This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
tech:network:cisco:cisco [2019/08/15 11:30] wnoguchi |
tech:network:cisco:cisco [2019/11/30 10:51] (current) wnoguchi |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== Cisco Systems ====== | + | ====== ENCOR 350-401 ====== |
- | {{tag>Cisco Networking}} | + | * Qualifying Exam: CCIE Enterprise Infrastructure v1.0 |
+ | * [[https://docs.google.com/spreadsheets/d/1lJyiybkIz6SPn1GPH6wvXHsIpsaocxFbkADAa_5VZ1Q/edit#gid=40190895|CCIE_Enterprise_Infrastructure_CertificationPlan - Google Sheets]] | ||
- | ===== Lab ===== | + | * 1.0 Architecture |
- | + | * 1.1 Explain the different design principles used in an enterprise network | |
- | - [[tech:network:cisco-equipment-convenient-startup-config:cisco-equipment-convenient-startup-config|Cisco Equipment Convenient startup-config]] | + | * 1.1.a Enterprise network design such as Tier 2, Tier 3, and Fabric Capacity planning |
- | - [[tech:network:cisco-virtual-lab-convenient-startup-config:cisco-virtual-lab-convenient-startup-config]] | + | * 1.1.b High availability techniques such as redundancy, FHRP, and SSO |
- | - [[tech:network:cisco:virtual-lab-topologies:virtual-lab-topologies|Virtual Lab Topologies]] | + | * 1.2 Analyze design principles of a WLAN deployment |
- | - [[tech:network:cisco:home-physical-lab-topologies:home-physical-lab-topologies|Home Physical Lab Topologies]] | + | * 1.2.a Wireless deployment models (centralized, distributed, controller-less, controller based, cloud, remote branch) |
- | - [[tech:network:home-cheap-serial-console-server:home-cheap-serial-console-server|Home Cheap Serial Console Server]] | + | * 1.2.b Location services in a WLAN design |
- | + | * 1.3 Differentiate between on-premises and cloud infrastructure deployments | |
- | ===== Certification ===== | + | * 1.4 Explain the working principles of the Cisco SD-WAN solution |
- | + | * 1.4.a SD-WAN control and data planes elements | |
- | - [[certification:tech:network:cisco:ccie:ccie-rsv5:ccie-rsv5|CCIE Routing and Switching v5.1]] | + | * 1.4.b Traditional WAN and SD-WAN solutions |
- | + | * 1.5 Explain the working principles of the Cisco SD-Access solution | |
- | ===== General Topics ===== | + | * 1.5.a SD-Access control and data planes elements |
- | + | * 1.5.b Traditional campus interoperating with SD-Access | |
- | - [[tech:network:cisco:routing:routing]] | + | * 1.6 Describe concepts of wired and wireless QoS |
- | - [[tech:network:cisco:switching:switching]] | + | * 1.6.a QoS components |
- | - [[tech:network:cisco:security:security]] | + | * 1.6.b QoS policy |
- | - [[tech:network:cisco:wireless:wireless]] | + | * 1.7 Differentiate hardware and software switching mechanisms |
- | - [[tech:network:cisco:data-center:data-center]] | + | * 1.7.a Process and CEF |
- | - [[tech:network:cisco:service-provider:service-provider]] | + | * 1.7.b MAC address table and TCAM |
- | - [[tech:network:cisco:collabolation:collabolation]] | + | * 1.7.c FIB vs. RIB |
- | + | * 2.0 Virtualization | |
- | ==== Router ==== | + | * 2.1 Describe device virtualization technologies |
- | + | * 2.1.a Hypervisor type 1 and 2 | |
- | - [[tech:network:ios-basic-security:ios-basic-security|Cisco IOS の基本的なセキュリティ設定]] | + | * 2.1.b Virtual machine |
- | - [[tech:network:ssh:ssh|Cisco IOS への SSH]] | + | * 2.1.c Virtual switching |
- | - [[tech:network:ios-select-boot:ios-select-boot|起動時に使用する IOS を選択する]] | + | * 2.2 Configure and verify data path virtualization technologies |
- | + | * 2.2.a VRF | |
