You are on page 1of 12

Network Principles 10%

Sunday, February 9, 2014 2:43 PM

1. 1.1 Network Theory a. Describe basic software architecture differences between IOS and IOS XE i. Control plane and Forwarding plane ii. Impact to troubleshooting and performances iii. Excluding specific platform's architecture b. Identify Cisco express forwarding concepts i. RIB, FIB, LFIB, Adjacency table ii. Load balancing Hash iii. Polarization concept and avoidance c. Explain general network challenges i. Unicast flooding ii. Out of order packets iii. Asymmetric routing iv. Impact of micro burst d. Explain IP operations i. ICMP unreachable, redirect ii. IPv4 options, IPv6 extension headers iii. IPv4 and IPv6 fragmentation iv. TTL v. IP MTU e. Explain TCP operations i. IPv4 and IPv6 PMTU ii. MSS iii. Latency iv. Windowing v. Bandwidth delay product vi. Global synchronization vii. Options f. Explain UDP operations i. Starvation ii. Latency iii. RTP/RTCP concepts 2. 1.2 Network implementation and operation a. Evaluate proposed changes to a network i. Changes to routing protocol parameters ii. Migrate parts of a network to IPv6 iii. Routing protocol migration iv. Adding multicast support v. Migrate spanning tree protocol vi. Evaluate impact of new traffic on existing QoS design 3. 1.3 Network troubleshooting a. Use IOS troubleshooting tools i. Debug, conditional debug ii. Ping, traceroute with extended options iii. Embedded packet capture iv. Performance monitor b. Apply troubleshooting methodologies i. Diagnose the root cause of networking issue (analyze symptoms, identify and describe root cause)
1.0 Network Principles Page 1

root cause) ii. Design and implement valid solutions according to constraints iii. Verify and monitor resolution c. Interpret packet capture i. Using Wireshark trace analyzer ii. Using IOS embedded packet capture

1.0 Network Principles Page 2

Layer 2 Technologies 15%


Sunday, February 9, 2014 3:21 PM

1. LAN switching technologies a. Implement and troubleshoot switch administration i. Managing MAC address table ii. Errdisable recovery iii. L2 MTU b. Implement and troubleshoot layer 2 protocols i. CDP, LLDP ii. UDLD c. Implement and troubleshoot VLAN i. Access ports ii. VLAN database iii. Normal, extended VLAN, voice VLAN d. Implement and troubleshoot trunking i. VTPv1, VTPv2, VTPv3, VTP pruning ii. Dot1Q iii. Native VLAN iv. Manual pruning e. Implement and troubleshoot etherchannel i. LACP, PAgP, manual ii. Layer 2, layer 3 iii. Load-balancing iv. Etherchannel misconfiguration guard f. Implement and troubleshoot spanning-tree i. PVST+/RPVST+/MST ii. Switch priority, port priority, path cost, STP timers iii. Port fast, BPDUguard, BPDUfilter iv. Loopguard, rootguard g. Implement and troubleshoot other LAN switching technologies i. SPAN, RSPAN, ERSPAN h. Describe chassis virtualization and aggregation technologies i. Multichassis ii. VSS concepts iii. Alternative to STP iv. Stackwise v. Excluding specific platform implementation i. Describe spanning-tree concepts i. Compatibility between MST and RSTP ii. STP dispute, STP bridge assurance 2. Layer 2 Multicast a. Implement and troubleshoot IGMP i. IGMPv1, IGMPv2, IGMPv3 ii. IGMP snooping iii. IGMP querier iv. IGMP filter v. IGMP proxy b. Explain MLD c. Explain PIM snooping 3. Layer 2 WAN circuit technologies a. Implement and troubleshoot HDLC
2.0 Layer 2 Technologies Page 3

a. Implement and troubleshoot HDLC b. Implement and troubleshoot PPP i. Authentication (PAP, CHAP) ii. PPPoE iii. MLPPP c. Describe WAN rate-based ethernet circuits i. Metro and WAN Ethernet topologies ii. Use of rate-limited WAN ethernet services 4. Troubleshooting layer 2 technologies a. Use IOS troubleshooting tools i. Debug, conditional debug ii. Ping, traceroute with extended options iii. Embedded packet capture b. Apply troubleshooting methodologies i. Diagnose the root cause of networking issue (analyze symptoms, identify and describe root cause) ii. Design and implement valid solutions according to constraints iii. Verify and monitor resolution c. Interpret packet capture i. Using wireshark trace analyzer ii. Using IOS embedded packet capture

