Explain the different design principles used in an enterprise network

High-level enterprise network design such as 2-tier, 3-tier, fabric, and cloud

High availability techniques such as redundancy, FHRP, and SSO

Describe wireless network design principles

Wireless deployment models (centralized, distributed, controller-less, controller-based, cloud, remote branch)

Location services in a WLAN design

Client density

Explain the working principles of the Cisco SD-WAN solution

SD-WAN control and data planes elements

Benefits and limitations of SD-WAN solutions

Explain the working principles of the Cisco SD-Access solution

SD-Access control and data planes elements

Traditional campus interoperating with SD-Access

Interpret wired and wireless QoS configurations

QoS components

QoS policy

Describe hardware and software switching mechanisms such as CEF, CAM, TCAM, FIB, RIB, and adjacency tables

Describe device virtualization technologies

Hypervisor type 1 and 2

Virtual machine

Virtual switching

Configure and verify data path virtualization technologies

VRF

GRE and IPsec tunneling

Describe network virtualization concepts

LISP

VXLAN

Layer 2

Troubleshoot static and dynamic 802.1q trunking protocols

Troubleshoot static and dynamic EtherChannels

Configure and verify common Spanning Tree Protocols (RSTP, MST) and

Spanning Tree enhancements such as root guard and BPDU guard

Layer 3

Compare routing concepts of EIGRP and OSPF (advanced distance vector vs. link

state, load balancing, path selection, path operations, metrics, and area types)

Configure simple OSPFv2/v3 environments, including multiple normal areas,

summarization, and filtering (neighbor adjacency, point-to-point, and broadcast

Configure and verify eBGP between directly connected neighbors (best path

selection algorithm and neighbor relationships)

Describe policy-based routing

Wireless

Describe Layer 1 concepts, such as RF power, RSSI, SNR, interference, noise,

bands, channels, and wireless client devices capabilities

Describe AP modes and antenna types

Describe access point discovery and join process (discovery algorithms, WLC

selection process)

Describe the main principles and use cases for Layer 2 and Layer 3 roaming

Troubleshoot WLAN configuration and wireless client connectivity issues using

GUI only

Describe wireless segmentation with groups, profiles, and tags

IP Services

Interpret network time protocol configurations such as NTP and PTP

Configure NAT/PAT

Configure first hop redundancy protocols, such as HSRP, VRRP

Describe multicast protocols, such as RPF check, PIM and IGMP v2/v3

Diagnose network problems using tools such as debugs, conditional debugs, traceroute,

ping, SNMP, and syslog

Configure and verify Flexible NetFlow

Configure SPAN/RSPAN/ERSPAN

Configure and verify IPSLA

Describe Cisco DNA Center workflows to apply network configuration, monitoring, and

management

Configure and verify NETCONF and RESTCONF

Configure and verify device access control

Lines and local user authentication

Authentication and authorization using AAA

Configure and verify infrastructure security features

ACLs

CoPP

Describe REST API security

Configure and verify wireless security features

802.1X

WebAuth

PSK

EAPOL (4-way handshake)

Describe the components of network security design

Threat defense

Endpoint security

Next-generation firewall

TrustSec and MACsec

Network access control with 802.1X, MAB, and WebAuth

Interpret basic Python components and scripts

Construct valid JSON-encoded files

Describe the high-level principles and benefits of a data modeling language, such as

YANG

Describe APIs for Cisco DNA Center and vManage

Interpret REST API response codes and results in payload using Cisco DNA Center and

RESTCONF

Construct an EEM applet to automate configuration, troubleshooting, or data collection

Compare agent vs. agentless orchestration tools, such as Chef, Puppet, Ansible, and

SaltStack