Cisco CCNP Enterprise - 350-401-ENCOR - FastTrack

Name: Cisco CCNP Enterprise - 350-401-ENCOR - FastTrack
Rating: 4.5 (26 reviews)

Ratnesh K - CCIE x3

Created byGiga networkers

Last updated 8/2024

English

What you'll learn

Illustrate the hierarchical network design model and architecture using the access, distribution, and core layers
Define the components and features of Cisco SD-WAN solutions, including the orchestration plane, management plane, control plane, and data plane

Course content

6 sections • 128 lectures • 17h 17m total length

Introduction3:52
Section 1: Architecture
Lecture 1:Welcome
Lecture 2:CCNP Enterprise Certification
Lecture 3:Topic
Lecture 4:1.0 Architecture Part01
Lecture 5:1.0 Architecture Part02
Lecture 6:WAN Overlay Technologies
Lecture 7:Qos
Lecture 8:LAN & WAN Design option
Lecture 9:Multilayer Campus Design Part 01
Lecture 10:Multilayer Campus Design Part 02
Lecture 11:1.1.b High availability techniques such as redundancy, FHRP, and SSO
Lecture 12:Enterprise Network Next Generation High Availability SSO Feature
Lecture 13:1.2 Analyze design principles of a WLAN deployment
Lecture 14:Controller-Based Architecture Overview
Lecture 15:WLC Best practices
Lecture 16: Best Practices Summary
Lecture 17: On-Prem vs Cloud Deployment
Lecture 18:Add more cloud
Lecture 19:1.4 Cisco SDWAN
Lecture 20: SDWAN Architecture
Lecture 21: SDWAN Components Controllers
Lecture 22: SDWAN Data plan Devices
Lecture 23: 1.4b Traditional WAN vs SDWAN
Lecture 24: 1.5 Explain the working principles of the Cisco SD-Access solution
Lecture 25: LISP Locator ID and Separation Protocol
Lecture 26: VxLAN Virtual Extension LAN
Lecture 27: DNA supported Hardware & Summary
Lecture 28: 1.6 Qos
Lecture 29:Qos Design & Implementation Part01
Lecture 30: Qos Design & Implementation Part02
Lecture 31: Qos Design & Implementation Part03
Lecture 32: Wireless Qos
Lecture 33: 1.7 Catalyst 9300 Hardware walkthrough
Lecture 34: Catalyst 9300 ASIC details
Lecture 35: CEF & Adjacency Table
Lecture 36: TCAM
CCNP Enterprise Certification11:08
Explore Cisco's updated CCNP Enterprise track, moving from associate to expert across routing, security, wireless, and data center, with core exams and concentration labs.
Topic0:29
Explore Cisco CCNP Enterprise fasttrack, a six-part course covering architecture, virtualization, infrastructure, security, and automation, with detailed topics and subtopics.
1.0 Architecture Part0111:30
1.0 Architecture Part027:04
Section 1.0 - Architecture Notes
WAN Overlay Technologies8:41
Section 1.0 - WAN Overlay Technology Notes
Quality of service | Qos12:26
Section 1.0 - Concepts of Wired & Wireless Notes
LAN & WAN Design option10:23
Explore LAN and WAN design options within a software defined network framework, focusing on DNA architecture, DNA center, and policy driven security. Compare traditional networks to DNA driven management.
Multilayer Campus Design Part 0112:27
Explore multilayer campus design with core, distribution, and access layers, connected to the Internet and data center, and moving toward a DNA-ready grid for scalable networks.
Multilayer Campus Design Part 0210:43
Multilayer Campus Design - Notes
1.1.b High availability techniques such as redundancy, FHRP, and SSO10:19
Explain high-availability techniques by examining redundancy protocols such as hsrp/vrrp, and gateway load balancing protocol glbp, with virtual ip and virtual mac, active-active and active-standby models, preemption, and tracking.
HA | FHRP | SSO Notes
Enterprise Network Next Generation High Availability SSO Feature4:45
Explore high-availability features for campus networks, comparing layer 2 and layer 3 topologies, and learn how non-stop forwarding enables seamless active/standby switchover and upgrade without downtime.
1.2 Analyze design principles of a WLAN deployment9:14
Analyze the design and deployment of a wireless local area network, emphasizing controller-based architecture, control, data, and management planes, and plug-and-play provisioning with Prime Infrastructure and mobility service engines.
