OVERVIEW

             

   CCIE Routing and Switching v5

Cisco Certified Internetwork Expert Routing and Switching (CCIE Routing and Switching) certifies the skills required of expert-level network engineers to plan, operate and troubleshoot complex, converged network infrastructure.

Topics in CCIE Routing & Switching Lab Exam

1.0 Layer 2 Technologies 20%

 

  • 1.1 LAN switching technologies
    • 1.1.a Implement and troubleshoot switch administration
      • 1.1.a [i] Managing MAC address table
      • 1.1.a [ii] errdisable recovery
      • 1.1.a [iii] L2 MTU
    • 1.1.b Implement and troubleshoot layer 2 protocols
      • 1.1.b [i] CDP, LLDP
      • 1.1.b [ii] UDLD
    • 1.1.c Implement and troubleshoot VLAN
      • 1.1.c [i]access ports
      • 1.1.c [ii] VLAN database
      • 1.1.c [iii] normal, extended VLAN, voice VLAN
    • 1.1.d Implement and troubleshoot trunking
      • 1.1.d [i] VTPv1, VTPv2, VTPv3, VTP pruning
      • 1.1.d [ii] dot1Q
      • 1.1.d [iii] Native VLAN
      • 1.1.d [iv] Manual pruning
    • 1.1.e Implement and troubleshoot etherchannel 
      • 1.1.e [i] LACP, PAgP, manual
      • 1.1.e [ii] layer 2, layer 3
      • 1.1.e [iii] load-balancing
      • 1.1.e [iv] etherchannel misconfiguration guard
    • 1.1.f Implement and troubleshoot spanning-tree
      • 1.1.f [i] PVST+/RPVST+/MST
      • 1.1.f [ii] switch priority, port priority, path cost, STP timers
      • 1.1.f [iii] port fast, BPDUguard, BPDUfilter
      • 1.1.f [iv] loopguard, rootguard
    • 1.1.g Implement and troubleshoot other LAN switching technologies
      • 1.1.g [i] SPAN, RSPAN, ERSPAN
  • 1.2 Layer 2 Multicast
    • 1.2.a Implement and troubleshoot IGMP
      • 1.2.a [I] IGMPv1, IGMPv2, IGMPv3
      • 1.2.a [ii] IGMP snooping
      • 1.2.a [iii] IGMP querier
      • 1.2.a [iv] IGMP filter
      • 1.2.a [v] IGMP proxy
  • 1.3 Layer 2 WAN circuit technologies
    • 1.3.a Implement and troubleshoot HDLC
    • 1.3.b Implement and troubleshoot PPP
      • 1.3.b [i] authentication [PAP, CHAP]
      • 1.3.b [ii] PPPoE
      • 1.3.b [iii] MLPPP
  • 1.4 Troubleshooting layer 2 technologies
    • 1.4.a Use IOS troubleshooting tools
      • 1.4.a [i] debug, conditional debug
      • 1.4.a [ii] ping, traceroute with extended options
      • 1.4.a [iii] Embedded packet capture
    • 1.4.b Apply troubleshooting methodologies
      • 1.4.b [i] Diagnose the root cause of networking issue [analyze symptoms, identify and describe root cause]
      • 1.4.b [ii] Design and implement valid solutions according to constraints
      • 1.4.b [iii] Verify and monitor resolution
    • 1.4.c Interpret packet capture
      • 1.4.c [i] Using wireshark trace analyzer
      • 1.4.c [ii] Using IOS embedded packet capture
 

  2.0 Layer 3 Technologies 40%

 
  • 2.1 Addressing technologies
    • 2.1.a Identify, implement and troubleshoot IPv4 addressing and sub-netting
      • 2.1.a [i] Address types, VLSM
      • 2.1.a [ii] ARP
    • 2.1.b Identify, implement and troubleshoot IPv6 addressing and sub-netting 
      • 2.1.b [i] Unicast, multicast
      • 2.1.b [ii] EUI-64
      • 2.1.b [iii] ND, RS/RA
      • 2.1.b [iv] Autoconfig/SLAAC temporary addresses [RFC4941]
      • 2.1.b [v] Global prefix configuration feature
  • 2.2 Layer 3 Multicast
    • 2.2.a Troubleshoot reverse path forwarding
      • 2.2.a [i] RPF failure
      • 2.2.a[ii] RPF failure with tunnel interface
    • 2.2.b Implement and troubleshoot IPv4 protocol independent multicast
      • 2.2.b [i] PIM dense mode, sparse mode, sparse-dense mode
      • 2.2.b [ii] Static RP, auto-RP, BSR
      • 2.2.b [iii] Bidirectional PIM
      • 2.2.b [iv] Source-specific multicast
      • 2.2.b [v] Group to RP mapping
      • 2.2.b [vi] Multicast boundary
    • 2.2.c Implement and troubleshoot multicast source discovery protocol
      • 2.2.c.[i] Intra-domain MSDP [anycast RP]
      • 2.2.c.[ii] SA filter
  • 2.3 Fundamental routing concepts
    • 2.3.a Implement and troubleshoot static routing
    • 2.3.b Implement and troubleshoot default routing
    • 2.3.c Compare routing protocol types
      • 2.3.c [i] distance vector
      • 2.3.c [ii] link state
      • 2.3.c [iii] path vector
    • 2.3.d Implement, optimize and troubleshoot administrative distance
    • 2.3.e Implement and troubleshoot passive interface
    • 2.3.f Implement and troubleshoot VRF lite
    • 2.3.g Implement, optimize and troubleshoot filtering with any routing protocol
    • 2.3.h Implement, optimize and troubleshoot redistribution between any routing protocol
    • 2.3.i Implement, optimize and troubleshoot manual and auto summarization with any routing protocol
    • 2.3.j Implement, optimize and troubleshoot policy-based routing
    • 2.3.k Identify and troubleshoot sub-optimal routing
    • 2.3.i Implement and troubleshoot bidirectional forwarding detection
    • 2.3.m Implement and troubleshoot loop prevention mechanisms 
      • 2.3.m [i] Route tagging, filtering
      • 2.3.m [ii] Split horizon
      • 2.3.m [iii] Route poisoning
    • 2.3.n Implement and troubleshoot routing protocol authentication
      • 2.3.n [i] MD5
      • 2.3.n [ii] key-chain
      • 2.3.n [iii] EIGRP HMAC SHA2-256bit
      • 2.3.n [iv] OSPFv2 SHA1-196bit
      • 2.3.n [v] OSPFv3 IPsec authentication
  • 2.4 RIP v2
    • 2.4.a Implement and troubleshoot RIPv2
  • 2.5 EIGRP [for IPv4 and IPv6]
    • 2.5.a Describe packet types
      • 2.5.a [i] Packet types [hello, query, update, and such]
      • 2.5.a [ii] Route types [internal, external]
    • 2.5.b Implement and troubleshoot neighbor relationship
      • 2.5.b [i] Multicast, unicast EIGRP peering
    • 2.5.c Implement and Troubleshoot Loop free path selection
      • 2.5.c [i] RD, FD, FC, successor, feasible successor
      • 2.5.c [ii] Classic metric
      • 2.5.c [iii] Wide metric
    • 2.5.d Implement and troubleshoot operations
      • 2.5.d [i] General operations
      • 2.5.d [ii] Topology table, update, query, active, passive
      • 2.5.d [iii] Stuck in active
      • 2.5.d [iv] Graceful shutdown
    • 2.5.e Implement and troubleshoot EIGRP stub
      • 2.5.e [i] stub
      • 2.5.e [ii] leak-map
    • 2.5.f Implement and troubleshoot load-balancing 
      • 2.5.f [i] equal-cost
      • 2.5.f [ii] unequal-cost
      • 2.5.f [iii] add-path
    • 2.5.g Implement EIGRP [multi-address] named mode
      • 2.5.g [i] Types of families
      • 2.5.g [ii] IPv4 address-family
      • 2.5.g [iii] IPv6 address-family
    • 2.5.h Implement, troubleshoot and optimize EIGRP convergence and scalability
      • 2.5.h [i] Describe fast convergence requirements
      • 2.5.h [ii] Control query boundaries
      • 2.5.h [iii] IP FRR/fast reroute [single hop]
      • 2.5.h [iv] Summary leak-map
      • 2.5.h [v] Summary metric
  • 2.6 OSPF [v2 and v3]
    • 2.6.a Describe packet types
      • 2.6.a [i] LSA types [1, 2, 3, 4, 5, 7, 9]
      • 2.6.a [ii] Route types [N1, N2, E1, E2]
    • 2.6.b Implement and troubleshoot neighbor relationship
    • 2.6.c Implement and troubleshoot OSPFv3 address-family support
      • 2.6.c [i] IPv4 address-family
      • 2.6.c [ii] IPv6 address-family
    • 2.6.d Implement and troubleshoot network types, area types and router types
      • 2.6.d [i] Point-to-point, multipoint, broadcast, non-broadcast
      • 2.6.d [ii] LSA types, area type: backbone, normal, transit, stub, NSSA, totally stub
      • 2.6.d [iii] Internal router, ABR, ASBR
      • 2.6.d [iv] Virtual link
    • 2.6.e Implement and troubleshoot path preference
    • 2.6.f Implement and troubleshoot operations
      • 2.6.f [i] General operations
      • 2.6.f [ii] Graceful shutdown
      • 2.6.f [iii] GTSM [generic TTL security mechanism]
    • 2.6.g Implement, troubleshoot and optimize OSPF convergence and scalability
      • 2.6.g [i] Metrics
      • 2.6.g [ii] LSA throttling, SPF tuning, fast hello
      • 2.6.g [iii] LSA propagation control [area types, ISPF]
      • 2.6.g [iv] IP FR/fast reroute [single hop]
      • 2.6.g [v] LFA/loop-free alternative [multi hop]
      • 2.6.g [vi] OSPFv3 prefix suppression

