Cisco Certified Network Associate
(200-125)
Exam
Description: The Cisco Certified Network Associate (CCNA) Routing and
Switching composite exam (200-125) is a 90-minute, 50–60 question assessment
that is associated with the CCNA Routing and Switching certification. This exam
tests a candidate's knowledge and skills related to network fundamentals, LAN
switching technologies, IPv4 and IPv6 routing technologies, WAN technologies, infrastructure
services, infrastructure security, and infrastructure management. The following
topics are general guidelines for the content likely to be included on the
exam. However, other related topics may also appear on any specific delivery of
the exam. In order to better reflect the contents of the exam and for clarity
purposes, the guidelines below may change at any time without notice.
15% 1.0 Network Fundamentals
21% 2.0 LAN Switching Technologies
23% 3.0 Routing Technologies
10% 4.0 WAN Technologies
10% 5.0 Infrastructure Services
11% 6.0 Infrastructure Security
10% 7.0 Infrastructure Management
15% 1.0 Network Fundamentals
1.1 Compare and contrast OSI and TCP/IP models
1.2 Compare and contrast TCP and UDP protocols
1.3 Describe the impact of infrastructure components in an enterprise network
1.3.a Firewalls
1.3.b Access points
1.3.c Wireless controllers
1.4 Describe the effects of cloud resources on enterprise network architecture
1.4.a Traffic path to internal and external cloud services
1.4.b Virtual services
1.4.c Basic virtual network infrastructure
1.5 Compare and contrast collapsed core and three-tier architectures
1.6 Compare and contrast network topologies
1.6 .a Star
1.6 .b Mesh
1.6 .c Hybrid
1.7 Select the appropriate cabling type based on implementation requirements
1.8 Apply troubleshooting methodologies to resolve problems
1.8.a Perform and document fault isolation
1.8.b Resolve or escalate
1.8.c Verify and monitor resolution
1.9 Configure, verify, and troubleshoot IPv4 addressing and subnetting
1.10 Compare and contrast IPv4 address types
1.10 .a
Unicast
1.10 .b Broadcast
1.10 .c Multicast
1.11 Describe the need for private IPv4 addressing
1.12 Identify the appropriate IPv6 addressing scheme to satisfy addressing requirements in a
LAN/WAN environment
1.13 Configure, verify, and troubleshoot IPv6 addressing
1.14 Configure and verify IPv6 Stateless Address Auto Configuration
1.15 Compare and contrast IPv6 address types
1.15.a Global unicast
1.15.b Unique local
1.15.c Link local
1.15.d Multicast
1.15.e Modified EUI 64
1.15.f Autoconfiguration
1.15.g Anycast
1.10 .b Broadcast
1.10 .c Multicast
1.11 Describe the need for private IPv4 addressing
1.12 Identify the appropriate IPv6 addressing scheme to satisfy addressing requirements in a
LAN/WAN environment
1.13 Configure, verify, and troubleshoot IPv6 addressing
1.14 Configure and verify IPv6 Stateless Address Auto Configuration
1.15 Compare and contrast IPv6 address types
1.15.a Global unicast
1.15.b Unique local
1.15.c Link local
1.15.d Multicast
1.15.e Modified EUI 64
1.15.f Autoconfiguration
1.15.g Anycast
21% 2.0 LAN Switching Technologies
2.1 Describe and verify switching concepts
2.1.a MAC learning and aging
2.1.b Frame switching
2.1.c Frame flooding
2.1.d MAC address table
2.2 Interpret Ethernet frame format
2.3 Troubleshoot interface and cable issues (collisions, errors, duplex, speed)
2.4 Configure, verify, and troubleshoot VLANs (normal/extended range) spanning multiple
switches
2.4.a Access ports (data and voice)
2.4.b Default VLAN
2.5 Configure, verify, and troubleshoot interswitch connectivity
2.5.a Trunk ports
2.5.b Add and remove VLANs on a trunk
2.5.c DTP, VTP (v1&v2), and 802.1Q
2.5.d Native VLAN
2.6 Configure, verify, and troubleshoot STP protocols