2.0 Layer 2 Technologies Page 4

Layer 3 Technologies 40%


Sunday, February 9, 2014 3:37 PM

1. Addressing technologies a. Identify, implement and troubleshoot IPv4 addressing and sub-netting i. Address types, VLSM ii. ARP b. Identify, implement and troubleshoot IPv6 addressing and sub-netting i. Unicast, multicast ii. EUI-64 iii. ND, RS/RA iv. Autoconfig/SLAAC temporary address (RFC4941) v. Global prefix configuration feature vi. DHCP protocol operations vii. SLAAC/DHCPv6 interaction viii. Stateful, stateless DHCPv6 ix. DHCPv6 prefix delegation 2. Layer 3 Multicast a. Troubleshoot reverse path forwarding i. RPF failure ii. RPF failure with tunnel interface b. Implement and troubleshoot IPv4 protocol independent multicast i. PIM dense mode, sparse mode, sparse-dense mode ii. Static RP, auto-RP, BSR iii. Bidirectional PIM iv. Source-specific multicast v. Group to RP mapping vi. Multicast boundary c. Implement and troubleshoot multicast source discovery protocol i. Intra-domain MSDP (anycast RP) ii. SA filter d. Describe IPv6 multicast i. IPv6 multicast addresses ii. PIMv6 3. Fundamental routing concepts a. Implement and troubleshoot static routing b. Implement and troubleshoot default routing c. Compare routing protocol types i. Distance vector ii. Link state iii. Path vector d. Implement, optimize and troubleshoot administrative distance e. Implement and troubleshoot passive interface f. Implement and troubleshoot VRF lite g. Implement, optimize and troubleshoot filtering with any routing protocol h. Implement, optimize and troubleshoot redistribution between any routing protocol i. Implement, optimize and troubleshoot manual and auto summarization with any routing protocol j. Implement, optimize and troubleshoot policy-based routing k. Identify and troubleshoot sub-optimal routing l. Implement and troubleshoot bidirectional forwarding detection m. Implement and troubleshoot loop prevention mechanisms i. Route tagging, filtering
3.0 Layer 3 Technologies Page 5

i. Route tagging, filtering ii. Split horizon iii. Route poisoning n. Implement and troubleshoot routing protocol authentication i. MD5 ii. Key-chain iii. EIGRP HMAC SHA2-256bit iv. OSPFv2 SHA1-196bit v. OSPFv3 Ipsec authentication 4. RIP (v2 and v6) a. Implement and troubleshoot RIPv2 b. Describe RIPv6 (RIPng) 5. EIGRP (for IPv4 and IPv6) a. Describe packet types i. Packet types (hello, query, update, and such) ii. Route types (internal, external) b. Implement and troubleshoot neighbor relationship i. Multicast, unicast EIGRP peering ii. OTP point-to-point peering iii. OTP route-reflector peering iv. OTP multiple service providers scenario c. Implement and Troubleshoot Loop free path selection i. RD, FD, FC, successor, feasible successor ii. Classic metric iii. Wide metric d. Implement and troubleshoot operations i. General operations ii. Topology table, update, query, active, passive iii. Stuck in active iv. Graceful shutdown e. Implement and troubleshoot EIGRP stub i. Stub ii. Leak-map f. Implement and troubleshoot load-balancing i. Equal-cost ii. Unequal-cost iii. Add-path g. Implement EIGRP (multi-address) named mode i. Types of families ii. IPv4 address-family iii. IPv6 address-family h. Implement, troubleshoot and optimize EIGRP convergence and scalability i. Describe fast convergence requirements ii. Control query boundaries iii. IP FRR/fast reroute (single hop) iv. Summary leak-map v. Summary metric 6. OSPF (v2 and v3) a. Describe packet types i. LSA types (1, 2, 3, 4, 5, 7, 9) ii. Route types (N1, N2, E1, E2) b. Implement and troubleshoot neighbor relationship c. Implement and troubleshoot OSPFv3 address-family support i. IPv4 address-family
3.0 Layer 3 Technologies Page 6

d.

e. f.

g.