2.7 BGP

  • 2.7.a Describe, implement and troubleshoot peer relationships
    • 2.7.a [i] Peer-group, template
    • 2.7.a [ii] Active, passive
    • 2.7.a [iii] States, timers
    • 2.7.a [iv] Dynamic neighbors
  • 2.7.b Implement and troubleshoot IBGP and EBGP
    • 2.7.b [i] EBGP, IBGP
    • 2.7.b [ii] 4 bytes AS number
    • 2.7.b [iii] Private AS
  • 2.7.c Explain attributes and best-path selection
  • 2.7.d Implement, optimize and troubleshoot routing policies
    • 2.7.d [i] Attribute manipulation
    • 2.7.d [ii] Conditional advertisement
    • 2.7.d [iii] Outbound route filtering
    • 2.7.d [iv] Communities, extended communities
    • 2.7.d [v] Multi-homing
  • 2.7.e Implement and troubleshoot scalability
    • 2.7.e [i] Route-reflector, cluster
    • 2.7.e [ii] Confederations
    • 2.7.e [iii] Aggregation, AS set
  • 2.7.f Implement and troubleshoot multi-protocol BGP
    • 2.7.f [i] IPv4, IPv6, VPN address-family
  • 2.7.g Implement and troubleshoot AS path manipulations
    • 2.7.g [i] Local AS, allow AS in, remove private AS
    • 2.7.g [ii] Prepend
    • 2.7.g [iii] Regexp
  • 2.7.h Implement and Troubleshoot Other Features
    • 2.7.h [i] Multipath
    • 2.7.h [ii] BGP synchronization
    • 2.7.h [iii] Soft reconfiguration, route refres

2.8 Troubleshooting layer 3 technologies

  • 2.8.a Use IOS troubleshooting tools
    • 2.8.a [i] debug, conditional debug
    • 2.8.a [ii] ping, traceroute with extended options
    • 2.8.a [iii] Embedded packet capture
  • 2.8.b Apply troubleshooting methodologies
    • 2.8.b [i] Diagnose the root cause of networking issue [analyze symptoms, identify and describe root cause]
    • 2.8.b [ii] Design and implement valid solutions according to constraints
    • 2.8.b [iii] Verify and monitor resolution
  • 2.8.c Interpret packet capture
    • 2.8.c [i] Using wireshark trace analyzer
    • 2.8.c [ii] Using IOS embedded packet capture

 

  3.0 VPN Technologies 20%

 

3.1 Tunneling

  • 3.1.a Implement and troubleshoot MPLS operations
    • 3.1.a [i] Label stack, LSR, LSP
    • 3.1.a [ii] LDP
    • 3.1.a [iii] MPLS ping, MPLS traceroute
  • 3.1.b Implement and troubleshoot basic MPLS L3VPN
    • 3.1.b [i] L3VPN, CE, PE, P
    • 3.1.b [ii] Extranet [route leaking]
  • 3.1.c Implement and troubleshoot encapsulation
    • 3.1.c [i] GRE
    • 3.1.c [ii] Dynamic GRE
  • 3.1.d Implement and troubleshoot DMVPN [single hub]
    • 3.1.d [i] NHRP
    • 3.1.d [ii] DMVPN with IPsec using preshared key
    • 3.1.d [iii] QoS profile
    • 3.1.d [iv] Pre-classify

3.2 Encryption

  • 3.2.a Implement and troubleshoot IPsec with preshared key
    • 3.2.a [i] IPv4 site to IPv4 site
    • 3.2.a [ii] IPv6 in IPv4 tunnels
    • 3.2.a [iii] Virtual tunneling interface [VTI]

3.3 Troubleshooting VPN technologies

  • 3.3.a Use IOS troubleshooting tools
    • 3.3.a [i] debug, conditional debug
    • 3.3.a [ii] ping, traceroute with extended options
    • 3.3.a [iii] Embedded packet capture
  • 3.3.b Apply troubleshooting methodologies
    • 3.3.b [i] Diagnose the root cause of networking issue [analyze symptoms, identify and describe root cause]
    • 3.3.b [ii] Design and implement valid solutions according to constraints
    • 3.3.b [iii] Verify and monitor resolution
  • 3.3.c Interpret packet capture
    • 3.3.c [i] Using wireshark trace analyzer
    • 3.3.c [ii] Using IOS embedded packet capture

 

  4.0 Infrastructure Security 5%

 