- | ==== Catalyst Switch ==== | + | * 2.2.b GRE and IPsec tunneling |
- | + | * 2.3 Describe network virtualization concepts | |
- | - [[tech:network:catalyst:catalyst|Catalyst Switch について]] | + | * 2.3.a LISP |
- | - [[tech:network:boot-catalyst-phy:boot-catalyst-phy|Catalyst スイッチの起動(物理)]] | + | * 2.3.b VXLAN |
- | - [[tech:network:catalyst-show-version-running-config:catalyst-show-version-running-config|Catalyst show version/show running-config]] | + | * 3.0 Infrastructure |
- | - [[tech:network:catalyst-show-interfaces:catalyst-show-interfaces|Catalyst show interfaces]] | + | * 3.1 Layer 2 |
- | - [[tech:network:catalyst-port-security:catalyst-port-security|Catalyst Port Security]] | + | * 3.1.a Troubleshoot static and dynamic 802.1q trunking protocols |
- | - [[tech:network:change-catalyst-boot-ios-image:change-catalyst-boot-ios-image|起動する Catalyst IOS イメージを変更する]] | + | * 3.1.b Troubleshoot static and dynamic EtherChannels |
- | + | * 3.1.c Configure and verify common Spanning Tree Protocols (RSTP and MST) | |
- | ==== Routing ==== | + | * 3.2 Layer 3 |
- | + | * 3.2.a Compare routing concepts of EIGRP and OSPF (advanced distance vector vs. linked state, load balancing, path selection, path operations, metrics) | |
- | - [[tech:network:configure-windows-static-routing:configure-windows-static-routing|Configure Windows10 Static Routing]] | + | * [[tech:network:cisco:eigrp:eigrp]] |
- | - [[tech:network:configure-dynamic-routing-protocol-ripv2:configure-dynamic-routing-protocol-ripv2|Configuring Dynamic Routing Protocol: RIPv2]] | + | * 3.2.b Configure and verify simple OSPF environments, including multiple normal areas, summarization, and filtering (neighbor adjacency, point-to-point and broadcast network types, and passive interface) |
- | - [[tech:network:administrative-distance:administrative-distance|Administrative Distance]] | + | * 3.2.c Configure and verify eBGP between directly connected neighbors (best path selection algorithm and neighbor relationships) |
- | - [[tech:network:metric:metric|Metric]] | + | * 3.3 Wireless |
- | - [[tech:network:cef:cef|CEF]] | + | * 3.3.a Describe Layer 1 concepts, such as RF power, RSSI, SNR, interference noise, band and channels, and wireless client devices capabilities |
- | - [[tech:network:proxy-arp:proxy-arp|Proxy ARP]] | + | * 3.3.b Describe AP modes and antenna types |
- | - [[tech:network:irdp:irdp|IRDP]] | + | * 3.3.c Describe access point discovery and join process (discovery algorithms, WLC selection process) |
- | + | * 3.3.d Describe the main principles and use cases for Layer 2 and Layer 3 roaming | |
- | ==== Switching ==== | + | * 3.3.e Troubleshoot WLAN configuration and wireless client connectivity issues |
- | + | * 3.4 IP Services | |
- | - [[tech:network:cisco:flex-link:flex-link]] | + | * 3.4.a Describe Network Time Protocol (NTP) |
- | + | * 3.4.b Configure and verify NAT/PAT | |
- | === VLAN === | + | * 3.4.c Configure first hop redundancy protocols, such as HSRP and VRRP |
- | + | * 3.4.d Describe multicast protocols, such as PIM and IGMP v2/v3 | |
- | - [[tech:network:vlan:vlan|VLAN]] | + | * 4.0 Network Assurance |
- | - [[tech:network:vlan-access-port-configuration:vlan-access-port-configuration|VLAN Access Port Configuration]] | + | * 4.1 Diagnose network problems using tools such as debugs, conditional debugs, trace route, ping, SNMP, and syslog |
- | - [[tech:network:vlan-trunk-port-configuration:vlan-trunk-port-configuration|VLAN Trunk Port Configuration]] | + | * 4.2 Configure and verify device monitoring using syslog for remote logging |