2.6.a STP mode (PVST+ and RPVST+)
2.6.b STP root bridge selection
2.1 Describe and verify switching concepts
2.1.a MAC learning and aging
2.1.b Frame switching
2.1.c Frame flooding
2.1.d MAC address table
2.2 Interpret Ethernet frame format
2.3 Troubleshoot interface and cable issues (collisions, errors, duplex, speed)
2.4 Configure, verify, and troubleshoot VLANs (normal/extended range) spanning multiple
switches
2.4.a Access ports (data and voice)
2.4.b Default VLAN
2.5 Configure, verify, and troubleshoot interswitch connectivity
2.5.a Trunk ports
2.5.b Add and remove VLANs on a trunk
2.5.c DTP, VTP (v1&v2), and 802.1Q
2.5.d Native VLAN
2.6 Configure, verify, and troubleshoot STP protocols
2.6.a STP mode (PVST+ and RPVST+)
2.6.b STP root bridge selection
2.7 Configure, verify and troubleshoot STP related optional features
2.7.a PortFast
2.7.b BPDU guard
2.8 Configure and verify Layer 2 protocols
2.8.a Cisco Discovery Protocol
2.8.b LLDP
2.9 Configure, verify, and troubleshoot (Layer 2/Layer 3) EtherChannel
2.9.a Static
2.9.b PAGP
2.9.c LACP
2.10 Describe the benefits of switch stacking and chassis aggregation
2.7.a PortFast
2.7.b BPDU guard
2.8 Configure and verify Layer 2 protocols
2.8.a Cisco Discovery Protocol
2.8.b LLDP
2.9 Configure, verify, and troubleshoot (Layer 2/Layer 3) EtherChannel
2.9.a Static
2.9.b PAGP
2.9.c LACP
2.10 Describe the benefits of switch stacking and chassis aggregation
23% 3.0 Routing Technologies
3.1 Describe the routing concepts
3.1.a Packet handling along the path through a network
3.1.b Forwarding decision based on route lookup
3.1.c Frame rewrite
3.2 Interpret the components of a routing table
3.2.a Prefix
3.2.b Network mask
3.2.c Next hop
3.2.d Routing protocol code
3.2.e Administrative distance
3.2.f Metric
3.2.g Gateway of last resort
3.3 Describe how a routing table is populated by different routing information sources
3.3.a Admin distance
3.4 Configure, verify, and troubleshoot inter-VLAN routing
3.4.a Router on a stick
3.4.b SVI
3.5 Compare and contrast static routing and dynamic routing
3.6 Compare and contrast distance vector and link state routing protocols
3.7 Compare and contrast interior and exterior routing protocols
3.8 Configure, verify, and troubleshoot IPv4 and IPv6 static routing
3.8.a Default route
3.8.b Network route
3.1 Describe the routing concepts
3.1.a Packet handling along the path through a network
3.1.b Forwarding decision based on route lookup
3.1.c Frame rewrite
3.2 Interpret the components of a routing table
3.2.a Prefix
3.2.b Network mask
3.2.c Next hop
3.2.d Routing protocol code
3.2.e Administrative distance
3.2.f Metric
3.2.g Gateway of last resort
3.3 Describe how a routing table is populated by different routing information sources
3.3.a Admin distance
3.4 Configure, verify, and troubleshoot inter-VLAN routing
3.4.a Router on a stick
3.4.b SVI
3.5 Compare and contrast static routing and dynamic routing
3.6 Compare and contrast distance vector and link state routing protocols
3.7 Compare and contrast interior and exterior routing protocols
3.8 Configure, verify, and troubleshoot IPv4 and IPv6 static routing
3.8.a Default route
3.8.b Network route
3.8.c Host route
3.8.d Floating static
3.9 Configure, verify, and troubleshoot single area and multi-area OSPFv2 for IPv4
(excluding authentication, filtering, manual summarization, redistribution, stub, virtuallink, and LSAs)
3.10 Configure, verify, and troubleshoot single area and multi-area OSPFv3 for IPv6
(excluding authentication, filtering, manual summarization, redistribution, stub, virtuallink, and LSAs)
3.11 Configure, verify, and troubleshoot EIGRP for IPv4 (excluding authentication, filtering,
manual summarization, redistribution, stub)
