{"id":408,"date":"2024-04-18T06:30:08","date_gmt":"2024-04-18T06:30:08","guid":{"rendered":"https:\/\/blog.devops955.com\/swain\/?p=408"},"modified":"2024-04-19T09:44:54","modified_gmt":"2024-04-19T09:44:54","slug":"ccnp-enterprise-notes","status":"publish","type":"post","link":"https:\/\/blog.devops955.com\/swain\/2024\/04\/18\/ccnp-enterprise-notes\/","title":{"rendered":"CCNP Enterprise Certification Notes"},"content":{"rendered":"<p>The CCNP exams currently consist of a compulsory core subject and a choice of elective subjects.<\/p>\n<p>The core subject is <strong>350-401 ENCOR: Implementing Cisco Enterprise Network Core Technologies<\/strong>, which also serves as the exam for the CCIE.<br \/>\nThe elective subjects include:<\/p>\n<ol>\n<li><strong>300-410 ENARSI (Implementing Cisco Enterprise Advanced Routing and Services)<\/strong>: This exam focuses on the implementation of advanced routing technologies and services for enterprise networks, involving routing protocols, policies, and network services.<\/li>\n<li><strong>300-415 ENSDWI (Implementing Cisco SD-WAN Solutions)<\/strong>: Focuses on the implementation of Cisco SD-WAN solutions, including deployment, configuration, management, and monitoring.<\/li>\n<li><strong>300-420 ENSLD (Designing Cisco Enterprise Networks)<\/strong>: Involves the design of Cisco enterprise networks, including advanced addressing assignments, routing policies, and network service design.<\/li>\n<li><strong>300-425 ENWLSD (Designing Cisco Enterprise Wireless Networks)<\/strong>: Specifically targets the design of enterprise wireless networks, including wireless network architecture, design strategies, and implementation.<\/li>\n<li><strong>300-430 ENWLSI (Implementing Cisco Enterprise Wireless Networks)<\/strong>: Focuses on the implementation of enterprise wireless networks, covering configuration, monitoring, and troubleshooting.<\/li>\n<li><strong>300-435 ENAUTO (Automating Cisco Enterprise Solutions)<\/strong>: This course focuses on using automation technologies and programming languages to manage and configure Cisco enterprise solutions.<\/li>\n<li><strong>300-440 ENCC (Designing and Implementing Cloud Connectivity)<\/strong>: Involves the design and implementation of cloud connectivity, including integration of cloud services and network optimization.<\/li>\n<li><strong>300-445 ENNA (Designing and Implementing Enterprise Network Assurance)<\/strong>: Focuses on the design and implementation of enterprise network assurance, including network monitoring, analysis, and optimization. This is a new subject, launching on May 20, 2024.<\/li>\n<\/ol>\n<p>Next, we will discuss <strong>ENCOR 350-401: Implementing Cisco Enterprise Network Core Technologies<\/strong> and <strong>ENARSI 300-410: Implementing Cisco Enterprise Advanced Routing and Services<\/strong>.<\/p>\n<h1>ENCOR 350-401: Implementing Cisco Enterprise Network Core Technologies<\/h1>\n<h2><strong><a href=\"https:\/\/blog.devops955.com\/swain\/2024\/04\/19\/ccnp-encor-p1-architecture\/\" title=\"Architecture (15%)\">Architecture (15%)<\/a><\/strong><\/h2>\n<ol>\n<li>Explain the different design principles used in an enterprise network\n<ul>\n<li>High-level enterprise network designs such as 2-tier, 3-tier, fabric, and cloud<\/li>\n<li>High availability techniques such as redundancy, FHRP, and SSO<\/li>\n<\/ul>\n<\/li>\n<li>Describe wireless network design principles\n<ul>\n<li>Wireless deployment models (centralized, distributed, controller-less, controller-based, cloud, remote branch)<\/li>\n<li>Location services in a WLAN design<\/li>\n<li>Client density<\/li>\n<\/ul>\n<\/li>\n<li>Explain