CCNP - Cisco Certified Network Professional

IP Routing (300-101)

Network Principles

  • Identify Cisco Express Forwarding concepts
  • FIB
  • Adjacency table
  • Explain general network challenges
  • Unicast
  • Out-of-order packets
  • Asymmetric routing
  • Describe IP operations
  • ICMP Unreachable and Redirects
  • IPv4 and IPv6 fragmentation
  • TTL
  • Explain TCP operations
  • IPv4 and IPv6 (P)MTU
  • MSS
  • Latency
  • Windowing
  • Bandwidth-delay product
  • Global synchronization
  • Describe UDP operations
  • Starvation
  • Latency
  • Recognize proposed changes to the network
  • Changes to routing protocol parameters
  • Migrate parts of the network to IPv6
  • Routing protocol migration

Layer 2 Technologies

  • Configure and verify PPP
  • Authentication (PAP, CHAP)
  • PPPoE (client-side only)
  • Explain Frame Relay
  • Operations
  • Point-to-point
  • Multipoint

Layer 3 Technologies

  • Identify, configure, and verify IPv4 addressing and submitting
  • Address types (Unicast, broadcast, multicast, and VLSM)
  • ARP
  • DHCP relay and server
  • DHCP protocol operations
  • Identify IPv6 addressing and submitting
  • Unicast
  • EUI-64
  • ND, RS/RA
  • Autoconfigure (SLAAC)
  • DHCP relay and server
  • DHCP protocol operations
  • Configure and verify static routing
  • Configure and verify default routing
  • Evaluate routing protocol types
  • Distance vector
  • Link state
  • Path Vector
  • Describe administrative distance
  • Troubleshoot passive interfaces
  • Configure and verify VRF Lite
  • Configure and verify filtering with any protocol
  • Configure and verify redistribution between any routing protocols or routing sources
  • Configure and verify manual and auto-summarization with any routing protocol
  • Configure and verify policy-based routing
  • Identify suboptimal routing
  • Explain ROUTE maps
  • Configure and verify loop prevention mechanisms
  • Route tagging and filtering
  • Split-horizon
  • Route poisoning
  • Configure and verify RIPv2
  • Describe Ring
  • Describe EIGRP packet types
  • Configure and verify EIGRP neighbor relationship and authentication
  • Configure and verify EIGRP stubs
  • Configure and verify EIGRP load balancing
  • Equal cost
  • Unequal cost
  • Describe and optimize EIGRP metrics
  • Configure and verify EIGRP for IPv6
  • Describe OSPF packet types
  • Configure and verify OSPF neighbor relationship and authentication
  • Configure and verify network types, area types, and router types
  • Point-to-point, multipoint, broadcast, no broadcast
  • LSA types, area type: backbone, normal, transit, stub, NSSA, totally stub
  • Internal router, backbone router, ABR, ASBR
  • Virtual link
  • Configure and verify OSPF path preference
  • Configure and verify OSPF operations
  • Configure and verify OSPF for IPv6
  • Describe, configure, and verify BGP peer relationships and authentication
  • Peer group
  • Active, passive
  • States and timers
  • Configure and verify EBGP (IPv4 and IPv6 address families)
  • EBGP
  • 4-byte AS number
  • Private AS
  • Explain BGP attributes and best-path selection

VPN Technologies

  • Configure and verify GRE
  • Describe DMVPN (single hub)
  • Describe Easy Virtual Networking (EVN)

Infrastructure Security

  • Describe IOS AAA using local database
  • Describe device security using IOS AAA with TACACS+ and RADIUS
  • AAA with TACACS+ and RADIUS
  • Local privilege authorization fallback
  • Configure and verify device access control
  • Lines (VTY, AUX, console)
  • Management plane protection
  • Password encryption
  • Configure and verify router security features
  • IPv4 access control lists (standard, extended, time-based)
  • IPv6 traffic filter
  • Unicast reverse path forwarding

Infrastructure Services

  • Configure and verify device management
  • Console and VTY
  • Telnet, HTTP, HTTPS, SSH, SCP
  • (T)FTP
  • Configure and verify SNMP
  • Configure and verify logging
  • Local logging, Syslog, debugs, conditional debugs
  • Timestamps
  • Configure and verify Network Time Protocol (NTP)
  • NTP master, client, version 3, version 4
  • NTP authentication
  • Configure and verify IPv4 and IPv6 DHCP
  • DHCP client, IOS DHCP server, DHCP relay
  • DHCP options (describe)
  • Configure and verify IPv4 Network Address Translation (NAT)
  • Static NAT, dynamic NAT, PAT
  • Describe IPv6 NAT
  • NAT64
  • NPTv6
  • Describe SLA architecture
  • Configure and verify IP SLA
  • ICMP
  • Configure and verify tracking objects
  • Tracking objects
  • Tracking different entities (for example, interfaces, IPSLA results)
  • Configure and verify Cisco Net Flow
  • Net Flow v5, v9
  • Local retrieval
  • Export (configuration only)

IP Switched Networks (300-115)

Layer 2 Technologies

  • Configure and verify switch administration
  • SDM templates
  • Managing MAC address table
  • Troubleshoot Err-disable recovery
  • Configure and verify Layer 2 protocols
  • CDP, LLDP
  • UDLD
  • Configure and verify VLANs
  • Access Ports
  • VLAN database
  • Normal, extended VLAN, voice VLAN
  • Configure and verify trucking
  • VTPv1, VTPv2, VTPv3, VTP pruning
  • dot1Q
  • Native VLAN
  • Manual pruning
  • Configure and verify Ether Channels
  • LACP, PAGP, manual
  • Layer 2, Layer 3
  • Load balancing
  • Ether Channel misconfiguration guard
  • Configure and verify spanning tree
  • PVST+, RPVST+, MST
  • Switch priority, port priority, path cost, STP Timers
  • Port Fast, BPDU guard, BPDU filter
  • Loop guard and Root guard
  • Configure and verify other LAN switching technologies
  • SPAN, RSPAN
  • Describe chassis virtualization and aggregation technologies
  • StackWise

