CCNP and CCIE Enterprise Core ENCOR 350-401 Official Cert Guide, 1st edition
Published by Pearson (December 24, 2019) © 2020
- Brad Edgeworth Best-selling Cisco Press author, expert trainer, and Cisco Certified Internetwork Expert (No. 31574)
- David Hucaby
- Ramiro Garza Rios
- Jason Gooley
eTextbook
- Anytime, anywhere learning with the Pearson+ app
- Easy-to-use search, navigation and notebook
- Simpler studying with flashcards
- A print text (hardcover or paperback)
- Free shipping
- Also available for purchase as an ebook from all major ebook resellers, including InformIT.com
- Pre-chapter quiz – These quizzes allow readers to assess their knowledge of the chapter content and decide how much time to spend on any given section.
- Foundation Topics – These sections make up the majority of the page count, explaining concepts, configurations, with emphasis on the theory and concepts, and with linking the theory to the meaning of the configuration commands.
- Key Topics – Inside the Foundation Topics sections, every figure, table, or list that should absolutely be understood and remembered for the exam is noted with the words “Key Topic” in the margin. This tool allows the reader to quickly review the most important details in each chapter.
- Exam Preparation – This ending section of each chapter includes three additional features for review and study, all designed to help the reader remember the details as well as to get more depth. Readers will be instructed to review key topics from the chapter, complete tables and lists from memory, and define key terms.
- Final Preparation Chapter—This final chapter details a set of tools and a study plan to help readers complete their preparation for the exams.
Introduction
Part I Forwarding
Chapter 1 Packet Forwarding
“Do I Know This Already?” Quiz 2
Foundation Topics 3
Network Device Communication 3
Layer 2 Forwarding 4
Layer 3 Forwarding
Forwarding Architectures
Process Switching
Software CEF
Hardware CEF
Stateful Switchover
SDM Templates
Exam Preparation Tasks
Part II Layer 2
Chapter 2 Spanning Tree Protocol
“Do I Know This Already?” Quiz
Foundation Topics
Spanning Tree Protocol Fundamentals
IEEE 802.1D STP
Building the STP Topology
STP Topology Changes
Rapid Spanning Tree Protocol
RSTP (802.1W) Port States
RSTP (802.1W) Port Roles
RSTP (802.1W) Port Types
Building the RSTP Topology
Exam Preparation Tasks
Chapter 3 Advanced STP Tuning
“Do I Know This Already?” Quiz
Foundation Topics
STP Topology Tuning
Root Bridge Placement
Modifying STP Root Port and Blocked Switch Port Locations
Modifying STP Port Priority
Additional STP Protection Mechanisms
Root Guard
STP Portfast
BPDU Guard
BPDU Filter
Problems with Unidirectional Links
Exam Preparation Tasks
Chapter 4 Multiple Spanning Tree Protocol
“Do I Know This Already?” Quiz
Foundation Topics
Multiple Spanning Tree Protocol
MST Instances (MSTIs)
MST Configuration
MST Verification
MST Tuning
Common MST Misconfigurations
MST Region Boundary
Exam Preparation Tasks
Chapter 5 VLAN Trunks and EtherChannel Bundles
“Do I Know This Already?” Quiz
Foundation Topics
VLAN Trunking Protocol
VTP Communication
VTP Configuration
VTP Verification
Dynamic Trunking Protocol
EtherChannel Bundle
Dynamic Link Aggregation Protocols
Verifying Port-Channel Status
Viewing EtherChannel Neighbors
Verifying EtherChannel Packets
Advanced LACP Configuration Options
Troubleshooting EtherChannel Bundles
Load Balancing Traffic with EtherChannel Bundles
Exam Preparation Tasks
Part III Routing
Chapter 6 IP Routing Essentials
“Do I Know This Already?” Quiz
Foundation Topics
Routing Protocol Overview
Distance Vector Algorithms
Enhanced Distance Vector Algorithms
Link-State Algorithms
Path Vector Algorithm
Path Selection
Prefix Length
Administrative Distance
Metrics
Static Routing