4.1 Device security

  • 4.1.a Implement and troubleshoot IOS AAA using local database
  • 4.1.b Implement and troubleshoot device access control
    • 4.1.b [i] Lines [VTY, AUX, console]
    • 4.1.b [ii] SNMP
    • 4.1.b [iii] Management plane protection
    • 4.1.b [iv] Password encryption
  • 4.1.c Implement and troubleshoot control plane policing

4.2 Network security

  • 4.2.a Implement and troubleshoot switch security features
    • 4.2.a [i] VACL, PACL
    • 4.2.a [ii] Stormcontrol
    • 4.2.a [iii] DHCP snooping
    • 4.2.a [iv] IP source-guard
    • 4.2.a [v] Dynamic ARP inspection
    • 4.2.a [vi] Port-security
    • 4.2.a [vii] Private VLAN
  • 4.2.b Implement and troubleshoot router security features
    • 4.2.b [i] IPv4 access control lists [standard, extended, time-based]
    • 4.2.b [ii] IPv6 traffic filter
    • 4.2.b [iii] Unicast reverse path forwarding
  • 4.2.c Implement and troubleshoot IPv6 first hop security
    • 4.2.c [i] RA guard
    • 4.2.c [ii] DHCP guard
    • 4.2.c [iii] Binding table
    • 4.2.c [iv] Device tracking
    • 4.2.c [v] ND inspection/snooping
    • 4.2.c [vi] Source guard
    • 4.2.c [vii] PACL

4.3 Troubleshooting infrastructure security

  • 4.3.a Use IOS troubleshooting tools
    • 4.3.a [i] debug, conditional debug
    • 4.3.a [ii] ping, traceroute with extended options
    • 4.3.a [iii] Embedded packet capture
  • 4.3.b Apply troubleshooting methodologies
    • 4.3.b [i] Diagnose the root cause of networking issue [analyze symptoms, identify and describe root cause]
    • 4.3.b [ii] Design and implement valid solutions according to constraints
    • 4.3.b [iii] Verify and monitor resolution
  • 4.3.c Interpret packet capture
    • 4.3.c [i] Using wireshark trace analyzer
    • 4.3.c [ii] Using IOS embedded packet capture

 

  5.0 Infrastructure Services 15%

 

5.1 System management

  • 5.1.a Implement and troubleshoot device management
    • 5.1.a [i] Console and VTY
    • 5.1.a [ii] telnet, HTTP, HTTPS, SSH, SCP
    • 5.1.a [iii] [T]FTP
  • 5.1.b Implement and troubleshoot SNMP
    • 5.1.b [i] v2c, v3
  • 5.1.c Implement and troubleshoot logging
    • 5.1.c [i] Local logging, syslog, debug, conditional debug
    • 5.1.c [ii] Timestamp

5.2 Quality of service

  • 5.2.a Implement and troubleshoot end to end QoS
    • 5.2.a [i] CoS and DSCP mapping
  • 5.2.b Implement, optimize and troubleshoot QoS using MQC
      • 5.2.b [i] Classification
      • 5.2.b [ii] Network based application recognition [NBAR]
      • 5.2.b [iii] Marking using IP precedence, DSCP, CoS, ECN
      • 5.2.b [iv] Policing, shaping
      • 5.2.b [v] Congestion management [queuing]
      • 5.2.b [vi] HQoS, sub-rate ethernet link
      • 5.2.b [vii] Congestion avoidance [WRED]

5.3 Network services

  • 5.3.a Implement and troubleshoot first-hop redundancy protocols 
    • 5.3.a [i] HSRP, GLBP, VRRP
    • 5.3.a [ii] Redundancy using IPv6 RS/RA
  • 5.3.b Implement and troubleshoot network time protocol 
    • 5.3.b [i] NTP master, client, version 3, version 4
    • 5.3.b [ii] NTP authentication
  • 5.3.c Implement and troubleshoot IPv4 and IPv6 DHCP
    • 5.3.c [i] DHCP client, IOS DHCP server, DHCP relay
    • 5.3.c [ii] DHCP options
    • 5.3.c [iii] DHCP protocol operations
    • 5.3.c [iv] SLAAC/DHCPv6 interaction
    • 5.3.c [v] Stateful, stateless DHCPv6
    • 5.3.c [vi] DHCPv6 prefix delegation
  • 5.3.d Implement and troubleshoot IPv4 network address translation 
    • 5.3.d [i] Static NAT, dynamic NAT, policy-based NAT, PAT
    • 5.3.d [ii] NAT ALG

5.4 Network optimization

  • 5.4.a Implement and troubleshoot IP SLA
    • 5.4.a [i] ICMP, UDP, jitter, VoIP
  • 5.4.b Implement and troubleshoot tracking object
    • 5.4.b [i] Tracking object, tracking list
    • 5.4.b [ii] Tracking different entities [e.g. interfaces, routes, IPSLA, and such]
  • 5.4.c Implement and troubleshoot netflow
    • 5.4.c [i] Netflow v5, v9
    • 5.4.c [ii] Local retrieval
    • 5.4.c [iii] Export [configuration only]
  • 5.4.d Implement and troubleshoot embedded event manager
    • 5.4.d [i] EEM policy using applet

5.5 Troubleshooting infrastructure services

  • 5.5.a Use IOS troubleshooting tools
    • 5.5.a [i] debug, conditional debug
    • 5.5.a [ii] ping, traceroute with extended options
    • 5.5.a [iii] Embedded packet capture
  • 5.5.b Apply troubleshooting methodologies
    • 5.5.b [i] Diagnose the root cause of networking issue [analyze symptoms, identify and describe root cause]
    • 5.5.b [ii] Design and implement valid solutions according to constraints
    • 5.5.b [iii] Verify and monitor resolution
  • 5.5.c Interpret packet capture 
    • 5.5.c [i] Using wireshark trace analyzer
    • 5.5.c [ii] Using IOS embedded packet capture

 

   CCIE Security v4

The Cisco Certified Internetwork Expert Security (CCIE Security) program recognizes individuals who have the knowledge and skills to implement, maintain and support extensive Cisco Network Security Solutions using the latest industry best practices and technologies.

Topics in CCIE Security Lab Exam

  1.0 System Hardening and Availability 14%
 
  • 1.1 Routing plane security features (for example, protocol authentication and route filtering)
  • 1.2 Control Plane Policing
  • 1.3 Control plane protection and management plane protection
  • 1.4 Broadcast control and switch port security
  • 1.5 Additional CPU protection mechanisms (for example, options drop and logging interval)
  • 1.6 Disable unnecessary services
  • 1.7 Control device access (for example, Telnet, HTTP, SSH, and privilege levels)
  • 1.8 Device services (for example, SNMP, syslog, and NTP)
  • 1.9 Transit traffic control and congestion management
 
  2.0 Threat Identification and Mitigation 14%
 
  • 2.1 Identify and protect against fragmentation attacks
  • 2.2 Identify and protect against malicious IP option usage
  • 2.3 Identify and protect against network reconnaissance attacks
  • 2.4 Identify and protect against IP spoofing attacks
  • 2.5 Identify and protect against MAC spoofing attacks
  • 2.6 Identify and protect against ARP spoofing attacks
  • 2.7 Identify and protect against DoS attacks
  • 2.8 Identify and protect against DDoS attacks
  • 2.9 Identify and protect against man-in-the-middle attacks
  • 2.10 Identify and protect against port redirection attacks
  • 2.11 Identify and protect against DHCP attacks
  • 2.12 Identify and protect against DNS attacks
  • 2.13 Identify and protect against MAC flooding attacks
  • 2.14 Identify and protect against VLAN hopping attacks
  • 2.15 Identify and protect against various Layer 2 and Layer 3 attacks
  • 2.16 NBAR
  • 2.17 NetFlow
  • 2.18 Capture and utilize packet captures

