For many of us, the CWAP exam is the most challenging of the CWNE track. Many people require multiple attempts to pass this exam. This test often stands as the gatekeeper between prospective CWNEs and their finalized application. Consequently, having an ironed-out study strategy is pertinent for the CWAP exam.
Based on my test experience, these are the actions I either wish I had taken or already took that helped me pass the exam.
1. Base your study plan off the exam objectives
Available from the CWNP website here , these objectives should serve as your starting place for identifying review topics. I advise going through the study guide first. With a test covering this many topics, it is next to impossible to recall every possible topic.
Say you had no idea where to start, but have limited time to study; based on the topic distribution, your time is best served on "MAC Sublayer and Functions" and "802.11 Frame Exchanges". Together, the exam has 55% of its questions on these two domains alone.
The exam objectives help reveal topics you may have forgotten completely. For example, you may know what Hotspot 2.0 is, but have forgotten what ANQP does and it's significance. The section says "6.1 Capture, understand, and analyze BSS discovery and joining frame exchanges". For each subtopic, this implies that you need to do those three actions: capture, understand, and analyze.
As for what each action entails, I encourage folks to look up "Bloom's Taxonomy". Instructors and course designers use this to ensure the desired outcomes for their learning material. "Understand" and "analyze" directly correlate to comprehension levels here, with analyze representing a higher level of comprehension. To put this all together, you need to do the following for ANQP:
Know how to capture ANQP in a packet capture
Recall (Understand) the features of ANQP
Recognize ANQP and attributes about the protocol in a packet capture (Analyze)
2. List topics to study. Then, evaluate packet captures that show them in action
Jumping off the Analyze portion of the exam objectives, understanding how to read 802.11 frames in packet captures is critical. Even more so, give extra attention to evaluating pcaps for forgotten topics where possible. This goes for almost anything that says "Analyze" or "Identify" in the exam objectives.
The easiest way to get OTA captures is with a Macbook which has a user-friendly sniffer tool. There are other ways to get these on Windows and Linux of course, but that requires more tinkering. Worst case scenario, try to find a buddy with an existing capture for study purposes. Ideally, you would change your SSID configuration as you take captures to understand what values in the frame change.
Here is a quick example. The RSN Information Element within a Beacon frame and resides under the "Tagged Parameters". This IE alone can tell you, and whether it's present at all, will tell you a lot about this SSID such as:
-If it's not present at all and using pre-802.11i methods (WEP/WPA)
-Whether it uses PSK or 802.1x
-Whether it uses GCMP, CCMP, TKIP, or WEP (-gasp-)
-Whether it uses Management Frame Protection
3. Use supplemental documents for tough topics
Sometimes, topics are so tricky we need to see them described a few ways by a few different people. This also helps in cases where obtaining your own capture would be tricky for one person with limited resources. There are many blogs out there on topics so I encourage you to google a particular topic and see if explanations are out there. Disclaimer: you must do your own due diligence not everything on the internet is true.
Another safe bet is using documentation from AP vendors. They will usually have documents at least explaining how these features are implemented on their own products, if not educating customers on the industry standards themselves.
4. Take the official practice tests
Test taking costs a lot of $$$. However, if you are spending the money on the study guide and exam vouchers, please consider also getting the practice tests. I have taken many, MANY CWNP tests and have found the practice tests are as close as you will get to the real exam experience.
With exams like CWSP or CWAP, I would err on the more conservative side when comparing your exam results to your expected test score due to the sheer breadth of topics. Your real exam result could still be 5-15% less than your practice test score if you are taking the exam for the first time. For example, if you scored 85% on the practice tests on average, expect to score somewhere between 70-85% on the real exam.
5. If you fail, take notes ASAP
No one wants to fail, of course. However, if that does occur, be prepared to take notes as soon as you leave the exam room. Obviously, exam material must stay confidential, but that does not stop you from quickly writing down topics that caught you by surprise, or types of questions where you did not have a confident answer. Compare these topics to specific exam objectives. Your recall of topics that contributed to your score will never be as good as right after sitting for the test.
So those are my five tips. Personally, I barely passed on the first try despite starting a role where I stare at packet captures all day. If there is a particular CWAP topic you want to see covered in-depth, let me know here or on LinkedIn!
Comments