i. IPv4 address-family ii. IPv6 address-family Implement and troubleshoot network types, area types and router types i. Point-to-point, multipoint, broadcast, non-broadcast ii. LSA types, area type: backbone, normal, transit, stub, NSSA, totally stub iii. Internal router, ABR, ASBR iv. Virtual link Implement and troubleshoot path preference Implement and troubleshoot operations i. General operations ii. Graceful shutdown iii. GTSM (generic TTL security mechanism) Implement, troubleshoot and optimize OSPF convergence and scalability i. Metrics ii. LSA throttling, SPF tuning, fast hello iii. LSA propagation control (area types, ISPF) iv. IP FR/fast reroute (single hop) v. LFA/loop-free alternative (multi hop) vi. OSPFv3 prefix suppression

7. BGP a. Describe, implement and troubleshoot peer relationships i. Peer-group, template ii. Active, passive iii. States, timers iv. Dynamic neighbors b. Implement and troubleshoot IBGP and EBGP i. EBGP, IBGP ii. 4 bytes AS number iii. Private AS c. Explain attributes and best-path selection d. Implement, optimize and troubleshoot routing policies i. Attribute manipulation ii. Conditional advertisement iii. Outbound route filtering iv. Communities, extended communities v. Multi-homing e. Implement and troubleshoot scalability i. Route-reflector, cluster ii. Confederations iii. Aggregation, AS set f. Implement and troubleshoot multi-protocol BGP i. IPv4, IPv6, VPN address-family g. Implement and troubleshoot AS path manipulations i. Local AS, allow AS in, remove private AS ii. Prepend iii. Regexp h. Implement and troubleshoot other features i. Multipath ii. BGP synchronization iii. Soft reconfiguration, route refresh i. Describe BGP fast convergence features i. Prefix independent convergence ii. Add-path iii. Next-hop address tracking
3.0 Layer 3 Technologies Page 7

iii. Next-hop address tracking 8. 3.8 ISIS (for IPv4 and IPv6) a. Describe basic ISIS network i. Single area, single topology b. Describe neighbor relationship c. Describe network types, levels and router types i. NSAP addressing ii. Point-to-point, broadcast d. Describe operations e. Describe optimization features i. Metrics, wide metric 9. Troubleshooting layer 3 technologies a. Use IOS troubleshooting tools i. Debug, conditional debug ii. Ping, traceroute with extended options iii. Embedded packet capture b. Apply troubleshooting methodologies i. Diagnose the root cause of networking issue (analyze symptoms, identify and describe root cause) ii. Design and implement valid solutions according to constraints iii. Verify and monitor resolution c. Interpret packet capture i. Using wireshark trace analyzer ii. Using IOS embedded packet capture

3.0 Layer 3 Technologies Page 8

VPN Technologies 15%


Sunday, February 9, 2014 7:20 PM

1. Tunneling a. Implement and troubleshoot MPLS operations i. Label stack, LSR, LSP ii. LDP iii. MPLS ping, MPLS traceroute b. Implement and troubleshoot basic MPLS L3VPN i. L3VPN, CE, PE, P ii. Extranet (route leaking) c. Implement and troubleshoot encapsulation i. GRE ii. Dynamic GRE iii. LISP encapsulation principles supporting EIGRP OTP d. Implement and troubleshoot DMVPN (single hub) i. NHRP ii. DMVPN with Ipsec using preshared key iii. QoS profile iv. Pre-classify e. Describe IPv6 tunneling techniques i. 6in4, 6to4 ii. ISATAP iii. 6RD iv. 6PE/6VPE f. Describe basic layer 2 VPN - wireline i. L2TPv3 general principals ii. ATOM general principals g. Describe basic L2VPN - LAN services i. MPLS-VPLS general principals ii. OTV general principals 2. Encryption a. Implement and troubleshoot Ipsec with preshared key i. IPv4 site to IPv4 site ii. IPv6 in IPv4 tunnels iii. Virtual tunneling interface (VTI) b. Describe GET VPN 3. Troubleshooting VPN technologies a. Use IOS troubleshooting tools i. Debug, conditional debug ii. Ping, traceroute with extended options iii. Embedded packet capture b. Apply troubleshooting methodologies i. Diagnose the root cause of networking issue (analyze symptoms, identify and describe root cause) ii. Design and implement valid solutions according to constraints iii. Verify and monitor resolution c. Interpret packet capture i. Using wireshark trace analyzer ii. Using IOS embedded packet capture

