Cisco Certified Network Professional (CCNP) validates knowledge and skills required to install, configure and troubleshoot converged local and wide area networks with 100 to 500 or more nodes. With a CCNP certification, a network professional demonstrates the knowledge and skills required to manage the routers and switches that form the network core, as well as edge applications that integrate voice, wireless, and security into the network. The CCNP curriculum includes building scalable Cisco networks, Cisco multilayer switched networks, securing converged wide area networks, and optimizing converged networks.
350-401 :- CISCO ENTERPRISE NETWORK CORE TECHNOLOGIES (ENCOR)
This exam tests your knowledge and skills related to implementing core enterprise network technologies, including:
Dual stack (IPv4 and IPv6) architecture
Virtualization
Infrastructure
Network assurance
Security
Automation
MODULE 1 -ARCHITECTURE
1. Explain the different design principles used in an enterprise network
Enterprise network design such as Tier 2, Tier 3, and Fabric Capacity planning
High availability techniques such as redundancy, FHRP, and SSO
2. Analyze design principles of a WLAN deployment
Wireless deployment models (centralized, distributed, controller-less, controller based, cloud, remote branch)
Location services in a WLAN design
3. Differentiate between on-premises and cloud infrastructure deployments
4. Explain the working principles of the Cisco SD-WAN solution
SD-WAN control and data planes elements
Traditional WAN and SD-WAN solutions
5.Explain the working principles of the Cisco SD-Access solution
SD-Access control and data planes elements
Traditional campus interoperating with SD-Access
6. Describe concepts of wired and wireless QoS
QoS components
QoS policy
7. Differentiate hardware and software switching mechanisms
Process and CEF
MAC address table and TCAM
FIB vs. RIB
MODULE- 2 VIRTUALIZATION
1. Describe device virtualization technologies
Hypervisor type 1 and 2
Virtual machine
Virtual switching
2. Configure and verify data path virtualization technologies
VRF
GRE and IPsec tunneling
3.Describe network virtualization concepts
LISP
VXLAN
MODULE-3 INFRASTRUCTURE
1. Layer 2
Troubleshoot static and dynamic 802.1q trunking protocols
Troubleshoot static and dynamic EtherChannels
Configure and verify common Spanning Tree Protocols (RSTP and MST)
2. Layer 3
Compare routing concepts of EIGRP and OSPF (advanced distance vector vs. linked state, load balancing, path selection, path operations, metrics)
Configure and verify simple OSPF environments, including multiple normal areas, summarization, and filtering (neighbor adjacency, point-to-point and broadcast network types, and passive interface)
Configure and verify eBGP between directly connected neighbors (best path selection algorithm and neighbor relationships)
3. Wireless
Describe Layer 1 concepts, such as RF power, RSSI, SNR, interference noise, band and channels, and wireless client devices capabilities
Describe AP modes and antenna types
Describe access point discovery and join process (discovery algorithms, WLC selection process)
Describe the main principles and use cases for Layer 2 and Layer 3 roaming
Troubleshoot WLAN configuration and wireless client connectivity issues
4.IP Services
Describe Network Time Protocol (NTP)
Configure and verify NAT/PAT
Configure first hop redundancy protocols, such as HSRP and VRRP
Describe multicast protocols, such as PIM and IGMP v2/v3
MODULE -4 NETWORK ASSURANCE
1.Diagnose network problems using tools such as debugs, conditional debugs,trace route, ping, SNMP, and syslog
2.Configure and verify device monitoring using syslog for remote logging
3.Configure and verify NetFlow and Flexible NetFlow
4.Configure and verify SPAN/RSPAN/ERSPAN
5.Configure and verify IPSLA
6. Describe Cisco DNA Center workflows to apply network configuration, monitoring, and management
7.Configure and verify NETCONF and RESTCONF
MODULE -5 SECURITY
1. Configure and verify device access control
Lines and password protection
Authentication and authorization using AAA
