CSX Packet Analysis Certificate Exam

Prove your understanding of packet analysis!

Difficulty: Beginner

CSF Domain: Identify


Price represents the non member rate.

Buy now



The CSX Packet Analysis Certificate Exam assesses candidates understanding of packet and protocol analysis.  The two-hour exam is a real-time, hands-on exam which challenges students to demonstrate their skill set in a live environment.

This two-hour exam contains no multiple-choice questions or simulations and intentionally restricts access to the internet. Where applicable, man pages and help files are available.

Continuing Professional Education (CPE) Credit Count: 4 (2 CPEs per examination hour) when a passing score is achieved.



Candidates must complete tasks of varying durations with minimal instruction while navigating between multiple virtual machines and are expected to:

Demonstrate an ability to:

  • Understand the role of packets in online communications
  • Identify when the application of packets is appropriate
  • Understand the basic components of a packet
  • Understand the basics of tapping the network
  • Understand the options available for packet analysis software
  • Demonstrate a basic understanding of Wireshark and its capabilities
  • Understand the definition of a protocol
  • Understand the definition of port
  • Understand specific protocols which help conduct packet analysis
  • Identify which protocols are helpful for device characterization
  • Identify which protocols are helpful for network mapping
  • Understand where to find packets
  • Understand how to capture packets in Wireshark
  • Understand how to filter certain types of data
  • Understand what types of devices emit packets
  • Identify unique identifiers those devices have
  • Find unique emitters in a packet collection
  • Characterize packet emitters
  • Understand the wireless medium on a basic level
  • Understand how to collect wireless packets
  • Understand how to analyze wireless packets
  • Understand how to map networks based off packet collection
  • Corroborate dataflow and protocol usage
  • Create a visual network map of the collected data
  • Understand specific threats against a network
  • Comprehend unique traits inherent to defined threats
  • Understand how to identify specific threats via packet analysis
  • Identify mobile devices via packet analysis
  • Identify mobile apps via packet analysis
  • Understand how these systems are inherently vulnerable
  • Identify methods through which they may be exploited
  • Device Characterization
  • Mobile Identification
  • Netmapping
  • Wireless Assessment
  • Attack Recognition

Students must be comfortable leveraging protocol analysis tools, specifically Wireshark.  Students wishing to gain training for the exam may find it here.