Section 1.0 - WLAN Deployment Notes
Controller-Based Architecture Overview5:05
Compare controller-based and mobility-based architectures, explain roaming across access points, and review deployment options like mobility express, 5520/5840 WLCs, centralized and flex connect.
WLC Best practices4:30
Best Practices Summary4:36
Section 1.0 WLC Best Practice Notes
On-Prem vs Cloud Deployment8:05
Add more cloud4:52
1.4 Cisco SDWAN0:50
Explore Cisco SD-WAN concepts with a focus on the Esteban architecture, control plane decoupling, and the shift from traditional models, guided by three rules in this section.
SDWAN Architecture10:29
Understand the sdwan architecture, its orchestration, management, control, and data planes; learn how data plane devices form full-mesh connections and how we manage enables unified deployment and monitoring.
Section 1.0 SDWAN Architecture Notes
SDWAN Components Controllers8:01
Explore the three sd-wan controllers—vBond orchestration plane, vManage management plane, and vSmart control plane—and how they securely bring up fabric devices, centralize provisioning, and enforce policies.
SDWAN Data plan Devices10:31
Explore Cisco sd-wan data plane devices that move data through ipsec tunnels, support ospf and bgp, and enable zero touch provisioning and plug-and-play with application recognition and deep packet inspection.
1.4b Traditional WAN vs SDWAN5:22
Contrast traditional wan with sd-wan to show cloud-based control plane, simplified scalability, built-in security, and improved visibility for routing and ipsec.
1.5 Explain the working principles of the Cisco SD-Access solution10:44
Explain how Cisco SD-Access uses DNA fabric with underlay and overlay networks, three planes (management, control, data) and policy plane, enabling automation and analytics.
Working Principles of SDA Notes
LISP Locator ID and Separation Protocol14:36
Section 1.0 - LISP Notes
VxLAN Virtual Extension LAN9:38
Explains vxlan encapsulation using ip-in-ip and udp, with inner and outer headers, mac-in-ip concepts, and lisp integration; edge nodes perform encapsulation within the fabric underlay and overlay.
Section 1.0 - VxLAN Notes
DNA supported Hardware & Summary4:33
Explore DNA supported hardware and how edge, border, and control plane devices form a unified fabric, enabling data, policy, and management planes via the DNA Center.
1.6 Qos13:50
Learn qos across wired and wireless networks by classifying traffic, applying policies with MQC and Cisco common classification policy language keywords, and mapping to DCP marking.
Qos Design & Implementation Part0115:42
Explore qos design and implementation, including DSCP and IP precedence marking, class of service, and class maps and policy maps to classify, mark, and prioritize real-time and streaming traffic.
Qos Design & Implementation Part0213:19
Qos Design & Implementation Part036:15
Map priority queues and classes across 4/5/0/0, 6/5/0/0, and Nexus platforms, then configure thresholds and random early detection for weighted media conferencing, bulk data, and scavenger traffic.
Section 1.0 - QoS Design Notes
Wireless Qos8:35
Explore wireless qos concepts, including four service levels, collision avoidance mechanisms, and DCP mapping to user priorities and access categories, with practical mapping to best effort, background, and multimedia classes.
1.7 Catalyst 9300 Hardware walkthrough5:16
Catalyst 9300 ASIC details7:44
Explore the Cisco Catalyst 9300's RFID capability, flexible ICs, and the adp 2.0 unified access data plane, highlighting high performance, programmability, and extensive hardware features.
CEF & Adjacency Table11:05
TCAM5:28
Explore tcam concepts and safe verification in Cisco networks, using show ip interface and show ip safe to verify interfaces, next-hop behavior, and forwarding resources for ip defense.
Section 1.0 - TCAM & CEF Notes