- | - [[tech:network:vtp:vtp|VTP]] | + | * 4.3 Configure and verify NetFlow and Flexible NetFlow |
- | - [[tech:network:inter-vlan-routing-router-on-a-stick:inter-vlan-routing-router-on-a-stick|Inter-VLAN Routing: Router-on-a-stick]] | + | * 4.4 Configure and verify SPAN/RSPAN/ERSPAN |
- | + | * [[tech:network:cisco:span-rspan:span-rspan]] | |
- | ==== ACL ==== | + | * 4.5 Configure and verify IPSLA |
- | + | * [[tech:network:cisco:ip-sla:ip-sla]] | |
- | - [[tech:network:standard-acl:standard-acl|ACL: Standard ACL]] | + | * 4.6 Describe Cisco DNA Center workflows to apply network configuration, monitoring, and management |
- | - [[tech:network:extended-acl:extended-acl|ACL: Extended ACL]] | + | * 4.7 Configure and verify NETCONF and RESTCONF |
- | - [[tech:network:cisco:named-acl:named-acl|ACL: Named ACL]] | + | * 5.0 Security |
- | - [[tech:network:cisco:show-edit-acl:show-edit-acl|show and edit ACLs]] | + | * 5.1 Configure and verify device access control |
- | - [[tech:network:cisco:vty-acl-restriction:vty-acl-restriction|VTY access restriction using ACL]] | + | * 5.1.a Lines and password protection |
- | + | * 5.1.b Authentication and authorization using AAA | |
- | ==== Design Pattern ==== | + | * 5.2 Configure and verify infrastructure security features |
- | + | * 5.2.a ACLs | |
- | - [[tech:network:3-tier-design:3-tier-design|ネットワークの階層設計]] | + | * 5.2.b CoPP |
- | + | * 5.3 Describe REST API security | |
- | ==== Maintenance ==== | + | * 5.4 Configure and verify wireless security features |
- | + | * 5.4.a EAP | |
- | - [[tech:network:ios-tftp-download:ios-tftp-download|Cisco IOS の TFTP ダウンロード]] | + | * 5.4.b WebAuth |
- | + | * 5.4.c PSK | |
- | ===== Simulation ====== | + | * 5.5 Describe the components of network security design |
- | + | * 5.5.a Threat defense | |
- | - [[tech:network:virl:virl|Cisco VIRL]] | + | * 5.5.b Endpoint security |
- | + | * 5.5.c Next-generation firewall | |
- | ===== Analyze ===== | + | * 5.5.d TrustSec, MACsec |
- | + | * 5.5.e Network access control with 802.1X, MAB, and WebAuth | |
- | - [[tech:network:span:span|SPAN]] | + | * 6.0 Automation |
- | - [[http://changineer.info/network_ccie_v4/cisco_security/cisco_security_traffic_export|Traffic Export]] | + | * 6.1 Interpret basic Python components and scripts |
- | - [[https://supportforums.cisco.com/t5/%E3%82%B3%E3%83%A9%E3%83%9C%E3%83%AC%E3%83%BC%E3%82%B7%E3%83%A7%E3%83%B3-%E3%83%89%E3%82%AD%E3%83%A5%E3%83%A1%E3%83%B3%E3%83%88/%E3%83%AB%E3%83%BC%E3%82%BF%E4%B8%8A%E3%81%A7%E3%83%91%E3%82%B1%E3%83%83%E3%83%88%E3%82%AD%E3%83%A3%E3%83%97%E3%83%81%E3%83%A3%E3%82%92%E5%8F%96%E5%BE%97%E3%81%99%E3%82%8B%E6%96%B9%E6%B3%95-ip-traffic-export/ta-p/3137616|ルータ上でパケットキャプチャを取得する方法 (IP Traffic Expor... - Cisco Support Community]] | + | * 6.2 Construct valid JSON encoded file |
- | + | * 6.3 Describe the high-level principles and benefits of a data modeling language, such as YANG | |
- | ===== CCIE Routing and Switching v5.1 ===== | + | * 6.4 Describe APIs for Cisco DNA Center and vManage |
- | + | * 6.5 Interpret REST API response codes and results in payload using Cisco DNA Center and RESTCONF | |
- | Based on CCIE RSv5.1 Written Blueprint. | + | * 6.6 Construct EEM applet to automate configuration, troubleshooting, or data collection |
- | + | * 6.7 Compare agent vs. agentless orchestration tools, such as Chef, Puppet, Ansible, and SaltStack | |
- | ==== 2.0 Layer 2 Technologies ==== | + | |
- | + | ||
- | === 2.1 LAN switching technologies === | + | |
- | + | ||
