CCNP
Cisco Certified Network Professional
IP Routing (300-101)
Network Principles
- Identify Cisco Express Forwarding concepts
- FIB
- Adjacency table
- Explain general network challenges
- Unicast
- Out-of-order packets
- Asymmetric routing
- Describe IP operations
- ICMP Unreachable and Redirects
- IPv4 and IPv6 fragmentation
- TTL
- Explain TCP operations
- IPv4 and IPv6 (P)MTU
- MSS
- Latency
- Windowing
- Bandwidth-delay product
- Global synchronization
- Describe UDP operations
- Starvation
- Latency
- Recognize proposed changes to the network
- Changes to routing protocol parameters
- Migrate parts of the network to IPv6
- Routing protocol migration
Layer 2 Technologies
- Configure and verify PPP
- Authentication (PAP, CHAP)
- PPPoE (client-side only)
- Explain Frame Relay
- Operations
- Point-to-point
- Multipoint
Layer 3 Technologies
- Identify, configure, and verify IPv4 addressing and submitting
- Address types (Unicast, broadcast, multicast, and VLSM)
- ARP
- DHCP relay and server
- DHCP protocol operations
- Identify IPv6 addressing and submitting
- Unicast
- EUI-64
- ND, RS/RA
- Autoconfigure (SLAAC)
- DHCP relay and server
- DHCP protocol operations
- Configure and verify static routing
- Configure and verify default routing
- Evaluate routing protocol types
- Distance vector
- Link state
- Path Vector
- Describe administrative distance
- Troubleshoot passive interfaces
- Configure and verify VRF Lite
- Configure and verify filtering with any protocol
- Configure and verify redistribution between any routing protocols or routing sources
- Configure and verify manual and auto-summarization with any routing protocol
- Configure and verify policy-based routing
- Identify suboptimal routing
- Explain ROUTE maps
- Configure and verify loop prevention mechanisms
- Route tagging and filtering
- Split-horizon
- Route poisoning
- Configure and verify RIPv2
- Describe Ring
- Describe EIGRP packet types
- Configure and verify EIGRP neighbor relationship and authentication
- Configure and verify EIGRP stubs
- Configure and verify EIGRP load balancing
- Equal cost
- Unequal cost
- Describe and optimize EIGRP metrics
- Configure and verify EIGRP for IPv6
- Describe OSPF packet types
- Configure and verify OSPF neighbor relationship and authentication
- Configure and verify network types, area types, and router types
- Point-to-point, multipoint, broadcast, no broadcast
- LSA types, area type: backbone, normal, transit, stub, NSSA, totally stub
- Internal router, backbone router, ABR, ASBR
- Virtual link
- Configure and verify OSPF path preference
- Configure and verify OSPF operations
- Configure and verify OSPF for IPv6
- Describe, configure, and verify BGP peer relationships and authentication
- Peer group
- Active, passive
- States and timers
- Configure and verify EBGP (IPv4 and IPv6 address families)
- EBGP
- 4-byte AS number
- Private AS
- Explain BGP attributes and best-path selection
VPN Technologies
- Configure and verify GRE
- Describe DMVPN (single hub)
- Describe Easy Virtual Networking (EVN)
Infrastructure Security
- Describe IOS AAA using local database
- Describe device security using IOS AAA with TACACS+ and RADIUS
- AAA with TACACS+ and RADIUS
- Local privilege authorization fallback
- Configure and verify device access control
- Lines (VTY, AUX, console)
- Management plane protection
- Password encryption
- Configure and verify router security features
- IPv4 access control lists (standard, extended, time-based)
- IPv6 traffic filter
- Unicast reverse path forwarding
Infrastructure Services
- Configure and verify device management
- Console and VTY
- Telnet, HTTP, HTTPS, SSH, SCP
- (T)FTP
- Configure and verify SNMP
- Configure and verify logging
- Local logging, Syslog, debugs, conditional debugs
- Timestamps
- Configure and verify Network Time Protocol (NTP)
- NTP master, client, version 3, version 4
- NTP authentication
- Configure and verify IPv4 and IPv6 DHCP
- DHCP client, IOS DHCP server, DHCP relay
- DHCP options (describe)
- Configure and verify IPv4 Network Address Translation (NAT)
- Static NAT, dynamic NAT, PAT
- Describe IPv6 NAT
- NAT64
- NPTv6
- Describe SLA architecture
- Configure and verify IP SLA
- ICMP
- Configure and verify tracking objects
- Tracking objects
- Tracking different entities (for example, interfaces, IPSLA results)
- Configure and verify Cisco Net Flow
- Net Flow v5, v9
- Local retrieval
- Export (configuration only)
IP Switched Networks (300-115)
Layer 2 Technologies
- Configure and verify switch administration
- SDM templates
- Managing MAC address table
- Troubleshoot Err-disable recovery
- Configure and verify Layer 2 protocols
- CDP, LLDP
- UDLD
- Configure and verify VLANs
- Access Ports
- VLAN database
- Normal, extended VLAN, voice VLAN
- Configure and verify trucking
- VTPv1, VTPv2, VTPv3, VTP pruning
- dot1Q
- Native VLAN
- Manual pruning
