====== CCNA 200-301 v1.1 – Exam at a Glance ====== ===== **Exam:** CCNA 200-301 \\ ===== **Time:** 120 minutes \\ **Focus:** Modern enterprise networking – routing/switching, wireless, security, and automation. The exam is built around **six domains**: * Network Fundamentals (20%) * Network Access (20%) * IP Connectivity (25%) * IP Services (10%) * Security Fundamentals (15%) * Automation and Programmability (10%) ---- ===== 1. Network Fundamentals (20%) ===== **Goal:** Understand what a network is, what the parts do, and how IP addressing works. === Devices & roles === * Routers, Layer 2/3 switches * Next-gen firewalls and IPS * Access points and wireless controllers * Endpoints and servers * PoE (Power over Ethernet) * **Topologies & designs** * 2-tier vs 3-tier * Spine-leaf * WAN * SOHO (small office / home office) * On-prem vs cloud * **Cabling & interfaces** * Single-mode fiber, multimode fiber, copper * Shared media vs point-to-point * Common issues: collisions, errors, speed/duplex mismatch * **IP basics** * IPv4 addressing and subnetting * Private IPv4 ranges * IPv6 addressing and prefixes * IPv6 types: unicast (global, ULA, link-local), anycast, multicast, EUI-64 * **Clients & wireless** * Verify IP parameters on Windows, macOS, Linux * SSID, non-overlapping Wi-Fi channels, RF basics * Wireless encryption basics * **Virtualization & switching** * Server virtualization, containers, VRFs * MAC learning and aging * Frame switching and flooding * MAC address table concepts ---- ===== 2. Network Access (20%) ===== **Goal:** Get devices onto the LAN and WLAN safely and correctly. * **VLANs** * Data and voice VLANs * Default VLAN * VLANs spanning multiple switches * Inter-VLAN connectivity * **Trunks** * 802.1Q tagging * Native VLAN * Access vs trunk ports * **Neighbor discovery** * Cisco Discovery Protocol (CDP) * Link Layer Discovery Protocol (LLDP) * **Link aggregation** * EtherChannel (LACP) at Layer 2 / Layer 3 * **Spanning Tree (Rapid PVST+)** * Root bridge, root ports, other port roles * Port states and roles * PortFast * Root guard, loop guard, BPDU guard, BPDU filter * **Wireless access** * Cisco wireless architectures and AP modes * Physical connections: AP, WLC, access/trunk ports, LAG * WLAN GUI basics: SSID creation, security, QoS profiles, advanced options * **Device management access** * Telnet, SSH, HTTP, HTTPS, console * TACACS+ / RADIUS * Cloud-managed devices ---- ===== 3. IP Connectivity (25%) ===== **Goal:** Understand how routers make forwarding decisions. * **Routing table components** * Routing protocol code * Prefix and network mask * Next hop * Administrative distance * Metric * Gateway of last resort * **Forwarding decisions** * Longest prefix match * Administrative distance * Routing protocol metric * **Static routing (IPv4 and IPv6)** * Default route * Network route * Host route * Floating static routes * **OSPFv2 (single area)** * Neighbor adjacencies * Point-to-point networks * Broadcast networks and DR/BDR * Router ID * **First Hop Redundancy** * Purpose: keep default gateway available using redundancy concepts ---- ===== 4. IP Services (10%) ===== **Goal:** Know the common network services that support connectivity. * **NAT** * Inside source NAT (static and pools) * **Time and naming** * NTP client and server roles * Role of DHCP and DNS * **Monitoring and logging** * SNMP in network operations * Syslog facilities and severity levels * **DHCP operations** * DHCP client * DHCP relay * **QoS basics** * Classification and marking * Queuing and congestion management * Policing and shaping * **Remote access and file services** * Configure network devices for SSH access * TFTP / FTP capabilities and functions ---- ===== 5. Security Fundamentals (15%) ===== **Goal:** Protect devices, data, and users. * **Security concepts** * Threats, vulnerabilities, exploits * Mitigation techniques * **Security program elements** * User awareness and training * Physical access control * **Device access security** * Local passwords for device access * Password policy (management, complexity) * Alternatives: MFA, certificates, biometrics * **VPNs** * IPsec remote-access VPNs * IPsec site-to-site VPNs * **Access control** * Configure and verify ACLs * **Layer 2 security** * DHCP snooping * Dynamic ARP inspection (DAI) * Port security * **AAA concepts** * Authentication * Authorization * Accounting * **Wireless security** * WPA, WPA2, WPA3 * Configure WLAN (GUI) with WPA2-PSK ---- ===== 6. Automation and Programmability (10%) ===== **Goal:** Understand how automation and APIs change network management. * **Automation impact** * Why automation matters for consistency, speed, and error reduction * **Traditional vs controller-based networking** * Comparison of management and control methods * **SDN and controller-based architecture** * Overlay vs underlay vs fabric * Separation of control plane and data plane * Northbound and southbound APIs * **AI / ML in network operations** * Generative and predictive uses for monitoring and troubleshooting * **REST-based APIs** * Authentication types * CRUD operations * HTTP verbs * Data encoding formats * **Configuration management tools** * Capabilities of Ansible * Capabilities of Terraform * **JSON** * Recognize JSON-encoded structures and fields == Links == [[https://learningnetwork.cisco.com/s/ccna-exam-topics| Overview of official CCNA exam topics]]