  3.0 Intrusion Prevention and Content Security 20%

  • 3.1 Cisco IPS 4200 Series Sensor appliance and Cisco ASA appliance IPS module
    • 3.1.a Initialize the sensor appliance
    • 3.1.b Sensor appliance management
    • 3.1.c Virtual sensors on the sensor appliance
    • 3.1.d Implement security policies
    • 3.1.e Promiscuous and inline monitoring on the sensor appliance
    • 3.1.f Tune signatures on the sensor appliance
    • 3.1.g Custom signatures on the sensor appliance
    • 3.1.h Actions on the sensor appliance
    • 3.1.i Signature engines on the sensor appliance
    • 3.1.j Use Cisco IDM and Cisco IME to manage the sensor appliance
    • 3.1.k Event action overrides and filters on the sensor appliance
    • 3.1.l Event monitoring on the sensor appliance
  • 3.2 VACL, SPAN and RSPAN on Cisco switches
  • 3.3 Cisco WSA
    • 3.3.a Implement WCCP
    • 3.3.b Active Directory integration
    • 3.3.c Custom categories
    • 3.3.d HTTPS configuration
    • 3.3.e Services configuration (web reputation)
    • 3.3.f Configure proxy bypass lists
    • 3.3.g Web proxy modes
    • 3.3.h Application visibility and control

  4.0 Identity Management 16%

  • 4.1 Identity-based AAA
    • 4.1.a Cisco router and appliance AAA
    • 4.1.b RADIUS
    • 4.1.c TACACS+
  • 4.2 Device administration (Cisco IOS routers, Cisco ASA, and Cisco ACS5.x)
  • 4.3 Network access (TrustSec model)
    • 4.3.a Authorization results for network access (ISE)
    • 4.3.b IEEE 802.1X (Cisco ISE)
    • 4.3.c VSAs (Cisco ASA, Cisco IOS, and Cisco ISE)
    • 4.3.d Proxy authentication (Cisco ISE, Cisco ASA, and Cisco IOS)
  • 4.4 Cisco ISE
    • 4.4.a Profiling configuration (probes)
    • 4.4.b Guest services
    • 4.4.c Posture assessment
    • 4.4.d Client provisioning (CPP)
    • 4.4.e Configure Microsoft Active Directory integration and identity sources

  5.0 Perimeter Security and Services 20%

  • 5.1 Cisco ASA firewalls
    • 5.1.a Basic firewall Initialization
    • 5.1.b Device management
    • 5.1.c Address translation
    • 5.1.d ACLs
    • 5.1.e IP routing and route tracking
    • 5.1.f Object groups
    • 5.1.g VLANs
    • 5.1.h Configure EtherChannel
    • 5.1.i High availability and redundancy
    • 5.1.j Layer 2 transparent firewall
    • 5.1.k Security contexts (virtual firewall)
    • 5.1.l Cisco Modular Policy Framework
    • 5.1.m Identity firewall services
    • 5.1.n Configure Cisco ASA with ASDM
    • 5.1.o Context-aware services
    • 5.1.p IPS capabilities
    • 5.1.q QoS capabilities
  • 5.2 Cisco IOS zone-based firewall
    • 5.2.a Network, secure group, and user-based policy
    • 5.2.b Performance tuning
    • 5.2.c Network, protocol, and application inspection
  • 5.3 Perimeter security services
    • 5.3.a Cisco IOS QoS and packet-marking techniques
    • 5.3.b Traffic filtering using access lists
    • 5.3.c Cisco IOS NAT
    • 5.3.d uRPF
    • 5.3.e Port to Application Mapping (PAM)
    • 5.3.f Policy routing and route maps

  6.0 Confidentiality and Secure Access 16%

  • 6.1 IKE (v1/v2)
  • 6.2 IPsec LAN-to-LAN (Cisco IOS and Cisco ASA)
  • 6.3 DMVPN
  • 6.4 FlexVPN
  • 6.5 GET VPN
  • 6.6 Remote-access VPN
    • 6.6.a Cisco EasyVPN Server (Cisco IOS and Cisco ASA)
    • 6.6.b VPN Client 5.X
    • 6.6.c Clientless WebVPN
    • 6.6.d Cisco AnyConnect VPN
    • 6.6.e Cisco EasyVPN Remote
    • 6.6.f SSL VPN gateway
  • 6.7 VPN high availability
  • 6.8 QoS for VPN
  • 6.9 VRF-aware VPN
  • 6.10 MACsec
  • 6.11 Digital certificates (enrollment and policy matching)
  • 6.12 Wireless access
    • 6.12.a EAP methods
    • 6.12.b WPA and WPA2
    • 6.12.c wIPS



  CCIE Service Provider v4

Cisco CCIE Service Provider (CCIE Service Provider) certification is for expert-level SP network engineers who bring the knowledge and skill to build an extensible Service Provider infrastructure to deliver rich managed services.

Topics in CCIE Service Provider Lab Exam

 
1.0 Core Routing 27%
 
  • 1.1 Interior Gateway Protocol (IGP)
    • 1.1.a Describe, implement, and troubleshoot IS-IS
    • 1.1.b Describe, implement, and troubleshoot OSPFv2 and OSPFv3
    • 1.1.c Describe and optimize IGP scale and performance
  • 1.2 Border Gateway Protocol (BGP)
    • 1.2.a Describe, implement, and troubleshoot IBGP, EBGP, and MP-BGP
    • 1.2.b Describe, implement, and troubleshoot BGP route policy enforcement
    • 1.2.c Describe and optimize BGP scale and performance
    • 1.2.d Describe, implement, and troubleshoot advanced BGP features, for example, add-path and BGP LS
  • 1.3 Multiprotocol Label Switching (MPLS)
    • 1.3.a Describe, implement, and troubleshoot LDP
    • 1.3.b Describe and optimize LDP scale and performance
  • 1.4 MPLS Traffic Engineering
    • 1.4.a Describe, implement, and troubleshoot RSVP
    • 1.4.b Describe, implement, and troubleshoot ISIS and OSPF extensions
    • 1.4.c Describe, implement, and troubleshoot MPLS TE policy enforcement
    • 1.4.d Describe and optimize MPLS TE scale and performance
  • 1.5 Multicast
    • 1.5.a Describe, implement, and troubleshoot PIM (PIM-SM, PIM-SSM, and PIM-BIDIR)
    • 1.5.b Describe, implement, and troubleshoot RP (Auto-RP, BSR, Static, Anycast RP, and MSDP)
    • 1.5.c Describe, implement, and troubleshoot mLDP (including mLDP profiles from 0 to 9)
    • 1.5.d Describe and optimize multicast scale and performance
  • 1.6 Quality of Service (QoS)
    • 1.6.a Describe, implement, and troubleshoot classification and marking
    • 1.6.b Describe, implement, and troubleshoot congestion management and scheduling, for example, policing, shaping, and queuing
    • 1.6.c Describe, implement, and troubleshoot congestion avoidance
    • 1.6.d Describe, implement, and troubleshoot MPLS QoS models (MAM, RDM, Pipe, Short Pipe, and Uniform)
    • 1.6.e Describe, implement, and troubleshoot MPLS TE QoS (CBTS, PBTS, and DS-TE)
 

