Cisco Certifications

Associate
CCNA | CCNA Security | CCNA Service Provider | CCDA

Professional
CCNP R&S | CCNP Security | CCNP Service Provider | CCDP

Expert
CCIE R&S | CCIE Security | CCIE Service Provider | CCDE

Other Specializations

Storage Area Networks(SAN)- EMC, IBM, HP  | IBM AIX Administration

Juniper certification | F5 Networks    (BIG IP LTM)

Checkpoint | Palo Alto Networks(PAN)

ITIL | MCSE | LINUX | VMware

Virtulization & Data center | Cloud Computing

Batches

Details of all batches are available

here
To Enroll or For Any Enquiries, Call us at 020-69996069 / 7875549375

Cisco Career Certifications

CiscoPyramind

We offer three levels of network certification: Associate, Professional and Expert, the highest level of accreditation within the Cisco Career Certification program.

Associate Certifications

The Associate level of Cisco Certifications can begin directly with CCNA for network installation, operations and troubleshooting or CCDA for network design. Think of the Associate Level as the foundation level of networking certification.

CCNA Routing & Switching
ccna_routerswitching

Cisco Certified Network Associate (CCNA) Routing and Switching is a certification program for entry-level network engineers that helps maximize your investment in foundational networking knowledge and increase the value of your employer's network. CCNA Routing and Switching is for freshers who want to make a career in networking and for Network Specialists, Network Administrators, and Network Support Engineers with 1-3 years of experience. The CCNA Routing and Switching validates the ability to install, configure, operate, and troubleshoot medium-size routed and switched networks.

Prerequisites: No prerequisites.



Recommended Training: Interconnecting Cisco Networking Devices: Accelerated (CCNAX)



Exams : 200-120 CCNA



Syllabus:



    1.0 Operation of IP Data Networks
  • 1.1   Recognize the purpose and functions of various network devices such as Routers, Switches, Bridges and Hubs
  • 1.2   Select the components required to meet a given network specification.
  • 1.3   Identify common applications and their impact on the network.
  • 1.4   Describe the purpose and basic operation of the protocols in the OSI and TCP/IP.
  • 1.5   Predict the data flow between two hosts across a network.
  • 1.6   Identify the appropriate media, cables, ports, and connectors to connect Cisco network devices to other network devices and hosts.

    2.0 LAN Switching Technologies
  • 2.1   Determine the technology and media access control method for Ethernet networks
  • 2.2   Identify basic switching concepts and the operation of Cisco switches.
  • 2.3   Configure and verify initial switch configuration including remote access management
  • 2.4   Verify network status and switch operation using basic utilities
  • 2.5   Describe how VLANs create logically separate networks and the need for routing between them
  • 2.6   Configure and verify VLANs
  • 2.7   Configure and verify trunking on Cisco switches
  • 2.8   Identify enhanced switching technologies
  • 2.9   Configure and verify PVSTP operation

    3.0 IP addressing (IPv4/IPv6)
  • 3.1   Describe the operation and necessity of using private and public IP addresses for IPv4 addressing
  • 3.2   Identify the appropriate IPv6 addressing scheme to satisfy addressing requirements in a LAN/WAN
  • 3.3   Identify the appropriate IPv4 addressing scheme using VLSM and summarization to satisfy addressing requirements in a LAN/WAN environment
  • 3.4   Describe the technological requirements for running IPv6 in conjunction with IPv4
  • 3.5   Describe IPv6 addresses

    4.0 IP Routing Technologies
  • 4.1   Describe basic routing concepts
  • 4.2   Configure and verify utilizing the CLI to set basic router configuration
  • 4.3   Configure and verify operation status of a device interface
  • 4.4   Verify router configuration and network connectivity using
  • 4.5   Configure and verify routing configuration for a static or default route given specific routing requirements.
  • 4.6   Differentiate methods of routing and routing protocols
  • 4.7   Configure and verify OSPF
  • 4.8   Configure and verify interVLAN routing (Router on a stick)
  • 4.9   Configure SVI interfaces
  • 4.10   Manage Cisco IOS Files
  • 4.11   Configure and verify EIGRP (single AS)

    5.0 IP Services
  • 5.1   Configure and verify DHCP (IOS Router)
  • 5.2   Describe the types, features, and applications of ACLs
  • 5.3   Configure and verify ACLs in a network environment
  • 5.4   Identify the basic operation of NAT
  • 5.5   Configure and verify NAT for given network requirements
  • 5.6   Configure and verify NTP as a client
  • 5.7   Recognize High availability (HSRP/VRRP/GLBP)
  • 5.8   Configure and verify syslog
  • 5.9   Describe SNMP v2 and v3

    6.0 Network Device Security
  • 6.1   Configure and verify network device security
  • 6.2   Configure and verify switch port security
  • 6.3   Configure and verify ACLs to filter network traffic
  • 6.4   Configure and verify an ACLs to limit telnet and SSH access to the router

    7.0 Troubleshooting
  • 7.1   Troubleshoot and correct common problems associated with IP addressing and host configurations
  • 7.2   Troubleshoot and resolve VLAN problems
  • 7.3   Troubleshoot and resolve trunking problems on Cisco switches
  • 7.4   Troubleshoot and resolve ACL issues
  • 7.5   Troubleshoot and resolve Layer 1 problems
  • 7.6   Identify and correct common network problems
  • 7.7   Troubleshoot and resolve spanning tree operation issues
  • 7.8   Troubleshoot and resolve routing issues
  • 7.9   Troubleshoot and resolve OSPF problems
  • 7.10   Troubleshoot and resolve EIGRP problems
  • 7.11   Troubleshoot and resolve interVLAN routing problems
  • 7.12   Troubleshoot and resolve WAN implementation issues
  • 7.13   Monitor NetFlow stastics
  • 7.14   Troubleshoot EtherChannel problems

    8.0 WAN Technologies
  • 8.1   Identify different WAN Technologies
  • 8.2   Configure and verify a basic WAN serial connection
  • 8.3   Configure and verify a PPP connection between Cisco routers
  • 8.4   Configure and verify frame relay on Cisco routers
  • 8.5   Implement and troubleshoot PPPoE

CCNA Security
ccna_security

Cisco Certified Network Associate Security (CCNA Security) validates associate-level knowledge and skills required to secure Cisco networks. With a CCNA Security certification, a network professional demonstrates the skills required to develop a security infrastructure, recognize threats and vulnerabilities to networks, and mitigate security threats. The CCNA Security curriculum emphasizes core security technologies, the installation, troubleshooting and monitoring of network devices to maintain integrity, confidentiality and availability of data and devices, and competency in the technologies that Cisco uses in its security structure.

Prerequisites: Any valid CCNA Routing and Switching, or any CCIE certification can act as a prerequisite.



Recommended Training: Implementing Cisco IOS Network Security (IINS)



Exams : 640-554 IINS



Syllabus:



    1.0 Common Security Threats
  • 1.1   Describe common security threats

    2.0 Security and Cisco Routers
  • 2.1   Implement security on Cisco routers
  • 2.2   Describe securing the control, data, and management plane
  • 2.3   Describe CSM
  • 2.4   Describe IPv4 to IPv6 transition

    3.0 AAA on Cisco Devices
  • 3.1   Implement AAA (authentication, authorization, and accounting)
  • 3.2   Describe TACACS+
  • 3.3   Describe RADIUS
  • 3.4   Describe AAA

    4.0 IOS ACLs
  • 4.1   Describe standard, extended, and named IP IOS ACLs to filter packets
  • 4.2   Describe considerations when building ACLs
  • 4.3   Implement IP ACLs to mitigate threats in a network

    5.0 Secure Network Management and Reporting
  • 5.1   Describe secure network management
  • 5.2   Implement secure network management

    6.0 Common Layer 2 Attacks
  • 6.1   Configure and verify network device security
  • 6.2   Describe VLAN security
  • 6.3   Implement VLANs and trunking
  • 6.4   Implement spanning tree

    7.0 Cisco Firewall Technologies
  • 7.1   Describe operational strengths and weaknesses of the different firewall technologies
  • 7.2   Describe stateful firewalls
  • 7.3   Describe the types of NAT used in firewall technologies
  • 7.4   Implement zone based policy firewall using CCP
  • 7.5   Implement the Cisco Adaptive Security Appliance (ASA)
  • 7.6   Implement Network Address Translation (NAT) and Port Address Translation (PAT)

    8.0 Cisco IPS
  • 8.1   Describe Intrusion Prevention System (IPS) deployment considerations
  • 8.2   Describe IPS technologies
  • 8.3   Configure Cisco IOS IPS using CCP

    9.0 VPN Technologies
  • 9.1   Describe the different methods used in cryptography
  • 9.2   Describe VPN technologies
  • 9.3   Describe the building blocks of IPSec
  • 9.4   Implement an IOS IPSec site-to-site VPN with pre-shared key authentication
  • 9.5   Verify VPN operations
  • 9.6   Implement SSL VPN using ASA device manager

CCNA Service Provider
ccna-service-provider

Cisco Certified Network Associate Service Provider (CCNA SP) certification is for service provider network engineers, technicians and designers who focus on the latest in Service Provider industry core networking technologies and trends. With the ability to configure, implement, and troubleshoot baseline Cisco Service Provider Next-Generation networks, CCNA SP certified individuals deploy, maintain and improve carrier-grade network infrastructures.

Prerequisites: No prerequisites.



Recommended Training: Building Cisco Service Provider Next-Generation Networks, Part 1 (SPNGN1) & Part 2 (SPNGN2)



Exams : 640-875 SPNGN1, 640-878 SPNGN2



Syllabus:



640-875 SPNGN1

    1.0 IP Networks
  • 1.1   Describe the purpose and functions of various network devices (at the core, distribution, and access layers)
  • 1.2   Identify the functional components that are required to meet a given network specification
  • 1.3   Describe the OSI and TCP/IP models and their associated protocols to explain how data flows in a network
  • 1.4   Describe common network applications and their impact on the network
  • 1.5   Interpret network diagrams
  • 1.6   Troubleshoot common network problems at Layers 1, 2, 3, 4, and 7 using a layered-model approach
  • 1.7   Describe differences between LAN and WAN operation and features

    2.0 IPv4 and IPv6 Addressing
  • 2.1   Describe the structure of IPv4 and IPv6 addresses
  • 2.2   Describe VLSM, CIDR and route summarization concepts
  • 2.3   Describe the different types of IPv4 and IPv6 addresses
  • 2.4   Design an IP subnetting plan that is based on given requirements

    3.0 Switched Network Technologies
  • 3.1   Describe bridging concepts and Layer 2 Ethernet frames
  • 3.2   Configure basic spanning tree operations on Cisco IOS switches
  • 3.3   Interpret the output of various basic show and debug commands to verify the operational status of a Cisco switched network
  • 3.4   Configure basic switch security (that is, port security and securing unused ports)
  • 3.5   Describe Ethernet link bundling LACP, PAgP, and Flex Links

    4.0 Routed Network Technologies I
  • 4.1   Describe classful versus classless routing
  • 4.2   Describe routing protocols basics (metrics, IGP versus EGP)
  • 4.3   Describe RIPv1, RIPv2, RIPNG
  • 4.4   Implement EIGRPv4 and EIGRPv6 on Cisco IOS, IOS-XE and IOS-XR routers
  • 4.5   Describe route redistribution
  • 4.6   Describe VRF
  • 4.7   Describe GRE

