Cisco CCNA (200-301)

Learn how switches use mac addresses to build a dynamic mac address table and forward, flood, or filter traffic—the three F's—reducing network noise.

Configure and verify data and voice vlans on a Cisco switch, assign ports, and use verification commands to separate traffic while securing the default vlan.

Configure and verify inter-switch connectivity using vlan tagging and trunking with 802.1q, connect multiple switches with trunk links, manage native vlan traffic, and test cross-vlan reachability.

Discover why layer 2 loop prevention matters, how broadcasts create storms and mac address table instability, and how the spanning tree protocol blocks ports to stop looping traffic.

Describe how spanning tree protocol prevents loops by electing a root bridge via BPDU exchange, assigning root and designated ports, and blocking non-designated ports based on cost and MAC address.

Explore how spanning tree protocol selects a root bridge via BPDU exchanges, assigns port roles, and blocks loops, with rapid spanning tree and verification commands.

Explore CDP and LLDP, learn when to use each, and verify neighbors to map directly connected devices, while balancing security by enabling and then disabling protocols as needed.

Configure and verify layer two and layer three ether channels to aggregate switch links, boost bandwidth, and provide fault tolerance, using static, LACP, or PAGP configurations.

Compare home and business wireless networks and review Cisco wireless components, including autonomous, cloud-based, and split-MAC architectures, lightweight access points, VLANs, and wireless LAN controllers.

Explore wireless security protocols from WEP to WPA3, including per-packet encryption, TKIP, CCMP, and the advanced encryption standard. Learn how open networks use opportunistic encryption to guard traffic.

Learn how home and business wireless management differ and how to configure a Cisco wireless LAN controller to centrally manage multiple access points, SSIDs, and enterprise security options.

Explore how DHCP snooping and dynamic ARP inspection protect networks by validating DHCP offers and ARP replies, preventing rogue servers and ARP poisoning.

Discover how port security on switches restricts access to authorized devices and blocks rogue devices by limiting MAC addresses per port, with violation modes and sticky learning.

Compare routers and layer three switches and learn how vlans and ip networks route packets between networks, across edge deployments and the internet.

Learn to read and interpret routing table information, decode codes like C, O, D, E, and L, and understand how administrative distance and metrics guide route selection.

Learn how MAC addresses and IP addresses drive packet forwarding across multiple routers, using ARP, default gateways, and per-hop MAC changes to reach the final destination.

Learn how a router determines forwarding decisions for the routing table by applying the longest possible match, administrative distance, and metric, enabling equal-cost and unequal-cost load balancing.

Explore configuring static routing for IPv4 across four contexts—network routing, default routes (gateway of last resort), host routing, and floating static routes—contrasting static and dynamic routing.

Explore configuring static routing for IPv6, covering four contexts—network static route, host route, default route, and floating static route—and see how IPv6 addresses and routing show commands work.

Explore dynamic routing protocols such as RIP, RIPv2, EIGRP, OSPF, and BGP, and learn how routers dynamically discover routes and practice path selection.

Explore single area OSPFv2 fundamentals, including neighbor formation, link-state topology, and cost-based routing across multi-vendor IPv4 networks.

Configure and verify single-area ospfv2 across nyedge routers by using global and interface commands, test connectivity with ping, and confirm router IDs, adjacency, and dr/bdr roles.

Explore configuring and verifying first hop redundancy protocols, including HSRP, VRRP, and GLBP, to prevent a single point of failure at the network edge and provide virtual gateway options.

Configure standard access control lists on Cisco routers by matching the source IP with a wildcard mask, using permit and deny, and understanding the implicit deny and processing order.

Configure and verify extended ACLs in CCNA to selectively permit or deny traffic by protocol and port between source and destination addresses, and apply them on interfaces for granular control.

Explore how named ACLs extend standard and extended ACLs with intuitive names, and learn to configure, verify, and apply them with permit/deny on interfaces inbound or outbound.

Explore why IPv4 scarcity drives network address translation (NAT) and learn static NAT, dynamic NAT (NAT pooling), and PAT overload, including inside/outside concepts and basic Cisco configuration.

Learn to configure and verify nat, including static nat, nat pooling with a public address pool, and port address translation with overload, using acl, inside/outside, and verification commands.

Learn to configure and verify NTP on Cisco devices, set a master time server, synchronize clocks, manage time zones and daylight savings time, and verify with NTP associations.

Learn how to configure and verify DNS and DHCP on Cisco routers, including DNS server setup, IP host records, DHCP pools, exclusions, default gateway, and verification steps.

Identify the function of snmp and key differences between versions 2c and 3, and learn to configure snmp server, community strings, and authentication for querying Cisco devices for telemetry.

Identify syslog message features, their format, and how to enable console and remote logging; learn about logging buffers, show logging, terminal monitoring, and severity levels.

Discover how quality of service uses per-hop behavior to prioritize traffic, with classification, marking, and queuing, and manage congestion via shaping and policing.

Configure remote access on Cisco devices by enabling ssh, generating a 1024-bit rsa key, and restricting access with an access list. Require login local and set ip ssh version 2.

Learn to transfer files on Cisco routers using ftp or tftp, compare speed and setup, verify file integrity, and copy IOS images between flash and an ftp server.

Explore five general security concepts—asset, threat, vulnerability, exploit, and mitigation—by focusing on context over memorization and practicing scenario-based matching in real work.

Identify the core elements of a security awareness program and explain why ongoing training raises user awareness, makes security part of every role, and covers access controls.

Learn how to identify and implement Cisco password policy elements, including global config setups for username and enable secret, password encryption, line passwords, and remote authentication options.

Identify AAA security elements: authentication, authorization, and accounting, and configure remote authentication servers (radius) to validate users, with practice labs using ny edge 1.

Explore remote access and site-to-site vpn types and how they create encrypted tunnels over the internet for private network connections.

Discover how network management evolves from device-by-device control to controller-based networking and automation, reducing errors and costs with intent-based automation and Cisco DNA Center.

Identify SDN concepts by comparing hardware networks with a software-defined control plane, and explain underlay and overlay fabrics, VXLAN overlays, and northbound and southbound APIs.

Identify campus device management methods and compare traditional tools with Cisco DNA Center, a cloud-based digital network architecture that uses intent-based networking for global visibility and automated provisioning.

Explore how REST-based APIs use HTTP to request and retrieve data, leverage CRUD operations, and interpret status codes, with hands-on examples using Postman and JSON.

Explore configuration management to centralize configurations, enforce consistency, and enable automation with Chef, Puppet, and answerable, while idempotence and push or pull architectures enable infrastructure as code and fast provisioning.

Interpret JSON encoded data as a lightweight, human and application friendly data format. Build JSON objects with value pairs, colons, quotes, and arrays, and validate syntax to troubleshoot parsing errors.