2.0 Service Provider Based Services 26%

 
  • 2.1 Carrier Ethernet
    • 2.1.a Describe, implement, and troubleshoot E-LINE, for example, VPWS
    • 2.1.b Describe, implement, and troubleshoot E-LAN and E-TREE, for example VPLS and H-VPLS
  • 2.2 L3VPN
    • 2.2.a Describe, implement, and troubleshoot L3VPN
    • 2.2.b Describe, implement, and troubleshoot Inter-AS L3VPN
    • 2.2.c Describe, implement, and troubleshoot Multicast VPN
    • 2.2.d Describe, implement, and troubleshoot Unified MPLS and CSC
    • 2.2.e Describe, implement, and troubleshoot shared services, for example, Extranet and Internet access
  • 2.3 Overlay VPN
    • 2.3.a Describe, implement, and troubleshoot L2TPv3
    • 2.3.b Describe, implement, and troubleshoot LISP
    • 2.3.c Describe, implement, and troubleshoot GRE and mGRE based VPN
  • 2.4 Internet Service
    • 2.4.a Describe, implement, and troubleshoot Internet Peering and Transit
    • 2.4.b Describe, implement, and troubleshoot IPv6 transition mechanism, for example, NAT44, NAT64, 6RD, and DS Lite
    • 2.4.c Describe, implement, and troubleshoot Internet peering route and transit policy enforcement

 

3.0 Access and Aggregation 17%

 

  • 3.1 Transport and encapsulation technologies
    • 3.1.a Describe, implement, and troubleshoot ethernet technologies
  • 3.2 PE-CE connectivity
    • 3.2.a Describe, implement, and troubleshoot PE-CE routing protocols, for example, static, OSPF, and BGP
    • 3.2.b Describe, implement, and troubleshoot route redistribution
    • 3.2.c Describe, implement, and troubleshoot route filtering
    • 3.2.d Describe, implement, and troubleshoot loop prevention techniques in Multihomed environments
    • 3.2.e Describe, implement, and troubleshoot end-to-end fast convergence
    • 3.2.f Describe, implement, and troubleshoot Multi-VRF CE
  • 3.3 Quality of Service (QoS)
    • 3.3.a Describe, implement, and troubleshoot classification and marking
    • 3.3.b Describe, implement, and troubleshoot congestion management and scheduling, for example, policing, shaping, and queuing
    • 3.3.c Describe, implement, and troubleshoot congestion avoidance
  • 3.4 Multicast
    • 3.4.a Describe, implement, and troubleshoot IGMP and MLD
    • 3.4.b Describe, implement, and troubleshoot PIM
    • 3.4.c Describe, implement, and troubleshoot RP
    • 3.4.d Describe and optimize multicast scale and performance

 

4.0 High Availability and Fast Convergence 13%

 

  • 4.1 System level HA
    • 4.1.a Describe, implement, and troubleshoot SS0/NSF, NSR, and GR
    • 4.1.b Describe, implement, and troubleshoot IGP-LDP Sync
    • 4.1.c Describe, implement, and troubleshoot LDP Session Protection
  • 4.2 Layer 1/2/3 failure detection techniques
    • 4.2.a Describe, implement, and troubleshoot Layer 2 failure detection
    • 4.2.b Describe, implement, and troubleshoot Layer 3 failure detection
  • 4.3 Routing/fast convergence
    • 4.3.a Describe, implement, and optimize IGP convergence
    • 4.3.b Describe, implement, and optimize BGP convergence
    • 4.3.c Describe, implement, and optimize IP FRR and TE FRR

 

5.0 Service Provider Security, Service Provider Operation and Management 17%

 

  • 5.1 Control plane security
    • 5.1.a Describe, implement, and troubleshoot control plane protection techniques (LPTS and CoPP)
    • 5.1.b Describe, implement, and troubleshoot routing protocol security, for example, BGP-TTL security and protocol authentication
    • 5.1.c Describe, implement and troubleshoot BGP prefix suppression
    • 5.1.d Describe, implement and troubleshoot LDP security, for example, authentication and label allocation filtering
    • 5.1.e Describe, implement, and troubleshoot BGP prefix based filtering
  • 5.2 Management plane security
    • 5.2.a Describe, implement, and troubleshoot device management, for example, MPP, SSH, and VTY
    • 5.2.b Describe, implement, and troubleshoot logging and SNMP security
  • 5.3 Infrastructure security
    • 5.3.a Describe, implement, and troubleshoot uRPF
    • 5.3.b Describe, implement, and troubleshoot iACL
    • 5.3.c Describe, implement, and troubleshoot RTBH
  • 5.4 Timing and synchronization
    • 5.4.a Describe, implement, and troubleshoot timing protocol, for example, NTP,1588v2, and SyncE
  • 5.5 Network monitoring and troubleshooting
    • 5.5.a Describe, implement, and troubleshoot syslog and logging functions
    • 5.5.b Describe, implement, and troubleshoot SNMP traps, RMON, EEM, and EPC
    • 5.5.c Describe, implement, and troubleshoot port mirroring protocols, for example, SPAN, RSPAN, and ERSPAN
    • 5.5.d Describe, implement and troubleshoot NetFlow and IPFIX
    • 5.5.e Describe, implement, and troubleshoot IP SLA
    • 5.5.f Describe, implement, and troubleshoot MPLS OAM and Ethernet OAM
  • 5.6 Network configuration and change management
    • 5.6.a Describe network change, implementation, and rollback

 

  CCIE DataCenter v1

Cisco Certified Internetwork Expert Data Center (CCIE Data Center) certifies the expert-level skills required for the planning, design, implementation and management of complex, modern IT data center infrastructure. Professionals who achieve CCIE Data Center certification have demonstrated their technical skills at the highest level using industry best-practices. This certification is for experienced data center professionals who are seeking future-proof skills that are needed for leadership roles focused on harnessing in-depth IT data center solutions and emerging technologies.

