CCNP

Cisco Certified Network Professional

IP Routing (300-101)

Network Principles

• Identify Cisco Express Forwarding concepts
• FIB
• Adjacency table
• Explain general network challenges
• Unicast
• Out-of-order packets
• Asymmetric routing
• Describe IP operations
• ICMP Unreachable and Redirects
• IPv4 and IPv6 fragmentation
• TTL
• Explain TCP operations
• IPv4 and IPv6 (P)MTU
• MSS
• Latency
• Windowing
• Bandwidth-delay product
• Global synchronization
• Describe UDP operations
• Starvation
• Latency
• Recognize proposed changes to the network
• Changes to routing protocol parameters
• Migrate parts of the network to IPv6
• Routing protocol migration

Layer 2 Technologies

• Configure and verify PPP
• Authentication (PAP, CHAP)
• PPPoE (client-side only)
• Explain Frame Relay
• Operations
• Point-to-point
• Multipoint

Layer 3 Technologies

• Identify, configure, and verify IPv4 addressing and submitting
• Address types (Unicast, broadcast, multicast, and VLSM)
• ARP
• DHCP relay and server
• DHCP protocol operations
• Identify IPv6 addressing and submitting
• Unicast
• EUI-64
• ND, RS/RA
• Autoconfigure (SLAAC)
• DHCP relay and server
• DHCP protocol operations
• Configure and verify static routing
• Configure and verify default routing
• Evaluate routing protocol types
• Distance vector
• Link state
• Path Vector
• Describe administrative distance
• Troubleshoot passive interfaces
• Configure and verify VRF Lite
• Configure and verify filtering with any protocol
• Configure and verify redistribution between any routing protocols or routing sources
• Configure and verify manual and auto-summarization with any routing protocol
• Configure and verify policy-based routing
• Identify suboptimal routing
• Explain ROUTE maps
• Configure and verify loop prevention mechanisms
• Route tagging and filtering
• Split-horizon
• Route poisoning
• Configure and verify RIPv2
• Describe Ring
• Describe EIGRP packet types
• Configure and verify EIGRP neighbor relationship and authentication
• Configure and verify EIGRP stubs
• Configure and verify EIGRP load balancing
• Equal cost
• Unequal cost
• Describe and optimize EIGRP metrics
• Configure and verify EIGRP for IPv6
• Describe OSPF packet types
• Configure and verify OSPF neighbor relationship and authentication
• Configure and verify network types, area types, and router types
• Point-to-point, multipoint, broadcast, no broadcast
• LSA types, area type: backbone, normal, transit, stub, NSSA, totally stub
• Internal router, backbone router, ABR, ASBR
• Virtual link
• Configure and verify OSPF path preference
• Configure and verify OSPF operations
• Configure and verify OSPF for IPv6
• Describe, configure, and verify BGP peer relationships and authentication
• Peer group
• Active, passive
• States and timers
• Configure and verify EBGP (IPv4 and IPv6 address families)
• EBGP
• 4-byte AS number
• Private AS
• Explain BGP attributes and best-path selection

VPN Technologies

• Configure and verify GRE
• Describe DMVPN (single hub)
• Describe Easy Virtual Networking (EVN)

Infrastructure Security

• Describe IOS AAA using local database
• Describe device security using IOS AAA with TACACS+ and RADIUS
• AAA with TACACS+ and RADIUS
• Local privilege authorization fallback
• Configure and verify device access control
• Lines (VTY, AUX, console)
• Management plane protection
• Password encryption
• Configure and verify router security features
• IPv4 access control lists (standard, extended, time-based)
• IPv6 traffic filter
• Unicast reverse path forwarding

Infrastructure Services

• Configure and verify device management
• Console and VTY
• Telnet, HTTP, HTTPS, SSH, SCP
• (T)FTP
• Configure and verify SNMP
• Configure and verify logging
• Local logging, Syslog, debugs, conditional debugs
• Timestamps
• Configure and verify Network Time Protocol (NTP)
• NTP master, client, version 3, version 4
• NTP authentication
• Configure and verify IPv4 and IPv6 DHCP
• DHCP client, IOS DHCP server, DHCP relay
• DHCP options (describe)
• Configure and verify IPv4 Network Address Translation (NAT)
• Static NAT, dynamic NAT, PAT
• Describe IPv6 NAT
• NAT64
• NPTv6
• Describe SLA architecture
• Configure and verify IP SLA
• ICMP
• Configure and verify tracking objects
• Tracking objects
• Tracking different entities (for example, interfaces, IPSLA results)
• Configure and verify Cisco Net Flow
• Net Flow v5, v9
• Local retrieval
• Export (configuration only)

IP Switched Networks (300-115)

Layer 2 Technologies

• Configure and verify switch administration
• SDM templates
• Managing MAC address table
• Troubleshoot Err-disable recovery
• Configure and verify Layer 2 protocols
• CDP, LLDP
• UDLD
• Configure and verify VLANs
• Access Ports
• VLAN database
• Normal, extended VLAN, voice VLAN
• Configure and verify trucking
• VTPv1, VTPv2, VTPv3, VTP pruning
• dot1Q
• Native VLAN
• Manual pruning
• Configure and verify Ether Channels
• LACP, PAGP, manual
• Layer 2, Layer 3
• Load balancing
• Ether Channel misconfiguration guard
• Configure and verify spanning tree
• PVST+, RPVST+, MST
• Switch priority, port priority, path cost, STP Timers
• Port Fast, BPDU guard, BPDU filter
• Loop guard and Root guard
• Configure and verify other LAN switching technologies
• SPAN, RSPAN
• Describe chassis virtualization and aggregation technologies
• StackWise

