15% |
1.0 |
Network Fundamentals |
1.1 |
|
Compare and contrast OSI and TCP/IP models |
1.2 |
|
Compare and contrast TCP and UDP protocols |
1.3 |
|
Describe the impact of infrastructure components in an enterprise network |
|
|
1.3.a Firewalls |
|
|
1.3.b Access points |
|
|
1.3.c Wireless controllers |
1.4 |
|
Describe the effects of cloud resources on enterprise network architecture |
|
|
1.4.a Traffic path to internal and external cloud services |
|
|
1.4.b Virtual services |
|
|
1.4.c Basic virtual network infrastructure |
1.5 |
|
Compare and contrast collapsed core and three-tier architectures |
1.6 |
|
Compare and contrast network topologies |
|
|
1.6.a Star |
|
|
1.6.b Mesh |
|
|
1.6.b Hybrid |
1.7 |
|
Select the appropriate cabling type based on implementation requirements |
1.8 |
|
Apply troubleshooting methodologies to resolve problems |
|
|
1.8.a Perform and document fault isolation |
|
|
1.8.b Resolve or escalate |
|
|
1.8.c Verify and monitor resolution |
1.9 |
|
Configure, verify, and troubleshoot IPv4 addressing and subnetting |
1.10 |
|
Compare and contrast IPv4 address types
|
|
|
1.10.a Unicast
|
|
|
1.10.b Multicast
|
|
|
1.10.c Broadcast
|
1.11 |
|
Describe the need for private IPv4 addressing |
1.12 |
|
Identify the appropriate IPv6 addressing scheme to satisfy addressing requirements in a LAN/WAN environment |
1.13 |
|
Configure, verify, and troubleshoot IPv6 addressing |
1.14 |
|
Configure and verify IPv6 Stateless Address Auto Configuration |
1.15 |
|
Compare and contrast IPv6 address types |
|
|
1.15.a Global unicast |
|
|
1.15.b Unique local |
|
|
1.15.c Link local |
|
|
1.15.d Multicast |
|
|
1.15.e Modified EUI 64 |
|
|
1.15.f Autoconfiguration |
|
|
1.16.g Anycast |
|
|
|
21% |
2.0 |
LAN Switching Technologies |
2.1 |
|
Describe and verify switching concepts |
|
|
2.1.a MAC learning and aging |
|
|
2.1.b Frame switching |
|
|
2.1.c Frame flooding |
|
|
2.1.d MAC address table |
2.2 |
|
Interpret Ethernet frame format |
2.3 |
|
Troubleshoot interface and cable issues (collisions, errors, duplex, speed) |
2.4 |
|
Configure, verify, and troubleshoot VLANs (normal/extended range) spanning multiple switches |
2.5 |
|
Configure, verify, and troubleshoot interswitch connectivity |
|
|
2.5.a Trunk ports |
|
|
2.5.b Add and remove VLANs on a trunk |
|
|
2.5.c DTP, VTP (v1&v2), and 802.1Q |
|
|
2.5.d Native VLAN |
2.6 |
|
Configure, verify, and troubleshoot STP protocols |
|
|
2.6.a STP mode (PVST+ and RPVST+) |
|
|
2.6.b STP root bridge selection |
2.7 |
|
Configure, verify and troubleshoot STP related optional features |
|
|
2.7.a PortFast |
|
|
2.7.b BPDU guard |
2.8 |
|
Configure and verify Layer 2 protocols |
|
|
2.8.a Cisco Discovery Protocol |
|
|
2.8.b LLDP |
2.9 |
|
Configure, verify, and troubleshoot (Layer 2/Layer 3) EtherChannel |
|
|
2.9.a Static |
|
|
2.9.b PAGP |
|
|
2.9.c LACP |
2.10 |
|
Describe the benefits of switch stacking and chassis aggregation |
|
|
|
23% |
3.0 |
Routing Technologies |
3.1 |
|
Describe the routing concepts |
|
|
3.1.a Packet handling along the path through a network |
|
|
3.1.b Forwarding decision based on route lookup |
|
|
3.1.c Frame rewrite |
3.2 |
|
Interpret the components of a routing table |
|
|
3.2.a Prefix |
|
|
3.2.b Network mask |
|
|
3.2.c Next hop |
|
|
3.2.d Routing protocol code |
|
|
3.2.e Administrative distance |
|
|
3.2.f Metric |
|
|
3.2.g Gateway of last resort |
3.3 |
|
Describe how a routing table is populated by different routing information sources |
|
|
3.3.a Admin distance |
3.4 |
|
Configure, verify, and troubleshoot inter-VLAN routing |
|
|
3.4.a Router on a stick |
|
|
3.4.b SVI |
3.5 |
|
Compare and contrast static routing and dynamic routing |
3.6 |
|
Compare and contrast distance vector and link state routing protocols |
3.7 |
|
Compare and contrast interior and exterior routing protocols |
3.8 |
|
Configure, verify, and troubleshoot IPv4 and IPv6 static routing |
|
|
3.8.a Default route |
|
|
3.8.b Network route |
|
|
3.8.c Host route |
|
|
3.8.d Floating static |
3.9 |
|
Configure, verify, and troubleshoot single area and multi-area OSPFv2 for IPv4 (excluding authentication, filtering, manual summarization, redistribution, stub, virtual-link, and LSAs) |
3.10 |
|
Configure, verify, and troubleshoot single area and multi-area OSPFv3 for IPv6 (excluding authentication, filtering, manual summarization, redistribution, stub, virtual-link, and LSAs) |
