CWNA or ECSA

[theprez98]

If you were given the choice of taking one of two certs: Certified Wireless Network Administrator (CWNA) or EC-Council Certified Security Analyst (ECSA); which would you take, and why?

[ShadowKill]

If you were given the choice of taking one of two certs: Certified Wireless Network Administrator (CWNA) or EC-Council Certified Security Analyst (ECSA); which would you take, and why?

EC-ECSA hands down. Here's why:

While the CWNA provides the technical know-how to be a WLAN Admin, it essentially stops there. You are taught meterial regarding antenna placement/mounting, RF math and system operating margin, type of losses and attenuation, etc etc etc, not much of which will help you outside of that direct speciality. Course guide HERE.

With the ECSA you are gaining a much wider range of skills, including the information the CWNA course would have you learn, which will drastically change the way potential employers and coworkers will look at you. Without writing a seventeen page essay on the matter, the course material can be found HERE. What you can tell while scanning through it is that the amount of material being thrown at you is pretty intense. Not only will you have the technical knowledge regarding the systems you are working with, which is necessary when performing a security assesment, you will know how to respond to a wide veriety of situations in a manner than enhances the overall outcome of the tests rather than hindering them.

That being said, they are both 5 day courses. The CWNA is a foundation level cert for their higher level CWNP, which reportedly make an average of 105k/yr. The ECSA, however, is a step below the Licensed Penetration Tester Program which is very widely recognized in the industry as being among the best. I don't have figures for you but I'd all but guarantee that they are higher than the CWNA certified professionals.

Final vote: ECSA for me. After that's been tackled, LPT here I come....

[theprez98]

EC-ECSA hands down.

Thanks! I'm leaning this way, but wanted to get other people's opinions.

[killadaninja]

Prez I believe that on the upturn of the economy there are going to be alot of new businesses, refurbs "network upgrades" etc, I would personally go with CWNA. Penetration testing is good and can be well paid but think about it logically, a business gets its structure pen tested, they are told you are very secure Blah Blah Blah, how long is it going to be before the next test? (if at all). However, there are ALWAYS going to be problems with networks (expanding), making the network faster after expanding, installing the new really fast wifi tech etc.

[n1teshad3]

Interestingly enough I had also been considering the same certification ( CWNA ) but as replied earlier, knowing this is an entry certification, I'm not sure what the Return On Investment would be ... I haven't really looked into ECSA.

[ShadowKill]

Prez I believe that on the upturn of the economy there are going to be alot of new businesses, refurbs "network upgrades" etc, I would personally go with CWNA. Penetration testing is good and can be well paid but think about it logically, a business gets its structure pen tested, they are told you are very secure Blah Blah Blah, how long is it going to be before the next test? (if at all). However, there are ALWAYS going to be problems with networks (expanding), making the network faster after expanding, installing the new really fast wifi tech etc.

Businesses who utilize Penetration Testers do so on a fairly routine basis. As systems get upgraded/expand the need for continued security auditing grows. As for "refurbs" and "network upgrades", these too are a routine business event however, on the basis of what these courses provide (a certification) the CWNA provides less bang for your buck, by far. It is a foundation cert that gives you the tech but not the experience. This is illustrated by the large difference in pay between the CWNA and CWNP, over 30k annually. As for the ECSA, it is only one step below the LPTP and as such retains a much higher standing with industry personnel. The pay difference between the latter two: about 15k annually.

[compaq]

CWNA is more pointed at one area, but CSA is more broad. I think most buissness are looking for security minded administrators, even more so local bodys and goverment departments, and wireless would only be a small part, which they could higher in a contractor to set it up, and get the CSA to maintain it.

[ShadowKill]

CWNA is more pointed at one area, but CSA is more broad. I think most buissness are looking for security minded administrators, even more so local bodys and goverment departments, and wireless would only be a small part, which they could higher in a contractor to set it up, and get the CSA to maintain it.

Bingo! My point exactly.

[secure_it]

Threprez I would like to refer that in between both certs CWNA stands somewhere(for knowledege purpose)but we can't compare CWNA with ec-council's ECSA as one deals with wireless administration(Not with point of security view,CWSP deals with security points of view)and ECSA which is next step after EC CEH.all what I have studied on ECSA is detailed version of CEH.pen-testing methodologies,Vulnerability identification,open source testing models.etc.etc & after completing ECSA you have to do some formatlities like producing legal documents that you never involved in criminal offence to ec-council people blah blah to get LPT then after LPT ec-council hires them in Tiger Team(security professionals around the world works as licence pen-tester on region basis).I found ECSA/LPT is waste of money and time.instead SANS GIAC certs stands on top in such field.all what a peple learn in ECSA is double the crap of CEH.what Haja use to do is putting crap from all over the internet without seeing that tools/exploits is still working on it or not and then put that on to CEH/ECSA.one thing what I heard about ECSA/LPT that you get a copy of core impact to work on,long back.the EC-Council is forge firm as its owner belongs to india and those certs keep little value in india.Ec-council's director haja is from india and knows nothing about security just a script kiddie n00b.that's it.I prefer SANS GIAC Certs/CISSP/SSCP/CCIE-Security.

[ShadowKill]

Threprez I would like to refer that in between both certs CWNA stands somewhere(for knowledege purpose)but we can't compare CWNA with ec-council's ECSA as one deals with wireless administration(Not with point of security view,CWSP deals with security points of view)and ECSA which is next step after EC CEH.all what I have studied on ECSA is detailed version of CEH.pen-testing methodologies,Vulnerability identification,open source testing models.etc.etc & after completing ECSA you have to do some formatlities like producing legal documents that you never involved in criminal offence to ec-council people blah blah to get LPT then after LPT ec-council hires them in Tiger Team(security professionals around the world works as licence pen-tester on region basis).I found ECSA/LPT is waste of money and time.instead SANS GIAC certs stands on top in such field.all what a peple learn in ECSA is double the crap of CEH.what Haja use to do is putting crap from all over the internet without seeing that tools/exploits is still working on it or not and then put that on to CEH/ECSA.one thing what I heard about ECSA/LPT that you get a copy of core impact to work on,long back.the EC-Council is forge firm as its owner belongs to india and those certs keep little value in india.Ec-council's director haja is from india and knows nothing about security just a script kiddie n00b.that's it.I prefer SANS GIAC Certs/CISSP/SSCP/CCIE-Security.

All of these things you have "heard", and for not having experienced them yourself you are extremely quick to slander the cert and the company's Director. Do you know him personally? What fact do you have to support that the "top-dog" of one of the world's leading proponents for security certifications is nothing more than a "script kiddie n00b", as you so eloquently put it?

Do you own a SANS GIAC cert? Because it sounds like you own share in their company with the way you are bashing on EC-Council....