Topics including in CCIE Data Center Lab Workbook

 
1.0 Cisco Data Center Infrastructure—Cisco NX-OS 30%
  • 1.1 Implement Cisco NX-OS L2 functionality
    • 1.1.a Implement VLANs and PVLANs
    • 1.1.b Implement Spanning Tree Protocols
    • 1.1.c Implement port channels
    • 1.1.d Implement UDLD
    • 1.1.e Implement fabric extension via the Cisco Nexus family
  • 1.2 Implement Cisco NX-OS L3 functionality
    • 1.2.a Implement basic EIGRP in a data center environment
    • 1.2.b Implement basic OSPF in a data center environment
    • 1.2.c Implement BFD for dynamic routing protocols
    • 1.2.d Implement ECMP
    • 1.2.e Implement Cisco FabricPath
  • 1.3 Implement basic Cisco NX-OS security features
    • 1.3.a Implement AAA services
    • 1.3.b Implement SNMPv3
    • 1.3.d Configure IP ACLs, MAC ACLs, and VLAN ACLs
    • 1.3.e Configure port security
    • 1.3.f Configure DHCP snooping
    • 1.3.g Configure dynamic ARP inspection
    • 1.3.h Configure IP source guard
    • 1.3.i Configure Cisco TrustSec
  • 1.4 Implement Cisco NX-OS high-availability features
    • 1.4.a Implement first-hop routing protocols
    • 1.4.b Implement graceful restart
    • 1.4.c Implement nonstop forwarding
    • 1.4.d Implement port channels
    • 1.4.e Implement vPC and vPC+
    • 1.4.f Implement Overlay Transport Protocol (OTV)
  • 1.5 Implement Cisco NX-OS management
    • 1.5.a Implement SPAN and ERSPAN
    • 1.5.b Implement NetFlow
    • 1.5.c Implement Smart Call Home
    • 1.5.d Manage system files
    • 1.5.e Implement NTP and PTP
    • 1.5.f Configure and verify Cisco DCNM functionality
  • 1.6 Cisco NX-OS troubleshooting
    • 1.6.a Utilize SPAN, ERSPAN, and Ethanalyzer to troubleshoot a Cisco Nexus problem
    • 1.6.b Utilize NetFlow to troubleshoot a Cisco Nexus problem
    • 1.6.c Given an OTV problem, identify the problem and potential fix
    • 1.6.d Given a VDC problem, identify the problem and potential fix
    • 1.6.e Given a vPC problem, identify the problem and potential fix
    • 1.6.f Given a Layer 2 problem, identify the problem and potential fix
    • 1.6.g Given a Layer 3 problem, identify the problem and potential fix
    • 1.6.h Given a multicast problem, identify the problem and potential fix
    • 1.6.i Given a Cisco FabricPath problem, identify the problem and potential fix
    • 1.6.j Given a Cisco Unified Fabric problem, identify the problem and potential fix

 

2.0 Cisco Storage Networking 20%

 

  • 2.1 Implement Fibre Channel protocols features
    • 2.1.a Implement port channel, Cisco ISL, and trunking
    • 2.1.b Implement VSANs
    • 2.1.c Implement basic and enhanced zoning
    • 2.1.d Implement FC domain parameters
    • 2.1.e Implement Fibre Channel security features
    • 2.1.f Implement proper oversubscription in a FC environment
  • 2.2 Implement IP storage-based solution
    • 2.2.a Implement IP features, including high availability
    • 2.2.b Implement iSCSI, including advanced features
    • 2.2.c Implement SAN extension tuner
    • 2.2.d Implement FCIP and security features
    • 2.2.e Implement iSCSI security features
    • 2.2.f Validate proper configuration of IP storage-based solutions
  • 2.3 Implement Cisco NX-OS Unified Fabric features
    • 2.3.a Implement basic FC in a Cisco NX-OS environment
    • 2.3.b Implement FCoE
    • 2.3.c Implement NPV and NPIV features
    • 2.3.d Implement Cisco Unified Fabric Switch different modes of operation
    • 2.3.e Implement QoS features
    • 2.3.f Implement FCoE NPV features
    • 2.3.g Implement multihop FCoE
    • 2.3.h Validate configurations and troubleshoot problems and failures using command line, show, and debug commands
 
3.0 Cisco Data Center Virtualization 10%
 
  • 3.1 Manage data center virtualization with Cisco Nexus 1000V
    • 3.1.a Implement QoS, traffic flow, and IGMP snooping
    • 3.1.b Implement network monitoring on Cisco Nexus 1000V
    • 3.1.c Implement Cisco Nexus 1000V port channels
    • 3.1.d Troubleshoot Cisco Nexus 1000V in a virtual environment
    • 3.1.e Configure VLANs
    • 3.1.f Configure port profiles
  • 3.2 Implement Cisco Nexus 1000V security features
    • 3.2.a DHCP snooping
    • 3.2.b Dynamic ARP inspection
    • 3.2.c IP source guard
    • 3.2.d Port security
    • 3.2.e ACLs
    • 3.2.f Private VLANs
    • 3.2.g Configure private VLANs

 

4.0 Cisco Unified Computing System 30%

 

  • 4.1 Implement LAN connectivity in a Cisco UCS environment
    • 4.1.a Configure different port types
    • 4.1.b Implement Ethernet end-host mode
    • 4.1.c Implement VLANs and port channels
    • 4.1.d Implement pinning and PIN groups
    • 4.1.e Implement disjoint Layer 2
  • 4.2 Implement SAN connectivity in a Cisco UCS environment
    • 4.2.a Implement FC ports for SAN connectivity
    • 4.2.b Implement VSANs
    • 4.2.c Implement FC port channels
    • 4.2.d Implement FC trunking and SAN pinning
  • 4.3 Implement Cisco UCS server resources
    • 4.3.a Create and implement service profiles
    • 4.3.b Create and implement policies
    • 4.3.c Create and implement server resource pools
    • 4.3.d Implement updating and initial templates
    • 4.3.e Implement boot from remote storage
    • 4.3.f Implement fabric failover
  • 4.4 Implement Cisco UCS management tasks
    • 4.4.a Implement Cisco UCS management hierarchy using ORG (Organisation) and RBAC (Role Based Access Control)
    • 4.4.b Configure RBAC groups
    • 4.4.c Configure remote RBAC configuration
    • 4.4.d Configure roles and privileges
    • 4.4.e Create and configure users
    • 4.4.f Implement backup and restore procedures in a Cisco UCS environment
    • 4.4.g Implement system-wide policies
  • 4.5 Cisco UCS troubleshooting and maintenance
    • 4.5.a Manage high availability in a Cisco UCS environment
    • 4.5.b Configure monitoring and analysis of system events
    • 4.5.c Implement external management protocols
    • 4.5.d Collect statistical information
    • 4.5.e Firmware management
    • 4.5.f Collect TAC-specific information
    • 4.5.g Implement server recovery tasks

 

5.0 Cisco Application Networking Services 10%

 

  • 5.1 Implement data center application high availability and load balancing
    • 5.1.a Implement standard ACE features for load balancing
    • 5.1.b Configure server load-balancing algorithm
    • 5.1.c Configure different SLB deployment modes
    • 5.1.d Implement health monitoring
    • 5.1.e Configure sticky connections
    • 5.1.f Implement server load balancing in HA mode



  CCIE Collaboration v1

The CCIE Collaboration certification is for Collaboration Architects, Unified Communications Architects, or Voice and Video Network Managers who are responsible for the design, implementation, and troubleshooting of complex collaboration solutions. The certification is an expert-level certification that ensures that you gain knowledge and experience in collaboration solutions integration and interoperation, configuration, and troubleshooting in complex networks and the challenges of video, mobility, and presence as the foundation for workplace collaboration solutions.