Section 02 Virtualization1:42
What is Virtualization9:19
Explore virtualization basics and hypervisors, including host and guest operating systems, and server virtualization with VMware ESX. See how this approach saves hardware resources and enables centralized management.
Types of Hypervisors2:53
Section 2.0 - Hypervisor Short Notes
Virtual Machine Properties7:26
Hypervisor Architecture10:38
Hypervisor Architecture Notes
Virtual Machines Networking8:43
Section 2.0 - Virtual Machines Networking Notes
VMware vSphere Port Group & vSS11:28
Introduction to Distributed Virtual Switch5:14
Understand how a distributed virtual switch provides host-wide visibility across multiple hosts, linking vmnic, uplink, and VMkernel networks to manage traffic between guest operating systems and external networks.
Section 2.0 DVS Notes
VRF5:04
Section 2.0 VRF Notes with Lab example
GRE Generic Routing Encapsulation5:59
Explore GRE encapsulation to create a direct tunnel between endpoints, not exposing intermediate devices, preserving private networks, and enabling security integration for encapsulated broadcast and multicast IP traffic.
Section 2.0 - GRE Notes
IPSEC VPN10:59
Section 2.0 IPSEC VPN Lab Notes
VRF GRE IPSEC Lab Part 0112:43
Configure VRF and establish a GRE IPsec tunnel across three routers, assign IP addresses and a lookback, then enable the IGP for connectivity.
VRF GRE IPSEC Lab Part 027:39
Configure an ipsec gre vpn by creating a key ring, crypto policy, and sam profile, then define a transform set and apply a crypto map with verification.
VRF GRE IPSEC Verification3:09
Verify vrf gre ipsec connectivity by pinging the tunnel, inspect phase one and phase two security associations, confirm inbound/outbound sa indices, and review crypto sessions for baseline verification.
Section 2.0 VRF GRE IPSEC Notes
VxLAN Virtual Extension LAN9:38
Section 2.0 - VxLAN lab notes
LISP Locator ID and Separation Protocol14:36
Explore how Lisp maps endpoint identities to locations via a centralized database and control plane, enabling mobility and virtualization in campus fabrics with edge devices and border nodes.
Section 2.0 - LISP Notes

3 1 Infrastructure1:06
examine infrastructure in section 3.0, focusing on layer two topics such as channel and rsvp, review ip services, and outline troubleshooting options in section 3.1.
Vlan & trunk Part0112:16
Vlan & trunk Part022:33
VLAN & Trunk Notes
DTP Dynamic Trunking Protocol10:20
VTP VLAN Trunking Protocol12:16
VLAN Trunking Protocol Lab & Notes
VTP Lab 014:14
Practice configuring a VTP domain across three switches, designate a VTP server, set domain and password, and verify replication and connectivity.
VTP Lab 0210:47
Conduct a VTP lab to configure trunking and encapsulation, switch between client and server modes, and verify dynamic or desirable trunk settings, VLAN learning, and pruning.
VTP Lab notes
Etherchannel theory12:06
Explore etherchannel and port aggregation to boost throughput by bundling interfaces, with manual or lcp-based dynamic negotiation and per-application load balancing.
Etherchannel Lab9:47
Engage in an etherchannel lab to configure and verify channel grouping on switch interfaces using a manual method and LCP protocol, including range commands, channel group numbers, and protocol negotiation.
Etherchannel Notes & Lab
RSTP Rapid Spanning Tree Protocol17:50
Compare r.s.v.p. and rapid spanning tree protocol, explain loop prevention using root, designated, alternate, and backup ports, and highlight fast convergence.
RSTP TCN5:46
RSTP Lab16:52
Run a rapid spanning-tree protocol lab across switches 101, 102, and 103, enable rapid BPDU mode, and verify root bridge, designated ports, and port states (blocking, forwarding).
RSTP Notes & Lab
MST Multiple Spanning Tree theory6:52
MST Multiple Spanning Tree Lab9:27
Map insurgents to MST instances and configure instance names, ranges, and priorities in a hands-on MST lab for CCNP Enterprise.
MSL Notes & Lab
3 2 OSPF Basics10:27
OSPF LSA Types10:09
OSPF DR BDR & Lab20:25
Learn how OSPF forms neighbor relationships and elects a DR/BDR in a lab. Observe database synchronization, master/slave roles, LSA exchange, authentication, and area zero network configuration.
OSPF Notes
OSPF Network Types Metric Passive interface Theory11:00
Explore OSPF network types such as point-to-point, point-to-multipoint, and broadcast, and how metrics guide route selection. Learn how passive interfaces prevent updates and neighbor formation, with a lab-focused configuration walkthrough.
OSPF Network Types Metric Passive interface Lab13:05
Demonstrate configuring OSPF across area zero and area 20 on switches, set default network types, enable passive interfaces, and verify neighbor relationships while advertising and testing networks.
OSPF Network Types Metric etc notes

