Certification exams
Certification exams
What's new in CCNA v7 ?
Cisco refreshed it's certification program on February 2020 and rebalanced exam topics to better align with employer needs, include room for new topics and end-to end
networking awareness as digital transformation of businesses is driving new networking technologies :
- Software defined architectures
- Automation and virtualization accross all network domains
- Network device management moving from CLI to API
- Programming skills which are now essentials to network admins
- Wireless technologies now prevalent in access networks
- Expanding security threats requiring analytics skills
What is Cisco Networking Academy ?
Cisco Networking Academy (NetAcad) is an online learning platform provided by Cisco Systems to improve the skills and knowledge to succeed in IT and networking. It is a gateway to Cisco Certified Network Associate (CCNA) certification and offers many tools, materials and support for students.
With the introduction of Cisco Packet Tracer 6.0, several new features were added, including BGP, HSRP, which are part of the CCNP TM curriculum. Despite some feature limitations, students preparing CCNP Route and CCNP Switch exams are now able to simulate basic IP telephony with Cisco Call Manager Express and IPSEC VPN using Cisco ISR routers in Packet Tracer.
However, while Cisco Packet Tracer aims to provide a realistic simulation of functional networks, the application itself utilizes only a small number of features found within the actual hardware running a current Cisco IOS TM and focuses on CCENT / CCNA preparation.
In april 2013, Cisco released a virtual router named CSR1000v. This virtual router is provided for free on Cisco website as a Vmware virtual machine embeding IOS XE. CSR1000v runs on VMware ESXi and requires 4 virtual cpus & 4 GB ram per VM.
Multiple virtual routers can run on a single ESXi server to buid a CCNP or CCIE lab and learn MPLS, BGP, LISP, OTV, ... on real IOS-XE software.
Download Cisco CSR 1000V
Cisco CSR 1000V can be freely downloaded on Cisco website and used for a 60 days trial period. By default, the CSR 1000V virtual machine starts with the Cisco Application
Experience (AX) Technology package features and 100-Kbps maximum throughput.
The following trial configurations are available during 60 days after trial period activation :
- IP Base Technology package, 10 Gbps
- SEC Technology package, 5 Gbps
- APP Technology package, 5 Gbps
- AX Technology package, 2.5 Gbps
- 1000 broadband sessions
- 12 GB memory upgrade
After the end of the trial period ends, if you wish to keep using the product, you will need to purchase a license from Cisco for your CSR 1000v.
Licensing your CSR1000V
After having downloaded and installed the CSR1000V virtual machine, go to www.cisco.com/go/license and log in or create an account if you don’t have one.
On the Product License Registration page, select “Continue to Product License Registration.”
In the Get Other Licenses section, select “Demo and Evaluation.”
In the Product Family section, select “Routers & Switches.” In the Product section, select “Cisco Cloud Services Router 1000v.” Select the desired license type.
Enter the UDI Serial number, then click Next to generate the license. You can display the UDI Serial number on your router by entering the “show license udi” command.
CSR1000v supported features
List of supported features for CSR1000v:
802.1Q, AAA, ACL, BGP, DHCP, DNS, EEM, EIGRP, EoMPLS, Flex Netflow + TNF, GRE, ICMP, IGMP, IP SLA, IPSec, IPv6, ISIS, L2TPv3, MPLS, MPLS L2VPN, MPLS L3VPN, MPLS TE, Multicast, NAT, NTP, OSPF, PfR, PIM, PPPoE, RADIUS, RIP, SNMP, SSH, SYSLOG, TACACS, TFTP, VRF-LITE
Features likely to work for CSR1000v:
HSRP, VRRP, GLBP, EZVPN, QoS, LISP, ZBFW, Performance Monitor
What is FRRouting ?
FRRouting (FRR) is an IP routing protocol suite for Linux which has it's roots in the Quagga / Zebra projects. which includes protocol daemons for BGP, IS-IS, LDP, OSPF, EIGRP PIM, and RIP. I's linux integration makes it usable to connect physical hosts, virtual machines, and containers to the network.
It's Cisco-like command line interface (CLI) with many commands similar to the Cisco IOS commands makes FRR easy to configure and a good candidate for building a lightweight routing lab environment for Cisco CCNP enterprise training.