Infrastructure Security

  • Configure and verify switch security features
  • DHCP snooping
  • IP Source Guard
  • Dynamic ARP inspection
  • Port security
  • Private VLAN
  • Describe device security using Cisco IOS AAA with TACACS+ and RADIUS
  • AAA with TACACS+ and RADIUS
  • Local privilege authorization fallback

Infrastructure Services

  • Configure and verify first-hop redundancy protocols
  • HSRP
  • VRRP
  • GLBP

Troubleshooting and Maintaining (300-135)

Network Principles

  • Use Cisco IOS troubleshooting tools
  • Debug, conditional debug
  • Ping and traceroute with extended options
  • Apply troubleshooting methodologies
  • Diagnose the root cause of networking issues (analyze symptoms, identify and describe root cause)
  • Design and implement valid solutions
  • Verify and monitor resolution

Layer 2 Technologies

  • Troubleshoot switch administration
  • SDM templates
  • Managing MAC address table
  • Troubleshoot Err-disable recovery
  • Troubleshoot Layer 2 protocols
  • CDP, LLDP
  • UDLD
  • Troubleshoot VLANs
  • Access Ports
  • VLAN database
  • Normal, extended VLAN, voice VLAN
  • Troubleshoot trucking
  • VTPv1, VTPv2, VTPv3, VTP pruning
  • dot1Q
  • Native VLAN
  • Manual pruning
  • Troubleshoot Ether Channels
  • LACP, PAGP, manual
  • Layer 2, Layer 3
  • Load balancing
  • Ether Channel misconfiguration guard
  • Troubleshoot spanning tree
  • PVST+, RPVST +, MST
  • Switch priority, port priority, path cost, STP Timers
  • Port Fast, BPDU guard, BPDU filter
  • Loop guard, Root guard
  • Troubleshoot other LAN switching technologies
  • SPAN, RSPAN
  • Troubleshoot chassis virtualization and aggregation technologies
  • Stack wise

Layer 3 Technologies

  • Troubleshoot IPv4 addressing and submitting
  • Address types (Unicast, broadcast, multicast, and VLSM)
  • ARP
  • DHCP relay and server
  • DHCP protocol operations
  • Troubleshoot IPv6 addressing and submitting
  • Unicast
  • EUI-64
  • ND, RS/RA
  • Autoconfigure (SLAAC)
  • DHCP relay and server
  • DHCP protocol operations
  • Troubleshoot static routing
  • Troubleshoot default routing
  • Troubleshoot administrative distance
  • Troubleshoot passive interfaces
  • Troubleshoot VRF Lite
  • Troubleshoot filtering with any protocol
  • Troubleshoot any routing protocols or routing sources
  • Troubleshoot manual and auto-summarization with any routing protocol
  • Troubleshoot policy-based routing
  • Troubleshoot suboptimal routing
  • Troubleshoot loop prevention mechanisms
  • Route tagging, filtering
  • Split-horizon
  • Route poisoning
  • Troubleshoot RIPv2
  • Troubleshoot EIGRP neighbor relationship and authentication
  • Troubleshoot loop-free path selection
  • RD, FD, FC, successor, feasible successor
  • Troubleshoot EIGPR operations
  • Stuck in active
  • Troubleshoot EIGRP stubs
  • Troubleshoot EIGRP load balancing
  • Equal cost
  • Unequal cost
  • Troubleshoot EIGRP metrics
  • Troubleshoot EIGRP for IPv6
  • Troubleshoot OSPF neighbor relationship and authentication
  • Troubleshoot network types, area types, and router types
  • Point-to-point, multipoint, broadcast, no broadcast
  • LSA types, area type: backbone, normal, transit, stub, NSSA, totally stub
  • Internal router, backbone router, ABR, ASBR
  • Virtual link
  • Troubleshoot OSPF path preference
  • Troubleshoot OSPF operations
  • Troubleshoot OSPF for IPv6
  • Troubleshoot BGP peer relationships and authentication
  • Peer group
  • Active, passive
  • States and timers
  • Troubleshoot EBGP
  • EBGP
  • 4-byte AS number
  • Private AS

VPN Technologies

  • Troubleshoot GRE

Infrastructure Security

  • Troubleshoot IOS AAA using local database
  • Troubleshoot device access control
  • Lines (VTY, AUX, console)
  • Management plane protection
  • Password encryption
  • Troubleshoot router security features
  • IPv4 access control lists (standard, extended, time-based)
  • IPv6 traffic filter
  • Unicast reverse path forwarding

Infrastructure Services

  • Troubleshoot device management
  • Console and VTY
  • Telnet, HTTP, HTTPS, SSH, SCP
  • (T)FTP
  • Troubleshoot SNMP
  • v2
  • v3
  • Troubleshoot logging
  • Local logging, Syslog, debugs, conditional debugs
  • Timestamps
  • Troubleshoot Network Time Protocol(NTP)
  • NTP master, client, version 3, version 4
  • NTP authentication
  • Troubleshoot IPv4 and IPv6 DHCP
  • DHCP client, IOS DHCP server, DHCP relay
  • DHCP options (describe)
  • Troubleshoot IPv4 Network Address Translation (NAT)
  • Static NAT, Dynamic NAT, PAT
  • Troubleshoot SLA architecture
  • Troubleshoot tracking objects
  • Tracking objects
  • Tracking different entities (for example, interfaces, IPSLA results)
Quick Inquiry
ArrowUp