Debug7:30
Learn network assurance and troubleshooting by enabling protocol-level debugging on Cisco routers, using conditional debug to manage CPU load, and analyzing ICMP and IP packet details from live pings.
Conditional Debug5:58
P I N G19:18
TraceRoute8:39
Explore how traceroute uses UDP probes and ICMP responses to map network hops, diagnose paths, and interpret time-exceeded and destination-unreachable messages, including extended probe options.
Notes on Debug | Conditional Debug | PING | Traceroute
SNMP Simple Network Mgmt Protocol5:21
SNMP Notes
SNMP Configuration6:30
Learn to configure snmp with versions 1, 2, and 3, define managers and groups with authentication and encryption, set community strings, and verify in lab with a switch and router.
SNMP LAB5:41
Explore configuring and verifying an SNMP lab setup with a switch and host, including ACL-based access, community strings, traps, and performing an SNMP walk to retrieve data.
SNMP Lab result2:07
Demonstrate performing an snmp walk to collect interface details, IP addresses, and interface status across a network, and saving and reviewing the output.
SNMP Lab Notes
SNMP V1 3 Quick Revision3:36
SNMP v3 Notes
Configure & Verify Syslog8:49
Syslog Notes
Understand Netflow6:25
Learn how net flows capture who, where, what, when, and how much traffic through versioned flow records, comparing version five and version nine for capabilities, limitations, and resource use.
Netflow Configuration12:06
Learn traditional and flexible netflow configuration, including templates, exporters, and flow records, to analyze traffic using key versus non-key fields and gain application visibility.
Netflow Notes
Flexible Netflow4:13
Configure flexible netflow by creating an exporter and a flow record with match criteria (application, destination, IP, routing, transport), create and apply a monitor on the interface and verify collection.
Flexible Netflow Notes
Capture the Packet over Data Plan SPAN RSPAN ERSPAN3:16
Packet Capture Notes
SPAN Lab7:10
SPAN Notes
Cisco IP SLA10:30
IP SLA Notes
DNA Workflow & Assurance10:46
Explore Cisco DNA Center's assurance workflow, from design and policy to provisioning and proactive troubleshooting, with high telemetry and ICE integration for end-to-end network health.
DNAC Assurance Notes
DNA Assurance Lab16:25
DNAC Assurance lab setup
Netconf Restconf in Section 60:22
Master automation concepts using Netconf and Restconf in section 6, as the lecture advances through the topic and references prior sections for deeper context.