    5.0 IP Services
  • 5.1   Configure NAT (IPv4) on Cisco routers
  • 5.2   Configure DHCP (IPv4 and IPv6) operations on Cisco routers
  • 5.3   Describe ICMPv4 and ICMPv6
  • 5.4   Describe DNS

    6.0 Cisco Operating Systems and Platforms I
  • 6.1   Implement basic Cisco IOS, IOS-XE, and IOS-XR CLI operations
  • 6.2   Implement basic Cisco IOS, IOS-XE, and IOS-XR routers configurations

    7.0 Transport Technologies
  • 7.1   Describe SONET and SDH
  • 7.2   Describe DWDM, IPoDWDM, and ROADM
  • 7.3   Configure 10 Gigabit Ethernet, 40 Gigabit Ethernet, and 100 Gigabit Ethernet interfaces on Cisco routers
  • 7.4   Describe Frame Relay
  • 7.5   Describe ATM
  • 7.6   Describe Metro Ethernet
  • 7.7   Describe DSL
  • 7.8   Describe T1, T3, E1, E3, and ISDN
  • 7.9   Implement PPP encapsulation on Cisco routers serial and POS interfaces
  • 7.10   Describe cable (DOCSIS)
  • 7.11   Describe the main BRAS and BNG routers functions in IP NGN
  • 7.12   Describe various Passive Optical Network (PON) access technologies and FTTx

    8.0 Security in the Network
  • 8.1   Describe Layer 2 security features on Cisco IOS switches
  • 8.2   Configure management plane security on Cisco routers and IOS switches
  • 8.3   Describe IPsec
  • 8.4   Describe control plane security
  • 8.5   Configure basic AAA (TACACS+ and RADIUS) services on Cisco routers
  • 8.6   Configure routing protocols authentication between Cisco routers
  • 8.7   Describe the relationships between users, user groups, tasks groups and task IDs in IOS-XR
  • 8.8   Describe common types of network attacks

    9.0 Network Management
  • 9.1   Configure NTP server or client on Cisco routers
  • 9.2   Configure IP SLA on Cisco routers
  • 9.3   Configure CDP on Cisco routers and IOS switches
  • 9.4   Configure SNMP on Cisco routers
  • 9.5   Configure NetFlow on Cisco routers
  • 9.6   Configure logging to Syslog server on Cisco routers
  • 9.7   Describe the Cisco IOS Call-Home feature
  • 9.8   Describe Cisco TAC procedure and navigate Cisco support tools (CCO)
  • 9.9   Implement management access (SSH, telnet, and out-of-band management design)
  • 9.10   Implement SPAN, RSPAN, and ERSPAN
  • 9.11   Implement file transfers to manage network devices configurations and images using FTP, SCP, TFTP, SFTP, and RCP



640-878 SPNGN2

    1.0 IP NGN Architecture
  • 1.1   Identify the functional components that are required to meet a given network specification
  • 1.2   Troubleshoot common network problems at Layers 1, 2, 3, 4, and 7 using a layered-model approach
  • 1.3   Describe the different types of service providers
  • 1.4   Describe service provider principal and reference NGN architecture
  • 1.5   Describe the IP address and AS number allocation process via IANA/RIRs

    2.0 Switched Network Technologies II
  • 2.1   Configure enhanced switching technologies (including RSTP, MST, and PVSTP) on Cisco IOS Software switches
  • 2.2   Describe how VLANs create logically separate networks and the need for routing between them
  • 2.3   Configure VLANs on Cisco IOS Software switches
  • 2.4   Configure trunking on Cisco IOS Software switches
  • 2.5   Configure interVLAN routing
  • 2.6   Configure REP on Cisco IOS Software switches
  • 2.7   Configure QinQ on Cisco IOS Software switches

    3.0 Routed Network Technologies II
  • 3.1   Configure basic single area OSPFv2 and OSPFv3 routing on Cisco routers
  • 3.2   Configure basic single area IS-IS routing on Cisco routers
  • 3.3   Describe the differences between static versus dynamic routing, as well as distance vector versus link-state routing protocol operations
  • 3.4   Configure basic BGP routing on Cisco routers
  • 3.5   Describe the address family concept on Cisco routers
  • 3.6   Describe IPv6 transitioning technologies
  • 3.7   Configure first hop router redundancy protocol (HSRP, VRRP, GLBP on Cisco routers
  • 3.8   Implement ACL on Cisco routers
  • 3.9   Describe Carrier Grade NAT and NAT64
  • 3.10   Describe MPLS functions in the SP IP NGN
  • 3.11   Configure LDP on Cisco routers

    4.0 Cisco Operating Systems and Platforms II
  • 4.1   Manage the Cisco IOS XR configurations and software packages
  • 4.2   Describe Cisco IOS XE software packages
  • 4.3   Describe Cisco SP router platforms, their operating system and placement in the SP IP NGN

CCDA
ccda

Cisco Certified Design Associate (CCDA) is for network design engineers, technicians, and support engineers, who enable efficient network environments with an understanding of network design fundamentals. A CCDA certified network professional demonstrates the skills required to design basic campus, data center, security, voice, and wireless networks.

Prerequisites: A valid CCNA Routing and Switching or any CCIE certification can act as a prerequisite.



Recommended Training: Designing for Cisco Internetwork Solutions (DESGN)



Exams : 640-864 DESGN



Syllabus:



    1.0 Describe the Methodology Used to Design a Network
  • 1.1   Describe developing business trends
  • 1.2   Identify network requirements to support the organization
  • 1.3   Describe the tools and process to characterize an existing network
  • 1.4   Describe the top down approach to network design
  • 1.5   Describe network management protocols and features

    2.0 Describe Network Structure and Modularity
  • 2.1   Describe the network hierarchy
  • 2.2   Describe the modular approach in network design
  • 2.3   Describe network architecture for the enterprise

    3.0 Design Basic Enterprise Campus Networks
  • 3.1   Describe campus design considerations
  • 3.2   Design the enterprise campus network
  • 3.3   Design the enterprise data center
  • 3.4   Describe enterprise network virtualization tools

    4.0 Design Enterprise Edge and Remote Network Modules
  • 4.1   Describe the enterprise edge, branch, and teleworker design characteristics
  • 4.2   Describe physical and logical WAN connectivity
  • 4.3   Design the branch office WAN solutions
  • 4.4   Describe access network solutions for a remote worker
  • 4.5   Design the WAN to support selected redundancy methodologies
  • 4.6   Identify Design Considerations for a Remote Data Center

    5.0 Design IP Addressing and Routing Protocols
  • 5.1   Describe IPv4 addressing
  • 5.2   Describe IPv6 addressing
  • 5.3   Identify routing protocol considerations in an enterprise network
  • 5.4   Design a routing protocol deployment

    6.0 Design Network Services
  • 6.1   Describe the security lifecycle
  • 6.2   Identify Cisco technologies to mitigate security vulnerabilities
  • 6.3   Select appropriate Cisco security solutions and deployment placement
  • 6.4   Describe high level voice and video architectures
  • 6.5   Identify the design considerations for voice and video services
  • 6.6   Describe Cisco Unified Wireless Network architectures and features
  • 6.7   Design wireless network using controllers

Professional Certifications

The Professional level is an advanced level of certification that shows more expertise with networking skills. Each certification covers a different technology to meet the needs of varying job roles.

CCNP Routing & Switching
ccnp_routerswitching

Cisco Certified Network Professional (CCNP) validates the ability to plan, implement, verify and troubleshoot local and wide-area enterprise networks and work collaboratively with specialists on advanced security, voice, wireless and video solutions. The CCNP certification is appropriate for those with at least some networking experience who are ready to advance their skills and work independently on complex network solutions. Those who achieve CCNP have demonstrated the skills required in enterprise roles such as network technician, support engineer, systems engineer or network engineer.

Prerequisites: Valid Cisco CCNA Routing and Switching certification or any Cisco CCIE certification can act as a prerequisite.



Recommended Training: Implementing Cisco IP Routing (ROUTE), Implementing Cisco IP Switched Networks (SWITCH), Troubleshooting and Maintaining Cisco IP Networks (TSHOOT)



Exams : 642-902 ROUTE, 642-813 SWITCH, 642-832 TSHOOT



Syllabus:



642-902 ROUTE


    1.0 Implement an EIGRP Based Solution, given a Network Design and a set of Requirements
  • 1.1   Determine network resources needed for implementing EIGRP in a network
  • 1.2   Create an EIGRP implementation plan
  • 1.3   Create an EIGRP verification plan
  • 1.4   Configure EIGRP routing
  • 1.5   Verify EIGRP solution was implemented properly using show and debug commands
  • 1.6   Document the results of EIGRP implementation and verification

    2.0 Implement a Multi-Area OSPF Network, given a Network Design and a set of Requirements
  • 2.1   Determine network resources needed for implementing OSPF in a network
  • 2.2   Create an OSPF implementation plan
  • 2.3   Create an OSPF verification plan
  • 2.4   Configure OSPF routing
  • 2.5   Verify OSPF solution was implemented properly using show and debug commands
  • 2.6   Document the results of OSPF implementation and verification

    3.0 Implement an eBGP Based Solution, given a Network Design and a set of Requirements
  • 3.1   Determine network resources needed for implementing eBGP in a network
  • 3.2   Create an eBGP implementation plan
  • 3.3   Create an eBGP verification plan
  • 3.4   Configure eBGP routing
  • 3.5   Verify eBGP solution was implemented properly using show and debug commands
  • 3.6   Document the results of eBGP implementation and verification

    4.0 Implement an IPv6 Based Solution, given a Network Design and a set of Requirements
  • 4.1   Determine network resources needed for implementing IPv6 in a network
  • 4.2   Create an IPv6 implementation plan
  • 4.3   Create an IPv6 verification plan
  • 4.4   Configure IPv6 routing
  • 4.5   Configure IPv6 interoperation with IPv4
  • 4.6   Verify IPv6 solution was implemented properly using show and debug commands
  • 4.7   Document the results of IPv6 implementation and verification

    5.0 Implement an IPv4 or IPv6 Based Redistribution Solution, given a Network Design and a set of Requirements
  • 5.1   Create a redistribution implementation plan based upon the results from a redistribution analysis
  • 5.2   Create a redistribution verification plan
  • 5.3   Configure a redistribution solution
  • 5.4   Verify that a redistribution was implemented
  • 5.5   Document results of a redistribution implementation and verification plan
  • 5.6   Identify the differences between implementing an IPv4 and IPv6 redistribution solution

    6.0 Implement Layer 3 Path Control Solution
  • 6.1   Create a Layer 3 path control implementation plan based upon the results of the redistribution analysis
  • 6.2   Create a Layer 3 path control verification plan
  • 6.3   Configure Layer 3 path control
  • 6.4   Verify that a Layer 3 path control was implemented
  • 6.5   Document results of a Layer 3 path control implementation and verification plan

    7.0 Implement Basic Teleworker and Branch Services
  • 7.1   Describe broadband technologies
  • 7.2   Configure basic broadband connections
  • 7.3   Describe basic VPN technologies
  • 7.4   Configure GRE
  • 7.5   Describe branch access technologies