Static Route Types
Floating Static Routing
Static Null Routes
IPv6 Static Routes
Virtual Routing and Forwarding
Exam Preparation Tasks
Chapter 7 EIGRP
“Do I Know This Already?” Quiz
Foundation Topics
EIGRP Fundamentals
Autonomous Systems
EIGRP Terminology
Topology Table
EIGRP Neighbors
Path Metric Calculation
Wide Metrics
Metric Backward Compatibility
Load Balancing
Failure Detection and Timers
Convergence
Route Summarization
Exam Preparation Tasks
Chapter 8 OSPF
“Do I Know This Already?” Quiz
Foundation Topics
OSPF Fundamentals
Inter-Router Communication
OSPF Hello Packets
Router ID
Neighbors
Designated Router and Backup Designated Router
OSPF Configuration
OSPF Network Statement
Interface-Specific Configuration
Statically Setting the Router ID
Passive Interfaces
Requirements for Neighbor Adjacency
Sample Topology and Configuration
Confirmation of Interfaces
Verification of OSPF Neighbor Adjacencies
Verification of OSPF Routes
Default Route Advertisement
Common OSPF Optimizations
Link Costs
Failure Detection
DR Placement
OSPF Network Types
Exam Preparation Tasks
Chapter 9 Advanced OSPF
“Do I Know This Already?” Quiz
Foundation Topics
Areas
Area ID
OSPF Route Types
Link-State Announcements
LSA Sequences
LSA Age and Flooding
LSA Types
Discontiguous Networks
OSPF Path Selection
Intra-Area Routes
Interarea Routes
Equal-Cost Multipathing
Summarization of Routes
Summarization Fundamentals
Interarea Summarization
Summarization Metrics
Configuration of Interarea Summarization
Route Filtering
Filtering with Summarization
Area Filtering
Local OSPF Filtering
Exam Preparation Tasks
Chapter 10 OSPFv3
“Do I Know This Already?” Quiz
Foundation Topics
OSPFv3 Fundamentals
OSPFv3 Link-State Advertisement
OSPFv3 Communication
OSPFv3 Configuration
OSPFv3 Verification
Passive Interface
Summarization
Network Type
IPv4 Support in OSPFv3
Exam Preparation Tasks
Chapter 11 BGP
“Do I Know This Already?” Quiz
Foundation Topics
BGP Fundamentals
Autonomous System Numbers
Path Attributes
Loop Prevention
Address Families
Inter-Router Communication
BGP Neighbor States
Basic BGP Configuration
Verification of BGP Sessions
Prefix Advertisement
Receiving and Viewing Routes
BGP Route Advertisements from Indirect Sources
Route Summarization
Aggregate Address
Atomic Aggregate
Route Aggregation with AS_SET
Multiprotocol BGP for IPv6
IPv6 Configuration
IPv6 Summarization
Exam Preparation Tasks
Chapter 12 Advanced BGP
“Do I Know This Already?” Quiz
Foundation Topics
BGP Multihoming
Resiliency in Service Providers
Internet Transit Routing
Branch Transit Routing
Conditional Matching
Access Control Lists
Prefix Matching
Regular Expressions (regex)
Route Maps
Conditional Matching
Optional Actions
The continue Keyword
BGP Route Filtering and Manipulation
Distribute List Filtering
Prefix List Filtering
AS Path ACL Filtering
Route Maps
Clearing BGP Connections
BGP Communities
Well-Known Communities
Enabling BGP Community Support
Conditionally Matching BGP Communities
Setting Private BGP Communities
Understanding BGP Path Selection
Routing Path Selection Using Longest Match
BGP Best Path Overview
Exam Preparation Tasks
Chapter 13 Multicast
“Do I Know This Already?” Quiz
Foundation Topics
Multicast Fundamentals
Multicast Addressing
Layer 2 Multicast Addresses
Internet Group Management Protocol
IGMPv2
IGMPv3
IGMP Snooping
Protocol Independent Multicast
PIM Distribution Trees
PIM Terminology
PIM Dense Mode
PIM Sparse Mode
Reverse Path Forwarding
PIM Forwarder
Rendezvous Points
Static RP
Auto-RP
PIM Bootstrap Router
Exam Preparation Tasks
Part IV Services
Chapter 14 QoS
“Do I Know This Already?” Quiz
Foundation Topics
The Need for QoS
Lack of Bandwidth
Latency and Jitter
Packet Loss
QoS Models
Classification and Marking
Classification
Marking
DSCP Per-Hop Behaviors
Scavenger Class
Trust Boundary