- | - [[tech:network:cisco:udld:udld]] | + | |
- | - [[tech:network:cisco:stp:bpduguard:bpduguard]] | + | |
- | - [[tech:network:cisco:stp:bpdufilter:bpdufilter]] | + | |
- | - [[tech:network:cisco:stp:rootguard:rootguard]] | + | |
- | - [[tech:network:cisco:stp:loopguard:loopguard]] | + | |
- | - [[tech:network:cisco:stp:mstp:mstp]] | + | |
- | - [[tech:network:cisco:stp:mstp:inter-region-mstp:inter-region-mstp]] | + | |
- | - [[tech:network:cisco:switchport-protected:switchport-protected]] | + | |
- | + | ||
- | === 2.3 Layer 2 WAN circuit technologies === | + | |
- | + | ||
- | - [[tech:network:cisco:wan-serial:wan-serial]] | + | |
- | - [[tech:network:cisco:ppp:ppp]] | + | |
- | - [[tech:network:cisco:pppoe:pppoe]] | + | |
- | - [[tech:network:cisco:pppoe-server:pppoe-server]] | + | |
- | + | ||
- | ==== 3.0 Layer 3 Technologies ==== | + | |
- | + | ||
- | === 3.1 Addressing technologies === | + | |
- | + | ||
- | == IPv6 == | + | |
- | + | ||
- | - [[tech:network:cisco:icmpv6:icmpv6]] | + | |
- | - [[tech:network:cisco:ipv6-addressing:ipv6-addressing]] | + | |
- | - [[tech:network:cisco:slaac-dhcpv6-pd:slaac-dhcpv6-pd]] | + | |
- | - [[tech:network:cisco:dual-stack:dual-stack]] | + | |
- | - [[tech:network:cisco:ipv6-tunnel:ipv6-tunnel]] | + | |
- | - [[tech:network:cisco:ipv6:ipv6-again:ipv6-again]] | + | |
- | - [[tech:network:cisco:ipv6:ipv6-acl:ipv6-acl]] | + | |
- | + | ||
- | === 3.4 RIP [v2 and v6] === | + | |
- | + | ||
- | - [[tech:network:cisco:rip:rip|RIP]] | + | |
- | - [[tech:network:cisco:basic-rip-config:basic-rip-config|RIP Configuration Getting Started]] | + | |
- | - [[tech:network:cisco:advanced-rip-config:advanced-rip-config]] | + | |
- | - [[tech:network:cisco:advanced-rip-config-2:advanced-rip-config-2]] | + | |
- | - [[tech:network:cisco:verify-rip-status:verify-rip-status]] | + | |
- | - [[tech:network:cisco:ipv6:ripng:ripng]] | + | |
- | + | ||
- | === 3.5 EIGRP [for IPv4 and IPv6] === | + | |
- | + | ||
- | - [[tech:network:cisco:eigrp:eigrp:eigrp-basic:eigrp-basic]] | + | |
- | - [[tech:network:cisco:eigrp:eigrp:eigrp-hello-hold-time:eigrp-hello-hold-time]] | + | |
- | - [[tech:network:cisco:eigrp:eigrp:eigrp-for-ipv6:eigrp-for-ipv6]] | + | |
- | + | ||
- | === 3.6 OSPF [v2 and v3] === | + | |
- | + | ||
- | - [[tech:network:cisco:ospf:ospf:ospf-basic:ospf-basic]] | + | |
- | - [[tech:network:cisco:ipv6:ospfv3:ospfv3]] | + | |
- | + | ||
- | === 3.7 BGP === | + | |
- | + | ||
- | - [[tech:network:cisco:bgp:bgp:bgp-getting-started:bgp-getting-started]] | + | |
- | - [[tech:network:cisco:bgp:bgp:bgp-as-path:bgp-as-path]] | + | |
- | - [[tech:network:cisco:bgp:bgp:bgp-next-hop:bgp-next-hop]] | + | |
- | - [[tech:network:cisco:bgp:bgp:route-reflector:route-reflector]] | + | |
- | - [[tech:network:cisco:bgp:bgp:bgp-confederation:bgp-confederation]] | + | |
- | - [[tech:network:cisco:bgp:bgp:bgp-peer-group:bgp-peer-group]] | + | |
- | - [[tech:network:cisco:bgp:bgp:bgp-synchronization-principle:bgp-synchronization-principle]] | + | |
- | - [[tech:network:cisco:bgp:bgp:med:med]] | + | |
- | - [[tech:network:cisco:bgp:bgp:local-pref:local-pref]] | + | |
- | - [[tech:network:cisco:bgp:bgp:aggregate-address:aggregate-address]] | + | |
- | - [[tech:network:cisco:bgp:bgp:weight:weight]] | + | |
- | - [[tech:network:cisco:bgp:bgp:community:community]] | + | |
- | - [[tech:network:cisco:bgp:bgp:backdoor:backdoor]] | + | |
- | - [[tech:network:cisco:bgp:bgp:remove-private-as:remove-private-as]] | + | |
- | - [[tech:network:cisco:bgp:bgp:route-flap-dampening:route-flap-dampening]] | + | |