642-813 SWITCH


    1.0 Implement VLAN Based Solution, given a Network Design and a set of Requirements
  • 1.1   Determine network resources needed for implementing a VLAN based solution on a network
  • 1.2   Create a VLAN based implementation plan
  • 1.3   Create a VLAN based verification plan
  • 1.4   Configure switch-to-switch connectivity for the VLAN based solution
  • 1.5   Configure loop prevention for the VLAN based solution

    2.0 Implement a Security Extension of a Layer 2 Solution, given a Network Design and a set of Requirements
  • 2.1   Determine network resources needed for implementing a security solution
  • 2.2   Create a implementation plan for the security solution
  • 2.3   Create a verification plan for the security solution
  • 2.4   Configure port security features
  • 2.5   Configure general switch security features
  • 2.6   Configure private VLANs
  • 2.7   Configure VACL and PACL
  • 2.8   Verify the Security based solution was implemented properly using show and debug commands
  • 2.9   Document results of security implementation and verification

    3.0 Implement Switch Based Layer 3 Services, given a Network Design and a set of Requirements
  • 3.1   Determine network resources needed for implementing a Switch based Layer 3 solution
  • 3.2   Create an implementation plan for the Switch based Layer 3 solution
  • 3.3   Create a verification plan for the Switch based Layer 3 solution
  • 3.4   Configure routing interfaces
  • 3.5   Configure Layer 3 Security
  • 3.6   Verify the Switch based Layer 3 solution was implemented properly using show and debug commands
  • 3.7   Document results of Switch based Layer 3 implementation and verification

    4.0 Prepare infrastructure to Support Advanced Services
  • 4.1   Implement a Wireless Extension of a Layer 2 solution
  • 4.2   Implement a VoIP support solution
  • 4.3   Implement video support solution

    5.0 Implement High Availability, given a Network Design and a set of Requirements
  • 5.1   Determine network resources needed for implementing High Availability on a network
  • 5.2   Create a High Availability implementation plan
  • 5.3   Create a High Availability verification plan
  • 5.4   Implement first hop redundancy protocols
  • 5.5   Implement switch supervisor redundancy
  • 5.6   Verify High Availability solution was implemented properly using show and debug commands
  • 5.7  Document results of High Availability implementation and verification



642-832 TSHOOT


    1.0 Maintain and Monitor Network Performance
  • 1.1   Develop a plan to monitor and manage a network
  • 1.2   Perform network monitoring using IOS tools
  • 1.3   Perform routine IOS device maintenance
  • 1.4   Isolate sub-optimal internetwork operation at the correctly defined OSI Model layer

    2.0 Troubleshoot Multi Protocol System Networks
  • 2.1   Troubleshoot EIGRP
  • 2.2   Troubleshoot OSPF
  • 2.3   Troubleshoot eBGP
  • 2.4   Troubleshoot routing redistribution solution
  • 2.5   Troubleshoot a DHCP client and server solution
  • 2.6   Troubleshoot NAT
  • 2.7   Troubleshoot first hop redundancy protocols
  • 2.8   Troubleshoot IPv6 routing
  • 2.9   Troubleshoot IPv6 and IPv4 interoperability
  • 2.10   Troubleshoot switch-to-switch connectivity for the VLAN based solution
  • 2.11   Troubleshoot loop prevention for the VLAN based solution
  • 2.12   Troubleshoot Access Ports for the VLAN based solution
  • 2.13   Troubleshoot private VLANS
  • 2.14   Troubleshoot port security
  • 2.14   Troubleshoot general switch security
  • 2.16   Troubleshoot VACLs and PACLs
  • 2.17   Troubleshoot switch virtual interfaces (SVIs)
  • 2.18   Troubleshoot switch supervisor redundancy
  • 2.19   Troubleshoot switch support of advanced services (i.e., Wireless, VoIP and Video)
  • 2.20   Troubleshoot a VoIP support solution
  • 2.21   Troubleshoot a video support solution
  • 2.22   Troubleshoot Layer 3 Security
  • 2.23   Troubleshoot issues related to ACLs used to secure access to Cisco routers
  • 2.24   Troubleshoot configuration issues related to accessing the AAA server for authentication purposes
  • 2.25   Troubleshoot security issues related to IOS services (i.e.,finger,NTP, HTTP, FTP, RCP etc.)

CCNP Security
ccnp_security

Cisco Certified Network Professional Security (CCNP Security) certification program is aligned specifically to the job role of the Cisco Network Security Engineer responsible for Security in Routers, Switches, Networking devices and appliances, as well as choosing, deploying, supporting and troubleshooting Firewalls, VPNS, and IDS/IPS solutions for their networking environments.

Prerequisites: Valid CCNA Security Certification or any CCIE Certification can act as a prerequisite.



Recommended Training: Implementing Cisco Secure Access Solutions (SISAS), Implementing Cisco Edge Network Security Solutions (SENSS), Implementing Cisco Secure Mobility Solutions (SIMOS), Implementing Cisco Threat Control Solutions (SITCS)



Exams : 300-208 SISAS, 300-206 SENSS, 300-209 SIMOS, 300-207 SITCS



Syllabus:



300-208 SISAS


    1.0 Identity Management/Secure Access
  • 1.1   Implement Device Administration
  • 1.2   Describe Identity Management
  • 1.3   Implement Wired/Wireless 802.1x
  • 1.4   Implement MAB
  • 1.5   Implement Network Authorization Enforcement
  • 1.6   Implement central web authorization
  • 1.7   Implement profiling
  • 1.8   Implement guest services
  • 1.9   Implement posturing
  • 1.10   Implement BYOD access

    2.0 Threat Defense
  • 2.1   Implement Firewall

    3.0 Troubleshooting, Monitoring and Reporting Tools
  • 3.1   Troubleshoot identity management solutions

    4.0 Threat Defense Architectures
  • 4.1   Design secure wireless solution

    5.0 Identity Management Architectures
  • 5.1   Design AAA security solution
  • 5.2   Design Profiling security solution
  • 5.3   Design Posturing security solution
  • 5.4   Design BYOD security solution
  • 5.5   Design Device administration security solution
  • 5.6   Design Guest services security solution



300-206 SENSS


    1.0 Threat Defense
  • 1.1   Implement Firewall
  • 1.2   Implement Layer 2 security
  • 1.3   Configure device hardening per best practices
  • 1.4   Implement Firewalls

    2.0 Cisco Security Devices GUIs and Secured CLI Management
  • 2.1   Implement SSHv2, SSL, SNMPv3 access on the network devices
  • 2.2   Implement RBAC on the ASA/IOS CLI and on ASDM
  • 2.3   Describe Cisco Prime Infrastructure
  • 2.4   Describe CSM
  • 2.5   Implement device managers

    3.0 Management Services on Cisco Devices
  • 3.1   Implement NetFlow exporter
  • 3.2   Implement SNMPv3
  • 3.3   Implement logging
  • 3.4   Implement NTP with authentication
  • 3.5   Describe CDP, DNS, SCP, SFTP, and DHCP

    4.0 Troubleshooting, Monitoring and Reporting Tools
  • 4.1   Monitor firewall using analysis of packet tracer, packet capture, and syslog

    5.0 Threat Defense Architectures
  • 5.1   Design a firewall solution
  • 5.2   Design Layer 2 security solution

    6.0 Security Components and Considerations
  • 6.1   Describe security operations management architecture
  • 6.2   Describe Data Center Security components and considerations
  • 6.3   Describe Collaboration security components and considerations
  • 6.4   Describe common IPv6 security considerations



300-209 SIMOS


    1.0 Secure Communications
  • 1.1   Implement Site to Site VPNs on Routers and Firewalls
  • 1.2   Implement remote access VPNs on Routers and Firewalls
  • 1.3   Implement Site to Site VPNs on Routers and Firewall
  • 1.4   Implement remote access VPNs on Routers and Firewalls

    2.0 Troubleshooting, Monitoring and Reporting Tools
  • 2.1   Analyze syslog and VPN debug logs via ASDM

    3.0 Secure Communications Architectures
  • 3.1   Design site-to-site VPN solution
  • 3.2   Design remote access VPN solution
  • 3.3   Describe encryption, hashing, iNGE



300-207 SITCS


    1.0 Content Security
  • 1.1   Implement Cisco CX
  • 1.2   Implement Cisco Cloud Web Security
  • 1.3   Implement Cisco WSA
  • 1.4   Implement Cisco ESA

    2.0 Threat Defense
  • 2.1   Implement network IPS
  • 2.2   Configure Device Hardening per Best Practices
  • 2.3   Implement anomaly detection

    3.0 Devices GUIs and Secured CLI
  • 3.1   Implement Content Security

    4.0 Troubleshooting, Monitoring and Reporting Tools
  • 4.1   Configure IME and IP logging for IPS
  • 4.2   Monitor Content Security
  • 4.3   Monitor Cisco Security intelliShield

    5.0 Threat Defense Architectures
  • 5.1   CDesign IPS solution

    6.0 Content Security Architectures
  • 6.1   Design web security solution
  • 6.2   Design email security solution
  • 6.3   Design application security solution

CCNP Service Provider
ccnp-service-provider

The Cisco Certified Network Professional Service Provider (CCNP Service Provider) certification is for service provider network engineers, systems engineers, and network specialists who are responsible for delivering a scalable carrier-grade infrastructure capable of rapid expansion to support ongoing introduction of new managed services and other customer requirements.

Prerequisites: Valid Cisco CCNA Service Provider, or any CCIE Certification can act as a prerequisite.



Recommended Training: Deploying Cisco Service Provider Network Routing (SPROUTE), Deploying Cisco Service Provider Advanced Routing (SPADVROUTE), Implementing Cisco Service Provider Next-Generation Core Network Services (SPCORE), Implementing Cisco Service Provider Next-Generation Edge Network Services (SPEDGE)



Exams : 642-883 SPROUTE, 642-885 SPADVROUTE, 642-887 SPCORE, 642-889 SPEDGE



Syllabus:



642-883 SPROUTE


    1.0 OSPFv2 and OSPFv3 Routing in Service Provider Environments
  • 1.1   Describe multi-area OSPFv2 and OSPFv3 operations
  • 1.2   Implement multi-area OSPFv2 and OSPFv3 on IOS-XR and IOS-XE
  • 1.3   Implement different OSPF areas (stubby, totally stubby, NSSA) on IOS-XR and IOS-XE
  • 1.4   Implement OSPF neighbor authentication on IOS-XR and IOS-XE
  • 1.5   Troubleshoot OSPF IOS-XR and IOS-XE configuration errors

    2.0 IS-IS, IPv4, and IPv6 in Service Provider Environments
  • 2.1   Describe multi-area IS-IS operations
  • 2.2   Implement multi-area IS-IS for IPv4 and IPv6 on IOS-XR and IOS-XE
  • 2.3   Implement IS-IS neighbor authentication on IOS-XR and IOS-XE
  • 2.3   Troubleshoot IS-IS IOS-XR and IOS-XE configuration errors