A Practical Example: Wireless QoS
Policing and Shaping
Placing Policers and Shapers in the Network
Markdown
Token Bucket Algorithms
Types of Policers
Congestion Management and Avoidance
Congestion Management
Congestion-Avoidance Tools
Exam Preparation Tasks
Chapter 15 IP Services
“Do I Know This Already?” Quiz
Foundation Topics
Time Synchronization
Network Time Protocol
NTP Configuration
Stratum Preference
NTP Peers
First-Hop Redundancy Protocol
Object Tracking
Hot Standby Router Protocol
Virtual Router Redundancy Protocol
Global Load Balancing Protocol
Network Address Translation
NAT Topology
Static NAT
Pooled NAT
Port Address Translation
Exam Preparation Tasks
Part V Overlay
Chapter 16 Overlay Tunnels
“Do I Know This Already?” Quiz
Foundation Topics
Generic Routing Encapsulation (GRE) Tunnels
GRE Tunnel Configuration
GRE Configuration Example
Problems with Overlay Networks: Recursive Routing
IPsec Fundamentals
Authentication Header
Encapsulating Security Payload
Transform Sets
Internet Key Exchange
IPsec VPNs
Site-to-Site IPsec Configuration
Cisco Location/ID Separation Protocol (LISP)
LISP Architecture and Protocols
LISP Operation
Virtual Extensible Local Area Network (VXLAN)
Exam Preparation Tasks
Part VI Wireless
Chapter 17 Wireless Signals and Modulation
“Do I Know This Already?” Quiz
Foundation Topics
Understanding Basic Wireless Theory
Understanding Frequency
Understanding Phase
Measuring Wavelength
Understanding RF Power and dB
Carrying Data Over an RF Signal
Maintaining AP—Client Compatibility
Using Multiple Radios to Scale Performance
Maximizing the AP—Client Throughput
Exam Preparation Tasks
Chapter 18 Wireless Infrastructure
“Do I Know This Already?” Quiz
Foundation Topics
Wireless LAN Topologies
Autonomous Topology
Lightweight AP Topologies
Pairing Lightweight APs and WLCs
AP States
Discovering a WLC
Selecting a WLC
Maintaining WLC Availability
Cisco AP Modes
Leveraging Antennas for Wireless Coverage
Radiation Patterns
Gain
Beamwidth
Polarization
Omnidirectional Antennas
Directional Antennas
Exam Preparation Tasks
Chapter 19 Understanding Wireless Roaming and Location Services
“Do I Know This Already?” Quiz
Foundation Topics
Roaming Overview
Roaming Between Autonomous APs
Intracontroller Roaming
Roaming Between Centralized Controllers
Layer 2 Roaming
Layer 3 Roaming
Scaling Mobility with Mobility Groups
Locating Devices in a Wireless Network
Exam Preparation Tasks
Chapter 20 Authenticating Wireless Clients
“Do I Know This Already?” Quiz
Foundation Topics
Open Authentication
Authenticating with Pre-Shared Key
Authenticating with EAP
Configuring EAP-Based Authentication with External RADIUS Servers
Configuring EAP-Based Authentication with Local EAP
Verifying EAP-Based Authentication Configuration
Authenticating with WebAuth
Exam Preparation Tasks
Chapter 21 Troubleshooting Wireless Connectivity
“Do I Know This Already?” Quiz
Foundation Topics
Troubleshooting Client Connectivity from the WLC
Checking the Client’s Connection Status
Checking the Client’s Association and Signal Status
Checking the Client’s Mobility State
Checking the Client’s Wireless Policies
Testing a Wireless Client
Troubleshooting Connectivity Problems at the AP
Exam Preparation Tasks
Part VII Architecture
Chapter 22 Enterprise Network Architecture
“Do I Know This Already?” Quiz
Foundation Topics
Hierarchical LAN Design Model
Access Layer
Distribution Layer
Core Layer
Enterprise Network Architecture Options
Two-Tier Design (Collapsed Core)
Three-Tier Design
Layer 2 Access Layer (STP Based)
Layer 3 Access Layer (Routed Access)
Simplified Campus Design
Software-Defined Access (SD-Access) Design
Exam Preparation Tasks
Chapter 23 Fabric Technologies
“Do I Know This Already?” Quiz
Foundation Topics
Software-Defined Access (SD-Access)
What Is SD-Access?