Infrastructure Security

• Configure and verify switch security features
• DHCP snooping
• IP Source Guard
• Dynamic ARP inspection
• Port security
• Private VLAN
• Describe device security using Cisco IOS AAA with TACACS+ and RADIUS
• AAA with TACACS+ and RADIUS
• Local privilege authorization fallback

Infrastructure Services

• Configure and verify first-hop redundancy protocols
• HSRP
• VRRP
• GLBP

Troubleshooting and Maintaining (300-135)

Network Principles

• Use Cisco IOS troubleshooting tools
• Debug, conditional debug
• Ping and traceroute with extended options
• Apply troubleshooting methodologies
• Diagnose the root cause of networking issues (analyze symptoms, identify and describe root cause)
• Design and implement valid solutions
• Verify and monitor resolution

Layer 2 Technologies

• Troubleshoot switch administration
• SDM templates
• Managing MAC address table
• Troubleshoot Err-disable recovery
• Troubleshoot Layer 2 protocols
• CDP, LLDP
• UDLD
• Troubleshoot VLANs
• Access Ports
• VLAN database
• Normal, extended VLAN, voice VLAN
• Troubleshoot trucking
• VTPv1, VTPv2, VTPv3, VTP pruning
• dot1Q
• Native VLAN
• Manual pruning
• Troubleshoot Ether Channels
• LACP, PAGP, manual
• Layer 2, Layer 3
• Load balancing
• Ether Channel misconfiguration guard
• Troubleshoot spanning tree
• PVST+, RPVST +, MST
• Switch priority, port priority, path cost, STP Timers
• Port Fast, BPDU guard, BPDU filter
• Loop guard, Root guard
• Troubleshoot other LAN switching technologies
• SPAN, RSPAN
• Troubleshoot chassis virtualization and aggregation technologies
• Stack wise

Layer 3 Technologies

• Troubleshoot IPv4 addressing and submitting
• Address types (Unicast, broadcast, multicast, and VLSM)
• ARP
• DHCP relay and server
• DHCP protocol operations
• Troubleshoot IPv6 addressing and submitting
• Unicast
• EUI-64
• ND, RS/RA
• Autoconfigure (SLAAC)
• DHCP relay and server
• DHCP protocol operations
• Troubleshoot static routing
• Troubleshoot default routing
• Troubleshoot administrative distance
• Troubleshoot passive interfaces
• Troubleshoot VRF Lite
• Troubleshoot filtering with any protocol
• Troubleshoot any routing protocols or routing sources
• Troubleshoot manual and auto-summarization with any routing protocol
• Troubleshoot policy-based routing
• Troubleshoot suboptimal routing
• Troubleshoot loop prevention mechanisms
• Route tagging, filtering
• Split-horizon
• Route poisoning
• Troubleshoot RIPv2
• Troubleshoot EIGRP neighbor relationship and authentication
• Troubleshoot loop-free path selection
• RD, FD, FC, successor, feasible successor
• Troubleshoot EIGPR operations
• Stuck in active
• Troubleshoot EIGRP stubs
• Troubleshoot EIGRP load balancing
• Equal cost
• Unequal cost
• Troubleshoot EIGRP metrics
• Troubleshoot EIGRP for IPv6
• Troubleshoot OSPF neighbor relationship and authentication
• Troubleshoot network types, area types, and router types
• Point-to-point, multipoint, broadcast, no broadcast
• LSA types, area type: backbone, normal, transit, stub, NSSA, totally stub
• Internal router, backbone router, ABR, ASBR
• Virtual link
• Troubleshoot OSPF path preference
• Troubleshoot OSPF operations
• Troubleshoot OSPF for IPv6
• Troubleshoot BGP peer relationships and authentication
• Peer group
• Active, passive
• States and timers
• Troubleshoot EBGP
• EBGP
• 4-byte AS number
• Private AS

VPN Technologies

• Troubleshoot GRE

Infrastructure Security

• Troubleshoot IOS AAA using local database
• Troubleshoot device access control
• Lines (VTY, AUX, console)
• Management plane protection
• Password encryption
• Troubleshoot router security features
• IPv4 access control lists (standard, extended, time-based)
• IPv6 traffic filter
• Unicast reverse path forwarding

Infrastructure Services

• Troubleshoot device management
• Console and VTY
• Telnet, HTTP, HTTPS, SSH, SCP
• (T)FTP
• Troubleshoot SNMP
• v2
• v3
• Troubleshoot logging
• Local logging, Syslog, debugs, conditional debugs
• Timestamps
• Troubleshoot Network Time Protocol(NTP)
• NTP master, client, version 3, version 4
• NTP authentication
• Troubleshoot IPv4 and IPv6 DHCP
• DHCP client, IOS DHCP server, DHCP relay
• DHCP options (describe)
• Troubleshoot IPv4 Network Address Translation (NAT)
• Static NAT, Dynamic NAT, PAT
• Troubleshoot SLA architecture
• Troubleshoot tracking objects
• Tracking objects
• Tracking different entities (for example, interfaces, IPSLA results)