    BGP Routing in Service Provider Environments
  • 3.1   Describe the Internet routing hierarchy: Network Service Providers (NSP), Network Access Point (NAP), ISP Tiers (Tier 1, 2 and 3)
  • 3.2   Describe connectivity between an enterprise network and an SP that requires the use of BGP
  • 3.3   Describe connectivity between a SP and upstream SPs
  • 3.4   Describe BGP transit AS operations
  • 3.5   Implement EBGP and IBGP on IOS-XR and IOS-XE
  • 3.6   Implement BGP neighbor authentication on IOS-XR and IOS-XE
  • 3.7   Optimize BGP IOS-XR configurations using af-groups, session-groups, and neighbor-groups
  • 3.8   Optimize BGP IOS-XE configurations using peer-groups
  • 3.9   Influence BGP route selection by using various BGP attributes on IOS-XR and IOS-XE
  • 3.10   Troubleshoot BGP IOS-XR and IOS-XE configuration errors

    4.0 Route Manipulations in Service Provider Environments
  • 4.1   Implement Routing Policy Language (RPL) to configure a desired routing policy on IOS-XR
  • 4.2   Implement Route-Maps to configure a desired routing policy on IOS-XE
  • 4.3   Implement route filterings using prefix-list, distribute-list, and as-path list on IOS-XEs
  • 4.4   Implement route redistributions on IOS-XR and IOS-XE

    5.0 High Availability Routing Features
  • 5.1   Implement NSF/NSR/Graceful Restart for OSPF on IOS-XR and IOS-XE
  • 5.2   Implement NSF/NSR/Graceful Restart for IS-IS on IOS-XR and IOS-XE
  • 5.3   Implement Bidirectional Forwarding Detection (BFD) for OSPF on IOS-XR and IOS-XE
  • 5.4   Implement Bidirectional Forwarding Detection (BFD) for IS-IS on IOS-XR and IOS-XE



642-885 SPADVROUTE


    1.0 BGP Routing Features in a Service Provider IP NGN Environment
  • 1.1   Describe the BGP routing processes in IOS-XR
  • 1.2   Configure the BGP timers on IOS-XR and IOS-XE
  • 1.3   Describe the need for BGP confederations in BGP transit backbones
  • 1.4   Design and implement BGP route reflectors to scale IBGP in BGP transit backbones on IOS-XR and IOS-XE
  • 1.5   Implement BGP in SP IP NGN IOS-XR and IOS-XE PE routers to support multi-homed BGP Customers
  • 1.6   Implement Remote Triggered Blackhole Filtering (RTBF) on IOS-XR and IOS-XE
  • 1.7   Implement BGP TTL security on IOS-XR and IOS-XE
  • 1.8   Implement BGP maximum-prefix on IOS-XR and IOS-XE
  • 1.9   Implement BGP route dampening on IOS-XR and IOS-XE
  • 1.10   Troubleshoot BGP IOS-XR and IOS-XE configuration errors in service provider environments
  • 1.11   Optimize BGP IOS-XR configurations using af-groups, session-groups, and neighbor-groups
  • 1.12   Optimize BGP IOS-XE configurations using peer-groups

    2.0 Multicast Routing in a Service Provider IP NGN Environment
  • 2.1   Describe Multicast Concepts (multicast distribution trees, multicast routing protocols and IGMP operations)
  • 2.2   Describe Any-source multicast (ASM) versus Source Specific Multicast (SSM)
  • 2.3   Describe Intra Domain versus Inter Domain Multicast Routing
  • 2.4   Describe the mapping of multicast IP addresses to MAC addresses
  • 2.5   Describe and illustrate how RFP check can fail if the unicast and multicast topologies are non-congruent
  • 2.6   Describe multiprotocol BGP functions in mroute distribution
  • 2.7   Describe the principles and operations of PIM-SM
  • 2.8   Describe multicast source discovery protocol (MSDP) operations
  • 2.9   Describe methods used to secure multicast
  • 2.10   Implement PIM-SM operations on IOS-XR and IOS-XE
  • 2.11   Implement Auto-RP, PIMv2 BSR, Anycast RP on IOS-XR and IOS-XE
  • 2.12   Implement Bi-Dir PIM operations in SP IP NGN environment on IOS-XR and IOS-XE
  • 2.13   Implement SSM operations on IOS-XR and IOS-XE
  • 2.14   Implement MSDP operations on IOS-XR and IOS-XE
  • 2.14  Troubleshoot multicast routing IOS-XR and IOS-XE configurations errors in service provider environments

    3.0 IPv6 in a Service Provider IP NGN Environment
  • 3.1   Describe DNS and DHCP operation in IPv6
  • 3.2   Describe the fields that are used in the IPv6 header to support QoS functions
  • 3.3   Describe Cisco IOS/IOS-XE and IOS-XR IPv6 network management and troubleshooting tools like traceroute/ping
  • 3.4   Describe dual-stack implementations
  • 3.5   Describe IPv6 tunneling mechanisms
  • 3.6   Configure IPv6 multicast routing
  • 3.7   Configure static IPv6-in-IPv4 tunnels on IOS-XR and IOS-XE
  • 3.8   Configure dynamic 6to4 tunnels on IOS-XR and IOS-XE

    4.0 High Availability Routing Features
  • 4.1   Implement NSF/NSR/Graceful Restart for BGP on IOS-XR and IOS-XE
  • 4.2   Implement Bidirectional Forwarding Detection (BFD) for BGP on IOS-XR and IOS-XE
  • 4.3   Implement high availability and optimization multicast routing features on IOS-XR and IOS-XE



642-887 SPCORE


    1.0 VPN in Service Provider IP NGN Environments
  • 1.1   Describe VPN implementation models (overlay, peer-to-peer)
  • 1.2   Describe VPN technologies (L2TPv3, GRE, IPsec VPN, SSLVPN, DMVPN, GETVPN)
  • 1.3   Describe layer 2 vs layer 3 VPNs

    2.0 MPLS layer 3 VPNs in Service Provider IP NGN Environments
  • 2.1   Describe MPLS layer 3 VPN architecture and operations (RDs, RTs, VRFs, MP-BGP, PE-CE routing)
  • 2.2   Describe the design models for combining Internet access with MPLS Layer 3 VPN services Manager
  • 2.3   Describe the various methods used to deploy IPv6 over MPLS (6PE and 6VPE)
  • 2.4   Implement MP-BGP between PE routers on IOS-XR and IOS-XE
  • 2.5   Implement PE-CE routings (static, EIGRP, OSPF , BGP) on IOS-XR and IOS-XE
  • 2.6   Implement complex MPLS layer 3 VPNs on IOS-XR and IOS-XE
  • 2.7   Implement carrier supporting carrier (CSC) on IOS-XR and IOS-XE
  • 2.8   Troubleshoot MPLS layer 3 VPNs IOS-XR and IOS-XE configuration errors in service provider environments

    3.0 Layer 2 VPNs in Service Provider IP NGN Environments
  • 3.1   Describe L2TPv3 VPNs over an IP core network
  • 3.2   Describe layer 2 VPNs (AToM and VPLS) over an IP/MPLS core network
  • 3.3   Describe AToM Interworking
  • 3.4   Implement AToM on IOS-XR and IOS-XE

    4.0 Carrier Ethernet in Service Provider IP NGN Environments
  • 4.1   Describe Carrier Ethernet forums and standards (MEF, IEEE, IETF)
  • 4.2   Describe the concepts of User PE (U-PE) and Network PE (N-PE)
  • 4.3   Describe E-Line vs E-LAN vs E-Tree
  • 4.4   Describe QinQ tunneling
  • 4.5   Describe Provider Backbone Bridge (PBB - aka MAC-in-MAC)
  • 4.6   Describe VPWS vs VPLS
  • 4.7   Describe VPLS vs H-VPLS
  • 4.8   Describe VPLS signaling using LDP or BGP
  • 4.9   Implement QinQ on Cisco ME 3400 switches
  • 4.10   Implement VPLS on IOS-XR and IOS-XE



642-889 SPEDGE


    1.0 VPN in Service Provider IP NGN Environments
  • 1.1   Describe VPN implementation models (overlay, peer-to-peer)
  • 1.2   Describe VPN technologies (L2TPv3, GRE, IPsec VPN, SSLVPN, DMVPN, GETVPN)
  • 1.3   Describe layer 2 vs layer 3 VPNs

    2.0 MPLS layer 3 VPNs in Service Provider IP NGN Environments
  • 2.1   Describe MPLS layer 3 VPN architecture and operations (RDs, RTs, VRFs, MP-BGP, PE-CE routing)
  • 2.2   Describe the design models for combining Internet access with MPLS Layer 3 VPN services Manager
  • 2.3   Describe the various methods used to deploy IPv6 over MPLS (6PE and 6VPE)
  • 2.4   Implement MP-BGP between PE routers on IOS-XR and IOS-XE
  • 2.5   Implement PE-CE routings (static, EIGRP, OSPF , BGP) on IOS-XR and IOS-XE
  • 2.6   Implement complex MPLS layer 3 VPNs on IOS-XR and IOS-XE
  • 2.7   Implement carrier supporting carrier (CSC) on IOS-XR and IOS-XE
  • 2.8   Troubleshoot MPLS layer 3 VPNs IOS-XR and IOS-XE configuration errors in service provider environments

    3.0 Layer 2 VPNs in Service Provider IP NGN Environments
  • 3.1   Describe L2TPv3 VPNs over an IP core network
  • 2.2   Describe layer 2 VPNs (AToM and VPLS) over an IP/MPLS core network
  • 3.3   Describe AToM Interworking
  • 3.4   Implement AToM on IOS-XR and IOS-XE

    4.0 Carrier Ethernet in Service Provider IP NGN Environments
  • 4.1   Describe Carrier Ethernet forums and standards (MEF, IEEE, IETF)
  • 4.2   Describe the concepts of User PE (U-PE) and Network PE (N-PE)
  • 4.3   Describe E-Line vs E-LAN vs E-Tree
  • 4.4   Describe QinQ tunneling
  • 4.5   Describe Provider Backbone Bridge (PBB - aka MAC-in-MAC)
  • 4.6   Describe VPWS vs VPLS
  • 4.7   Describe VPLS vs H-VPLS
  • 4.8   Describe VPLS signaling using LDP or BGP
  • 4.9   Implement QinQ on Cisco ME 3400 switches
  • 4.10   Implement VPLS on IOS-XR and IOS-XE

CCDP
ccdp

Cisco Certified Design Professional (CCDP) certification is for senior network design engineers, senior analysts, and principal systems engineers, who discuss, design, and create advanced addressing and routing, security, data center, and IP multicast multi-layered enterprise architectures. This includes virtual private networking and wireless domains and it focuses on the design components of larger networks. The CCDP curriculum includes building scalable internetworks and multilayer-switched networks, and designing network service architecture.

Prerequisites: Valid Cisco CCDA and CCNA Routing and Switching or any Cisco CCIE certification can act as a prerequisite.