SD-Access Architecture
Physical Layer
Controller Layer
Management Layer
Software-Defined WAN (SD-WAN)
Cisco SD-WAN Architecture
vManage NMS
vSmart Controller
Cisco SD-WAN Routers (vEdge and cEdge)
vBond Orchestrator
vAnalytics
Cisco SD-WAN Cloud OnRamp
Cloud OnRamp for SaaS
Cloud OnRamp for IaaS
Exam Preparation Tasks
Chapter 24 Network Assurance
Do I Know This Already?
Foundation Topics
Network Diagnostic Tools
ping
traceroute
Debugging
Conditional Debugging
Simple Network Management Protocol (SNMP)
syslog
NetFlow and Flexible NetFlow
Switched Port Analyzer (SPAN) Technologies
Local SPAN
Specifying the Source Ports
Remote SPAN (RSPAN)
Encapsulated Remote SPAN (ERSPAN)
IP SLA
Cisco DNA Center Assurance
Exam Preparation Tasks
Part VIII Security
Chapter 25 Secure Network Access Control
“Do I Know This Already?” Quiz
Foundation Topics
Network Security Design for Threat Defense
Next-Generation Endpoint Security
Cisco Talos
Cisco Threat Grid
Cisco Advanced Malware Protection (AMP)
Cisco AnyConnect
Cisco Umbrella
Cisco Web Security Appliance (WSA)
Cisco Email Security Appliance (ESA)
Next-Generation Intrusion Prevention System (NGIPS)
Next-Generation Firewall (NGFW)
Cisco Firepower Management Center (FMC)
Cisco Stealthwatch
Cisco Identity Services Engine (ISE)
Network Access Control (NAC)
802.1x
MAC Authentication Bypass (MAB)
Web Authentication (WebAuth)
Enhanced Flexible Authentication (FlexAuth)
Cisco Identity-Based Networking Services (IBNS) 2.0
Cisco TrustSec
MACsec
Exam Preparation Tasks
Chapter 26 Network Device Access Control and Infrastructure Security
“Do I Know This Already?” Quiz
Foundation Topics
Access Control Lists (ACLs)
Numbered Standard ACLs
Numbered Extended ACLs
Named ACLs
Port ACLs (PACLs) and VLAN ACLs (VACLs)
PACL, VACL, and RACL Interaction
Terminal Lines and Password Protection
Password Types
Password Encryption
Username and Password Authentication
Configuring Line Local Password Authentication
Verifying Line Local Password Authentication
Configuring Line Local Username and Password Authentication
Verifying Line Local Username and Password Authentication
Privilege Levels and Role-Based Access Control (RBAC)
Verifying Privilege Levels
Controlling Access to vty Lines with ACLs
Verifying Access to vty Lines with ACLs
Controlling Access to vty Lines Using Transport Input
Verifying Access to vty Lines Using Transport Input
Enabling SSH vty Access
Auxiliary Port
EXEC Timeout
Absolute Timeout
Authentication, Authorization, and Accounting (AAA)
TACACS+
RADIUS
Configuring AAA for Network Device Access Control
Verifying AAA Configuration
Zone-Based Firewall (ZBFW)
The Self Zone
The Default Zone
ZBFW Configuration
Verifying ZBFW
Control Plane Policing (CoPP)
Configuring ACLs for CoPP
Configuring Class Maps for CoPP
Configuring the Policy Map for CoPP
Applying the CoPP Policy Map
Verifying the CoPP Policy
Device Hardening
Exam Preparation Tasks
Part IX SDN
Chapter 27 Virtualization
“Do I Know This Already?” Quiz
Foundation Topics
Server Virtualization
Virtual Machines
Containers
Virtual Switching
Network Functions Virtualization
NFV Infrastructure
Virtual Network Functions
Virtualized Infrastructure Manager
Element Managers
Management and Orchestration
Operations Support System (OSS)/Business Support System (BSS)
VNF Performance
Cisco Enterprise Network Functions Virtualization (ENFV)
Exam Preparation Tasks
Chapter 28 Foundational Network Programmability Concepts
“Do I Know This Already?” Quiz
Foundation Topics
Command-Line Interface
Application Programming Interface
Northbound API
Southbound API
Representational State Transfer (REST) APIs
API Tools and Resources
Introduction to Postman