3.12 Configure, verify, and troubleshoot EIGRP for IPv6 (excluding authentication, filtering,
manual summarization, redistribution, stub)
3.13 Configure, verify, and troubleshoot RIPv2 for IPv4 (excluding authentication, filtering,
manual summarization, redistribution)
3.14 Troubleshoot basic Layer 3 end-to-end connectivity issues
3.8.d Floating static
3.9 Configure, verify, and troubleshoot single area and multi-area OSPFv2 for IPv4
(excluding authentication, filtering, manual summarization, redistribution, stub, virtuallink, and LSAs)
3.10 Configure, verify, and troubleshoot single area and multi-area OSPFv3 for IPv6
(excluding authentication, filtering, manual summarization, redistribution, stub, virtuallink, and LSAs)
3.11 Configure, verify, and troubleshoot EIGRP for IPv4 (excluding authentication, filtering,
manual summarization, redistribution, stub)
3.12 Configure, verify, and troubleshoot EIGRP for IPv6 (excluding authentication, filtering,
manual summarization, redistribution, stub)
3.13 Configure, verify, and troubleshoot RIPv2 for IPv4 (excluding authentication, filtering,
manual summarization, redistribution)
3.14 Troubleshoot basic Layer 3 end-to-end connectivity issues
10% 4.0 WAN Technologies
4.1 Configure and verify PPP and MLPPP on WAN interfaces using local authentication
4.2 Configure, verify, and troubleshoot PPPoE client-side interfaces using local
authentication
4.3 Configure, verify, and troubleshoot GRE tunnel connectivity
4.4 Describe WAN topology options
4.4.a Point-to-point
4.4.b Hub and spoke
4.4.c Full mesh
4.4.d Single vs dual-homed
4.5 Describe WAN access connectivity options
4.5.a MPLS
4.5.b Metro Ethernet
4.5.c Broadband PPPoE
4.5.d Internet VPN (DMVPN, site-to-site VPN, client VPN)
4.6 Configure and verify single-homed branch connectivity using eBGP IPv4 (limited to
peering and route advertisement using Network command only)
4.7 Describe basic QoS concepts
4.7.a Marking
4.1 Configure and verify PPP and MLPPP on WAN interfaces using local authentication
4.2 Configure, verify, and troubleshoot PPPoE client-side interfaces using local
authentication
4.3 Configure, verify, and troubleshoot GRE tunnel connectivity
4.4 Describe WAN topology options
4.4.a Point-to-point
4.4.b Hub and spoke
4.4.c Full mesh
4.4.d Single vs dual-homed
4.5 Describe WAN access connectivity options
4.5.a MPLS
4.5.b Metro Ethernet
4.5.c Broadband PPPoE
4.5.d Internet VPN (DMVPN, site-to-site VPN, client VPN)
4.6 Configure and verify single-homed branch connectivity using eBGP IPv4 (limited to
peering and route advertisement using Network command only)
4.7 Describe basic QoS concepts
4.7.a Marking
4.7.b Device trust
4.7.c Prioritization
4.7.c. (i) Voice
4.7.c. (ii) Video
4.7.c. (iii) Data
4.7.d Shaping
4.7.e Policing
4.7.f Congestion management
4.7.c Prioritization
4.7.c. (i) Voice
4.7.c. (ii) Video
4.7.c. (iii) Data
4.7.d Shaping
4.7.e Policing
4.7.f Congestion management
10% 5.0 Infrastructure Services
5.1 Describe DNS lookup operation
5.2 Troubleshoot client connectivity issues involving DNS
5.3 Configure and verify DHCP on a router (excluding static reservations)
5.3.a Server
5.3.b Relay
5.3.c Client
5.3.d TFTP, DNS, and gateway options
5.4 Troubleshoot client- and router-based DHCP connectivity issues
5.5 Configure, verify, and troubleshoot basic HSRP
5.5.a Priority
5.5.b Preemption
5.5.c Version
5.6 Configure, verify, and troubleshoot inside source NAT
5.6.a Static
5.6.b Pool
5.6.c PAT
5.7 Configure and verify NTP operating in a client/server mode
5.1 Describe DNS lookup operation
5.2 Troubleshoot client connectivity issues involving DNS
5.3 Configure and verify DHCP on a router (excluding static reservations)
5.3.a Server
5.3.b Relay
5.3.c Client
5.3.d TFTP, DNS, and gateway options