Recommended Training: Implementing Cisco IP Routing (ROUTE), Implementing Cisco IP Switched Networks (SWITCH), Designing Cisco Network Service Architectures (ARCH)



Exams : 642-902 ROUTE, 642-813 SWITCH, 642-874 ARCH



Syllabus:



642-902 ROUTE


    1.0 Implement an EIGRP Based Solution, given a Network Design and a set of Requirements
  • 1.1   Determine network resources needed for implementing EIGRP in a network
  • 1.2   Create an EIGRP implementation plan
  • 1.3   Create an EIGRP verification plan
  • 1.4   Configure EIGRP routing
  • 1.5   Verify EIGRP solution was implemented properly using show and debug commands
  • 1.6   Document the results of EIGRP implementation and verification

    2.0 Implement a Multi-Area OSPF Network, given a Network Design and a set of Requirements
  • 2.1   Determine network resources needed for implementing OSPF in a network
  • 2.2   Create an OSPF implementation plan
  • 2.3   Create an OSPF verification plan
  • 2.4   Configure OSPF routing
  • 2.5   Verify OSPF solution was implemented properly using show and debug commands
  • 2.6   Document the results of OSPF implementation and verification

    3.0 Implement an eBGP Based Solution, given a Network Design and a set of Requirements
  • 3.1   Determine network resources needed for implementing eBGP in a network
  • 3.2   Create an eBGP implementation plan
  • 3.3   Create an eBGP verification plan
  • 3.4   Configure eBGP routing
  • 3.5   Verify eBGP solution was implemented properly using show and debug commands
  • 3.6   Document the results of eBGP implementation and verification

    4.0 Implement an IPv6 Based Solution, given a Network Design and a set of Requirements
  • 4.1   Determine network resources needed for implementing IPv6 in a network
  • 4.2   Create an IPv6 implementation plan
  • 4.3   Create an IPv6 verification plan
  • 4.4   Configure IPv6 routing
  • 4.5   Configure IPv6 interoperation with IPv4
  • 4.6   Verify IPv6 solution was implemented properly using show and debug commands
  • 4.7   Document the results of IPv6 implementation and verification

    5.0 Implement an IPv4 or IPv6 Based Redistribution Solution, given a Network Design and a set of Requirements
  • 5.1   Create a redistribution implementation plan based upon the results from a redistribution analysis
  • 5.2   Create a redistribution verification plan
  • 5.3   Configure a redistribution solution
  • 5.4   Verify that a redistribution was implemented
  • 5.5   Document results of a redistribution implementation and verification plan
  • 5.6   Identify the differences between implementing an IPv4 and IPv6 redistribution solution

    6.0 Implement Layer 3 Path Control Solution
  • 6.1   Create a Layer 3 path control implementation plan based upon the results of the redistribution analysis
  • 6.2   Create a Layer 3 path control verification plan
  • 6.3   Configure Layer 3 path control
  • 6.4   Verify that a Layer 3 path control was implemented
  • 6.5   Document results of a Layer 3 path control implementation and verification plan

    7.0 Implement Basic Teleworker and Branch Services
  • 7.1   Describe broadband technologies
  • 7.2   Configure basic broadband connections
  • 7.3   Describe basic VPN technologies
  • 7.4   Configure GRE
  • 7.5   Describe branch access technologies



642-813 SWITCH


    1.0 Implement VLAN Based Solution, given a Network Design and a set of Requirements
  • 1.1   Determine network resources needed for implementing a VLAN based solution on a network
  • 1.2   Create a VLAN based implementation plan
  • 1.3   Create a VLAN based verification plan
  • 1.4   Configure switch-to-switch connectivity for the VLAN based solution
  • 1.5   Configure loop prevention for the VLAN based solution

    2.0 Implement a Security Extension of a Layer 2 Solution, given a Network Design and a set of Requirements
  • 2.1   Determine network resources needed for implementing a security solution
  • 2.2   Create a implementation plan for the security solution
  • 2.3   Create a verification plan for the security solution
  • 2.4   Configure port security features
  • 2.5   Configure general switch security features
  • 2.6   Configure private VLANs
  • 2.7   Configure VACL and PACL
  • 2.8   Verify the Security based solution was implemented properly using show and debug commands
  • 2.9   Document results of security implementation and verification

    3.0 Implement Switch Based Layer 3 Services, given a Network Design and a set of Requirements
  • 3.1   Determine network resources needed for implementing a Switch based Layer 3 solution
  • 3.2   Create an implementation plan for the Switch based Layer 3 solution
  • 3.3   Create a verification plan for the Switch based Layer 3 solution
  • 3.4   Configure routing interfaces
  • 3.5   Configure Layer 3 Security
  • 3.6   Verify the Switch based Layer 3 solution was implemented properly using show and debug commands
  • 3.7   Document results of Switch based Layer 3 implementation and verification

    4.0 Prepare infrastructure to Support Advanced Services
  • 4.1   Implement a Wireless Extension of a Layer 2 solution
  • 4.2   Implement a VoIP support solution
  • 4.3   Implement video support solution

    5.0 Implement High Availability, given a Network Design and a set of Requirements
  • 5.1   Determine network resources needed for implementing High Availability on a network
  • 5.2   Create a High Availability implementation plan
  • 5.3   Create a High Availability verification plan
  • 5.4   Implement first hop redundancy protocols
  • 5.5   Implement switch supervisor redundancy
  • 5.6   Verify High Availability solution was implemented properly using show and debug commands
  • 5.7  Document results of High Availability implementation and verification



642-874 ARCH


    1.0 Design Advanced Enterprise Campus Networks
  • 1.1   Design for high availability in enterprise networks
  • 1.2   Design Layer 2 and Layer 3 campus infrastructures using best practices
  • 1.3   Describe enterprise network virtualization considerations
  • 1.4   Design for infrastructure services
  • 1.5   Identify network management capabilities in Cisco IOS Software

    2.0 Design Advanced IP Addressing and Routing Solutions for Enterprise Networks
  • 2.1   Create summarizable and structured addressing designs
  • 2.2   Describe IPv6 for campus design considerations
  • 2.3   Create stable and scalable routing designs for EIGRP for IPv4
  • 2.4   Describe IPv4 multicast routing
  • 2.5   Create IPv4 multicast services and security designs
  • 2.6   Create stable and scalable routing designs for OSPF for IPv4
  • 2.7   Create stable and scalable routing designs for BGP for IPv4

    3.0 Design WAN Services for Enterprise Networks
  • 3.1   Describe Layer 1 - 3 WAN connectivity options
  • 3.2   Describe IPsec VPN technology options
  • 3.3   Evaluate WAN service provider design considerations
  • 3.4   Create site-to-site VPNs designs with appropriate technologies, scaling, and topologies

    4.0 Design an Enterprise Data Center
  • 4.1   Describe data center network infrastructure best practices
  • 4.2   Describe the components and technologies of a SAN network
  • 4.3   Describe integrated fabric designs using Cisco Nexus technology
  • 4.4   Describe network and server virtualization technologies for the data center
  • 4.5   Create an effective e-commerce design
  • 4.6   Design a high availability data center network that is modular and flexible

    5.0 Design Security Services
  • 5.1   Create firewall designs
  • 5.2   Create NAC appliance designs
  • 5.3   Create IPS/IDS designs
  • 5.4   Create remote access VPN designs for the teleworker

Expert Certifications

The Cisco Certified Internetwork Expert (CCIE) certification is accepted worldwide as the most prestigious networking certification in the industry.

CCIE Routing & Switching
ccie_routerswitching

Cisco Certified Internetwork Expert Routing and Switching (CCIE Routing and Switching) certifies the skills required of expert-level network engineers to plan, operate and troubleshoot complex, converged network infrastructure.

Prerequisites: There are no formal prerequisites for CCIE certification. Other professional certifications or training courses are not required. Instead, candidates must first pass a written qualification exam and then the corresponding hands-on lab exam.



Recommended Training: SolutionEdge Executive Learning Program for CCIE Routing and Switching is a complete, blended learning program to accelerate competency and build the skills that are necessary for expert certification.



Exams : CCIE Routing and Switching Written Exam Version 5.0 (400-101), CCIE Routing and Switching Lab Exam Version 5.0



Syllabus:



Written Exam Version 5.0 (400-101)


Exam Description: The Cisco CCIE Routing and Switching Written Exam (400-101) version 5.0 is a 2-hour test with 90-110 questions that will validate that professionals have the expertise to: configure, validate, and troubleshoot complex enterprise network infrastructure; understand how infrastructure components interoperate; and translate functional requirements into specific device configurations.


    1.0 Network Principles
  • 1.1   Network theory
  • 1.1.a   Describe basic software architecture differences between IOS and IOS XE
  • 1.1.b   Identify Cisco express forwarding concepts
  • 1.1.c   Explain general network challenges
  • 1.1.d   Explain IP operations
  • 1.1.e   Explain TCP operations
  • 1.1.f   Explain UDP operations
  • 1.2   Network implementation and operation
  • 1.2.a   Evaluate proposed changes to a network
  • 1.3   Network troubleshooting
  • 1.3.a   Use IOS troubleshooting tools
  • 1.3.b   Apply troubleshooting methodologies
  • 1.3.c   Interpret packet capture

    2.0 Layer 2 Technologies
  • 2.1   LAN switching technologies
  • 2.1.a   Implement and troubleshoot switch administration
  • 2.1.b   Implement and troubleshoot layer 2 protocols
  • 2.1.c   Implement and troubleshoot VLAN
  • 2.1.d   Implement and troubleshoot trunking
  • 2.1.e   Implement and troubleshoot EtherChannel
  • 2.1.f   Implement and troubleshoot spanning-tree
  • 2.1.g   Implement and troubleshoot other LAN switching technologies
  • 2.1.h   Describe chassis virtualization and aggregation technologies
  • 2.1.i   Describe spanning-tree concepts
  • 2.2   Layer 2 multicast
  • 2.2.a   Implement and troubleshoot IGMP
  • 2.2.b   Explain MLD
  • 2.2.c   Explain PIM snooping
  • 2.3   Layer 2 WAN circuit technologies
  • 2.3.a   Implement and troubleshoot HDLC
  • 2.3.b   Implement and troubleshoot PPP
  • 2.3.c   Describe WAN rate-based ethernet circuits

