Explain the role and function of network components

Routers and Layer 2 and Layer 3 switches

Next-generation firewalls and IPS

Access points, Controllers, Endpoints, Servers, PoE

Describe characteristics of network topology architectures

Two-tier, Three-tier, Spine-leaf, WAN

Small office/home office (SOHO)

On-premises and cloud

Compare physical interface and cabling types

Single-mode fiber, multimode fiber, copper

Connections (Ethernet shared media and point-to-point)

Identify interface and cable issues (collisions, errors, mismatch duplex, and/or speed)

Compare TCP to UDP

Configure and verify IPv4 addressing and subnetting

Describe private IPv4 addressing

Configure and verify IPv6 addressing and prefix

Describe IPv6 address types

Unicast (global, unique local, and link local)

Anycast, Multicast, Modified EUI 64

Verify IP parameters for Client OS (Windows, Mac OS, Linux)

Describe wireless principles

Nonoverlapping Wi-Fi channels

SSID, RF, Encryption, Explain virtualization fundamentals (server virtualization, containers, and VRFs)

Describe switching concepts

MAC learning and aging

Frame switching, Frame flooding, MAC address tabl

Configure and verify VLANs (normal range) spanning multiple switches

Access ports (data and voice)

Default VLAN, InterVLAN connectivity

Configure and verify interswitch connectivity

Trunk ports, 802.1Q, Native VLAN

Configure and verify Layer 2 discovery protocols (Cisco Discovery Protocol and LLDP)

Configure and verify (Layer 2/Layer 3) EtherChannel (LACP)

Interpret basic operations of Rapid PVST+ Spanning Tree Protocol

Root port, root bridge (primary/secondary), and other port names

Port states and roles, PortFast

Root guard, loop guard, BPDU filter, and BPDU guard

Describe Cisco Wireless Architectures and AP modes

Describe physical infrastructure connections of WLAN components (AP, WLC,

access/trunk ports, and LAG)

Describe network device management access (Telnet, SSH, HTTP, HTTPS, console,

TACACS+/RADIUS, and cloud managed)

Interpret the wireless LAN GUI configuration for client connectivity, such as WLAN

creation, security settings, QoS profiles, and advanced settings

Interpret the components of routing table

Routing protocol code

Prefix, Network mask, Next hop, Administrative distance

Metric, Gateway of last resort

Determine how a router makes a forwarding decision by default

Longest prefix match

Routing protocol metric

Configure and verify IPv4 and IPv6 static routing

Default route, Network route, Host route, Floating static

Configure and verify single area OSPFv2

Neighbor adjacencies, Point-to-point

Broadcast (DR/BDR selection), Router ID

Describe the purpose, functions, and concepts of first hop redundancy protocols

Configure and verify inside source NAT using static and pools

Configure and verify NTP operating in a client and server mode

Explain the role of DHCP and DNS within the network

Explain the function of SNMP in network operations

Describe the use of syslog features, including facilities and severity levels

Configure and verify DHCP client and relay

Explain the forwarding per-hop behavior (PHB) for QoS such as classification, marking,

queuing, congestion, policing, and shaping

Configure network devices for remote access using SSH

Describe the capabilities and functions of TFTP/FTP in the network

Define key security concepts (threats, vulnerabilities, exploits, and mitigation

techniques)

Describe security program elements (user awareness, training, and physical access

control)

Configure and verify device access control using local passwords

Describe security password policy elements, such as management, complexity, and

password alternatives (multifactor authentication, certificates, and biometrics)

Describe IPsec remote access and site-to-site VPNs

Configure and verify access control lists

Configure and verify Layer 2 security features (DHCP snooping, dynamic ARP inspection,

and port security)

Compare authentication, authorization, and accounting concepts

Describe wireless security protocols (WPA, WPA2, and WPA3)

Configure and verify WLAN within the GUI using WPA2 PSK

Explain how automation impacts network management

Compare traditional networks with controller-based networking

Describe controller-based, software defined architecture (overlay, underlay, and fabric)

Separation of control plane and data plane

Northbound and Southbound APIs

Explain AI (generative and predictive) and machine learning in network operations

Describe characteristics of REST-based APIs (authentication types, CRUD, HTTP verbs,

and data encoding)

Recognize the capabilities of configuration management mechanisms such as Ansible

and Terraform

Recognize components of JSON-encoded data