Topics including in CCIE Collaboration Lab Workbook

 
1.0 Configure and Troubleshoot Cisco Collaboration Infrastructure 5%
 
  • 1.1 Network services
    • 1.1.a DNS
    • 1.1.b DHCP
    • 1.1.c TFTP
    • 1.1.d NTP
    • 1.1.e CDP/LLDP
    • 1.2 Voice and data VLAN
  • 1.3 IP routing in Cisco Collaboration Solutions
  • 1.4 IP multicast
 
2.0 Configure and Troubleshoot Cisco Unified Communications Manager (CUCM) 40%
  • 2.1 CUCM SCCP endpoints
  • 2.2 CUCM MGCP gateways
  • 2.3 CUCM SIP endpoints and trunks
  • 2.4 CUCM H.323 gateways and trunks
  • 2.5 Voice and video codecs
  • 2.6 RTP and RTCP
  • 2.7 Device registration and redundancy
  • 2.8 Codec selection
  • 2.9 CUCM call features
    • 2.9.a Call park
    • 2.9.b Call pickup
    • 2.9.c BLF speed dials
    • 2.9.d Native call queuing
    • 2.9.e Call hunting
    • 2.9.f Meet-Me
  • 2.10 CUCM dial plan
    • 2.10.a Globalized call routing
    • 2.10.b Local route group
    • 2.10.c Time-of-day routing
    • 2.10.d Application dial rules
    • 2.10.e Digit manipulations and presentations
  • 2.11 CUCM media resources
    • 2.11.a TRP
    • 2.11.b MOH
    • 2.11.c CFB
    • 2.11.d Transcoder/MTP
    • 2.11.e Annunciator
    • 2.11.f MRG/MRGL
  • 2.12 CUCM mobility
    • 2.12.a EM/EMCC
    • 2.12.b Device Mobility
    • 2.12.c Mobile Connect
  • 2.13 CUCM serviceability and OS administration
    • 2.13.a Service activation
    • 2.13.b Database replication
    • 2.13.c CDR
    • 2.13.d CMR
  • 2.14 ILS/URI dialing
    • 2.14.a Directory URI
    • 2.14.b ISL topology
    • 2.14.c Blended addressing
  • 2.15 Call Admission Control
    • 2.15.a CAC/ELCAC
    • 2.15.b RSVP
    • 2.15.c SIP preconditions
  • 2.16 SAF and CCD

 

3.0 Configure and Troubleshoot Cisco IOS UC Applications and Features 25%

 

  • 3.1 CUCME phone registration and features
    • 3.1.a SCCP phones
    • 3.1.b SIP phones
  • 3.2 SRST phone registration and features
    • 3.2.a CME-as-SRST
    • 3.2.b MGCP fallback
  • 3.3 CUE
    • 3.3.a AA
    • 3.3.b Scripting
    • 3.3.c Voiceview
    • 3.3.d Web inbox
    • 3.3.e MWI
    • 3.3.f VPIM
  • 3.4 Cisco IOS-based call queuing
  • 3.5 Cisco IOS media resources
    • 3.5.a Conferencing
    • 3.5.b Transcoding
    • 3.5.c DSP management
    • 3.5.d MOH
  • 3.6 CUBE
    • 3.6.a Midcall signaling
    • 3.6.b SIP profiles
    • 3.6.c Early/delayed offer
    • 3.6.d DTMF interworking
  • 3.7 Digital voice signaling (T1/E1 PRI)
    • 3.7.a Q.921 and Q.931
    • 3.7.b Caller ID
  • 3.8 Cisco IOS dial plan
  • 3.9 SAF and CCD
  • 3.10 IOS CAC

 

4.0 Configure and Troubleshoot QoS and Security in Cisco Collaboration Solutions 7%

 

  • 4.1 QoS: link efficiency
    • 4.1.a LFI
    • 4.1.b MLPPP
    • 4.1.c FRF.12
    • 4.1.d cRTP
    • 4.1.e VAD
    • 4.2 QoS: classification and marking
    • 4.2.a Voice traffic
    • 4.2.b Video traffic
    • 4.3 QoS: congestion management
    • 4.3.a Layer 2 priorities
    • 4.3.b Low latency queue
    • 4.3.b Low latency queue
  • 4.4 Security: default security features
  • 4.5 Security: toll fraud

 

5.0 Configure and Troubleshoot Cisco Unity Connection 10%

 

  • 5.1 CUCM integration
  • 5.2 CUCME integration
  • 5.3 Single inbox
  • 5.4 MWI
  • 5.5 Call handlers
  • 5.6 CUC dial plan
  • 5.7 Directory handlers
  • 5.8 CUC features
  • 5.9 Voicemail networking

 

6.0 Configure and Troubleshoot Cisco Unified Contact Center Express (UCCX) 5%

 

  • 6.1 UCCX CTI integration
  • 6.2 UCCX ICD functions
  • 6.3 UCCX scripts customization

 

7.0 Configure and Troubleshoot Cisco Unified IM Presence 8%

 

  • 7.1 CUCM integration
  • 7.2 Cisco Jabber for Windows

 

  CCIE Wireless v3

The Cisco Certified Internetwork Expert Wireless (CCIE Wireless) certification assesses and validates wireless expertise. Candidates who pass the CCIE Wireless certification exams demonstrate broad theoretical knowledge of wireless networking and a solid understanding of wireless local area networking (WLAN) technologies from Cisco, the market leader in WLAN technology.

Topics including in CCIE Wireless Lab Workbook

 
1.0 Configure and Troubleshoot the Network Infrastructure 12%
 
  • 1.1 Configure and troubleshoot wired infrastructure to support WLANs
    • 1.1.a VLANs
    • 1.1.b VTP
    • 1.1.c STP
    • 1.1.d Etherchannel
    • 1.1.e HSRP
    • 1.1.f VSS
    • 1.1.g Stacking
  • 1.2 Plan network infrastructure capacity
  • 1.3 Configure and troubleshoot network connectivity for:
    • 1.3.a WLAN clients
    • 1.3.b WLCs
    • 1.3.c Lightweight APs
    • 1.3.d Autonomous APs
  • 1.4 Configure and troubleshoot PoE for APs
  • 1.5 Configure and troubleshoot QoS on the switching infrastructure
    • 1.5.a MQC
    • 1.5.b Mls qos
  • 1.6 Configure and troubleshoot multicast on the switching infrastructure
    • 1.6.a PIM-SM
    • 1.6.b Auto-RP
    • 1.6.c Static-RP
    • 1.6.d IGMP
    • 1.6.e IGMP snooping
    • 1.6.f MLD
  • 1.7 Configure and troubleshoot IPv4 connectivity
    • 1.7.a Subnetting
    • 1.7.b Static routing
    • 1.7.c Basic OSPF
    • 1.7.d Basic EIGRP
  • 1.8 Configure and troubleshoot basic IPv6 connectivity
    • 1.8.a Subnetting
    • 1.8.b Static routing
    • 1.8.c Basic OSPFv3
    • 1.8.d Basic EIGRP address families
  • 1.9 Configure and troubleshoot wired security
    • 1.9.a ACLs (v4/v6)
    • 1.9.b dot1X
    • 1.9.c Port-security
    • 1.9.d SXP, SGT
  • 1.10 Configure and troubleshoot network services
    • 1.10.a DNS
    • 1.10.b DHCPv4 / DHCPv6
    • 1.10.c NTP, SNTP
    • 1.10.d SYSLOG
    • 1.10.e SNMP
    • 1.10.f CDP, LLDP
    • 1.10.g SDG. mDNS

 

2.0 Configure and Troubleshoot an Autonomous Deployment Model 10%

 