Section 05 Lines & Password4:36
This lecture covers lines and password protection on Cisco routers, including line security, enable secret vs plaintext passwords, and enabling service password encryption with authentication server labs.
Lines & Password Lab8:54
Access & AAA10:25
AAA Notes
ISE Switch Configuration9:38
Configure the switch for Tripoli with interface-based authentication, authorization, and accounting using a radius server and ICE, applying policies across ports connected to the main, data, and access points.
Cisco ISE Switch & Router configuration Notes
Access Control List13:31
Explore standard and extended access control lists, their match criteria, and how wildcards and remarks control traffic by source, destination, protocol, and service.
Standard Access Control List6:01
Learn to configure standard access control lists, create named ACLs, deny and permit specific networks, apply to interfaces, and validate reachability with ping while blocking loopback addresses.
Extended Access Control List7:35
Learn to configure extended access control lists to permit specific source and destination IPs, use host and network entries, and apply policies inbound or outbound with implicit denial.
Standard & Extended ACL notes
Control Plane Policy8:41
Apply a default control plane policy using class maps in a policy map to limit and drop control plane traffic, protecting the CPU.
Control Plane Policy Lab7:07
CoPP Notes & lab example
API Security7:30
Explore API security in enterprise networks by leveraging Cisco's big secret for context-aware, publisher-subscriber integration across IoT, wired and wireless endpoints, and cloud security services.
API Security Notes
Section 5 4 Wireless Security0:36
Basics of Wireless LAN Security7:40
Learn the basics of wireless network security, including authentication to access points, encryption and privacy, data integrity with message authentication, and protection against rogue devices and attacks.
Wireless LAN Security
Wireless Client Authentication Method5:53
Wireless Authentication Methods8:17
Explore the evolution of wireless authentication from weak encryption to secure, certificate-based EAP methods featuring outer and inner tunnels.
Wireless Authentication Methods Notes
5 5 Welcome0:30
Explore security design related to defense and next-generation firewall traffic in the final subsection of section five, and discuss these topics one by one.
Components of Security Design Model7:41
Delve into security design model that expands the perimeter to cloud resources, enables local breakout, and uses cloud security providers and endpoint defenses to mitigate malware, phishing, and DNS threats.
Security Design model Notes
Threat Defense _ Endpoint Security6:59
Explore threat defense and endpoint security, highlighting advanced malware protection, full visibility, and automated defense across Firepower, ICE, AMP Cloud, and Umbrella.
Reconnaissance using NMAP7:03
Explore reconnaissance with nmap to perform host discovery and port scanning, including udp scans and selective port ranges, identify live hosts and open or closed ports, and review subnet details.
Attack Public Network via Front Door11:15
Defending via FirePower16:22
Defend networks with Cisco firepower by applying talos-updated IPS signatures and dropping detected threats, then analyze intrusion events in FMC to validate policies.
Next Generation Firewall4:57
TrustSec _ MACsec 017:06
TrustSec & MACsec 027:22
Explore how TrustSec and MACsec rely on classification, dynamic tagging, and inline security group tagging propagation across devices, enabling automated policy enforcement on firewalls, routers, and switches.
TrustSec Notes
802 1X MAB WebAuth Easy Connect10:43
Explore 802.1X with MAB (mac address based authentication) and WebAuth, detailing authentication flow, change of authorization, and downloadable ACLs that grant access after successful authorization.

6 0 Automation Welcome0:37
Python Basics 015:46
Python Basics 028:11
Python Notes
Python basic program to add nxapi feature3:52
Python basic program to add nxapi feature edit5:07
Python NXAPI example
Construct Valid JSON4:30
Learn to construct a valid JSON object in Python by importing json, building a dictionary with name, age, and address, and printing the JSON output.
Local Destination in JSON format8:37
JSON Notes
YANG6:30
Explore YANG data modeling language and its use with XML and JSON, showing a human-readable, reusable program that configures devices across vendors via a common model and OpenConfig standards.
YANG Notes
API for vManage0:31
learn about the epa for Cisco management and explore how the api for vManage enables centralized network control.
API for vManage Notes
Cisco DNA Rest API6:15
Explore how Cisco DNA Center glues internet-based infrastructure to an open platform, enabling API-driven integration with IT management and security monitoring. Use the REST API for health and software updates.
Cisco DNA Rest API Use5:10
DNAC Rest API Notes
Embedded Event Management7:21
Embedded Event Management Lab7:22
EEM Notes & Lab example
Agent vs Agentless Tools9:53
Agent vs Agentless tools notes

Requirements

Implementation of Enterprise LAN networks
Basic understanding of Enterprise routing and wireless connectivity