    3.0 Layer 3 Technologies
  • 3.1   Addressing technologies
  • 3.1.a   Identify, implement and troubleshoot IPv4 addressing and subnetting
  • 3.1.b   Identify, implement and troubleshoot IPv6 addressing and subnetting
  • 3.2   Layer 3 multicast
  • 3.2.a   Troubleshoot reverse path forwarding
  • 3.2.b   Implement and troubleshoot IPv4 protocol independent multicast
  • 3.2.c   Implement and troubleshoot multicast source discovery protocol
  • 3.2.d   Describe IPv6 multicast
  • 3.3   Fundamental routing concepts
  • 3.3.a   Implement and troubleshoot static routing
  • 3.3.b   Implement and troubleshoot default routing
  • 3.3.c   Compare routing protocol types
  • 3.3.d   Implement, optimize and troubleshoot administrative distance
  • 3.3.e   Implement and troubleshoot passive interface
  • 3.3.f   Implement and troubleshoot VRF lite
  • 3.3.g   Implement, optimize and troubleshoot filtering with any routing protocol
  • 3.3.h   Implement, optimize and troubleshoot redistribution between any routing protocol
  • 3.3.i   Implement, optimize and troubleshoot manual and auto summarization with any routing protocol
  • 3.3.j   Implement, optimize and troubleshoot policy-based routing
  • 3.3.k   Identify and troubleshoot sub-optimal routing
  • 3.3.l   Implement and troubleshoot bidirectional forwarding detection
  • 3.3.m   Implement and troubleshoot loop prevention mechanisms
  • 3.3.n   Implement and troubleshoot routing protocol authentication
  • 3.4   Implement and troubleshoot RIPv2 & RIPng
  • 3.5   EIGRP (for IPv4 and IPv6)
  • 3.5.a   Describe packet types
  • 3.5.b   Implement and troubleshoot neighbor relationship
  • 3.5.c   Implement and troubleshoot loop free path selection
  • 3.5.d   Implement and troubleshoot operations
  • 3.5.e   Implement and troubleshoot EIGRP stub
  • 3.5.f   Implement and troubleshoot load-balancing
  • 3.5.g   Implement EIGRP (multi-address) named mode
  • 3.5.h   Implement, troubleshoot and optimize EIGRP convergence and scalability
  • 3.6   OSPF (v2 and v3)
  • 3.6.a   Describe packet types
  • 3.6.b   Implement and troubleshoot neighbor relationship
  • 3.6.c   Implement and troubleshoot OSPFv3 address-family support
  • 3.6.d   Implement and troubleshoot network types, area types and router types
  • 3.6.e   Implement and troubleshoot path preference
  • 3.6.f   Implement and troubleshoot operations
  • 3.6.g   Implement, troubleshoot and optimize OSPF convergence and scalability
  • 3.7   BGP
  • 3.7.a   Describe, implement and troubleshoot peer relationships
  • 3.7.b   Implement and troubleshoot IBGP and EBGP
  • 3.7.c   Explain attributes and best-path selection
  • 3.7.d   Implement, optimize and troubleshoot routing policies
  • 3.7.e   Implement and troubleshoot scalability
  • 3.7.f   Implement and troubleshoot multiproctocol BGP
  • 3.7.g   Implement and troubleshoot AS path manipulations
  • 3.7.h   Implement and troubleshoot other features
  • 3.7.i   Describe BGP fast convergence features
  • 3.8   ISIS (for IPv4 and IPv6)
  • 3.8.a   Describe basic ISIS network
  • 3.8.b   Describe neighbor relationship
  • 3.8.c   Describe network types, levels and router types
  • 3.8.d   Describe operations
  • 3.8.e   Describe optimization features

    4.0 VPN Technologies
  • 4.1   Tunneling
  • 4.1.a   Implement and troubleshoot MPLS operations
  • 4.1.b   Implement and troubleshoot basic MPLS L3VPN
  • 4.1.c   Implement and troubleshoot encapsulation
  • 4.1.d   Implement and troubleshoot DMVPN (single hub)
  • 4.1.e   Describe IPv6 tunneling techniques
  • 4.1.f   Describe basic layer 2 VPN wireline
  • 4.1.g   Describe basic L2VPN LAN services
  • 4.2   Encryption
  • 4.2.a   Implement and troubleshoot IPsec with preshared key
  • 4.2.b   Describe GET VPN

    5.0 Infrastructure Security
  • 5.1   Device security
  • 5.1.a   Implement and troubleshoot IOS AAA using local database
  • 5.1.b   Implement and troubleshoot device access control
  • 5.1.c   Implement and troubleshoot control plane policing
  • 5.1.d   Describe device security using IOS AAA with TACACS+ and RADIUS
  • 5.2   Network security
  • 5.2.a   Implement and troubleshoot switch security features
  • 5.2.b   Implement and troubleshoot router security features
  • 5.2.c   Implement and troubleshoot IPv6 first hop security
  • 5.2.d   Describe 802.1x

    6.0 Infrastructure Services
  • 6.1   System management
  • 6.1.a   Implement and troubleshoot device management
  • 6.1.b   Implement and troubleshoot SNMP
  • 6.1.c   Implement and troubleshoot logging
  • 6.2   Quality of service
  • 6.2.a   Implement and troubleshoot end-to-end QoS
  • 6.2.b   Implement, optimize and troubleshoot QoS using MQC
  • 6.2.c   Describe layer 2 QoS
  • 6.3   Network services
  • 6.3.a   Implement and troubleshoot first-hop redundancy protocols
  • 6.3.b   Implement and troubleshoot network time protocol
  • 6.3.c   Implement and troubleshoot IPv4 and IPv6 DHCP
  • 6.3.d   Implement and troubleshoot IPv4 network address translation
  • 6.3.e   Describe IPv6 network address translation
  • 6.4   Network optimization
  • 6.4.a   Implement and troubleshoot IP SLA
  • 6.4.b   Implement and troubleshoot tracking object
  • 6.4.c   Implement and troubleshoot netflow
  • 6.4.d   Implement and troubleshoot embedded event manager
  • 6.4.e   Identify performance routing (PfR)



Lab Exam Version 5.0


Exam Description: The CCIE Routing and Switching Lab Exam version 5.0 is an eight-hour, hands-on exam which requires you to configure and troubleshoot a series of complex networks to given specifications. Knowledge of troubleshooting is an important skill and candidates are expected to diagnose and solve issues as part of the CCIE lab exam. You will not configure end-user systems, but are responsible for all devices residing in the network.


    1.0 Layer 2 Technologies
  • 1.1   LAN switching technologies
  • 1.1.a   Implement and troubleshoot switch administration
  • 1.1.b   Implement and troubleshoot layer 2 protocols
  • 1.1.c   Implement and troubleshoot VLAN
  • 1.1.d   Implement and troubleshoot trunking
  • 1.1.e   Implement and troubleshoot EtherChannel
  • 1.1.f   Implement and troubleshoot spanning-tree
  • 1.1.g   Implement and troubleshoot other LAN switching technologies
  • 1.2   Layer 2 multicast
  • 1.2.a   Implement and troubleshoot IGMP
  • 1.3   Layer 2 WAN circuit technologies
  • 1.3.a   Implement and troubleshoot HDLC
  • 1.3.b   Implement and troubleshoot PPP
  • 1.4   Troubleshooting layer 2 technologies
  • 1.4.a   Use IOS troubleshooting tools
  • 1.4.b   Apply troubleshooting methodologies
  • 1.4.c   Interpret packet capture

    2.0 Layer 3 Technologies
  • 2.1   Addressing technologies
  • 2.1.a   Identify, implement and troubleshoot IPv4 addressing and subnetting
  • 2.1.b   Identify, implement and troubleshoot IPv6 addressing and subnetting
  • 2.2   Layer 3 multicast
  • 2.2.a   Troubleshoot reverse path forwarding
  • 2.2.b   Implement and troubleshoot IPv4 protocol independent multicast
  • 2.2.c   Implement and troubleshoot multicast source discovery protocol
  • 2.3   Fundamental routing concepts
  • 2.3.a   Implement and troubleshoot static routing
  • 2.3.b   Implement and troubleshoot default routing
  • 2.3.c   Compare routing protocol types
  • 2.3.d   Implement, optimize and troubleshoot administrative distance
  • 2.3.e   Implement and troubleshoot passive interface
  • 2.3.f   Implement and troubleshoot VRF lite
  • 2.3.g   Implement, optimize and troubleshoot filtering with any routing protocol
  • 2.3.h   Implement, optimize and troubleshoot redistribution between any routing protocol
  • 2.3.i   Implement, optimize and troubleshoot manual and auto summarization with any routing protocol
  • 2.3.j   Implement, optimize and troubleshoot policy-based routing
  • 2.3.k   Identify and troubleshoot sub-optimal routing
  • 2.3.l   Implement and troubleshoot bidirectional forwarding detection
  • 2.3.m   Implement and troubleshoot loop prevention mechanisms
  • 2.3.n   Implement and troubleshoot routing protocol authentication
  • 2.4   Implement and troubleshoot RIPv2 & RIPng
  • 2.5   EIGRP (for IPv4 and IPv6)
  • 2.5.a   Describe packet types
  • 2.5.b   Implement and troubleshoot neighbor relationship
  • 2.5.c   Implement and troubleshoot loop free path selection
  • 2.5.d   Implement and troubleshoot operations
  • 2.5.e   Implement and troubleshoot EIGRP stub
  • 2.5.f   Implement and troubleshoot load-balancing
  • 2.5.g   Implement EIGRP (multi-address) named mode
  • 2.5.h   Implement, troubleshoot and optimize EIGRP convergence and scalability
  • 2.6   OSPF (v2 and v3)
  • 2.6.a   Describe packet types
  • 2.6.b   Implement and troubleshoot neighbor relationship
  • 2.6.c   Implement and troubleshoot OSPFv3 address-family support
  • 2.6.d   Implement and troubleshoot network types, area types and router types
  • 2.6.e   Implement and troubleshoot path preference
  • 2.6.f   Implement and troubleshoot operations
  • 2.6.g   Implement, troubleshoot and optimize OSPF convergence and scalability
  • 2.7   BGP
  • 2.7.a   Describe, implement and troubleshoot peer relationships
  • 2.7.b   Implement and troubleshoot IBGP and EBGP
  • 2.7.c   Explain attributes and best-path selection
  • 2.7.d   Implement, optimize and troubleshoot routing policies
  • 2.7.e   Implement and troubleshoot scalability
  • 2.7.f   Implement and troubleshoot multiproctocol BGP
  • 2.7.g   Implement and troubleshoot AS path manipulations
  • 2.7.h   Implement and troubleshoot other features
  • 2.8   Troubleshooting layer 3 technologies
  • 2.8.a   Use IOS troubleshooting tools
  • 2.8.b   Apply troubleshooting methodologies
  • 2.8.c   Interpret packet capture

    3.0 VPN Technologies
  • 3.1   Tunneling
  • 3.1.a   Implement and troubleshoot MPLS operations
  • 3.1.b   Implement and troubleshoot basic MPLS L3VPN
  • 3.1.c   Implement and troubleshoot encapsulation
  • 3.1.d   Implement and troubleshoot DMVPN (single hub)
  • 3.2   Encryption
  • 3.2.a   Implement and troubleshoot IPsec with preshared key
  • 3.3   Troubleshooting VPN technologies
  • 3.3.a   Use IOS troubleshooting tools
  • 3.3.b   Apply troubleshooting methodologies
  • 3.3.c   Interpret packet capture

    4.0 Infrastructure Security
  • 4.1   Device security
  • 4.1.a   Implement and troubleshoot IOS AAA using local database
  • 4.1.b   Implement and troubleshoot device access control
  • 4.1.c   Implement and troubleshoot control plane policing
  • 4.2   Network security
  • 4.2.a   Implement and troubleshoot switch security features
  • 4.2.b   Implement and troubleshoot router security features
  • 4.2.c   Implement and troubleshoot IPv6 first hop security
  • 4.3   Troubleshooting infrastructure security
  • 4.3.a   Use IOS troubleshooting tools
  • 4.3.b   Apply troubleshooting methodologies
  • 4.3.c   Interpret packet capture

    5.0 Infrastructure Services
  • 5.1   System management
  • 5.1.a   Implement and troubleshoot device management
  • 5.1.b   Implement and troubleshoot SNMP
  • 5.1.c   Implement and troubleshoot logging
  • 5.2   Quality of service
  • 5.2.a   Implement and troubleshoot end-to-end QoS
  • 5.2.b   Implement, optimize and troubleshoot QoS using MQC
  • 5.3   Network services
  • 5.3.a   Implement and troubleshoot first-hop redundancy protocols
  • 5.3.b   Implement and troubleshoot network time protocol
  • 5.3.c   Implement and troubleshoot IPv4 and IPv6 DHCP
  • 5.3.d   Implement and troubleshoot IPv4 network address translation
  • 5.4   Network optimization
  • 5.4.a   Implement and troubleshoot IP SLA
  • 5.4.b   Implement and troubleshoot tracking object
  • 5.4.c   Implement and troubleshoot netflow
  • 5.4.d   Implement and troubleshoot embedded event manager
  • 5.5   Troubleshooting infrastructure services
  • 5.5.a   Use IOS troubleshooting tools
  • 5.5.b   Apply troubleshooting methodologies
  • 5.5.c   Interpret packet capture

CCNP Security
ccie_security

The Cisco Certified Internetwork Expert Security (CCIE Security) program recognizes individuals who have the knowledge and skills to implement, maintain and support extensive Cisco Network Security Solutions using the latest industry best practices and technologies.

