- 1.3.a Firewalls
- 1.3.b Access points
- 1.3.c Wireless controllers
- 1.4.a Traffic path to internal and external cloud services
- 1.4.b Virtual services
- 1.4.c Basic virtual network infrastructure
- 1.8.a Perform and document fault isolation
- 1.8.b Resolve or escalate
- 1.8.c Verify and monitor resolution
- 1.15.a Global unicast
- 1.15.b Unique local
- 1.15.c Link local
- 1.15.d Multicast
- 1.15.e Modified EUI 64
- 1.15.f Auto configuration
- 1.15.g Anycast
- 2.1.a MAC learning and aging
- 2.1.b Frame switching
- 2.1.c Frame flooding
- 2.1.d MAC address table
- 2.4.a Access ports (data and voice)
- 2.4.b Default VLAN
- 2.5.a Trunk ports
- 2.5.b Add and remove VLANs on a trunk
- 2.5.c DTP, VTP (v1&v2), and 802.1Q
- 2.5.d Native VLAN
- 2.6.a STP mode (PVST+ and RPVST+)
- 2.6.b STP root bridge selection
- 2.7.a PortFast
- 2.7.b BPDU guard
- 2.8.a Cisco Discovery Protocol
- 2.8.b LLDP
- 2.9.a Static
- 2.9.b PAGP
- 2.9.c LACP
- 3.1.a Packet handling along the path through a network
- 3.1.b Forwarding decision based on route lookup
- 3.1.c Frame rewrite
- 3.2.a Prefix
- 3.2.b Network mask
- 3.2.c Next hop
- 3.2.d Routing protocol code
- 3.2.e Administrative distance
- 3.2.f Metric
- 3.2.g Gateway of last resort
- 3.3.a Admin distance
- 3.4.a Router on a stick
- 3.4.b SVI (Switch Virtual Interface)
- 3.8.a Default route
- 3.8.b Network route
- 3.8.c Host route
- 3.8.d Floating static
- 4.4.a Point-to-point
- 4.4.b Hub and spoke
- 4.4.c Full mesh
- 4.4.d Single vs dual-homed
- 4.5.a MPLS
- 4.5.b Metro Ethernet
- 4.5.c Broadband PPPoE
- 4.5.d Internet VPN (DMVPN, site-to-site VPN, client VPN)
- 4.7.a Marking
- 4.7.b Device trust
- 4.7.c Prioritization
- 4.7.c. [i] Voice
- 4.7.c. [ii] Video
- 4.7.c. [iii] Data
- 4.7.d Shaping
- 4.7.e Policing
- 4.7.f Congestion management
- 5.3.a Server
- 5.3.b Relay
- 5.3.c Client
- 5.3.d TFTP, DNS, and gateway options
- 5.5.a Priority
- 5.5.b Preemption
- 5.5.c Version
- 5.6.a Static
- 5.6.b Pool
- 5.6.c PAT
- 6.1.a Static
- 6.1.b Dynamic
- 6.1.c Sticky
- 6.1.d Max MAC addresses
- 6.1.e Violation actions
- 6.1.f Err-disable recovery
- 6.2.a 802.1x
- 6.2.b DHCP snooping
- 6.2.c Nondefault native VLAN
- 6.3.a Standard
- 6.3.b Extended
- 6.3.c Named
- 6.5.a Local authentication
- 6.5.b Secure password
- 6.5.c Access to device
- 6.5.c. [i] Source address
- 6.5.c. [ii] Telnet/SSH
- 6.5.d Login banner
- 7.1.a SNMPv2
- 7.1.b SNMPv3
- 7.1.c Syslog
- 7.3.a Backup and restore device configuration
- 7.3.b Using Cisco Discovery Protocol or LLDP for device discovery
- 7.3.c Licensing
- 7.3.d Logging
- 7.3.e Timezone
- 7.3.f Loopback
- 7.5.a Cisco IOS upgrades and recovery (SCP, FTP, TFTP, and MD5 verify)
- 7.5.b Password recovery and configuration register
- 7.5.c File system management
- 7.6.a Ping and traceroute with extended option
- 7.6.b Terminal monitor
- 7.6.c Log events
- 7.6.d Local SPAN
- 7.7.a Function of a controller
- 7.7.b Separation of control plane and data plane
- 7.7.c Northbound and southbound APIs
1.0 Network
Fundamentals 15%
1.2 Compare and contrast TCP and UDP
protocols
1.7 Select the appropriate cabling type based on implementation requirements
1.8 Apply troubleshooting methodologies to resolve problems
1.10 Compare and contrast IPv4 address
types
1.11 Describe the need for private IPv4 addressing
requirements in a LAN/WAN environment
2.0 LAN Switching
Technologies 21%
2.4 Configure, verify, and troubleshoot VLANs (normal/extended range) spanning multiple switches