  • 2.1 Configuring and troubleshooting different modes and roles
    • 2.1.a Root
    • 2.1.b WGB
    • 2.1.c Bridge
  • 2.2 Configuring and troubleshooting SSID/MBSSID
  • 2.3 Configuring and troubleshooting security
    • 2.3.a L2 security policies
    • 2.3.b Association filters
    • 2.3.c PSPF
    • 2.3.d Local radius
    • 2.3.e dot1x profiles
    • 2.3.f Guest
  • 2.4 Configuring and troubleshooting radio settings
  • 2.5 Configuring and troubleshooting multicast
  • 2.6 Configuring and troubleshooting QoS

 

3.0 Configure and Troubleshoot a Unified Deployment Model (Centralized) 23%

 

  • 3.1 Configuring and controlling management access
  • 3.2 Configuring and troubleshooting interfaces
  • 3.3 Configuring and troubleshooting lightweight APs
    • 3.3.a dot1x
    • 3.3.b LSC
    • 3.3.c AP modes
    • 3.3.d AP authentication / authorization
    • 3.3.e Logging
    • 3.3.f Local / global configuration
  • 3.4 Configuring and troubleshooting high availability and redundancy
    • 3.4.a Clients
    • 3.4.b APs
    • 3.4.c WLCs
  • 3.5 Configuring and troubleshooting wireless segmentation
    • 3.5.a RF profiles
    • 3.5.b AP groups
    • 3.5.c Flexconnect
  • 3.6 Configuring and troubleshooting wireless security policies
    • 3.6.a WLANs
    • 3.6.b L2/L3 security
    • 3.6.c Rogue policies
    • 3.6.d Local EAP
    • 3.6.e Local profiling
    • 3.6.f ACLs
    • 3.6.g Certificates
  • 3.7 Configuring and troubleshooting Flexconnect and Office Extend
  • 3.8 Configuring and troubleshooting Mesh
  • 3.9 Implement RF management
    • 3.9.a Static RF management
    • 3.9.b Automatic RF management
    • 3.9.c CleanAir
    • 3.9.d Data rates
  • 3.10 Configuring and troubleshooting WLC control plane security
    • 3.10.a AAA
    • 3.10.b CPU ACLs
    • 3.10.c Management via wireless interface
    • 3.10.d Management via dynamic interface
  • 3.11 Configuring and troubleshooting mobility
    • 3.11.a L2/L3 roaming
    • 3.11.b Multicast optimization
    • 3.11.c Mobility group scaling
    • 3.11.d Inter-release controller mobility
    • 3.11.e New mobility
    • 3.11.f Mobility anchoring
  • 3.12 Configuring and troubleshooting multicast

 

4.0 Configure and Troubleshoot a Unified Deployment Model (Converged) 17%

 

  • 4.1 Configuring and controlling management access
  • 4.2 Configuring and troubleshooting Interfaces
  • 4.3 Configuring and troubleshooting lightweight APs
    • 4.3.a dot1x
    • 4.3.b AP authentication / authorization
    • 4.3.c Logging
    • 4.3.d Local / global configuration
  • 4.4 Configuring and troubleshooting high availability and redundancy
    • 4.4.a Clients
    • 4.4.b APs
    • 4.4.c WLCs
  • 4.5 Configuring and troubleshooting wireless segmentation
    • 4.5.a RF profiles
    • 4.5.b AP groups
  • 4.6 Configuring and Troubleshooting wireless security policies
    • 4.6.a WLANs
    • 4.6.b L2/L3 security
    • 4.6.c Rogue policies
    • 4.6.d Local EAP
    • 4.6.e ACLs
    • 4.6.f Certificates
  • 4.7 Implement RF management
    • 4.7.a Static RF management
    • 4.7.b Automatic RF management
    • 4.7.c CleanAir
    • 4.7.d Data rates
  • 4.8 Configuring and troubleshooting WLC control plane security
    • 4.8.a AAA
    • 4.8.b Basic control plane policing
  • 4.9 Configuring and troubleshooting mobility
    • 4.9.a L2/L3 roaming
    • 4.9.b Multicast optimization
    • 4.9.c Mobility group scaling
    • 4.9.d Inter-release controller mobility
    • 4.9.e Mobility anchoring
    • 4.9.f SPG
    • 4.9.g MC/MA
  • 4.10 Configuring and troubleshooting multicast

 

5.0 Configure and Troubleshoot Security & Identity Management 15%

 

  • 5.1 Configure and troubleshoot identity management
    • 5.1.a Basic PKI for dot1x and webauth
    • 5.1.b External identity sources (AD, LDAP)
  • 5.2 Configure and troubleshoot AAA policies
    • 5.2.a Client authentication and authorization
    • 5.2.b Management authentication and authorization
    • 5.2.c Client profiling and provisioning
    • 5.2.d RADIUS attributes
    • 5.2.e CoA
  • 5.3 Configure and troubleshoot guest management
    • 5.3.a Local web authentication
    • 5.3.b Central web authentication
    • 5.3.c Basic sponsor policy

 

6.0 Configure and Troubleshoot Prime Infrastructure and MSE 10%

 

  • 6.1 Configure and troubleshoot management access
    • 6.1.a AAA
    • 6.1.b Virtual domain
  • 6.2 Perform basic operations
    • 6.2.a Create and deploy templates
    • 6.2.b Operate maps
    • 6.2.c Import infrastructure devices
    • 6.2.d High availability
    • 6.2.e Audits
    • 6.2.f Client troubleshooting
    • 6.2.g Notification receivers
    • 6.2.h Reports
  • 6.3 Perform maintenance operations
    • 6.3.a Background tasks
    • 6.3.b SW image management
  • 6.4 Security management
    • 6.4.a Understand rogue management
    • 6.4.b Manage alarms and events
    • 6.4.c Understand security index
  • 6.5 Implement and troubleshoot MSE
    • 6.5.a Management access
    • 6.5.b Network services
      • 6.5.b [i] Location
      • 6.5.b [ii] CMX
      • 6.5.b [iii] CleanAir
      • 6.5.b [iv] WIPS
    • 6.5.c NMSP
  • 6.6 Integrate ISE
  • 6.7 Integrate netflow

 

7.0 Configure and Troubleshoot WLAN media and application services 13%

 

  • 7.1 Configure and troubleshoot voice over wireless
    • 7.1.a QoS profiles
    • 7.1.b EDCA
    • 7.1.c WMM
    • 7.1.d BDRL
    • 7.1.e Admission control
    • 7.1.f MQC
  • 7.2 Configuring and troubleshooting video and media
    • 7.2.a Mediastream
    • 7.2.b Multicast-direct
    • 7.2.c Admission control
  • 7.3 Configuring and troubleshooting mDNS
    • 7.3.a mDNS proxy
    • 7.3.b Service discovery
    • 7.3.c Service filtering
  • 7.4 Configuring and troubleshooting AVC and netflow


Disclaimer: This material is not sponsored by, endorsed by, or affiliated with Cisco Systems, Inc.
Cisco Certified Internetworking Engineer, the Cisco Systems logo and the CCIE™ logo are trademarks or registered trademarks of Cisco Systems, Inc.
in the United States and certain other countries.
All other trademarks are trademarks of their respective owners.

Copyright@www.passccieexam.com All Rights Reserved