Prerequisites: There are no formal prerequisites for CCIE certification. Other professional certifications or training courses are not required. Instead, candidates must first pass a written qualification exam and then the corresponding hands-on lab exam.



Recommended Training: SolutionEdge Executive Learning Program for CCIE Security is a complete, blended learning program to accelerate competency and build the skills that are necessary for expert certification.



Exams : CCIE Security Written Exam Version 4.0 (350-018), CCIE Security Lab Exam Version 4.0



Syllabus:



Written Exam Version 4.0 (350-018)


Exam Description: The written exam is a two-hour, multiple choice test with 90-110 questions covering areas such as security protocols, operating systems, application protocols, security technologies, and Cisco security applications. All exam materials are provided and no outside reference materials are allowed.


    1.0 Infrastructure, Connectivity, Communications, and Network Security
  • 1.1   Network addressing basics
  • 1.2   OSI layers
  • 1.3   TCP/UDP/IP protocols
  • 1.4   LAN switching (for example, VTP, VLANs, spanning tree, and trunking)
  • 1.5   Routing protocols (for example, RIP, EIGRP, OSPF, and BGP)
  • 1.6   Tunneling protocols
  • 1.7   IP multicast
  • 1.8   Wireless
  • 1.9   Authentication and authorization technologies
  • 1.10   VPNs
  • 1.11   Mobile IP networks

    2.0 Security Protocols
  • 2.1   RSA
  • 2.2   RC4
  • 2.3   MD5
  • 2.4   SHA
  • 2.5   DES
  • 2.6   3DES
  • 2.7   AES
  • 2.8   IPsec
  • 2.9   ISAKMP
  • 2.10   IKE and IKEv2
  • 2.11   GDOI
  • 2.12   AH
  • 2.13   ESP
  • 2.14   CEP
  • 2.15   TLS and DTLS
  • 2.16   SSL
  • 2.17   SSH
  • 2.18   RADIUS
  • 2.19   TACACS+
  • 2.20   LDAP
  • 2.21   EAP methods (for example, EAP-MD5, EAP-TLS, EAP-TTLS, EAP-FAST, PEAP, and LEAP)
  • 2.22   PKI, PKIX, and PKCS
  • 2.23   IEEE 802.1X
  • 2.24   WEP, WPA, and WPA2
  • 2.25   WCCP
  • 2.26   SXP
  • 2.27   MACsec
  • 2.27   DNSSEC

    3.0 Application and Infrastructure Security
  • 3.1   HTTP
  • 3.2   HTTPS
  • 3.3   SMTP
  • 3.4   DHCP
  • 3.5   DNS
  • 3.6   FTP and SFTP
  • 3.7   TFTP
  • 3.8   NTP
  • 3.9   SNMP
  • 3.10   syslog
  • 3.11   Netlogon, NetBIOS, and SMB
  • 3.12   RPCs
  • 3.13   RDP and VNC
  • 3.14   PCoIP
  • 3.15   OWASP
  • 3.16   Manage unnecessary services

    4.0 Threats, Vulnerability Analysis, and Mitigation
  • 4.1   Recognize and mitigate common attacks
  • 4.2   Software and OS exploits
  • 4.3   Security and attack tools
  • 4.4   Generic network intrusion prevention concepts
  • 4.5   Packet filtering
  • 4.6   Content filtering and packet inspection
  • 4.7   Endpoint and posture assessment
  • 4.8   QoS marking attacks

    5.0 Cisco Security Products, Features, and Management
  • 5.1   Cisco Adaptive Security Appliance (ASA)
  • 5.2   Cisco IOS firewalls and NAT
  • 5.3   Cisco Intrusion Prevention Systems (IPS)
  • 5.4   Cisco IOS IPS
  • 5.5   Cisco AAA protocols and application
  • 5.6   Cisco Identity Services Engine (ISE)
  • 5.7   Cisco Secure ACS Solution Engine
  • 5.8   Cisco Network Admission Control (NAC) Appliance Server
  • 5.9   Endpoint and client
  • 5.10   Secure access gateways (Cisco IOS router or ASA)
  • 5.11   Virtual security gateway
  • 5.12   Cisco Catalyst 6500 Series ASA Services Modules
  • 5.13   ScanSafe functionality and components
  • 5.14   Cisco Web Security Appliance and Cisco Email Security Appliance
  • 5.15   Cisco Web Security Appliance and Cisco Email Security Appliance
  • 5.16   Security management

    6.0 Cisco Security Technologies and Solutions
  • 6.1   Router hardening features (for example, CoPP, MPP, uRPF, and PBR)
  • 6.2   Switch security features (for example, anti-spoofing, port, STP, MACSEC, NDAC, and NEAT)
  • 6.3   NetFlow
  • 6.4   Wireless security
  • 6.5   Network segregation
  • 6.6   VPN solutions
  • 6.7   Content and packet filtering
  • 6.8   QoS application for security
  • 6.9   Load balancing and failover

    7.0 Security Policies and Procedures, Best Practices, and Standards
  • 7.1   Security policy elements
  • 7.2   Information security standards (for example, ISO/IEC 27001 and ISO/IEC 27002)
  • 7.3   Standards bodies (for example, ISO, IEC, ITU, ISOC, IETF, IAB, IANA, and ICANN)
  • 7.4   Industry best practices (for example, SOX and PCI DSS)
  • 7.5   Common RFC and BCP (for example, RFC2827/BCP38, RFC3704/BCP84, and RFC5735)
  • 7.6   Security audit and validation
  • 7.7   Risk assessment
  • 7.8   Change management process
  • 7.9   Incident response framework
  • 7.10   Computer security forensics
  • 7.11   Desktop security risk assessment and desktop security risk management



Lab Exam Version 4.0


Exam Description: The Cisco CCIE Security Lab Exam version 4.0 is an 8-hour practical hands-on exam that tests the skills and competencies of security professionals in terms of configuring and troubleshooting Cisco security products and solutions. Candidates may be required to perform implementation, optimization and troubleshooting actions in each of the exam topic sections. Content may include both IPv4 and IPv6 concepts and applications


    1.0 System Hardening and Availability
  • 1.1   Routing plane security features (for example, protocol authentication and route filtering)
  • 1.2   Control Plane Policing
  • 1.3   Control plane protection and management plane protection
  • 1.4   Broadcast control and switch port security
  • 1.5   Additional CPU protection mechanisms (for example, options drop and logging interval)
  • 1.6   Disable unnecessary services
  • 1.7   Control device access (for example, Telnet, HTTP, SSH, and privilege levels)
  • 1.8   Device services (for example, SNMP, syslog, and NTP)
  • 1.9   Transit traffic control and congestion management

    2.0 Threat Identification and Mitigation
  • 2.1   RSA
  • 2.2   Identify and protect against fragmentation attacks
  • 2.3   Identify and protect against malicious IP option usage
  • 2.4   Identify and protect against network reconnaissance attacks
  • 2.5   Identify and protect against MAC spoofing attacks
  • 2.6   Identify and protect against ARP spoofing attacks
  • 2.7   Identify and protect against DoS attacks
  • 2.8   Identify and protect against DDoS attacks
  • 2.9   Identify and protect against man-in-the-middle attacks
  • 2.10   Identify and protect against port redirection attacks
  • 2.11   Identify and protect against DHCP attacks
  • 2.12   Identify and protect against DNS attacks
  • 2.13   Identify and protect against MAC flooding attacks
  • 2.14   Identify and protect against VLAN hopping attacks
  • 2.15   Identify and protect against various Layer 2 and Layer 3 attacksS
  • 2.16   NBAR
  • 2.17   NetFlow
  • 2.18   Capture and utilize packet captures

    3.0 Intrusion Prevention and Content Security
  • 3.1   Cisco IPS 4200 Series Sensor appliance and Cisco ASA appliance IPS module
  • 3.2   VACL, SPAN and RSPAN on Cisco switches
  • 3.3   Cisco WSA

    4.0 Identity Management
  • 4.1   Identity-based AAA
  • 4.2   Device administration (Cisco IOS routers, Cisco ASA, and Cisco ACS5.x)
  • 4.3   Network access (TrustSec model)
  • 4.4   Cisco ISE

    5.0 Perimeter Security and Services
  • 5.1   Cisco ASA firewalls
  • 5.2   Cisco IOS zone-based firewall
  • 5.3   Perimeter security services

    6.0 Confidentiality and Secure Access
  • 6.1   IKE (v1/v2)
  • 6.2   DMVPN
  • 6.3   FlexVPN
  • 6.4   GET VPN
  • 6.5   Remote-access VPN
  • 6.6   VPN high availability
  • 6.7   QoS for VPN
  • 6.8   VRF-aware VPN
  • 6.9   MACsec
  • 6.10   Digital certificates (enrollment and policy matching)
  • 6.11   Wireless access

CCIE Service Provider
ccie-service-provider

Cisco CCIE Service Provider (CCIE Service Provider) certification is for expert-level SP network engineers who bring the knowledge and skill to build an extensible Service Provider infrastructure to deliver rich managed services.

Prerequisites: There are no formal prerequisites for CCIE certification. Other professional certifications or training courses are not required. Instead, candidates must first pass a written qualification exam and then the corresponding hands-on lab exam.



Recommended Training: SolutionEdge Executive Learning Program for CCIE Service Provider is a complete, blended learning program to accelerate competency and build the skills that are necessary for expert certification.



Exams : CCIE Service Provider Written Exam Version 3.0 (350-029), CCIE Service Provider Lab Exam Version 3.0



Syllabus:



Written Exam Version 3.0 (350-029)


Exam Description: The Cisco CCIE Service Provider Written Exam (350-029) version 3.0 is a 2-hour test with 80?110 questions that will validate that professionals have the expertise to describe, implement, optimize, and troubleshoot complex service provider networks. The exam is closed book and no outside reference materials are allowed.