CCNP Enterprise
As of February 24, 2020, CCNP Enterprise is the replacement professional-level certification for Cisco CCNP Routing & Switching and Cisco CCDP. CCNP Enterprise validates core networking knowledge needed at the professional-level and includes automation and programmability to match with required network engineer skills in the enterprise for networking infrastructure scaling.
Contrary to the CCNP R&S, there are no longer formal prerequisites for CCNP Enterprise : a valid CCNA certification is no longer required before beeing able to take CCNP Enterprise exams.
GNS3 emulator is strongly recommended for CCNP Enterprise certification exam preparation as Cisco Packet Tracer 8.1;1 does not include all the layer 2 and layer 3 features os the CCNP curricula
Cisco CCNP 350-401 ENCOR exam topics
Architecture
1.1 Explain the different design principles used in an enterprise network
1.1.a Enterprise network design such as Tier 2, Tier 3, and Fabric Capacity planning
1.1.b High availability techniques such as redundancy, FHRP, and SSO
1.2 Analyze design principles of a WLAN deployment
1.2.a Wireless deployment models (centralized, distributed, controller-less, controller based, cloud, remote branch)
1.2.b Location services in a WLAN design
1.3 Differentiate between on-premises and cloud infrastructure deployments
1.4 Explain the working principles of the Cisco SD-WAN solution
1.4.a SD-WAN control and data planes elements
1.4.b Traditional WAN and SD-WAN solutions
1.5 Explain the working principles of the Cisco SD-Access solution
1.5.a SD-Access control and data planes elements
1.5.b Traditional campus interoperating with SD-Access
1.6 Describe concepts of wired and wireless QoS
1.6.a QoS components
1.6.b QoS policy
1.7 Differentiate hardware and software switching mechanisms
1.7.a Process and CEF
1.7.b MAC address table and TCAM
1.7.c FIB vs. RIB
Virtualization
2.1 Describe device virtualization technologies
2.1.a Hypervisor type 1 and 2
2.1.b Virtual machine
2.1.c Virtual switching
2.2 Configure and verify data path virtualization technologies
2.2.a VRF
2.2.b GRE and IPsec tunneling
2.3 Describe network virtualization concepts
2.3.a LISP
2.3.b VXLAN
Infrastructure
3.1 Layer 2
3.1.a Troubleshoot static and dynamic 802.1q trunking protocols
3.1.b Troubleshoot static and dynamic EtherChannels
3.1.c Configure and verify common Spanning Tree Protocols (RSTP and MST)
3.2 Layer 3
3.2.a Compare routing concepts of EIGRP and OSPF (advanced distance vector vs. linked state, load balancing, path selection, path operations, metrics)
3.2.b Configure and verify simple OSPF environments, including multiple normal areas, summarization, and filtering (neighbor adjacency, point-to-point and broadcast network types, and passive interface)
3.2.c Configure and verify eBGP between directly connected neighbors (best path selection algorithm and neighbor relationships)
3.3 Wireless
3.3.a Describe Layer 1 concepts, such as RF power, RSSI, SNR, interference noise, band and channels, and wireless client devices capabilities
3.3.b Describe AP modes and antenna types
3.3.c Describe access point discovery and join process (discovery algorithms, WLC selection process)
3.3.d Describe the main principles and use cases for Layer 2 and Layer 3 roaming
3.3.e Troubleshoot WLAN configuration and wireless client connectivity issues
3.4 IP Services
3.4.a Describe Network Time Protocol (NTP)
3.4.b Configure and verify NAT/PAT
3.4.c Configure first hop redundancy protocols, such as HSRP and VRRP
3.4.d Describe multicast protocols, such as PIM and IGMP v2/v3
Network assurance and troubleshooting
4.1 Diagnose network problems using tools such as debugs, conditional debugs, trace route, ping, SNMP, and syslog
4.2 Configure and verify device monitoring using syslog for remote logging
4.3 Configure and verify NetFlow and Flexible NetFlow
4.4 Configure and verify SPAN/RSPAN/ERSPAN
4.5 Configure and verify IPSLA
4.6 Describe Cisco DNA Center workflows to apply network configuration, monitoring, and management
4.7 Configure and verify NETCONF and RESTCONF
Network security
5.1 Configure and verify device access control
5.1.a Lines and password protection
5.1.b Authentication and authorization using AAA
5.2 Configure and verify infrastructure security features