2.6 Configure, verify, and troubleshoot
STP protocols
2.7 Configure, verify and troubleshoot
STP related optional features
2.8 Configure and verify Layer 2
protocols
2.9 Configure, verify, and troubleshoot
(Layer 2/Layer 3) EtherChannel
2.10 Describe the benefits of switch
stacking and chassis aggregation
3.0 Routing Technologies 23%
3.1 Describe the routing concepts
3.2 Interpret the components of a routing
table
3.3 Describe how a routing table is
populated by different routing information sources
3.4 Configure, verify, and troubleshoot
inter-VLAN routing
3.5 Compare and contrast static routing
and dynamic routing
3.6 Compare and contrast distance vector
and link state routing protocols
3.7 Compare and contrast interior and
exterior routing protocols
3.8 Configure, verify, and troubleshoot
IPv4 and IPv6 static routing
3.9 Configure, verify, and troubleshoot
single area and multi-area OSPFv2 for IPv4 (excluding authentication,
filtering, manual summarization, redistribution, stub, virtual-link, and LSAs)
3.10 Configure, verify, and troubleshoot
single area and multi-area OSPFv3 for IPv6 (excluding authentication,
filtering, manual summarization, redistribution, stub, virtual-link, and LSAs)
3.11 Configure, verify, and troubleshoot
EIGRP for IPv4 (excluding authentication, filtering, manual summarization,
redistribution, stub)
3.12 Configure, verify, and troubleshoot
EIGRP for IPv6 (excluding authentication, filtering, manual summarization,
redistribution, stub)
3.13 Configure, verify, and troubleshoot
RIPv2 for IPv4 (excluding authentication, filtering, manual summarization,
redistribution)
3.14 Troubleshoot basic Layer 3
end-to-end connectivity issues
4.0 WAN Technologies 10%
4.1 Configure and verify PPP and MLPPP on
WAN interfaces using local authentication
4.2 Configure, verify, and troubleshoot
PPPoE client-side interfaces using local authentication
4.3 Configure, verify, and troubleshoot
GRE tunnel connectivity
4.4 Describe WAN topology options
4.5 Describe WAN access connectivity
options
4.6 Configure and verify single-homed
branch connectivity using eBGP IPv4 (limited to peering and route
advertisement using Network command only)
4.7 Describe basic QoS concepts
5.0 Infrastructure Services 10%
5.1 Describe DNS lookup operation
5.2 Troubleshoot client connectivity
issues involving DNS
5.3 Configure and verify DHCP on a router
(excluding static reservations)
5.4 Troubleshoot client- and router-based
DHCP connectivity issues
5.5 Configure, verify, and troubleshoot
basic HSRP
5.6 Configure, verify, and troubleshoot
inside source NAT
5.7 Configure and verify NTP operating in
a client/server mode
6.0 Infrastructure Security 11%
6.1 Configure, verify, and troubleshoot
port security
6.2 Describe common access layer threat
mitigation techniques
6.3 Configure, verify, and troubleshoot
IPv4 and IPv6 access list for traffic filtering
6.4 Verify ACLs using the APIC-EM Path
Trace ACL analysis tool
6.5 Configure, verify, and troubleshoot
basic device hardening
6.6 Describe device security using AAA
with TACACS+ and RADIUS
7.0 Infrastructure
Management 10%
7.1 Configure and verify
device-monitoring protocols
7.2 Troubleshoot network connectivity
issues using ICMP echo-based IP SLA
7.3 Configure and verify device
management
7.4 Configure and verify initial device
configuration
7.5 Perform device maintenance
7.6 Use Cisco IOS tools to troubleshoot
and resolve problems
7.7 Describe network programmability in
enterprise network architecture