the working principles of the Cisco SD-WAN solution\n<ul>\n<li>SD-WAN control and data planes elements<\/li>\n<li>Benefits and limitations of SD-WAN solutions<\/li>\n<\/ul>\n<\/li>\n<li>Explain the working principles of the Cisco SD-Access solution\n<ul>\n<li>SD-Access control and data planes elements<\/li>\n<li>Traditional campus interoperating with SD-Access<\/li>\n<\/ul>\n<\/li>\n<li>Interpret wired and wireless QoS configurations\n<ul>\n<li>QoS components<\/li>\n<li>QoS policy<\/li>\n<\/ul>\n<\/li>\n<li>Describe hardware and software switching mechanisms such as CEF, CAM, TCAM, FIB, RIB, and adjacency tables<\/li>\n<\/ol>\n<h2><strong>Virtualization (10%)<\/strong><\/h2>\n<ol>\n<li>Describe device virtualization technologies\n<ul>\n<li>Hypervisor type 1 and 2<\/li>\n<li>Virtual machine<\/li>\n<li>Virtual switching<\/li>\n<\/ul>\n<\/li>\n<li>Configure and verify data path virtualization technologies\n<ul>\n<li>VRF<\/li>\n<li>GRE and IPsec tunneling<\/li>\n<\/ul>\n<\/li>\n<li>Describe network virtualization concepts\n<ul>\n<li>LISP<\/li>\n<li>VXLAN<\/li>\n<\/ul>\n<\/li>\n<\/ol>\n<h2><strong>Infrastructure (30%)<\/strong><\/h2>\n<ol>\n<li>Layer 2\n<ul>\n<li>Troubleshoot static and dynamic 802.1q trunking protocols<\/li>\n<li>Troubleshoot static and dynamic EtherChannels<\/li>\n<li>Configure and verify common Spanning Tree Protocols (RSTP, MST) and Spanning Tree enhancements such as root guard and BPDU guard<\/li>\n<\/ul>\n<\/li>\n<li>Layer 3\n<ul>\n<li>Compare routing concepts of EIGRP and OSPF (advanced distance vector vs. link state, load balancing, path selection, path operations, metrics, and area types)<\/li>\n<li>Configure simple OSPFv2\/v3 environments, including multiple normal areas, summarization, and filtering (neighbor adjacency, point-to-point, and broadcast network types, and passive-interface)<\/li>\n<li>Configure and verify eBGP between directly connected neighbors (best path selection algorithm and neighbor relationships)<\/li>\n<li>Describe policy-based routing<\/li>\n<\/ul>\n<\/li>\n<li>Wireless\n<ul>\n<li>Describe Layer 1 concepts, such as RF power, RSSI, SNR, interference, noise, bands, channels, and wireless client devices capabilities<\/li>\n<li>Describe AP modes and antenna types<\/li>\n<li>Describe access point discovery and join process (discovery algorithms, WLC selection process)<\/li>\n<li>Describe the main principles and use cases for Layer 2 and Layer 3 roaming<\/li>\n<li>Troubleshoot WLAN configuration and wireless client connectivity issues using GUI only<\/li>\n<li>Describe wireless segmentation with groups, profiles, and tags<\/li>\n<\/ul>\n<\/li>\n<li>IP Services\n<ul>\n<li>Interpret network time protocol configurations such as NTP and PTP<\/li>\n<li>Configure NAT\/PAT<\/li>\n<li>Configure first hop redundancy protocols, such as HSRP, VRRP<\/li>\n<li>Describe multicast protocols, such as RPF check, PIM and IGMP v2\/v3<\/li>\n<\/ul>\n<\/li>\n<\/ol>\n<h2><strong>Network Assurance (10%)<\/strong><\/h2>\n<ol>\n<li>Diagnose network problems using tools such as debugs, conditional debugs, traceroute, ping, SNMP, and syslog<\/li>\n<li>Configure and verify Flexible NetFlow<\/li>\n<li>Configure SPAN\/RSPAN\/ERSPAN<\/li>\n<li>Configure and verify IPSLA<\/li>\n<li>Describe Cisco DNA Center workflows to apply network configuration, monitoring, and management<\/li>\n<li>Configure and verify NETCONF and RESTCONF<\/li>\n<\/ol>\n<h2><strong>Security (20%)<\/strong><\/h2>\n<ol>\n<li>Configure and verify device access control\n<ul>\n<li>Lines and local user authentication<\/li>\n<li>Authentication and authorization using