    1.0 Describe, Implement, Optimize and Troubleshoot Core IP Technologies
  • 1.1   Describe, implement, optimize, and troubleshoot packet over SONET
  • 1.2   Describe, implement, optimize, and troubleshoot IP over DWDM
  • 1.3   Describe, implement, optimize, and troubleshoot GE/10GE in the core
  • 1.4   Describe, implement, optimize, and troubleshoot SP high-end products
  • 1.5   Describe, implement, optimize, and troubleshoot IGP routing
  • 1.6   Describe, implement, optimize, and troubleshoot MPLS and LDP
  • 1.7   Describe, implement, optimize, and troubleshoot MPLS traffic engineering
  • 1.8   Describe, implement, optimize, and troubleshoot BGP
  • 1.9   Describe, implement, optimize, and troubleshoot multicast
  • 1.10   Describe, implement, optimize, and troubleshoot high availability
  • 1.11   Describe, implement, optimize, and troubleshoot convergence
  • 1.12   Describe, implement, optimize, and troubleshoot SP QoS
  • 1.12  Describe, implement, optimize, and troubleshoot security in the core

    2.0 Describe, Implement, Optimize, and Troubleshoot Access and Edge Connection Technologies
  • 2.1   Describe, implement, optimize, and troubleshoot FE/GE and ethernet trunk connections
  • 2.2   Describe, implement, optimize, and troubleshoot PPP connections
  • 2.3   Describe, implement, optimize, and troubleshoot SONET/SDH connections
  • 2.4   Describe, implement, optimize, and troubleshoot frame relay connections
  • 2.5   Describe, implement, optimize, and troubleshoot ATM connections
  • 2.6   Describe, implement, optimize, and troubleshoot T1/T3 and E1/E3 services

    3.0 Describe, Implement, Optimize, and Troubleshoot Remote Access Technologies
  • 3.1   Describe, implement, optimize, and troubleshoot IP over DSL to the customer
  • 3.2   Describe, implement, optimize, and troubleshoot IP over wire line to the customer
  • 3.3   Describe, implement, optimize, and troubleshoot IP over cable to the customer

    4.0 Describe, Implement, Optimize, and Troubleshoot L3VPN Technologies
  • 4.1   Describe, implement, optimize, and troubleshoot Intra-AS L3VPN
  • 4.2   Describe, implement, optimize, and troubleshoot Inter-AS L3VPN
  • 4.3   Describe, implement, optimize, and troubleshoot CSC
  • 4.4   Describe, implement, optimize, and troubleshoot L2TP for L3VPN
  • 4.5   Describe, implement, optimize, and troubleshoot VPN extranet and Internet access
  • 4.6   Describe, implement, optimize, and troubleshoot VRF service
  • 4.7   Describe, implement, optimize, and troubleshoot multicast VPN
  • 4.8   Describe, implement, optimize, and troubleshoot GRE L3VPN

    5.0 Describe, Implement, Optimize, and Troubleshoot L2VPN Technologies
  • 5.1   Describe, implement, optimize, and troubleshoot AToM
  • 5.2   Describe, implement, optimize, and troubleshoot VPLS and carrier ethernet
  • 5.3   Describe, implement, optimize, and troubleshoot L2TPv3 for L2 VPN
  • 5.4   Describe, implement, optimize, and troubleshoot GRE L2VPN

    6.0 Describe, Implement, Optimize, and Troubleshoot Managed Services Traversing the Core
  • 6.1   Describe, implement, optimize, and troubleshoot managed voice and video services that traverse the core
  • 6.2   Describe, implement, optimize, and troubleshoot managed security services that traverse the core
  • 6.3   Describe, implement, optimize, and troubleshoot service level agreements for managed services that traverse the core

    7.0 Describe Service Provider Network Implementing Principles
  • 7.1   Given a service provider network design change or new service, identify the success criteria
  • 7.2   Given a service provider network design change or new service, identify the appropriate routing protocol
  • 7.3   Given a service provider network design change or new service, identify the appropriate tunneling protocol
  • 7.4   Given a service provider network design change or new service, identify convergence method to use
  • 7.5   Given a service provider network design change or new service, identify scalability method to use
  • 7.6   Given a service provider network design change or new service, identify reliability method to use
  • 7.7   Given a service provider network design change or new service, identify management method to use
  • 7.8   Given a service provider network design change or new service, identify QoS method to use
  • 7.9   Given a service provider network design change or new service, identify security method to use



Lab Exam Version 3.0


Exam Description: The Cisco CCIE Service Provider Lab Exam version 3.0 is an 8-hour test that will validate that professionals have the expertise to implement, optimize, and troubleshoot complex service provider networks.


    1.0 Implement, Optimize and Troubleshoot Core IP Technologies
  • 1.1   Implement, optimize, and troubleshoot packet over SONET
  • 1.2   Implement, optimize, and troubleshoot IP over DWDM
  • 1.3   Implement, optimize, and troubleshoot GE/10GE in the core
  • 1.4   Implement, optimize, and troubleshoot SP high-end products
  • 1.5   Implement, optimize, and troubleshoot IGP routing
  • 1.6   Implement, optimize, and troubleshoot MPLS and LDP
  • 1.7   Implement, optimize, and troubleshoot MPLS traffic engineering
  • 1.8   Implement, optimize, and troubleshoot BGP
  • 1.9   Implement, optimize, and troubleshoot multicast
  • 1.10   Implement, optimize, and troubleshoot high availability
  • 1.11   Implement, optimize, and troubleshoot convergence
  • 1.12   Implement, optimize, and troubleshoot SP QoS
  • 1.12   Implement, optimize, and troubleshoot security in the core

    2.0 Implement, Optimize, and Troubleshoot Access and Edge Connection Technologies
  • 2.1   Implement, optimize, and troubleshoot FE/GE and ethernet trunk connections
  • 2.2   Implement, optimize, and troubleshoot PPP connections
  • 2.3   Implement, optimize, and troubleshoot frame relay connections

    3.0 Implement, Optimize, and Troubleshoot L3VPN Technologies
  • 3.1   Implement, optimize, and troubleshoot Intra-AS L3VPN
  • 3.2   Implement, optimize, and troubleshoot Inter-AS L3VPN
  • 3.3   Implement, optimize, and troubleshoot CSC
  • 3.4   Implement, optimize, and troubleshoot VPN extranet and Internet access
  • 3.5   Implement, optimize, and troubleshoot VRF service
  • 3.6   Implement, optimize, and troubleshoot multicast VPN
  • 3.7   Implement, optimize, and troubleshoot GRE L3VPN

    4.0 Implement, Optimize, and Troubleshoot L2VPN Technologies
  • 4.1   Implement, optimize, and troubleshoot AToM
  • 4.2   Implement, optimize, and troubleshoot VPLS and carrier ethernet
  • 4.3   Implement, optimize, and troubleshoot L2TPv3 for L2 VPN
  • 4.4   Implement, optimize, and troubleshoot GRE L2VPN

CCDE
ccde

The Cisco Certified Design Expert (CCDE) is for expert-level network design engineers, expert-level network leads of IT infrastructure teams, and expert-level network leads of architecture teams working in job roles that require them to translate business needs, budget, and operational constraints into the design of a converged solution. The CCDE curriculum prepares designers to develop design solutions at the infrastructure level for large customer networks. Network engineers holding an active CCDE certification are recognized for their expert-level knowledge and skills in network infrastructure design. The deep technical networking knowledge that a CCDE brings ensures that they are well qualified to address the most technically challenging network infrastructure design assignments.

Prerequisites: There are no formal prerequisites for CCDE. No specific training or other professional certifications are required.



Recommended Training: SolutionEdge Executive Learning Program for CCDE is a complete, blended learning program to accelerate competency and build the skills that are necessary for expert certification.



Exams : CCDE Written Exam version 2.0 (352-001), CCDE Practical Exam Version 2.0



Syllabus:



Written Exam Version 2.0 (352-001)


Exam Description: Cisco CCDE Written Exam (352-001) version 2 is a 2-hour test with 80?110 questions that will validate that professionals have the expertise to gather and clarify network functional requirements, develop network designs to meet functional specifications, develop an implementation plan, convey design decisions and their rationale, and possess expert-level network infrastructure knowledge. The exam is closed book, and no outside reference materials are allowed.


    1.0 Layer 2 Control Plane
  • 1.1   Describe fast convergence techniques and mechanisms
  • 1.2   Describe loop detection and mitigation protocols
  • 1.3   Describe mechanisms that are available for creating loop-free topologies
  • 1.4   Describe the effect of transport mechanisms and their interaction with routing protocols over different types of links
  • 1.5   Describe multicast routing concepts
  • 1.6   Describe the effect of fault isolation and resiliency on network design

    2.0 Layer 3 Control Plane
  • 2.1   Describe route aggregation concepts and techniques
  • 2.2   Describe the theory and application of network topology layering
  • 2.3   Describe the theory and application of network topology abstraction
  • 2.4   Describe the effect of fault isolation and resiliency on network design or network reliability
  • 2.5   Describe metric-based traffic flow and modification
  • 2.6   Describe fast convergence techniques and mechanisms
  • 2.7   Describe factors affecting convergence
  • 2.8   Describe unicast routing protocol operation (OSPF, EIGRP, ISIS, BGP, and RIP) in relation to network design
  • 2.9   Analyze operational costs and complexity
  • 2.10   Describe the interaction between routing protocols and topologies
  • 2.11   Describe generic routing and addressing concepts
  • 2.12   Describe multicast routing concepts
  • 2.13   Describe IPv6 concepts and operation

    3.0 Network Virtualization
  • 3.1   Describe Layer 2 and Layer 3 tunnelling technologies
  • 3.2   Analyze the implementation of tunnelling

    4.0 Design Considerations
  • 4.1   Analyze various QoS performance metrics
  • 4.2   Describe types of QoS techniques
  • 4.3   Describe, implement, optimize, and troubleshoot CSC
  • 4.4   Identify network management requirements
  • 4.5   Identify network application reporting requirements
  • 4.6   Describe technologies, tools, and protocols that are used for network management
  • 4.7   Describe the reference models and processes that are used in network management, such as FCAPS, ITIL ), and TOGAF
  • 4.8   Describe best practices for protecting network infrastructure
  • 4.9   Describe best practices for protecting network services
  • 4.10   Describe tools and technologies for identity management
  • 4.11   Describe tools and technologies for IEEE 802.11 wireless deployment
  • 4.12   Describe tools and technologies for optical deployment
  • 4.13   Describe tools and technologies for SAN fabric deployment



Practical Exam v2.0


Exam Description: Cisco CCDE Practical Exam v2.0 is an 8-hour, scenario-based exam that will validate that professionals have the expertise to gather and clarify network functional requirements, develop network designs to meet functional specifications, develop an implementation plan, convey design decisions and their rationale, and possess expert-level network infrastructure knowledge. The exam is closed book, and no outside reference materials are allowed.


    1.0 Analyze Design Requirements
  • 1.1   Analyze business requirements, conflicts, and constraints
  • 1.2   Analyze technical requirements, conflicts, and constraints
  • 1.3   Analyze physical requirements
  • 1.4   Analyze existing network

    2.0 Develop Network Designs
  • 2.1   Identify the technology to resolve a specific design problem
  • 2.2   Analyze the effect on the existing network and services
  • 2.3   Incorporate best practices within the network design
  • 2.4   Incorporate business requirements within the network design

    3.0 Implement Network Design
  • 3.1   Analyze implementation options
  • 3.2   Design an implementation plan

    4.0 Validate and Optimize Network Design
  • 4.1   Analyze design choices based on specifications
  • 4.2   Device administration (Cisco IOS routers, Cisco ASA, and Cisco ACS5.x)
  • 4.3   Validate design(TrustSec model)
  • 4.4   Optimize design

©2014.SolutionEdge IT Infrastructure Services Pvt. Ltd. All rights reserved.