4.0 VPN Technologies Page 9

5.0 Infrastructure Security 5%


Tuesday, February 11, 2014 11:08 AM

1. Device Security a. Implement and troubleshoot IOS AAA using local database b. Implement and troubleshoot device access control i. Lines (VTY, AUX, console ii. SNMP iii. Management plane protection iv. Password encryption c. Implement and troubleshoot control plane policing d. Describe device security using IOS AAA with TACACS+ and RADIUS i. AAA with TACACS+ and RADIUS ii. Local privilege authorization fallback 2. Network security a. Implement and troubleshoot switch security features i. VACL, PACL ii. Stormcontrol iii. DHCP snooping iv. IP source-guard v. Dynamic ARP inspection vi. Port-security vii. Private VLAN b. Implement and troubleshoot router security features i. IPv4 access control lists (standard, extended, time-based) ii. IPv6 traffic filter iii. Unicast reverse path forwarding c. Implement and troubleshoot IPv6 first hop security i. RA guard ii. DHCP guard iii. Binding table iv. Device tracking v. ND inspection/snooping vi. Source guard vii. PACL d. Describe 802.1x i. 802.1x, EAP, RADIUS ii. MAC authentication bypass 3. Troubleshooting infrastructure security a. Use IOS troubleshooting tools i. Debug, conditional debug ii. Ping, traceroute with extended options iii. Embedded packet capture b. Apply troubleshooting methodologies i. Diagnose the root cause of networking issue (analyze symptoms, identify and describe root cause) ii. Design and implement valid solutions according to constraints iii. Verify and monitor resolution c. Interpret packet capture i. Using wireshark trace analyzer ii. Using IOS embedded packet capture

5.0 Infrastructure Security Page 10

6.0 Infrastructure Services 15%


Tuesday, February 11, 2014 11:40 AM

1. System management a. Implement and troubleshoot device management i. Console and VTY ii. Telnet, HTTP, HTTPS, SSH, SCP iii. (T)FTP b. Implement and troubleshoot SNMP i. V2c, v3 c. Implement and troubleshoot logging i. Local logging, syslog, debug, conditional debug ii. Timestamp 2. Quality of service a. Implement and troubleshoot end to end QoS i. CoS and DSCP mapping b. Implement, optimize and troubleshoot QoS using MQC i. Classification ii. Network based application recognition (NBAR) iii. Marking using IP precedence, DSCP, CoS, ECN iv. Policing, shaping v. Congestion management (queuing) vi. HQoS, sub-rate Ethernet link vii. Congestion avoidance (WRED) c. Describe layer 2 QoS i. Queuing, scheduling ii. Classification, marking 3. Network services a. Implement and troubleshoot first-hop redundancy protocols i. HSRP, GLBP, VRRP ii. Redundancy using IPv6 RS/RA b. Implement and troubleshoot network time protocol i. NTP master, client, version 3, version 4 ii. NTP authentication c. Implement and troubleshoot IPv4 and IPv6 DHCP i. DHCP client, IOS DHCP server, DHCP relay ii. DHCP options iii. DHCP protocol operations iv. SLAAC/DHCPv6 interaction v. Stateful, stateless DHCPv6 vi. DHCPv6 prefix delegation d. Implement and troubleshoot IPv4 network address translation i. Static NAT, dynamic NAT, policy-based NAT, PAT ii. NAT ALG e. Describe IPv6 network address translation i. NAT64 ii. NPTv6 4. Network Optimization a. Implement and troubleshoot IP SLA i. ICMP, UDP, jitter, VoIP b. Implement and troubleshoot tracking object i. Tracking object, tracking list
6.0 Infrastructure Services Page 11

i. Tracking object, tracking list ii. Tracking different entities (e.g. interfaces, routes, IPSLA, and such) c. Implement and troubleshoot netflow i. Netflow v5, v9 ii. Local retrieval iii. Export (configuration only) d. Implement and troubleshoot embedded event manager i. EEM policy using applet e. Identify performance routing (PfR) i. Basic load balancing ii. Voice optimization 5. Troubleshooting infrastructure services a. Use IOS troubleshooting tools i. Debug, conditional debug ii. Ping, traceroute with extended options iii. Embedded packet capture b. Apply troubleshooting methodologies i. Diagnose the root cause of networking issue (analyze symptoms, identify and describe root cause) ii. Design and implement valid solutions according to constraints iii. Verify and monitor resolution c. Interpret packet capture i. Using wireshark trace analyzer ii. Using IOS embedded packet capture

6.0 Infrastructure Services Page 12