AAA<\/li>\n<\/ul>\n<\/li>\n<li>Configure and verify infrastructure security features\n<ul>\n<li>ACLs<\/li>\n<li>CoPP<\/li>\n<\/ul>\n<\/li>\n<li>Describe REST API security<\/li>\n<li>Configure and verify wireless security features\n<ul>\n<li>802.1X<\/li>\n<li>WebAuth<\/li>\n<li>PSK<\/li>\n<li>EAPOL (4-way handshake)<\/li>\n<\/ul>\n<\/li>\n<li>Describe the components of network security design\n<ul>\n<li>Threat defense<\/li>\n<li>Endpoint security<\/li>\n<li>Next-generation firewall<\/li>\n<li>TrustSec and MACsec<\/li>\n<li>Network access control with 802.1X, MAB, and WebAuth<\/li>\n<\/ul>\n<\/li>\n<\/ol>\n<h2><strong>Automation (15%)<\/strong><\/h2>\n<ol>\n<li>Interpret basic Python components and scripts<\/li>\n<li>Construct valid JSON-encoded files<\/li>\n<li>Describe the high-level principles and benefits of a data modeling language, such as YANG<\/li>\n<li>Describe APIs for Cisco DNA Center and vManage<\/li>\n<li>Interpret REST API response codes and results in payload using Cisco DNA Center and RESTCONF<\/li>\n<li>Construct an EEM applet to automate configuration, troubleshooting, or data collection<\/li>\n<li>Compare agent vs. agentless orchestration tools, such as Chef, Puppet, Ansible, and SaltStack<\/li>\n<\/ol>\n<h1>ENARSI 300-410: Implementing Cisco Enterprise Advanced Routing and Services<\/h1>\n<h2>Layer 3 Technologies (35%)<\/h2>\n<ol>\n<li>Troubleshoot administrative distance (all routing protocols)<\/li>\n<li>Troubleshoot route map for any routing protocol (attributes, tagging, filtering)<\/li>\n<li>Troubleshoot loop prevention mechanisms (filtering, tagging, split horizon, route poisoning)<\/li>\n<li>Troubleshoot redistribution between any routing protocols or routing sources<\/li>\n<li>Troubleshoot manual and auto-summarization with any routing protocol<\/li>\n<li>Configure and verify policy-based routing<\/li>\n<li>Configure and verify VRF-Lite<\/li>\n<li>Describe Bidirectional Forwarding Detection<\/li>\n<li>Troubleshoot EIGRP (classic and named mode; VRF and global)\n<ul>\n<li>Address families (IPv4, IPv6)<\/li>\n<li>Neighbor relationship and authentication<\/li>\n<li>Loop-free path selections (RD, FD, FC, successor, feasible successor, stuck in active)<\/li>\n<li>Stubs<\/li>\n<li>Load balancing (equal and unequal cost)<\/li>\n<li>Metrics<\/li>\n<\/ul>\n<\/li>\n<li>Troubleshoot OSPF (v2\/v3)<br \/>\n<h3>Address families (IPv4, IPv6)<\/h3>\n<h3>Neighbor relationship and authentication<\/h3>\n<h3>Network types, area types, and router types<\/h3>\n<ul>\n<li>Point-to-point, multipoint, broadcast, nonbroadcast<\/li>\n<li>Area type: backbone, normal, transit, stub, NSSA, totally stub<\/li>\n<li>Internal router, backbone router, ABR, ASBR<\/li>\n<li>Virtual link<br \/>\n<h3>Path preference<\/h3>\n<\/li>\n<\/ul>\n<\/li>\n<li>Troubleshoot BGP (Internal and External, unicast, and VRF-Lite)\n<ul>\n<li>Address families (IPv4, IPv6)<\/li>\n<li>Neighbor relationship and authentication (next-hop, mulithop, 4-byte AS, private AS, route refresh, synchronization, operation, peer group, states and timers)<\/li>\n<li>Path preference (attributes and best-path)<\/li>\n<li>Route reflector (excluding multiple route reflectors, confederations, dynamic peer)<\/li>\n<li>Policies (inbound\/outbound filtering, path manipulation)<\/li>\n<\/ul>\n<\/li>\n<\/ol>\n<h2>VPN Technologies (20%)<\/h2>\n<ol>\n<li>Describe MPLS operations (LSR, LDP, label switching, LSP)<\/li>\n<li>Describe MPLS Layer 3 VPN<\/li>\n<li>Configure and verify DMVPN (single hub)\n<ul>\n<li>GRE\/mGRE<\/li>\n<li>NHRP<\/li>\n<li>IPsec<\/li>\n<li>Dynamic neighbor<\/li>\n<li>Spoke-to-spoke<\/li>\n<\/ul>\n<\/li>\n<\/ol>\n<h2>Infrastructure