2.Configure and verify infrastructure security features
ACLs
CoPP
3.Describe REST API security
4.Configure and verify wireless security features
EAP
WebAuth
PSK
5.Describe the components of network security design
Threat defense
Endpoint security
Next-generation firewall
TrustSec, MACsec
Network access control with 802.1X, MAB, and WebAuth
MODULE -6 AUTOMATION
1.Interpret basic Python components and scripts
2.Construct valid JSON encoded file
3.Describe the high-level principles and benefits of a data modeling language, such as YANG
4.Describe APIs for Cisco DNA Center and vManage
5.Interpret REST API response codes and results in payload using Cisco DNA Center and RESTCONF
6.Construct EEM applet to automate configuration, troubleshooting, or data collection
7.Compare agent vs. agentless orchestration tools, such as Chef, Puppet, Ansible, and SaltStack
300-410 :- Implementing Cisco Enterprise Advanced Routing and Services (ENARSI)
This exam tests your knowledge of implementation and troubleshooting for advanced routing technologies and services, including:
Layer 3
VPN services
Infrastructure security
Infrastructure services
Infrastructure automation
MODULE 1-LAYER 3 TECHNOLOGIES
1.Troubleshoot administrative distance (all routing protocols)
2.Troubleshoot route map for any routing protocol (attributes, tagging, filtering)
3.Troubleshoot loop prevention mechanisms (filtering, tagging, split horizon, route poisoning)
4.Troubleshoot redistribution between any routing protocols or routing sources
5.Troubleshoot manual and auto-summarization with any routing protocol
6.Configure and verify policy-based routing
7. Configure and verify VRF-Lite
8. Describe Bidirectional Forwarding Detection
9.Troubleshoot EIGRP (classic and named mode)
Address families (IPv4, IPv6)
Neighbor relationship and authentication
Loop-free path selections (RD, FD, FC, successor, feasible successor, stuck in active)
Stubs
Load balancing (equal and unequal cost)
Metrics
10.Troubleshoot OSPF (v2/v3)
Address families (IPv4, IPv6)
Neighbor relationship and authentication
Network types, area types, and router types
Point-to-point, multipoint, broadcast, no broadcast
Area type: backbone, normal, transit, stub, NSSA, totally stub
Internal router, backbone router, ABR, ASBR
Virtual link
Path preference
11.Troubleshoot BGP (Internal and External)
Address families (IPv4, IPv6)
Neighbor relationship and authentication (next-hop, multichip, 4-byte AS, private AS, route refresh, synchronization, operation, peer group, states and timers)
Path preference (attributes and best-path)
Route reflector (excluding multiple route reflectors, confederations, dynamic peer [www.logiccalicut.com])
Policies (inbound/outbound filtering, path manipulation)
MODULE 2-VPN TECHNOLOGIES
1.Describe MPLS operations (LSR, LDP, label switching, LSP)
2.Describe MPLS Layer 3 VPN
3.Configure and verify DMVPN (single hub)
GRE/mGRE
NHRP
IPsec
Dynamic neighbor
Spoke-to-spoke
MODULE 3-INFRASTRUCTURE SECURITY
1.Troubleshoot device security using IOS AAA (TACACS+, RADIUS, local database)
2.Troubleshoot router security features
IPv4 access control lists (standard, extended, time-based)
IPv6 traffic filter
Unicast reverse path forwarding (uRPF)
3.Troubleshoot control plane policing (CoPP) (Telnet, SSH, HTTP(S), SNMP, EIGRP, OSPF, BGP)
4.Describe IPv6 First Hop security features (RA guard, DHCP guard, binding table, ND inspection/snooping, source guard)
MODULE 4-INFRASTRUCTURE SERVICES
4.1 Troubleshoot device management
Console and VTY
Telnet, HTTP, HTTPS, SSH, SCP
(T)FTP
2.Troubleshoot SNMP (v2c, v3)
3.Troubleshoot network problems using logging (local, syslog, debugs, conditional debugs, timestamps)
4.Troubleshoot IPv4 and IPv6 DHCP (DHCP client, IOS DHCP server, DHCP relay, DHCP options)
5.Troubleshoot network performance issues using IP SLA (jitter, tracking objects, delay, connectivity)
6.Troubleshoot NetFlow (v5, v9, flexible NetFlow)
7.Troubleshoot network problems using Cisco DNA Center assurance (connectivity, monitoring, device health, network health)