private (RFC 1918) address at a glance. In addition, you’re going to need to know what a subnet mask is, as well as binary math. Once you have a basic understanding of subnet masks, you’ll need to practice chopping up blocks of IP addresses with VLSMs (Variable Length Subnet Masks).
Have you ever wondered how data seems to inherently know what path to take through the Internet to reach it’s intended destination? Well that’s where routing comes into play, and any network engineer worth their salt is going to have a deep understanding of IP routing. IP routing is crucial to understanding how different types of attacks work, such as redirecting traffic for packet sniffing attacks.
The IP protocol suite is massive, and every competent penetration tester will know about all the various IP services. A few of the more well-known protocols include DHCP, DNS, FTP, HTTP, IMAP, POP, SSH, ICMP, TCP, and UDP, though there are many others. Understanding the functions and operation of each one of these protocols is essential to reading packet sniffer output.
It doesn’t matter if you collect all the data in the world if you don’t know what you’re looking at, and learning these protocols will drastically help you decipher the messages flowing over a network interface. In addition, understanding how these protocols send messages will help understand why various vulnerabilities exist, and how to plug up the security holes.
Network Device Security
When people think of hackers, they usually think of viruses that infect their computers, laptops, and mobile devices. But did you know you can “hack” a network too? Imagine how disastrous it would be if someone external to an organization got their hot little hands on the username and password for a corporate firewall?
Routers, switches, access points, firewalls, and other types of network devices demand security solutions. Part of the CCNA is learning the best practices to keep devices safe and secure, such as using SSH in lieu of Telnet. SSH encrypts usernames and passwords, but Telnet sends them in plain text, meaning they could be read if an attacker caught them with a packet sniffer.
The troubleshooting section of the exam tries to establish a framework and mindset for finding the root problem. You would think it’s pretty self explanatory and has more to do with common sense. However, some problems are incredibly complex, and learning the most efficient ways to troubleshoot network problems can save a lot of time and headaches.
Last but not least, much of the exam deals with WAN (Wide Area Network) connections and technologies. Data travels long distances in fractions of a second thanks to WAN technologies. The knowledge is useful for any I.T. professional, though I’m not sure how pertinent it is for the budding penetration tester. Still, you’ll need to study WAN technologies to pass the CCNA – and it’s advised to take the CCNA before attempting the CCNA Security certification.
Obviously, the CCNA certification isn’t as directly applicable to future penetration testers as the Security+, CCNA Security, or CEH certifications. Nevertheless, it still provides a solid foundation on which you build your knowledge of computer networks. Networking is key to understanding how various attacks are carried out, and it will make you more marketable. Lastly, getting the CCNA certification will also give you some vendor-specific knowledge.