By: Hugh Shepherd
December 1, 2021
Is The CCNA Good For Cybersecurity?
By: Hugh Shepherd
December 1, 2021
Overview – About the CCNA
The Cisco Certified Network Associate (CCNA) is a globally recognized and well-respected credential. The CCNA certifies that the holder has verified knowledge and skills in network fundamentals, network access, IP connectivity, IP services, security fundamentals, and automation and programmability. The CCNA is designed to provide comprehensive training focusing on networking and IT infrastructure. However, the CCNA is vendor-specific (i.e., Cisco Systems, Inc.), so some of the topics and technologies covered will be based on Cisco equipment and products to establish a network.
To take the CCNA exam, candidates are not required to meet any formal prerequisites. However, it is recommended to have one or more years of experience implementing and administering Cisco solutions. To earn the certification, candidates must take, at the time of authoring this article, the CCNA 200-301 exam. The exam consists of several questions, such as multiple-choice, single answer / multiple answers, drag, and drop, simulations, troubleshooting configurations, and labs based on scenarios. The exam is 120-minutes of usually 100 +/- questions worth 1000 points, with the usual passing score being 825/1000. However, depending on several undisclosed factors, a passing score may range between 82-85%.
The exam covers an extensive batch of material. According to the CCNA Exam Blueprint, the topics covered on the exam ranked according to their weights include:
- IP Connectivity 25%
- Network Fundamentals 20%
- Network Access 20%
- Security Fundamentals 15% (more on this later)
- IP Services 10%
- Automation and Programmability 10%
The CCNA is considered an excellent certification to help launch a career in Information Technology. The certification can prepare holders for a variety of roles in the IT industry ranging from Network Engineer, IT Specialist, Network Technician, Tech Support / Help Desk, Network/Systems Administrator, and various Business or Sales roles in IT organizations.
CCNA and Cybersecurity
The CCNA certification does validate skills and knowledge in core IT areas; however, only 15% of the exam covers security topics. Nevertheless, the CCNA training curriculum's security fundamentals section covers essential cybersecurity concepts and goes relatively in-depth on techniques for securing a network. As stated in the CCNA Exam Blueprint, the sub-topics included in the Security Fundamentals portion of the CCNA training and exam include:
Define key security concepts (threats, vulnerabilities, exploits, and mitigation techniques).
Describe security program elements (user awareness, training, and physical access control).
Configure device access control using local passwords.
Describe security password policies elements, such as management, complexity, and password alternatives (multifactor authentication, certificates, and biometrics).
Describe remote access and site-to-site VPNs.
Configure and verify access control lists.
Configure Layer 2 security features (DHCP snooping, dynamic ARP inspection, and port security).
Differentiate authentication, authorization, and accounting concepts.
Describe wireless security protocols (WPA, WPA2, and WPA3).
Configure WLAN using WPA2 PSK using the GUI.
The CCNA Security Fundamental topics align with several security domains and topics covered in some of the more popular cybersecurity-focused certifications such as the Security+, CISSP, and CEH. Furthermore, when compared to other networking-focused certifications such as the CompTIA Network+ certification, the weight of the Network Security portion of that exam (N007 20% / N008 19%) is closely related to the CCNA exam (15%).
Previously, Cisco Systems Inc. offered a separate CCNA certification specializing in security (i.e., CCNA Security). Cisco no longer offers this certification; however, many of the essential security elements that were part of the CCNA Security certification have been incorporated into the current version of the CCNA exam (200-301).
Cisco does still offer an associate-level certification that is more cybersecurity-focused. This certification is known as the Cisco Certified CyberOps Associate program (CyberOps). This exam is 100% dedicated to cybersecurity-related topics ranging from basic security concepts, monitoring, analysis, policies, and procedures. The CyberOps Associate certification is primarily intended for people pursuing a career in or currently working in cyber security operations or a Security Operations Center (SOC).
