What is Cisco CCNA ?
CCNA Routing & Switching certification is a second-level Cisco Career certification. This certification level validates the ability to install, configure, operate, and troubleshoot medium-size switched and routed networks, including implementation and verification of connections to remote sites in a WAN environment. Upon completion, CCNA candidates should be able to successfully carry out any number of essential networking maintenance and troubleshooting duties such as operating LAN, WAN and dial access services for small networks, as well as having good working knowledge of protocols such as IP, IGRP, Serial, Frame Relay, IP RIP, VLAN’s, Ethernet and Access Lists.
Candidates have the option of two path to get CCNA Routing & Switching certified. Either take and pass two individual exams or alternatively, one larger, combined exam. The exam options are:
Combined exam: 200-125 CCNA - 90 minutes, 60 to 70
- 100-105 ICND1 (90 minutes 45-55 questions) - CCENT certification
- 200-105 ICND2 (90 minutes 55-65 questions)
It is higly recommended to students passing CCNA for the first time to use the "individual exams" path (INCD1 first, then ICND2) as it allows candidates to focus on one subject area at a time and take the relevant exam when they feel ready. Additionally, the two-exam approach gives the candidate the opportunity to ease into the certification by taking the 100-105 ICND1 exam first.
All the three exams include labs and simlets questions to test student's ability to configure and troubleshoot network devices. It is highly recommended to practice networking simulation using Cisco Packet Tracer 7.2 before taking any of the exams. Labs for CCNA traiing available in our labs sections.
CCNA Routing and Switching PTMO (Packet Tracer Media Objects) can now be run inside Packet Tracer 7.2.2 without installing the JAVA runtime environment to practice drag and drop, fill in the blank, multiple choices exam questions.
ICND1 exam topics
ICND2 exam topics
Exam topics may change at any time without notice. Find complete information about ICND2 exam topics on Cisco website : https://learningnetwork.cisco.com/community/certifications/ccna/icnd2/exam-topics
1.0 LAN Switching Technologies
- 1.1 Configure, verify, and troubleshoot VLANs (normal/extended range) spanning multiple switches
- 1.2 Configure, verify, and troubleshoot interswitch connectivity
- 1.3 Configure, verify, and troubleshoot STP protocols
- 1.4 Configure, verify, and troubleshoot STP-related optional features
- 1.5 Configure, verify, and troubleshoot (Layer 2/Layer 3) EtherChannel
- 1.6 Describe the benefits of switch stacking and chassis aggregation
- 1.7 Describe common access layer threat mitigation techniques
2.0 Routing Technologies
- 2.1 Configure, verify, and troubleshoot Inter-VLAN routing
- 2.2 Compare and contrast distance vector and link-state routing protocols
- 2.3 Compare and contrast interior and exterior routing protocols
- 2.4 Configure, verify, and troubleshoot single area and multiarea OSPFv2 for IPv4 (excluding authentication, filtering, manual summarization, redistribution, stub, virtual-link, and LSAs)
- 2.5 Configure, verify, and troubleshoot single area and multiarea OSPFv3 for IPv6 (excluding authentication, filtering, manual summarization, redistribution, stub, virtual-link, and LSAs)
- 2.6 Configure, verify, and troubleshoot EIGRP for IPv4 (excluding authentication, filtering, manual summarization, redistribution, stub)
- 2.7 Configure, verify, and troubleshoot EIGRP for IPv6 (excluding authentication, filtering, manual summarization, redistribution, stub)
3.0 WAN Technologies
- 3.1 Configure and verify PPP and MLPPP on WAN interfaces using local authentication
- 3.2 Configure, verify, and troubleshoot PPPoE client-side interfaces using local authentication
- 3.3 Configure, verify, and troubleshoot GRE tunnel connectivity
- 3.4 Describe WAN topology options
- 3.5 Describe WAN access connectivity options
- 3.6 Configure and verify single-homed branch connectivity using eBGP IPv4 (limited to peering and route advertisement using Network command only)
4.0 Infrastructure Services
- 4.1 Configure, verify, and troubleshoot basic HSRP
- 4.2 Describe the effects of cloud resources on enterprise network architecture
- 4.3 Describe basic QoS concepts
- 4.4 Configure, verify, and troubleshoot IPv4 and IPv6 access list for traffic filtering
- 4.5 Verify ACLs using the APIC-EM Path Trace ACL analysis tool
5.0 Infrastructure Maintenance
- 5.1 Configure and verify device-monitoring protocols
- 5.2 Troubleshoot network connectivity issues using ICMP echo-based IP SLA
- 5.3 Use local SPAN to troubleshoot and resolve problems
- 5.4 Describe device management using AAA with TACACS+ and RADIUS
- 5.5 Describe network programmability in enterprise network architecture
- 5.6 Troubleshoot basic Layer 3 end-to-end connectivity issues
Recommended books for exam preparation (self-study)
CCNA certifications are valid for three years. To recertify, you have to pass either the ICND2 or the CCNA exam, or pass any professional or specialization certification exam (CCNP, ...).
Pearson VUE delivers tests for associate, professional, and expert level certifications for Cisco Systems. Select your test center and schedule your CCNA exam on Pearson VUE website.
