I spent three weeks trying to figure out if my CCNA still mattered after DoD rolled out 8140. Not for myself directly, since I don’t work DoD contracts, but because two of my friends do and they kept asking me the same question: does CCNA still count under the new system? The short answer is yes, but the way it counts changed, and if you’re planning to work on DoD networks or support DoD contracts, you need to understand how the new framework maps certifications to work roles instead of job categories.
DoD 8140, officially called the Cyberspace Workforce Framework, replaced DoD 8570 in 2024. The old system was rigid. You had your IAT levels, your IAM levels, and a short list of approved certs. CCNA wasn’t on most of those lists because 8570 focused heavily on security certs like Security+ and CISSP. The new framework is different. It maps certifications to specific work roles based on what you actually do, and networking roles are now explicitly part of the structure. CCNA shows up under multiple work roles, depending on how your position is coded.
How DoD 8140 Changed the Certification Game
DoD 8140 organizes the workforce into seven categories: Securely Provision, Operate and Maintain, Oversee and Govern, Protect and Defend, Analyze, Collect and Operate, and Investigate. Each category has work roles. Each work role has proficiency levels. Each proficiency level requires specific knowledge, skills, and abilities, and certifications are one way to demonstrate those KSAs.
Under 8570, you needed Security+ to touch a DoD system at the IAT Level II tier, period. It didn’t matter if you were doing network administration, system administration, or security work. Everyone needed the same baseline security cert. Under 8140, if your work role is Network Operations Specialist, you can meet requirements with networking certifications like CCNA, and you layer on security knowledge as needed based on proficiency level.
The CCNA certification now appears as an approved option under work roles like Network Operations Specialist, Systems Administrator, and Technical Support Specialist. It satisfies foundational networking KSAs at the beginner and intermediate proficiency levels. You still need to add security certifications as you move up, but CCNA gets you in the door for networking-focused roles.
Where CCNA Fits in the Work Role Structure
I pulled up the DoD Approved 8570 Baseline Certifications list, which is still maintained alongside the 8140 framework during the transition period, and CCNA isn’t listed there because that list is security-focused. But when you look at the Cyber Workforce Framework work role qualifications, CCNA shows up under roles that require networking knowledge at the associate level.
For example, the Network Operations Specialist work role at proficiency level 1 calls for foundational networking skills. CCNA covers routing, switching, IP addressing, VLANs, and basic network security, which aligns with what that role actually does. If you’re configuring VLANs on a switch at a DoD facility or troubleshooting OSPF on a base network, CCNA demonstrates you can do that work.
You’ll still need Security+ or an equivalent security baseline cert if your role touches sensitive systems. Most DoD positions require some form of security certification even under 8140. But the key shift is that CCNA is no longer irrelevant for DoD work. It’s recognized as proof of networking competency in a way 8570 never allowed.
What This Means If You’re Planning to Work DoD Contracts
If you’re aiming for a network admin or engineer role on a DoD contract, here’s the reality: you probably need both CCNA and a security cert. The combo of CCNA and Security+ is common for entry and mid-level network positions. CCNA proves you can configure the gear. Security+ proves you understand DoD security baselines. Together, they check the boxes for most Network Operations Specialist and Systems Administrator work roles at the foundational level.
One friend of mine works for a contractor doing network infrastructure for an Army base. His position is coded as a Network Operations Specialist, proficiency level 2. He has CCNA and Security+. When DoD 8140 rolled out, his employer had to remap everyone’s certifications to the new work roles, and his CCNA transferred over without issue. He didn’t need to get a new cert. The work he was already doing matched the work role definition, and CCNA matched the required KSAs.
The transition period is messy, though. Some contracts still reference 8570 requirements because the solicitation was written before 8140 took effect. Some hiring managers don’t fully understand the new framework yet and still default to asking for Security+ only. If you’re applying for DoD contract work, read the position description carefully. If it lists a work role code, you can look up that role on the DoD Cyber Workforce Framework site and see exactly which certs apply. If it still references IAT or IAM levels, you’re dealing with an old-style requirement and may need to explain how your certs map to the new system.
Does CCNA Replace Security+ Under DoD 8140?
No. CCNA and Security+ serve different purposes under the framework. CCNA demonstrates networking technical skills. Security+ demonstrates foundational security knowledge across multiple domains. Most DoD roles that involve any kind of system access or privileged network work require both types of knowledge.
I’ve seen people assume that because 8140 recognizes technical certs like CCNA, they can skip Security+ entirely. That’s not how it works. If your work role includes security responsibilities or access to classified or sensitive systems, you still need a security baseline cert. Security+ is still the most common one because it’s affordable, widely recognized, and covers the DoD-specific security topics you need.