How to Leverage CCNA for a Career in cybersecurity
So why earn a CCNA? How can a CCNA be used to enter and/or progress in a career in cybersecurity? What are the benefits of a CCNA that support a career in cybersecurity?
Foremost, earning a CCNA is an opportunity to learn something. Continuous learning and development are a necessity for anyone working in cybersecurity, regardless of the role. Additionally, the CCNA is an excellent certification to get a foot in the door with Human Resources. It is a widely recognized and respected credential, even among the non-technical decision-makers, that may impact a hiring decision and/or career progression. Other benefits a CCNA may provide for a career in cybersecurity include:
The CCNA certification curriculum aligns with the knowledge and skills related to the Security Engineering career path.
The CCNA validates knowledge and skills in internetworking devices such as routers and switches, which are core components to the Internet and often the primary targets of malicious attacks.
Obtaining a CCNA is not a required prerequisite. It is, however, an excellent start for more advanced Cisco certifications that specialize in cybersecurity, for instance, the CCNP Security or CCIE Security.
CCNA provides practical knowledge and skills in various network fundamentals that play a role in cyber security such as firewalls, Virtual Local Area Networks (VLANs), Access Control Lists (ACLs), Network Address Translation (NAT), ARP inspection, and virtual private networks (VPNs).
Cisco products comprise a sizable portion of the global Ethernet Switch and Router markets. Having verified knowledge and skills on the devices most commonly connected to the Internet is beneficial for potential job opportunities and job security, especially for a career in cybersecurity. Cisco products will likely be a crucial portion of the hardware infrastructure that needs defending.
The previously mentioned benefits of earning a CCNA are more aligned to a career in cybersecurity. However, for a career in network engineering and/or IT in general, there are other possible benefits to earning a CCNA, such as a salary boost, promotion, and numerous others depending on individual situations.
Criticism and Cons of the CCNA
The CCNA is an excellent credential, but it does have some criticism and possible drawbacks to consider. Foremost, some in the networking field believe the new CCNA 200-31 exam is harder than the previous version. The CCNA covers an exhaustive set of material; therefore, candidates must have the knowledge and practical skills on a broad set of topics for the exam. Some have the opinion that the exam is more challenging than it should be for an entry-level certification. Additionally, some of the questions require candidates to know a lot of Cisco configuration syntax by memory, which again may be excessive for an associate-level certification intended for relatively new IT professionals.
If you are not working with Cisco equipment as an IT professional, pursuing the CCNA is not the best option since the CCNA certification is vendor-specific. If you want to learn about networking in general, the CompTIA Network+ certification is a better choice. Also, if jump-starting a career in cybersecurity is the primary objective, spending the time, effort, and resources on the CompTIA Security+ certification is the better option. The Security+ credential is quite often a requirement for entry-level roles in cybersecurity.
Merriam-Webster defines the term cyber as "…relating to, or involving computers or computer networks (such as the Internet)". So, if you are a cyber security professional, the security of your network infrastructure must be a high priority. The importance of networking to information technology and cybersecurity cannot be questioned. Networking is the crux of what cyber is all about; it IS the Internet.
Moreover, network security is an essential component of any cybersecurity program, and the CCNA curriculum supports cybersecurity in meaningful ways. Understanding critical networking concepts such as switching, routing, DNS, DHCP, and various IP services and their appropriate security controls will add layers of protection to an effective defense-in-depth strategy.
It is advantageous for someone working in cybersecurity to have a basic understanding of how networks work. One must know how to apply security controls effectively for protection. Organizations need well-rounded cybersecurity team members with solid knowledge and skills in networking. Organizations that have cybersecurity professionals with these qualities can differentiate between having a good cybersecurity program and an exceptional cybersecurity program.
Earning a CCNA is not essential to have to start a career in cybersecurity. However, having in-depth knowledge of networking and related technologies is a good thing, and it supports having a successful career in the cybersecurity industry.