Data Formats (XML and JSON)
Cisco DNA Center APIs
Cisco vManage APIs
Data Models and Supporting Protocols
YANG Data Models
Cisco DevNet
Discover
Technologies
Community
Support
Events
GitHub
Basic Python Components and Scripts
Exam Preparation Tasks
Chapter 29 Introduction to Automation Tools
“Do I Know This Already?” Quiz
Foundation Topics
Embedded Event Manager
EEM Applets
EEM and Tcl Scripts
EEM Summary
Agent-Based Automation Tools
Puppet
Chef
SaltStack (Agent and Server Mode)
Agentless Automation Tools
Ansible
Puppet Bolt
SaltStack SSH (Server-Only Mode)
Comparing Tools
Exam Preparation Tasks
Chapter 30 Final Preparation
Getting Ready
Tools for Final Preparation
Pearson Test Prep Practice Test Software and Questions on the Website
Customizing Your Exams
Updating Your Exams
Premium Edition
Chapter-Ending Review Tools
Suggested Plan for Final Review/Study
Summary
Glossary
Appendix A Answers to the “Do I Know This Already?” Questions
Appendix B CCNP Enterprise Core ENCOR 350-401 Official Cert Guide Exam Updates
Online Elements
Glossary
Appendix C Memory Tables
Appendix D Memory Tables Answer Key
Appendix E Study Planner
9781587145230 TOC 10/24/2019
Brad Edgeworth, CCIE No. 31574 (R&S and SP), is a systems architect at Cisco Systems. Brad is a distinguished speaker at Cisco Live, where he has presented on various topics. Before joining Cisco, Brad worked as a network architect and consultant for various Fortune 500 companies. Brad’s expertise is based on enterprise and service provider environments, with an emphasis on architectural and operational simplicity. Brad holds a bachelor of arts degree in computer systems management from St. Edward’s University in Austin, Texas. Brad can be found on Twitter as @BradEdgeworth.
Ramiro Garza Rios, CCIE No. 15469 (R&S, SP, and Security), is a solutions architect in the Cisco Customer Experience (CX) organization. His expertise is on enterprise and service provider network environments, with a focus on evolving architectures and nextgeneration technologies. He is also a Cisco Live distinguished speaker. Ramiro recently concluded a multi-year Cisco ACI project for one of the top three Tier 1 ISPs in the United States.
Before joining Cisco Systems in 2005, he was a network consulting and presales engineer for a Cisco Gold Partner in Mexico, where he planned, designed, and implemented both enterprise and service provider networks.
David Hucaby, CCIE No. 4594 (R&S), CWNE No. 292, is a lead network engineer for the University of Kentucky Healthcare, where he focuses on wireless networks in a large medical environment. David holds bachelor’s and master’s degrees in electrical engineering from the University of Kentucky. He has been authoring Cisco Press titles for 20 years.
Jason Gooley, CCIE No. 38759 (R&S and SP), is a very enthusiastic and spontaneous person who has more than 20 years of experience in the industry. Currently, Jason works as a technical solutions architect for the Worldwide Enterprise Networking Sales team at Cisco Systems. Jason is very passionate about helping others in the industry succeed. In addition to being a Cisco Press author, Jason is a distinguished speaker at Cisco Live, contributes to the development of the Cisco CCIE and DevNet exams, provides training for Learning@Cisco, is an active CCIE mentor, is a committee member for the Cisco Continuing Education Program (CE), and is a program committee member of the Chicago Network Operators Group (CHI-NOG), www.chinog.org. Jason also hosts a show called MetalDevOps. Jason can be found at www.MetalDevOps.com, @MetalDevOps, and @Jason_Gooley on all social media platforms.
Need help? Get in touch