- Configure and verify Ether Channels
- LACP, PAGP, manual
- Layer 2, Layer 3
- Load balancing
- Ether Channel misconfiguration guard
- Configure and verify spanning tree
- PVST+, RPVST+, MST
- Switch priority, port priority, path cost, STP Timers
- Port Fast, BPDU guard, BPDU filter
- Loop guard and Root guard
- Configure and verify other LAN switching technologies
- SPAN, RSPAN
- Describe chassis virtualization and aggregation technologies
- StackWise
Infrastructure Security
- Configure and verify switch security features
- DHCP snooping
- IP Source Guard
- Dynamic ARP inspection
- Port security
- Private VLAN
- Describe device security using Cisco IOS AAA with TACACS+ and RADIUS
- AAA with TACACS+ and RADIUS
- Local privilege authorization fallback
Infrastructure Services
- Configure and verify first-hop redundancy protocols
- HSRP
- VRRP
- GLBP
Troubleshooting and Maintaining (300-135)
Network Principles
- Use Cisco IOS troubleshooting tools
- Debug, conditional debug
- Ping and traceroute with extended options
- Apply troubleshooting methodologies
- Diagnose the root cause of networking issues (analyze symptoms, identify and describe root cause)
- Design and implement valid solutions
- Verify and monitor resolution
Layer 2 Technologies
- Troubleshoot switch administration
- SDM templates
- Managing MAC address table
- Troubleshoot Err-disable recovery
- Troubleshoot Layer 2 protocols
- CDP, LLDP
- UDLD
- Troubleshoot VLANs
- Access Ports
- VLAN database
- Normal, extended VLAN, voice VLAN
- Troubleshoot trucking
- VTPv1, VTPv2, VTPv3, VTP pruning
- dot1Q
- Native VLAN
- Manual pruning
- Troubleshoot Ether Channels
- LACP, PAGP, manual
- Layer 2, Layer 3
- Load balancing
- Ether Channel misconfiguration guard
- Troubleshoot spanning tree
- PVST+, RPVST +, MST
- Switch priority, port priority, path cost, STP Timers
- Port Fast, BPDU guard, BPDU filter
- Loop guard, Root guard
- Troubleshoot other LAN switching technologies
- SPAN, RSPAN
- Troubleshoot chassis virtualization and aggregation technologies
- Stack wise
Layer 3 Technologies
- Troubleshoot IPv4 addressing and submitting
- Address types (Unicast, broadcast, multicast, and VLSM)
- ARP
- DHCP relay and server
- DHCP protocol operations
- Troubleshoot IPv6 addressing and submitting
- Unicast
- EUI-64
- ND, RS/RA
- Autoconfigure (SLAAC)
- DHCP relay and server
- DHCP protocol operations
- Troubleshoot static routing
- Troubleshoot default routing
- Troubleshoot administrative distance
- Troubleshoot passive interfaces
- Troubleshoot VRF Lite
- Troubleshoot filtering with any protocol
- Troubleshoot any routing protocols or routing sources
- Troubleshoot manual and auto-summarization with any routing protocol
- Troubleshoot policy-based routing
- Troubleshoot suboptimal routing
- Troubleshoot loop prevention mechanisms
- Route tagging, filtering
- Split-horizon
- Route poisoning
- Troubleshoot RIPv2
- Troubleshoot EIGRP neighbor relationship and authentication
- Troubleshoot loop-free path selection
- RD, FD, FC, successor, feasible successor
- Troubleshoot EIGPR operations
- Stuck in active
- Troubleshoot EIGRP stubs
- Troubleshoot EIGRP load balancing
- Equal cost
- Unequal cost
- Troubleshoot EIGRP metrics
- Troubleshoot EIGRP for IPv6
- Troubleshoot OSPF neighbor relationship and authentication
- Troubleshoot network types, area types, and router types
- Point-to-point, multipoint, broadcast, no broadcast
- LSA types, area type: backbone, normal, transit, stub, NSSA, totally stub
- Internal router, backbone router, ABR, ASBR
- Virtual link
- Troubleshoot OSPF path preference
- Troubleshoot OSPF operations
- Troubleshoot OSPF for IPv6
- Troubleshoot BGP peer relationships and authentication
- Peer group
- Active, passive
- States and timers
- Troubleshoot EBGP
- EBGP
- 4-byte AS number
- Private AS
VPN Technologies
- Troubleshoot GRE
Infrastructure Security
- Troubleshoot IOS AAA using local database
- Troubleshoot device access control
- Lines (VTY, AUX, console)
- Management plane protection
- Password encryption
- Troubleshoot router security features
- IPv4 access control lists (standard, extended, time-based)
- IPv6 traffic filter
- Unicast reverse path forwarding
Infrastructure Services
- Troubleshoot device management
- Console and VTY
- Telnet, HTTP, HTTPS, SSH, SCP
- (T)FTP
- Troubleshoot SNMP
- v2
- v3
- Troubleshoot logging
- Local logging, Syslog, debugs, conditional debugs
- Timestamps
- Troubleshoot Network Time Protocol(NTP)
- NTP master, client, version 3, version 4
- NTP authentication
- Troubleshoot IPv4 and IPv6 DHCP
- DHCP client, IOS DHCP server, DHCP relay
- DHCP options (describe)
- Troubleshoot IPv4 Network Address Translation (NAT)
- Static NAT, Dynamic NAT, PAT
- Troubleshoot SLA architecture
- Troubleshoot tracking objects
- Tracking objects
- Tracking different entities (for example, interfaces, IPSLA results)