Security (20%)<\/h2>\n<ol>\n<li>Troubleshoot device security using IOS AAA (TACACS+, RADIUS, local database)<\/li>\n<li>Troubleshoot router security features\n<ul>\n<li>IPv4 access control lists (standard, extended, time-based)<\/li>\n<li>IPv6 traffic filter<\/li>\n<li>Unicast reverse path forwarding (uRPF)<\/li>\n<\/ul>\n<\/li>\n<li>Troubleshoot control plane policing (CoPP) (Telnet, SSH, HTTP(S), SNMP, EIGRP, OSPF, BGP)<\/li>\n<li>Describe IPv6 First Hop security features (RA guard, DHCP guard, binding table, ND inspection\/snooping, source guard)<\/li>\n<\/ol>\n<h2>Infrastructure Services (25%)<\/h2>\n<ol>\n<li>Troubleshoot device management\n<ul>\n<li>Console and VTY<\/li>\n<li>Telnet, HTTP, HTTPS, SSH, SCP<\/li>\n<li>(T)FTP<\/li>\n<\/ul>\n<\/li>\n<li>Troubleshoot SNMP (v2c, v3)<\/li>\n<li>Troubleshoot network problems using logging (local, syslog, debugs, conditional debugs, timestamps)<\/li>\n<li>Troubleshoot IPv4 and IPv6 DHCP (DHCP client, IOS DHCP server, DHCP relay, DHCP options)<\/li>\n<li>Troubleshoot network performance issues using IP SLA (jitter, tracking objects, delay, connectivity)<\/li>\n<li>Troubleshoot NetFlow (v5, v9, flexible NetFlow)<\/li>\n<li>Troubleshoot network problems using Cisco DNA Center assurance (connectivity, monitoring, device health, network health)<\/li>\n<\/ol>\n<blockquote>\n<p>References:<br \/>\n<a href=\"https:\/\/learningnetwork.cisco.com\/s\/ccnp-enterprise\">https:\/\/learningnetwork.cisco.com\/s\/ccnp-enterprise<\/a><br \/>\n<a href=\"https:\/\/learningnetwork.cisco.com\/s\/enarsi-exam-topics\">https:\/\/learningnetwork.cisco.com\/s\/enarsi-exam-topics<\/a><br \/>\n<a href=\"https:\/\/learningnetwork.cisco.com\/s\/encor-exam-topics\">https:\/\/learningnetwork.cisco.com\/s\/encor-exam-topics<\/a><\/p>\n<\/blockquote>\n","protected":false},"excerpt":{"rendered":"<p>The CCNP certification involves a mandatory core exam, the 350-401 ENCOR, which covers implementing Cisco Enterprise Network Core Technologies. Candidates also need to choose one elective from several options, focusing on specific areas like advanced routing, SD-WAN solutions, network design, security and wireless.<\/p>\n","protected":false},"author":3,"featured_media":429,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","_jetpack_memberships_contains_paid_content":false},"categories":[3],"tags":[],"jetpack_sharing_enabled":true,"jetpack_featured_media_url":"https:\/\/blog.devops955.com\/swain\/wp-content\/uploads\/sites\/2\/2024\/04\/Cisco-Logo.jpg","_links":{"self":[{"href":"https:\/\/blog.devops955.com\/swain\/wp-json\/wp\/v2\/posts\/408"}],"collection":[{"href":"https:\/\/blog.devops955.com\/swain\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.devops955.com\/swain\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.devops955.com\/swain\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.devops955.com\/swain\/wp-json\/wp\/v2\/comments?post=408"}],"version-history":[{"count":10,"href":"https:\/\/blog.devops955.com\/swain\/wp-json\/wp\/v2\/posts\/408\/revisions"}],"predecessor-version":[{"id":454,"href":"https:\/\/blog.devops955.com\/swain\/wp-json\/wp\/v2\/posts\/408\/revisions\/454"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.devops955.com\/swain\/wp-json\/wp\/v2\/media\/429"}],"wp:attachment":[{"href":"https:\/\/blog.devops955.com\/swain\/wp-json\/wp\/v2\/media?parent=408"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.devops955.com\/swain\/wp-json\/wp\/v2\/categories?post=408"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.devops955.com\/swain\/wp-json\/wp\/v2\/tags?post=408"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}