- | - [[tech:network:cisco:bgp:bgp:maximum-prefix:maximum-prefix]] | + | |
- | - [[tech:network:cisco:bgp:bgp:no-auto-summary:no-auto-summary]] | + | |
- | - [[tech:network:cisco:bgp:bgp:route-filtering:route-filtering]] | + | |
- | - [[tech:network:cisco:bgp:bgp:ip-as-path-access-list:ip-as-path-access-list]] | + | |
- | - [[tech:network:cisco:bgp:bgp:mp-bgp:mp-bgp]] | + | |
- | + | ||
- | ==== 4.0 VPN Technologies ==== | + | |
- | + | ||
- | - <del>[[tech:network:cisco:vpn:ezvpn:ezvpn]]</del> | + | |
- | + | ||
- | === 4.1 Tunneling === | + | |
- | + | ||
- | - [[tech:network:cisco:vpn:tunneling:gre:gre]] | + | |
- | - [[tech:network:cisco:vpn:tunneling:gre-over-ipsec:gre-over-ipsec]] | + | |
- | - [[tech:network:cisco:vpn:tunneling:dmvpn:dmvpn]] | + | |
- | + | ||
- | === 4.2 Encryption === | + | |
- | + | ||
- | - [[tech:network:cisco:vpn:encryption:ipsec:ipsec]] | + | |
- | + | ||
- | ==== 5.0 Infrastructure Security ==== | + | |
- | + | ||
- | === 5.1 Device security === | + | |
- | + | ||
- | - [[tech:network:cisco:snmp:snmp]] | + | |
- | - [[tech:network:cisco:radius:radius]] | + | |
- | - [[tech:network:cisco:tacacs+:tacacs+]] | + | |
- | - [[tech:network:cisco:privilege-level-exec:privilege-level-exec]] | + | |
- | + | ||
- | === 5.2 Network security === | + | |
- | + | ||
- | - [[tech:network:cisco:stormcontrol:stormcontrol]] | + | |
- | - [[tech:network:cisco:pvlan:pvlan]] | + | |
- | - [[tech:network:cisco:802.1x:802.1x]] | + | |
- | + | ||
- | ==== 6.0 Infrastructure Services ==== | + | |
- | + | ||
- | === 6.1 System management === | + | |
- | + | ||
- | == syslog == | + | |
- | + | ||
- | - [[tech:network:cisco:syslog:syslog]] | + | |
- | + | ||
- | === 6.2 Quality of service === | + | |
- | + | ||
- | - [[tech:network:cisco:qos:qos]] | + | |
- | - [[tech:network:cisco:qos:catalyst:catalyst]] | + | |
- | - [[tech:network:cisco:qos:diffserv:diffserv]] | + | |
- | + | ||
- | === 6.3 Network services === | + | |
- | + | ||
- | == NTP == | + | |
- | + | ||
- | == FHRP == | + | |
- | + | ||
- | - [[tech:network:cisco:icmp-redirects:icmp-redirects]] | + | |
- | + | ||
- | == HSRP == | + | |
- | + | ||
- | - [[tech:network:cisco:hsrp:hsrp]] | + | |
- | + | ||
- | == GLBP == | + | |
- | + | ||
- | - [[tech:network:cisco:glbp:glbp]] | + | |
- | + | ||
- | == VRRP == | + | |
- | + | ||
- | - [[tech:network:cisco:vrrp:vrrp]] | + | |
- | + | ||
- | == DHCP == | + | |
- | + | ||
- | - [[tech:network:cisco:dhcp:dhcp]] | + | |
- | - [[tech:network:cisco:dhcp-relay-agent:dhcp-relay-agent]] | + | |
- | - [[tech:network:cisco:dhcp-redundancy:dhcp-redundancy]] | + | |
- | + | ||
- | == NAT == | + | |
- | + | ||
- | - [[tech:network:cisco:static-nat:static-nat|Static NAT]] | + | |
- | - [[tech:network:cisco:dynamic-nat:dynamic-nat|Dynamic NAT]] | + | |
- | - [[tech:network:cisco:pat:pat|PAT]] | + | |
- | - [[tech:network:cisco:nat-show-commands:nat-show-command|NAT show commands]] | + | |
- | - [[tech:network:cisco:nat-timeout:nat-timeout|NAT Timeout]] | + | |
- | - [[tech:network:cisco:nat-pat-trouble-shooting:nat-pat-trouble-shooting|NAT, PAT Troubleshooting]] | + | |
- | + | ||
- | === 6.4 Network optimization === | + | |
- | + | ||
- | - [[tech:network:cisco:netflow:netflow]] | + | |
- | - [[tech:network:cisco:flexible-netflow:flexible-netflow]] | + | |
- | + | ||
- | ===== Links ===== | + | |
- | + | ||
- | - [[https://www.cisco.com/c/en/us/about/brand-center/network-topology-icons.html|Network Topology Icons - Doing Business With Cisco - Cisco]] | + | |