3.11 |
|
Configure, verify, and troubleshoot EIGRP for IPv4 (excluding authentication, filtering, manual summarization, redistribution, stub) |
3.12 |
|
Configure, verify, and troubleshoot EIGRP for IPv6 (excluding authentication, filtering,manual summarization, redistribution, stub) |
3.13 |
|
Configure, verify, and troubleshoot RIPv2 for IPv4 (excluding authentication, filtering,manual summarization, redistribution) |
3.14 |
|
Troubleshoot basic Layer 3 end-to-end connectivity issues |
|
|
|
10% |
4.0 |
WAN Technologies |
4.1 |
|
Configure and verify PPP and MLPPP on WAN interfaces using local authentication |
4.2 |
|
Configure, verify, and troubleshoot PPPoE client-side interfaces using local authentication |
4.3 |
|
Configure, verify, and troubleshoot GRE tunnel connectivity |
4.4 |
|
Describe WAN topology options |
|
|
4.4.a Point-to-point |
|
|
4.4.b Hub and spoke |
|
|
4.4.c Full mesh |
|
|
4.4.d 4.4.d Single vs dual-homed |
4.5 |
|
Describe WAN access connectivity options |
|
|
4.5.a MPLS |
|
|
4.5.b Metro Ethernet |
|
|
4.5.c Broadband PPPoE |
|
|
4.5.d Internet VPN (DMVPN, site-to-site VPN, client VPN) |
4.6 |
|
Configure and verify single-homed branch connectivity using eBGP IPv4 (limited to peering and route advertisement using Network command only) |
4.7 |
|
Describe basic QoS concepts |
|
|
4.7.a Marking |
|
|
4.7.b Device trust |
|
|
4.7.c Prioritization |
|
|
4.7.c. (i) Voice |
|
|
4.7.c. (ii) Video |
|
|
4.7.c. (iii) Data |
|
|
4.7.d Shaping |
|
|
4.7.e Policing |
|
|
4.7.f Congestion management |
|
|
|
10% |
5.0 |
Infrastructure Services |
5.1 |
|
Describe DNS lookup operation |
5.2 |
|
Troubleshoot client connectivity issues involving DNS |
5.3 |
|
Configure and verify DHCP on a router (excluding static reservations) |
|
|
5.3.a Server |
|
|
5.3.b Relay |
|
|
5.3.c Client |
|
|
5.3.d TFTP, DNS, and gateway options |
5.4 |
|
Troubleshoot client- and router-based DHCP connectivity issues |
5.5 |
|
Configure, verify, and troubleshoot basic HSRP |
|
|
5.5.a Priority |
|
|
5.5.b Preemption |
|
|
5.5.c Version |
5.6 |
|
Configure, verify, and troubleshoot inside source NAT |
|
|
5.6.a Static |
|
|
5.6.b Pool |
|
|
5.6.c PAT |
5.7 |
|
Configure and verify NTP operating in a client/server mode |
|
|
|
11% |
6.0 |
Infrastructure Security |
6.1 |
|
Configure, verify, and troubleshoot port security |
|
|
6.1.a Static |
|
|
6.1.b Dynamic |
|
|
6.1.c Sticky |
|
|
6.1.d Max MAC addresses |
|
|
6.1.e Violation actions |
|
|
6.1.f Err-disable recovery |
6.2 |
|
Describe common access layer threat mitigation techniques |
|
|
6.2.a 802.1x |
|
|
6.2.b DHCP snooping |
|
|
6.2.c Nondefault native VLAN |
6.3 |
|
Configure, verify, and troubleshoot IPv4 and IPv6 access list for traffic filtering |
|
|
6.3.a Standard |
|
|
6.3.b Extended |
|
|
6.3.c Named |
6.4 |
|
Verify ACLs using the APIC-EM Path Trace ACL Analysis tool |
6.5 |
|
Configure, verify, and troubleshoot basic device hardening |
|
|
6.5.a Local authentication |
|
|
6.5.b Secure password |
|
|
6.5.c Access to device |
|
|
6.5.c. (i) Source address |
|
|
6.5.c. (ii) Telnet/SSH |
|
|
6.5.d Login banner |
6.6 |
|
Describe device security using AAA with TACACS+ and RADIUS |
|
|
|
10% |
7.0 |
Infrastructure Management |
7.1 |
|
Configure and verify device-monitoring protocols |
|
|
7.1.a SNMPv2 |
|
|
7.1.b SNMPv3 |
|
|
7.1.c Syslog |
7.2 |
|
Troubleshoot network connectivity issues using ICMP echo-based IP SLA |
7.3 |
|
Configure and verify device management |
|
|
7.3.a Backup and restore device configuration |
|
|
7.3.b Using Cisco Discovery Protocol or LLDP for device discovery |
|
|
7.3.c Licensing |
|
|
7.3.d Logging |
|
|
7.3.e Timezone |
|
|
7.3.f Loopback |
7.4 |
|
Configure and verify initial device configuration |
7.5 |
|
Perform device maintenance |
|
|
7.5.a 3 |
|
|
7.5.b Password recovery and configuration register |
|
|
7.5.c File system management |
7.6 |
|
Use Cisco IOS tools to troubleshoot and resolve problems |
|
|
7.6.a Ping and traceroute with extended option |
|
|
7.6.b Terminal monitor |
|
|
7.6.c Log events |
|
|
7.6.d Local SPAN |
7.7 |
|
Describe network programmability in enterprise network architecture |
|
|
7.7.a Function of a controller |
|
|
7.7.b Separation of control plane and data plane |
|
|
7.7.c 7.7.c Northbound and southbound APIs |