Packet Tracer 7.2 features for ICND2 exam preparation
1.0 LAN Switching Technologies
1.1 Configure, verify, and troubleshoot VLANs (normal/extended range) spanning multiple switches
Normal and extended range vlans are fully supported on Packet Tracer 7.2 emulated catalyst switches :
- Normal VLAN ID : 1 to 1001 (1002 - 1005 reserved)
- Extended VLAN ID : 106 to 4094 (4095 reserved)
Switch(config)#vlan ? <1-4094> ISL VLAN IDs 1-1005
1.2 Configure, verify, and troubleshoot interswitch connectivity
- Trunk ports : Supported (switchport mode trunk)
- Add and remove VLANs on a trunk : Supported (switchport trunk allowed vlan add/remove/except/all/none)
- DTP - Dynamic Trunking Protocol : Supported (switchport nonegotiate to disable it)
- VTP (v1&v2) - VLAN Trunking Protocol : Both VTP v1&v2 are supported (vtp version <1-2>, vtp domain, vtp mode)
Switch(config)#vtp ? domain Set the name of the VTP administrative domain. mode Configure VTP device mode password Set the password for the VTP administrative domain version Set the adminstrative domain to VTP version Switch(config)#vtp version ? <1-2> Set the adminstrative domain VTP version number Switch(config)#vtp mode ? client Set the device to client mode. server Set the device to server mode. transparent Set the device to transparent mode.
- 802.1Q : Supported by default on emulated Catalyst switches.
- Native VLAN: Supported (switchport trunk native vlan)
Switch(config-if)#switchport trunk native ? vlan Set native VLAN when interface is in trunking mode
1.3 Configure, verify, and troubleshoot STP protocols
Packet Tracer emulates PVST+ and Rapid-PVST+ Cisco proprietary protocols. Multiple spanning-tree (MST) is not supported.
Switch(config)#spanning-tree mode ? pvst Per-Vlan spanning tree mode rapid-pvst Per-Vlan rapid spanning tree mode
Spanning-tree root bridge can be configured using either :
- Manually configured priority (lowest priority is root) using spanning-tree vlan 1 priority command
- Automatically using the spanning-tree vlan 1 root primary command which automatically sets the priority value as the lowest value in the network.
Switch(config)#spanning-tree vlan 1 priority % Bridge Priority must be in increments of 4096. % Allowed values are: 0 4096 8192 12288 16384 20480 24576 28672 32768 36864 40960 45056 49152 53248 57344 61440 Switch(config)#spanning-tree vlan 100 root primary
1.4 Configure, verify, and troubleshoot STP-related optional features
Packet Tracer supports the spanning-trevPortFast configuration on catalyst switches which allows imediate network interface transition into the forwarding state upon linkup. he network interface still participates in the spanning-tree This feature is used on host ports an is usually required to make PXE boot or DHCP clients work smoothly.
The STP PortFast BPDU guard enhancement allows network designers to enforce the STP domain borders and keep the network topology predictable by dening devices behind the ports that have STP PortFast enabled to influence the STP topology. At the reception of BPDUs on a portfast enabled interface, the BPDU guard operation disables the port (errdisable state) that has PortFast configured.
Switch(config)#interface fastEthernet 0/1 Switch(config-if)#spanning-tree portfast ? disable Disable portfast for this interface trunk Enable portfast on the interface even in trunk mode <cr> Switch(config-if)#spanning-tree portfast %Warning: portfast should only be enabled on ports connected to a single host. Connecting hubs, concentrators, switches, bridges, etc... to this interface when portfast is enabled, can cause temporary bridging loops. Use with CAUTION %Portfast has been configured on FastEthernet0/1 but will only have effect when the interface is in a non-trunking mode. Switch(config-if)#spanning-tree bpduguard enable
Spanning-tree portfast can also be configured by default on all the switch network interfaces :
Switch(config)#spanning-tree portfast ? default Enable portfast by default on all access ports Switch(config)#spanning-tree portfast default
1.5 Configure, verify, and troubleshoot (Layer 2/Layer 3) EtherChannel
Static, LACP, and PAGP etherchannel confguration are supported in Packet Tracer 7.2.2 on catalyst switches layer 2 and layer 3 interfaces
Switch(config-if)#channel-group 1 mode ? active Enable LACP unconditionally auto Enable PAgP only if a PAgP device is detected desirable Enable PAgP unconditionally on Enable Etherchannel only passive Enable LACP only if a LACP device is detected
Use the channel-protocol interface configuration command to restrict the etherchannel protocol used on a port to manage channeling.
Switch(config-if)#channel-protocol ? lacp Prepare interface for LACP protocol pagp Prepare interface for PAgP protocol
1.6 Describe the benefits of switch stacking and chassis aggregation
Switch stacking is not supported in Packet Tracer.
1.7 Describe common access layer threat mitigation techniques
1.7.b DHCP snooping
1.7.c Nondefault native VLAN
4.0 Infrastructure Services
4.1 Configure, verify, and troubleshoot basic HSRP
HSRP priority, preemption, and version (v1 vs v2) are covered in this section.
Cisco Packet Tracer 7.2 supports HSRP v1 and v2
4.2 Describe the effects of cloud resources on enterprise network architecture
Traffic path to internal and external cloud services
Basic virtual network infrastructure
4.3 Describe basic QoS concepts
Prioritization (Voice, Video, Data)
4.4 Configure, verify, and troubleshoot IPv4 and IPv6 access list for traffic filtering
Packet Tracer 7.2 features standard, extended, and named access-lists on emulated ISR routers and layer 3 switches. Access-lists can be applied to physical network interfaces, vlan interfaces, or virtual terminal lines.
Access-lists configuration tutorial describes access-list configuration on a Cisco 2911 ISR router.
4.5 Verify ACLs using the APIC-EM Path Trace ACL analysis tool
APIC-EM is not supported in Cisco Packet Tracer 7.2 . However, APIC-EM can be tested on https://sandboxapicem.cisco.com/ (Username: devnetuser - Password: Cisco123!)