5.4 Troubleshoot client- and router-based DHCP connectivity issues
5.5 Configure, verify, and troubleshoot basic HSRP
5.5.a Priority
5.5.b Preemption
5.5.c Version
5.6 Configure, verify, and troubleshoot inside source NAT
5.6.a Static
5.6.b Pool
5.6.c PAT
5.7 Configure and verify NTP operating in a client/server mode
11% 6.0 Infrastructure Security
6.1 Configure, verify, and troubleshoot port security
6.1.a Static
6.1.b Dynamic
6.1.c Sticky
6.1.d Max MAC addresses
6.1.e Violation actions
6.1.f Err-disable recovery
6.2 Describe common access layer threat mitigation techniques
6.2.a 802.1x
6.2.b DHCP snooping
6.1 Configure, verify, and troubleshoot port security
6.1.a Static
6.1.b Dynamic
6.1.c Sticky
6.1.d Max MAC addresses
6.1.e Violation actions
6.1.f Err-disable recovery
6.2 Describe common access layer threat mitigation techniques
6.2.a 802.1x
6.2.b DHCP snooping
6.2.c Nondefault native VLAN
6.3 Configure, verify, and troubleshoot IPv4 and IPv6 access list for traffic filtering
6.3.a Standard
6.3.b Extended
6.3.c Named
6.4 Verify ACLs using the APIC-EM Path Trace ACL Analysis tool
6.5 Configure, verify, and troubleshoot basic device hardening
6.5.a Local authentication
6.5.b Secure password
6.5.c Access to device
6.5.c. (i) Source address
6.5.c. (ii) Telnet/SSH
6.5.d Login banner
6.6 Describe device security using AAA with TACACS+ and RADIUS
6.3 Configure, verify, and troubleshoot IPv4 and IPv6 access list for traffic filtering
6.3.a Standard
6.3.b Extended
6.3.c Named
6.4 Verify ACLs using the APIC-EM Path Trace ACL Analysis tool
6.5 Configure, verify, and troubleshoot basic device hardening
6.5.a Local authentication
6.5.b Secure password
6.5.c Access to device
6.5.c. (i) Source address
6.5.c. (ii) Telnet/SSH
6.5.d Login banner
6.6 Describe device security using AAA with TACACS+ and RADIUS
10% 7.0 Infrastructure Management
7.1 Configure and verify device-monitoring protocols
7.1.a SNMPv2
7.1.b SNMPv3
7.1.c Syslog
7.2 Troubleshoot network connectivity issues using ICMP echo-based IP SLA
7.3 Configure and verify device management
7.3.a Backup and restore device configuration
7.3.b Using Cisco Discovery Protocol or LLDP for device discovery
7.3.c Licensing
7.3.d Logging
7.3.e Timezone
7.3.f Loopback
7.4 Configure and verify initial device configuration
7.5 Perform device maintenance
7.5.a Cisco IOS upgrades and recovery (SCP, FTP, TFTP, and MD5 verify)
7.5.b Password recovery and configuration register
7.5.c File system management
7.6 Use Cisco IOS tools to troubleshoot and resolve problems
7.6.a Ping and traceroute with extended option
7.6.b Terminal monitor
7.6.c Log events
7.6.d Local SPAN
7.1 Configure and verify device-monitoring protocols
7.1.a SNMPv2
7.1.b SNMPv3
7.1.c Syslog
7.2 Troubleshoot network connectivity issues using ICMP echo-based IP SLA
7.3 Configure and verify device management
7.3.a Backup and restore device configuration
7.3.b Using Cisco Discovery Protocol or LLDP for device discovery
7.3.c Licensing
7.3.d Logging
7.3.e Timezone
7.3.f Loopback
7.4 Configure and verify initial device configuration
7.5 Perform device maintenance
7.5.a Cisco IOS upgrades and recovery (SCP, FTP, TFTP, and MD5 verify)
7.5.b Password recovery and configuration register
7.5.c File system management
7.6 Use Cisco IOS tools to troubleshoot and resolve problems
7.6.a Ping and traceroute with extended option
7.6.b Terminal monitor
7.6.c Log events
7.6.d Local SPAN
7.7 Describe network programmability in enterprise network architecture
7.7.a Function of a controller
7.7.b Separation of control plane and data plane
7.7.c Northbound and southbound APIs
7.7.a Function of a controller
7.7.b Separation of control plane and data plane
7.7.c Northbound and southbound APIs