5.2.a ACLs
5.2.b CoPP
5.3 Describe REST API security
5.4 Configure and verify wireless security features
5.4.a EAP
5.4.b WebAuth
5.4.c PSK
5.5 Describe the components of network security design
5.5.a Threat defense
5.5.b Endpoint security
5.5.c Next-generation firewall
5.5.d TrustSec, MACsec
5.5.e Network access control with 802.1X, MAB, and WebAuth
Network automation (partial support included in Packet Tracer 8.1)
6.1 Interpret basic Python components and scripts
6.2 Construct valid JSON encoded file
6.3 Describe the high-level principles and benefits of a data modeling language, such as YANG
6.4 Describe APIs for Cisco DNA Center and vManage
6.5 Interpret REST API response codes and results in payload using Cisco DNA Center and RESTCONF
6.6 Construct EEM applet to automate configuration, troubleshooting, or data collection
6.7 Compare agent vs. agentless orchestration tools, such as Chef, Puppet, Ansible, and SaltStack
Packet Tracer 8.1.1 features for ENCOR exam preparation
3.1 Layer 2
3.1.a Troubleshoot static and dynamic 802.1q trunking protocols
Dynamic Trunking Protocol (DTP) desirable and auto modes are supported in Cisco Packet Tracer 8.1.1
Switch(config-if)#switchport mode dynamic ?
auto Set trunking mode dynamic negotiation parameter to AUTO
desirable Set trunking mode dynamic negotiation parameter to DESIRABLE
Switch#show dtp
Global DTP information
Sending DTP Hello packets every 30 seconds
Dynamic Trunk timeout is 300 seconds
1 interfaces using DTP
3.1.b Troubleshoot static and dynamic EtherChannels
The show interface <interface name> switchport command is available in Packet Tracer to troubleshoot both static and dynamic etherchannels and detect native vlan or trunk encapsulation mismatch between two network switches.
Switch#show interfaces fastEthernet 0/1 switchport
Name: Fa0/1
Switchport: Enabled
Administrative Mode: dynamic desirable
Operational Mode: trunk
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan: none
Trunking VLANs Enabled: All
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Unknown unicast blocked: disabled
Unknown multicast blocked: disabled
Appliance trust: none
3.1.c Configure and verify common Spanning Tree Protocols (RSTP and MST)
Cisco Packet Tracer 8.1.1 only supports PVST (Per Vlan Spanning Tree) and RPVST (Rapid Per Vlan Spanning Tree) Cisco proprietary protocols. RSTP and MST are not available in Packet Tracer 8.1.1
3.2 Layer 3
3.2.a Compare routing concepts of EIGRP and OSPF (advanced distance vector vs. linked state, load balancing, path selection, path operations, metrics)
EIGRP and OSPF are both partially supported in Cisco Packet Tracer 8.1.1
Router(config)#router eigrp 10
Router(config-router)#?
auto-summary Enable automatic network number summarization
distance Define an administrative distance
eigrp EIGRP specific commands
exit Exit from routing protocol configuration mode
metric Modify IGRP routing metrics and parameters
neighbor Specify a neighbor router
network Enable routing on an IP network
no Negate a command or set its defaults
passive-interface Suppress routing updates on an interface
redistribute Redistribute information from another routing protocol
variance Control load balancing variance
OSPF backbone (area 0), standard, stub, and not so stubby (NSSA) are supported as well as OSPF virtual links.
Router(config)#router ospf 20
Router(config-router)#?
area OSPF area parameters
auto-cost Calculate OSPF interface cost according to bandwidth
default-information Control distribution of default information
distance Define an administrative distance
exit Exit from routing protocol configuration mode
log-adjacency-changes Log changes in adjacency state
neighbor Specify a neighbor router
network Enable routing on an IP network
no Negate a command or set its defaults
passive-interface Suppress routing updates on an interface
redistribute Redistribute information from another routing protocol
router-id router-id for this OSPF process
Router(config-router)#area 10 ?
authentication Enable authentication
default-cost Set the summary default-cost of a NSSA/stub area
nssa Specify a NSSA area
range Summarize routes matching address/mask (border routers only)
stub Specify a stub area
virtual-link Define a virtual link and its parameters