Where CCNA helps is in roles that are networking-heavy but not purely security-focused. If you’re doing network operations, device configuration, or infrastructure support, CCNA can be your primary technical cert, and Security+ becomes the secondary requirement for baseline security knowledge. Under 8570, Security+ was often the only cert that mattered for these roles, and your networking knowledge was just assumed. Under 8140, your networking cert actually counts as part of your qualification.
Other Certs That Pair Well with CCNA for DoD Work
If you’re building a DoD-friendly cert stack, here’s what I’ve seen work in practice. Start with CCNA and Security+. That combination covers most entry-level and some mid-level positions. If you move into security-focused network roles, add CySA+ or SSCP. If you move into advanced routing or enterprise network design, add CCNP Enterprise. If you move into management or oversight roles, consider CISM or CISSP down the line.
One thing to watch: DoD contracts often specify certification renewal requirements. CCNA is valid for three years. Security+ is valid for three years with continuing education. If you let either one lapse, you may lose your qualification for your current work role, and you’ll need to recertify or obtain an equivalent cert. I know someone who had to scramble to renew his Security+ two months before his contract position came up for review because he forgot the expiration date. Keep track of your renewal cycles.
How to Check If Your CCNA Applies to a Specific Work Role
The DoD Cyber Workforce Framework publishes a qualification matrix that maps certifications to work roles and proficiency levels. It’s updated periodically, and it’s the authoritative source for what counts where. You can find it on the DoD Cyber Exchange site. Search for your target work role, check the proficiency level you’re aiming for, and review the list of applicable certifications.
For example, if you’re looking at the Network Operations Specialist role, the framework lists multiple certifications that satisfy the networking KSA requirements at different proficiency levels. CCNA appears at the foundational and intermediate tiers. CCNP appears at the advanced tier. You can also see which security certs are required or recommended alongside the networking cert.
Not every employer or contract interprets the framework the same way. Some are strict about only accepting certs explicitly listed in the matrix. Others accept equivalent certifications if you can demonstrate the same KSAs. If you’re in a hiring process and your cert isn’t explicitly listed but you believe it covers the required knowledge, ask the hiring manager or contract officer how they handle equivalencies. I’ve seen people successfully argue for alternative certifications by mapping the cert’s exam objectives to the work role’s KSA requirements.
What Happens If You Already Have CCNA and Work on DoD Systems
If you’re already working on a DoD contract and you have CCNA, your employer should have mapped your position to a work role under 8140 by now. The transition deadline was the end of 2024 for most contracts. If your position wasn’t remapped, or if you’re not sure which work role you fall under, ask your contract manager or security officer. Your certifications need to align with your official work role code, and if there’s a mismatch, you may need additional training or certification to stay compliant.
In most cases, if you were qualified under 8570, you’re still qualified under 8140, but the category might have shifted. Someone who was IAT Level II under the old system might now be a Network Operations Specialist at proficiency level 2 under the new system. The actual work doesn’t change, but the paperwork does, and certifications need to match the new role definitions.
One frustrating thing I’ve heard from multiple people: the transition process varies wildly by contract and by service branch. Some organizations handled the remapping smoothly and communicated clearly with employees. Others just updated internal spreadsheets and assumed everyone would figure it out. If you’re not sure where you stand, don’t wait. Get clarification in writing from whoever manages your contract’s compliance requirements.
Is It Worth Getting CCNA If You Want to Work DoD Contracts?
If you want to do network work for DoD, yes. CCNA is now explicitly recognized in the framework for networking roles, and it’s one of the most common certs contractors look for when hiring network administrators and engineers. It won’t replace the need for security certifications, but it proves you have the technical networking skills the role requires.
Before 8140, CCNA was useful for DoD work but not required in the compliance sense. You could have deep networking knowledge and still not meet the certification requirements for certain positions because the framework only counted security certs. Now, if your work role is explicitly networking-focused, CCNA is a direct qualification. That makes it more valuable if you’re planning a career in DoD network infrastructure.
The cost to get CCNA is $300 for the exam, plus whatever you spend on study materials. If you’re already working in networking and you know the material, you can self-study and pass in a few months. If you’re starting from scratch, budget three to six months of study time. Compared to some of the advanced security certs that DoD roles require at higher levels, CCNA is relatively affordable and achievable, and it opens doors that weren’t open under the old framework.
Network Professional | CCNA Certified
Ashley Miller is a 35-year-old networking professional with a proven foundation in Cisco technologies. She is CCNA certified and currently advancing her expertise by working toward the Cisco Certified Network Professional (CCNP) certification. With a passion for designing and maintaining efficient, secure network infrastructures, Ashley brings both technical skill and real-world experience to every project.