Description

1.1 Explain the different design principles used in an enterprise network
- 1.1.a Enterprise network design such as Tier 2, Tier 3, and Fabric Capacity planning
- 1.1.b High availability techniques such as redundancy, FHRP, and SSO
1.2 Analyze design principles of a WLAN deployment
- 1.2.a Wireless deployment models (centralized, distributed, controller-less, controller based, cloud, remote branch)
- 1.2.b Location services in a WLAN design
1.3 Differentiate between on-premises and cloud infrastructure deployments
1.4 Explain the working principles of the Cisco SD-WAN solution
- 1.4.a SD-WAN control and data planes elements
- 1.4.b Traditional WAN and SD-WAN solutions
1.5 Explain the working principles of the Cisco SD-Access solution
- 1.5.a SD-Access control and data planes elements
- 1.5.b Traditional campus interoperating with SD-Access
1.6 Describe concepts of wired and wireless QoS
- 1.6.a QoS components
- 1.6.b QoS policy
1.7 Differentiate hardware and software switching mechanisms
- 1.7.a Process and CEF
- 1.7.b MAC address table and TCAM
- 1.7.c FIB vs. RIB
2.0 Virtualization
10%
2.1 Describe device virtualization technologies
- 2.1.a Hypervisor type 1 and 2
- 2.1.b Virtual machine
- 2.1.c Virtual switching
2.2 Configure and verify data path virtualization technologies
- 2.2.a VRF
- 2.2.b GRE and IPsec tunneling
2.3 Describe network virtualization concepts
- 2.3.a LISP
- 2.3.b VXLAN
3.0 Infrastructure
30%
3.1 Layer 2
- 3.1.a Troubleshoot static and dynamic 802.1q trunking protocols
- 3.1.b Troubleshoot static and dynamic EtherChannels
- 3.1.c Configure and verify common Spanning Tree Protocols (RSTP and MST)
3.2 Layer 3
- 3.2.a Compare routing concepts of EIGRP and OSPF (advanced distance vector vs. linked state, load balancing, path selection, path operations, metrics)
- 3.2.b Configure and verify simple OSPF environments, including multiple normal areas, summarization, and filtering (neighbor adjacency, point-to-point and broadcast network types, and passive interface)
- 3.2.c Configure and verify eBGP between directly connected neighbors (best path selection algorithm and neighbor relationships)
3.3 Wireless
- 3.3.a Describe Layer 1 concepts, such as RF power, RSSI, SNR, interference noise, band and channels, and wireless client devices capabilities
- 3.3.b Describe AP modes and antenna types
- 3.3.c Describe access point discovery and join process (discovery algorithms, WLC selection process)
- 3.3.d Describe the main principles and use cases for Layer 2 and Layer 3 roaming
- 3.3.e Troubleshoot WLAN configuration and wireless client connectivity issues
3.4 IP Services
- 3.4.a Describe Network Time Protocol (NTP)
- 3.4.b Configure and verify NAT/PAT
- 3.4.c Configure first hop redundancy protocols, such as HSRP and VRRP
- 3.4.d Describe multicast protocols, such as PIM and IGMP v2/v3
4.0 Network Assurance
10%
4.1 Diagnose network problems using tools such as debugs, conditional debugs, trace route, ping, SNMP, and syslog
4.2 Configure and verify device monitoring using syslog for remote logging
4.3 Configure and verify NetFlow and Flexible NetFlow
4.4 Configure and verify SPAN/RSPAN/ERSPAN
4.5 Configure and verify IPSLA
4.6 Describe Cisco DNA Center workflows to apply network configuration, monitoring, and management
4.7 Configure and verify NETCONF and RESTCONF
5.0 Security
20%
5.1 Configure and verify device access control
- 5.1.a Lines and password protection
- 5.1.b Authentication and authorization using AAA
5.2 Configure and verify infrastructure security features
- 5.2.a ACLs
- 5.2.b CoPP
5.3 Describe REST API security
5.4 Configure and verify wireless security features
- 5.4.a EAP
- 5.4.b WebAuth
- 5.4.c PSK
5.5 Describe the components of network security design
- 5.5.a Threat defense
- 5.5.b Endpoint security
- 5.5.c Next-generation firewall
- 5.5.d TrustSec, MACsec
- 5.5.e Network access control with 802.1X, MAB, and WebAuth
6.0 Automation
15%
6.1 Interpret basic Python components and scripts
6.2 Construct valid JSON encoded file
6.3 Describe the high-level principles and benefits of a data modeling language, such as YANG
6.4 Describe APIs for Cisco DNA Center and vManage
6.5 Interpret REST API response codes and results in payload using Cisco DNA Center and RESTCONF
6.6 Construct EEM applet to automate configuration, troubleshooting, or data collection
6.7 Compare agent vs. agentless orchestration tools, such as Chef, Puppet, Ansible, and SaltStack

Who this course is for:

Mid-level network engineers
Network administrators
Network support technicians

Cisco CCNP Enterprise - 350-401-ENCOR - FastTrack

What you'll learn

Explore related topics

Course content

Introduction36 lectures • 5hr 2min

Virtualization16 lectures • 2hr 7min

Infrastructure19 lectures • 3hr 17min

Network Assurance19 lectures • 2hr 25min

Security24 lectures • 3hr 6min

Automation14 lectures • 1hr 20min

Requirements

Description

Who this course is for: