- Install, configure, and troubleshoot PC motherboards, system components, and peripheral devices.
- Compare networking hardware types and configure local addressing and Internet connections.
- Summarize uses for network services, virtualization, and cloud computing.
- Support the use of mobile devices and print devices.
- Configure and troubleshoot the Windows operating system.
- Support the Linux and macOS operating systems.
- Configure SOHO network security and manage PC security settings.
- Support the use of mobile apps.
- Use remote support and scripting tools.
- Implement operational procedures.
This CompTIA Network+ course can benefit you in two ways. If you intend to pass the CompTIA Network+ (Exam N10-008) certification examination, this course can be a significant part of your preparation. But certification is not the only key to professional success in the field of IT infrastructure management. Today’s job market demands individuals with demonstrable skills, and the information and activities in this course can help you build your network support skill set so that you can confidently perform your duties in any entry-level network administration role.
On course completion, you will be able to achieve the following:
- Compare OSI model network functions.
- Deploy ethernet cabling.
- Deploy ethernet switching.
- Troubleshoot ethernet networks.
- Explain IPv4 addressing.
- Support IPv4 and IPv6 networks.
- Configure and troubleshooting routers.
- Explain network topologies and types.
- Explain transport layer protocols.
- Explain network services.
- Explain network applications.
- Ensure network availability.
- Explain common security concepts.
- Support and troubleshooting secure networks.
- Deploy and troubleshooting wireless networks.
- Compare WAN links and remote access methods.
- Explain organizational and physical security concepts.
- Explain disaster recovery and high availability concepts.
- Apply network hardening techniques.
- Summarize cloud and datacenter architecture.
This CompTIA Security+ course can benefit you in two ways. If you intend to pass the CompTIA Security+ (Exam SY0-601) certification examination, this course can be a significant part of your preparation. But certification is not the only key to professional success in the field of computer security. Today’s job market demands individuals with demonstrable skills, and the information and activities in this course can help you build your cybersecurity skill set so that you can confidently perform your duties in any entry-level security role.
Upon course completion, students will be able to:
- Compare security roles and security controls
- Explain threat actors and threat intelligence
- Perform security assessments and identify social engineering attacks and malware types
- Summarize basic cryptographic concepts and implement public key infrastructure
- Implement authentication controls
- Implement identity and account management controls
- Implement secure network designs, network security appliances, and secure network protocols
- Implement host, embedded/Internet of Things, and mobile security solutions
- Implement secure cloud solutions
- Explain data privacy and protection concepts
- Perform incident response and digital forensics
- Summarize risk management concepts and implement cybersecurity resilience
- Explain physical security
Cisco CCNA Part 1 course introduces the fundamentals of the most important topics in TCP/IP networking (networking, focusing on Ethernet LANs, WANs, Virtual LANs (VLANs), Spanning Tree Protocol (STP), and IP routing). Students will learn the details of how to implement IPv4 routing in Cisco routers and the core concepts of IPv6.
The CCNA Official Cert Guide, Part 2 includes the topics that help students build an enterprise network so all devices can communicate with all other devices and includes the majority of the new security topics added to the new CCNA 200-301 certification as well as a few of the classic topics found in previous CCNA R&S exams. Students will then turn their attention away from the concept-configure-verify approach to topics that will be presented more from an architecture and design perspective. Finally, students will examine a wide range of products and architectures that also enable better operations and automation – how controllers can separate out part of the work formerly done by networking devices, the advantages of these new controller-based models, and details about Cisco Software-Defined Access (SDA), a controller-based networking approach to building enterprise campus networks.
This course includes FREE access for 12 months to a cloud based lab platform to assist students develop the practical information technology (IT) skills necessary to succeed in high in demand IT jobs. This cloud based lab solution uses real equipment that enables our students to execute each practical task in a safe environment that is accessible from anywhere without needing to buy their own hardware or risk damage to their own system.
Along with providing the necessary hardware in a virtual environment, students gain access to high quality practical exercises that cover many of the exam topics they will encounter on their certifying exams.
This course prepares students to take the CompTIA A+ 220-1101 and 220-1102, CompTIA N10-008 Network+, CompTIA Security+ SY0-601 and the Cisco 200-301 – Implementing and Administering Cisco Solutions (CCNA) national certification exams.
CompTIA A+ 220-1101 Curriculum:
Lesson 1: Installing Motherboards and Connectors
One of the main roles for a CompTIA A+ technician is to install and configure personal computer (PC) hardware. This hands-on part of the job is what draws many people to a career in information technology (IT) support. As an IT professional, you will set up desktop computers and help end users to select a system configuration and peripheral devices that are appropriate to their work. You will often have to connect peripheral devices using the correct cables and connectors and install plug-in adapter cards.
To complete these tasks, you must understand how the peripheral devices and internal PC components are connected via the motherboard. As you may encounter many different environments in your work, you must also be able to distinguish and support both modern and legacy connection interfaces.
Lesson 2: Installing System Devices
The market for the system components of a personal computer is a complex one. Processors, memory modules, disk drives, and power supplies are advertised with a bewildering range of technology improvements and performance differentiators. As a CompTIA A+ technician, you need to interpret these performance characteristics and understand how processing, storage, and power components contribute to a PC specification that is appropriate for a given usage scenario. You must be able to resolve compatibility issues and be confident about the manual installation and removal procedures for these often expensive and delicate devices.
Lesson 3: Troubleshooting PC Hardware
Troubleshooting is a core competency for the role of CompTIA A+ service technician. Whether it is trying to identify a fault in a new build system or assisting a user with a computer that has just stopped working, you will typically be required to demonstrate your troubleshooting skills on each and every day of your job. To become an effective troubleshooter, you need a wide range of knowledge, the ability to pay attention to details, and the readiness to be open and flexible in your approach to diagnosing issues. It is also important to learn and apply best practices and a structured methodology to give yourself the best chance of success when diagnosing complex troubleshooting scenarios.
Lesson 4: Comparing Local Networking Hardware
Network support is a great competency for IT technicians at all levels to possess. In today’s environment, standalone computing is a rarity. Just about every digital device on the planet today is connected to external resources via a network, whether it is a small office/home office (SOHO) network, a corporate WAN, or to the Internet directly. The ability to connect, share, and communicate using a network is crucial for running a business and staying connected to everything in the world. As a CompTIA® A+® support technician, if you understand the technologies that underlie both local and global network communications, you can play an important role in ensuring that the organization you support stays connected.
Lesson 5: Configuring Network Addressing and Internet Connections
Network cabling, wireless radios, and devices such as switches and APs are used to implement local networks at the hardware level. A local-only network has limited uses, however. The full functionality of networking is only realized when local networks join wide area networks, such as the Internet. This requires modem devices and radio antennas that can communicate over the cabling and wireless media types used by Internet service providers (ISPs). It also requires technologies that can identify each network and forward data between them. This network addressing and forwarding function is performed by router devices and the Internet Protocol (IP).
Lesson 6: Supporting Network Services
IP, TCP/UDP, DHCP, and DNS establish the basic addressing and forwarding functions necessary to implement network connectivity. Network applications use these underlying network and transport functions to run user-level services, such as web browsing or file sharing. In this topic, you will learn to summarize the server roles that are used to implement network applications.
Lesson 7: Summarizing Virtualization and Cloud Concepts
Virtualization is also the technology underpinning cloud computing. Cloud is one of the most dominant trends in networking and service provision. Many organizations are outsourcing parts of their IT infrastructure, platforms, storage, or services to cloud solutions providers. Virtualization is at the core of cloud service provider networks. If you can compare and contrast the delivery and service models for cloud, your customers will benefit from your advice and support when deploying cloud resources.
Lesson 8: Supporting Mobile Devices
This lesson focuses on mobile devices and how they differ from desktop systems in terms of features, upgrade/repair procedures, and troubleshooting. As a certified CompTIA® A+® technician, you will be expected to configure, maintain, and troubleshoot laptops, smartphones, and tablets. With the proper information and the right skills, you will be ready to support these devices as efficiently as you support their desktop counterparts.
Lesson 9: Supporting Print Devices
Despite predictions that computers would bring about a paperless office environment, the need to transfer digital information to paper or back again remains strong. As a CompTIA® A+® certified professional, you will often be called upon to set up, configure, and troubleshoot print and scan devices. Having a working knowledge of the many printer technologies and components will help you to support users’ needs in any technical environment.
CompTIA A+ 220-1102 Curriculum:
Lesson 1: Configuring Windows
The operating system (OS) is the software that provides a user interface to the computer hardware and provides an environment in which to run software applications and create computer networks. As a professional IT support representative or PC service technician, your job will include installing, configuring, maintaining, and troubleshooting personal computer (PC) operating systems.
Lesson 2: Managing Windows
Settings and Control Panel are focused on managing configuration settings for a single computer. In an enterprise environment, configuration and monitoring of hundreds or thousands of desktops require more advanced tools. For example, very commonly, configuration can be achieved more quickly and reliably using command-line tools. In this lesson, you will learn about the appropriate use of advanced interfaces and tools to manage Windows 10 and Windows 11 systems.
Lesson 3: Identifying OS Types and Features
While the early lessons in this course have focused on Windows 10, there is a much wider range of operating systems available. Even with Windows, there are various editions to target different market sectors. There are also operating systems designed to support specific hardware types, such as mobile devices. Being able to compare and contrast OS types, versions, and editions will prepare you to support users in a variety of different environments.
Lesson 4: Supporting Windows
To support an OS, you must be able to plan the deployment of software, train and assist users, and troubleshoot problems. As well as technical challenges, there are operational and business factors to consider when installing operating systems and third-party software. Troubleshooting requires knowledge of common symptoms and probable causes in addition to being able to use tools to recover a system or data files.
Lesson 5: Managing Windows Networking
Once you have the computer network up and running, you can start to configure it to provide useful services. File and print sharing are key uses of almost every network. When configuring these resources, you must be aware of potential security issues and understand how to set permissions correctly to ensure that data is only accessible to those users who really should have been authorized to see it.
Lesson 6: Managing Linux and macOS
The various operating systems you might encounter use different interfaces and command syntax, but the functionality of those tools is common across all types of systems. You will need to configure disks and file systems, user accounts, network settings, and software applications.
Lesson 7: Configuring SOHO Network Security
By identifying security threats and vulnerabilities, as well as some of the controls that can counteract them, you can help keep your organization’s computing resources safe from unauthorized access. In this lesson, you will identify security threats and vulnerabilities, plus some of the logical and physical controls used to mitigate them on SOHO networks.
Lesson 8: Managing Security Settings
Firewalls provide a security border around a network, but this secure border is not sufficient to protect against insider threat, advanced malware, or sophisticated threat-actor tactics and techniques. Most organizations deploy defense in depth controls to ensure that each endpoint—computer, laptop, smartphone, or tablet—is deployed in a hardened configuration in terms of both the OS and the web browser software.
Lesson 9: Supporting Mobile Software
Mobile devices have largely replaced computers as contact-manager and web-browsing tools, and there is little choice but for an enterprise network to support their use. The huge variety of device types and mobile OS types and versions makes managing their use a complex task, however.
Lesson 10: Using Support and Scripting Tools
As a CompTIA A+ technician, you will usually perform support tasks within the context of a company’s operational procedures. These procedures include ways of using remote access to handle problems more efficiently, coping with disasters so that data loss and system downtime is minimized, identifying regulated data and content, planning for security incident response, and potentially using scripting to ensure standardized configuration changes.
Lesson 11: Implementing Operational Procedures
Companies also need ticketing systems, asset documentation, and change-management procedures to enforce configuration management. They need safe working practices and to ensure the physical environment does not present any health hazards or risks to electronic devices. Additionally, they need to ensure that technicians and agents represent the company professionally in all customer contact and support situations.
CompTIA Network+ N10-008 Curriculum:
Lesson 1: Comparing OSI Model Network Functions
Computer networks are complex systems that incorporate multiple functions, standards, and proprietary technologies. The Open Systems Interconnection (OSI) model is used to try to simplify some of this complexity. It divides network technologies between seven functional layers. This makes it easier to separate and focus on individual concepts and technologies while retaining an understanding of relationships to the functions of technologies placed in other layers.
This lesson uses the OSI model to give you an overview of the technologies that you will be studying in the rest of the course. You will compare the functions of these layers in the OSI model and apply those concepts to the installation and configuration of a small office/home office networl.
Lesson 2: Deploying Ethernet Cabling
In this topic, you will summarize standards for deploying Ethernet over copper and fiber optic media types and identify the tools and techniques required to deploy Ethernet cabling.
Lesson 3: Deploying Ethernet Switching
Cabling establishes the links between nodes on the network, but each node also requires a network interface. Not many networks are established by directly connecting each end system to every other local system. Cabling and support costs are reduced by using intermediate systems to establish local networks. These intermediate systems are deployed as network appliances such as hubs, bridges, and switches. Installing and configuring, these devices will be a regular task for you during your career in network administration.
Lesson 4: Troubleshooting Ethernet Networks
In this lesson you will explain the steps in CompTIA’s Network+ troubleshooting methodology and apply these steps to solving common cable and connectivity issues.
Lesson 5: Explaining IPv4 Addressing
In this lesson, you will identify the addressing and data delivery methods of the Internet Protocol (IP). IP is at the heart of most modern networks, and consequently one of the most important topic areas for a network professional to understand and apply.
Lesson 6: Supporting IPv4 and IPv6 Networks
This lesson also introduces IPv6 addressing concepts and highlights some key differences between IPv6 and IPv4.
Lesson 7: Configuring and Troubleshooting Routers
Routers work at layer 3 to aggregate information about neighboring networks and forward packets along an appropriate path to their final destination. While configuring routing infrastructure is often a senior job role, you should understand basic concepts and be able to apply them to solve common issues.
Lesson 8: Explaining Network Topologies and Types
The cabling, switching, and routing functions of the first three layers in the OSI model can be deployed in many ways to implement networks of varying sizes and with different purposes. Being able to summarize these network types and topologies and the different network appliance models that support them will help you to build networks that meet customer goals for performance and security.
Lesson 9: Explaining Transport Layer Protocols
Layers 1 through 3 of the OSI model are concerned with addressing and packet forwarding and delivery. This basic connectivity is established for the purpose of transporting application data. In this lesson, you will learn to describe how protocols at layer 4 provision the transport services that network applications depend upon.
Lesson 10: Explaining Network Services
This lesson focuses on application protocols that perform low-level network operations tasks, such as providing dynamic address or name resolution services. You should understand the functions of the network services protocols and the ports that they rely upon to operate.
Lesson 11: Explaining Network Applications
Where DHCP and DNS support basic network operations, other application protocols provide platforms for user-level services, such as websites, databases, file/printer sharing, email, and voice/video calling. You must be able to identify the ports used by these services and their performance and security requirements so that you can assist with product deployments and upgrades and perform basic troubleshooting.
Lesson 12: Ensuring Network Availability
In this lesson, you will investigate some tools and management methods that will help you determine your network’s baseline and optimize your network’s performance.
Lesson 13: Explaining Common Security Concepts
In this lesson, you will describe basic concepts related to network security. As a networking professional, it is part of your responsibility to understand these fundamental concepts so that you can support network security controls.
Lesson 14: Supporting and Troubleshooting Secure Networks
Each day, the number and complexity of threats against systems integrity and data security increases. In response, there are more and more security controls available to automate the detection and prevention of these threats. Because you are a networking professional, your organization and users will be looking to you to deploy these security appliances, without compromising network availability and performance.
Lesson 15: Deploying and Troubleshooting Wireless Networks
Unbounded or wireless media technologies have distinct advantages for businesses over bounded media. They can be easier to install to existing premises and they support the device mobility that users require from laptop or smartphone-based access to networks. Wireless technology implementations offer various advantages, but you need to understand their limitations and security issues to support them properly in your network environments.
Lesson 16: Comparing WAN Links and Remote Access Methods
In this lesson, you will identify the characteristics of WAN service provider offers and components of remote access network implementations.
Lesson 17: Explaining Organizational and Physical Security Concepts
Managing a site so that the network is highly available and secure involves creating policies and best practices, supported by documentation. This might seem less immediately rewarding than getting a new application or server up-and-running, but these kinds of operational procedures are just as important to well-managed networks.
Lesson 18: Explaining Disaster Recovery and High Availability Concepts
Even with effective management procedures and premises security controls, disasters can overwhelm a site and threaten the core functions that a business must perform. Planning for disasters and designing systems for high availability is critical to supporting these mission essential functions. As an entry-level technician or administrator, you should be able to explain the importance of these concepts and identify the tools and techniques used to implement them.
Lesson 19: Applying Network Hardening Techniques
There are many ways in which networks can be attacked and just as many ways for making networks more secure. You will need a basic understanding of the security risks, and security methods and tools, in order to protect your network. In this lesson, you will learn to compare and contrast common types of attacks and to apply network hardening techniques.
Lesson 20: Summarizing Cloud and Datacenter Architecture
This lesson completes the Network+ course by summarizing the software-driven virtualization, automation, and orchestration functionality that underpins cloud services.
CompTIA Security+ SY0-601 Curriculum:
Lesson 1: Comparing Security Roles and Security Controls
Security is an ongoing process that includes assessing requirements, setting up organizational security systems, hardening them, monitoring them, responding to attacks in progress, and deterring attackers. As a security professional, it is important that you understand how the security function is implemented as departments or units and professional roles within different types of organizations. You must also be able to explain the importance of compliance factors and best practice frameworks in driving the selection of security controls.
Lesson 2: Explaining Threat Actors and Threat Intelligence
To make an effective security assessment, you must be able to explain strategies for both defense and attack. Your responsibilities are likely to lie principally in defending assets, but to do this you must be able to explain the tactics, techniques, and procedures of threat actors. You must also be able to differentiate the types and capabilities of threat actors. As the threat landscape is continually evolving, you must also be able to identify reliable sources of threat intelligence and research.
Lesson 3: Performing Security Assessments
Security assessment refers to processes and tools that evaluate the attack surface. With knowledge of adversary tactics and capabilities, you can assess whether points on the attack surface are potentially vulnerable attack vectors. The output of assessment is recommendations for deploying, enhancing, or reconfiguring security controls to mitigate the risk that vulnerabilities are exploitable by threat actors.
Lesson 4: Identifying Social Engineering and Malware
It is not sufficient for security assessments to focus solely on software vulnerabilities and configuration errors. As well as these hardware and software systems, the attack surface contains a company’s employees and the degree to which they can be exploited to gain unauthorized access or privileges. Threat actors use social engineering techniques to elicit information, obtain access to premises, and to trick users into running malicious code. You must understand these attacks and train your colleagues and customers with the ability to detect and report them. As well as being able to explain these techniques, you must be able to describe the indicators associated with different types of malware and analyze your systems for possible infections.
Lesson 5: Summarizing Basic Cryptographic Concepts
Assess and monitor activities (utilizing threat intelligence) to identify potential attack vectors and detect malicious activity. The protect cybersecurity function aims to build secure IT processing systems that exhibit the attributes of confidentiality, integrity, and availability. Many of these secure systems depend wholly or in part on cryptography.
A cryptographic system encodes data in such a way that only authorized persons can decode it. Cryptography is the basis for many of the security systems you will be implementing and configuring. As an information security professional, you must have a good understanding of the concepts underpinning cryptographic algorithms and their implementation in secure protocols and services. All security personnel must be able to contrast the different types of cryptographic ciphers, understand how they can be used to apply data confidentiality, integrity, and availability, and describe the weaknesses they may exhibit. A secure technical understanding of the subject will enable you to explain the importance of cryptographic systems and to select appropriate technologies to meet a given security goal.
Lesson 6: Implementing Public Key Infrastructure
Digital certificates and public key infrastructure (PKI) are critical services used to manage identification, authentication, and data confidentiality across most private and public networks. It is important that you understand the types of certificate that can be issued and are able to apply effective management principles when configuring and supporting these systems.
Lesson 7: Implementing Authentication Controls
Each network user and host device must be identified with an account so that you can control their access to your organization’s applications, data, and services. The processes that support this requirement are referred to as identity and access management (IAM). Within IAM, authentication technologies ensure that only valid subjects (users or devices) can operate an account. Authentication requires the account holder to submit credentials that should only be known or held by them in order to access the account. There are many authentication technologies and it is imperative that you be able to compare and contrast and to implement these security controls.
Lesson 8: Implementing Identity and Account Management Controls
As well as ensuring that only valid users and devices connect to managed networks and devices, you must ensure that these subjects are authorized with only necessary permissions and privileges to access and change resources. These tasks are complicated by the need to manage identities across on-premises networks and cloud services. Also, account security depends on effective organizational policies for personnel and security training. You will often be involved in shaping and updating these policies in line with best practice, as well as delivering security awareness education and training programs.
Lesson 9: Implementing Secure Network Designs
Managing user authentication and authorization is only one part of building secure information technology services. The network infrastructure must also be designed to run services with the properties of confidentiality, integrity, and availability. While design might not be a direct responsibility for you at this stage in your career, you should understand the factors that underpin design decisions, and be able to implement a design by deploying routers, switches, access points, and load balancers in secure configurations.
Lesson 10: Implementing Network Security Appliances
In addition to the secure switching and routing appliances and protocols used to implement network connectivity, the network infrastructure design must also include security appliances to ensure confidentiality, integrity, and availability of services and data. You should be able to distinguish the features of security and monitoring devices and software and deploy these devices to appropriate locations in the network.
Lesson 11: Implementing Secure Network Protocols
When hosts join a network, they need to be configured with the appropriate settings for that network. The services that provide these settings, such as DHCP and DNS, must be deployed securely. When hosts access data using server applications, such as web/HTTP, email, and VoIP, the communications between clients and servers must be managed using secure versions of the application protocols. You will also need to configure secure protocols that allow users to access networks, host desktops, and appliance configuration interfaces remotely.
Lesson 12: Implementing Host Security Solutions
Effective network architecture design, protocol configuration, and the use of appliances such as firewalls and intrusion detection help to provide a secure network environment, but we also need to consider the security systems configured on network hosts as well. Security procedures and solutions are complicated by the range of different types of hosts that networks must support, from PCs and laptops to smartphones and embedded controllers.
Lesson 13: Implementing Secure Mobile Solutions
Mobile devices are now the preferred client for many common work tasks, and network management and security systems have had to adapt to accommodate them. The shift toward mobile also presages a move toward unified management of endpoints, and the use of virtualized workspaces as a better model for provisioning corporate apps and data processing.
Lesson 14: Summarizing Secure Application Concepts
Automation strategies for resiliency, disaster recovery, and incident response put development (programming and scripting) at the heart of secure network administration and operations (DevSecOps). As well as automating operations, more companies are having to maintain bespoke code in customer-facing software, such as web applications. Consequently, secure application development is a competency that will only grow in importance over the course of your career.
Lesson 15: Implementing Secure Cloud Solutions
The main idea behind cloud computing is that you can access and manage your data and applications from any host, anywhere in the world, while the storage method and location are hidden or abstracted through virtualization. Cloud applications—whether accessed as public services or provisioned over private virtualization infrastructure—are rapidly overtaking on-premises service delivery models. Security in and of the cloud considerations will form an increasingly important part of your career as a security professional.
Lesson 16: Explaining Data Privacy and Protection Concepts
If people are an organization’s most important asset, then data comes a close second. The rapid adoption of cybersecurity awareness and technologies has come about because of the huge reputational and financial costs of high-profile data and privacy breaches. It is usually data that the threat actors want, and data that the whole system is set up to protect.
The confidentiality, integrity, and availability security attributes of data processing and storage are ensured through a mixture of managerial, operational, and technical controls. Along with security, you should also be able to assess privacy factors when collecting and storing data, and identify how processes must be shaped by legislative and regulatory compliance.
Lesson 17: Performing Incident Response
From a day-to-day perspective, incident response means investigating the alerts produced by monitoring systems and issues reported by users. This activity is guided by policies and procedures and assisted by various technical controls.
Incident response is a critical security function and very large part of your work as a security professional will be taken up with it. You must be able to summarize the phases of incident handling, utilize appropriate data sources to assist an investigation, and apply mitigation techniques to secure the environment after an event.
Lesson 18: Explaining Digital Forensics
Where incident response emphasizes the swift eradication of malicious activity, digital forensics requires patient capture, preservation, and analysis of evidence using verifiable methods. You may be called on to assist with an investigation into the details of a security incident and to identify threat actors. To assist these investigations, you must be able to summarize the basic concepts of collecting and processing forensic evidence that could be used in legal action or for strategic counterintelligence.
Lesson 19: Summarizing Risk Management Concepts
If a company operates with one or more vulnerable business processes, it could result in disclosure, modification, loss, destruction, or interruption of critical data or it could lead to loss of service to customers. Quite apart from immediate financial losses arising from such security incidents, either outcome will reduce a company’s reputation. If a bank lost its trading floor link to its partners, even for an hour, since the organization’s primary function (trading) would be impossible, huge losses may result. Consequently, when planning a network or other IT system, you must perform risk management to assess threats and vulnerabilities.
Analyzing risk plays a major role in ensuring a secure environment for an organization. By assessing and identifying specific risks that can cause damage to network components, hardware, and personnel, you can mitigate possible threats and establish the right corrective measures to avoid losses and liabilities.
Lesson 20: Implementing Cybersecurity Resilience
Cybersecurity resilience means that even successful intrusions by threat actors have limited impact on confidentiality, integrity, and availability. Provisioning redundancy in storage, power, and network systems, plus effective backup procedures, site resiliency, and effective procedures for change control and configuration management are crucial in maintaining high availability.
Lesson 21: Explaining Physical Security
Risks from intrusion by social engineering, wireless backdoors, and data exfiltration by mobile devices all mean that physical security is a critical consideration for site design and operations. The premises in which networks are installed need to use access control mechanisms and be resilient to person-made and natural disasters, such as fire.
Cisco CCNA 200-301 Part 1 Curriculum:
Lesson 1: Introduction to Networking
This first part of the book introduces the fundamentals of the most important topics in TCP/IP networking. Chapter 1 provides a broad look at TCP/IP, introducing the common terms, big concepts, and major protocols for TCP/IP. Chapter 2 then examines local-area networks (LAN), which are networks that connect devices that are located near each other; for instance, in the same building. Chapter 3 then shows how to connect those LANs across long distances with wide-area networks (WAN) with a focus on how routers connect LANs and WANs to forward data between any two devices in the network.
Lesson 2: Implementing Ethernet LANs
Part I provided a broad look at the fundamentals of all parts of networking, focusing on Ethernet LANs, WANs, and IP routing. Parts II and III now drill into depth about the details of Ethernet, which was introduced in Chapter 2, “Fundamentals of Ethernet LANs.”
Part II begins that journey by discussing the basics of building a small Ethernet LAN with Cisco Catalyst switches. The journey begins by showing how to access the user interface of a Cisco switch so that you can see evidence of what the switch is doing and configure the switch to act in the ways you want it to act. At this point, you should start using whatever lab practice option you chose in the “Your Study Plan” section that preceded Chapter 1, “Introduction to TCP/IP Networking.” (And if you have not yet finalized your plan for how to practice your hands-on skills, now is the time.)
After you complete Chapter 4 and see how to get into the command-line interface (CLI) of a switch, the next three chapters step through some important foundations of how to implement LANs—foundations used by every company that builds LANs with Cisco gear. Chapter 5 takes a close look at Ethernet switching—that is, the logic used by a switch—and how to know what a particular switch is doing. Chapter 6 shows the ways to configure a switch for remote access with Telnet and Secure Shell (SSH), along with a variety of other useful commands that will help you when you work with any real lab gear, simulator, or any other practice tools. Chapter 7, the final chapter in Part II, shows how to configure and verify the operation of switch interfaces for several important features, including speed, duplex, and auto-negotiation.
Lesson 3: Implementing VLANs and STP
Part II of this book introduces the basics of Ethernet LANs, both in concept and in how to implement the features. However, the two primary features discussed in Part III of this book—Virtual LANs (VLANs) and Spanning Tree Protocol (STP)—impact almost everything you have learned about Ethernet so far. VLANs allow a network engineer to create separate Ethernet LANs through simple configuration choices. The ability to separate some switch ports into one VLAN and other switch ports into another VLAN give network designers a powerful tool for creating networks. Once created, VLANs also have a huge impact on how a switch works, which then impacts how you verify and troubleshoot the operation of a campus LAN.
STP—and the related and similar Rapid STP (RSTP)—acts to prevent frames from looping around a LAN. Without STP or RSTP, in LANs with redundant links, broadcasts and some other frames would be forwarded around and around the LAN, eventually clogging the LAN so much as to make it unusable.
The current CCNA 200-301 exam blueprint includes exam topics for the configuration and verification of VLANs and related topics. However, the CCNA exam topics only mention RSTP concepts rather than configuration/verification. To that end, Part III opens with Chapter 8, which goes to the configuration/verification depth with VLAN topics, followed by Chapter 9, which introduces the concepts of STP and RSTP.
Part III closes with Chapter 10, which includes some RSTP configuration, along with Layer 2 EtherChannel configuration.
Lesson 4: IPv4 Addressing
The book makes a big transition at this point. Part I gave you a broad introduction to networking, and Parts II and III went into some detail about the dominant LAN technology today: Ethernet. Part IV transitions from Ethernet to the network layer details that sit above Ethernet and WAN technology, specifically IP Version 4 (IPv4).
Thinking about the network layer requires engineers to shift how they think about addressing. Ethernet allows the luxury of using universal MAC addresses, assigned by the manufacturers, with no need to plan or configure addresses. Although the network engineer needs to understand MAC addresses, MAC already exists on each Ethernet NIC, and switches learn the Ethernet MAC addresses dynamically without even needing to be configured to do so. As a result, most people operating the network can ignore the specific MAC address values for most tasks.
Conversely, IP addressing gives us flexibility and allows choice, but those features require planning, along with a much deeper understanding of the internal structure of the addresses. People operating the network must be more aware of the network layer addresses when doing many tasks. To better prepare you for these Layer 3 addressing details, this part breaks down the addressing details into four chapters, with an opportunity to learn more in preparation for the CCNP Enterprise certification.
Part IV examines most of the basic details of IPv4 addressing and subnetting, mostly from the perspective of operating an IP network. Chapter 11 takes a grand tour of IPv4 addressing as implemented inside a typical enterprise network. Chapters 12, 13, and 14 looks at some of the specific questions people must ask themselves when operating an IPv4 network.
Lesson 5: IPv4 Routing
Parts V and VI work together to reveal the details of how to implement IPv4 routing in Cisco routers. To that end, Part V focuses on the most common features for Cisco routers, including IP address configuration, connected routes, and static routes. Part VI then goes into some detail about the one IP routing protocol discussed in this book: OSPF Version 2 (OSPFv2).
Part V follows the progression of topics. First, Chapter 15 examines the fundamentals of routers—the physical components, how to access the router command-line interface (CLI), and the configuration process. Chapter 15 makes a close comparison of the switch CLI and its basic administrative commands so that you have to learn only new commands that apply to routers but not to switches.
Chapter 16 then moves on to discuss how to configure routers to route IPv4 packets in the most basic designs. Those designs require a simple IP address/mask configuration on each interface, with the addition of a static route command—a command that directly configures a route into the IP routing table—for each destination subnet.
By the end of Chapter 16, you should have a solid understanding of how to enable IP addressing and routing in a Cisco router, so Chapter 17 continues the progression into more challenging but more realistic configurations related to routing between subnets in a LAN environment. Most LANs use many VLANs, with one subnet per VLAN. Cisco routers and switches can be configured to route packets between those subnets, with more than a few twists in the configuration.
Finally, Part V closes with a chapter about troubleshooting IPv4 routing. The chapter features the ping and traceroute commands, two commands that can help you discover not only whether a routing problem exists but also where the problem exists. Chapters 15, 16, and 17 show how to confirm whether a route has been added to one router’s routing table, while the commands discussed in Chapter 18 teach you how to test the end-to-end routes from sending host to receiving host.
Lesson 6: OSPF
Part IV began the story in this book about IP Version 4 (IPv4) addressing. Part V continued that story with how to implement addressing in Cisco routers, along with a variety of methods to route packets between local interfaces. But those topics delayed the discussion of one of the most important topics in TCP/IP, namely IP routing protocols.
Routers use IP routing protocols to learn about the subnets in an internetwork, choose the current best routes to reach each subnet, and to add those routes to each router’s IP routing table. Cisco chose to include one and only one IP routing protocol in the CCNA 200-301 exam: the Open Shortest Path First (OSPF) routing protocol. This entire part focuses on OSPF as an example of how routing protocols work.
Lesson 7: IP Version 6
So far, this book has mostly ignored IP version 6 (IPv6). This part reverses the trend, collecting all the specific IPv6 topics into four chapters.
The chapters in Part VII walk you through the same topics discussed throughout this book for IPv4, often using IPv4 as a point of comparison. Certainly, many details differ when comparing IPv4 and IPv6. However, many core concepts about IP addressing, subnetting, routing, and routing protocols remain the same. The chapters in this part build on those foundational concepts, adding the specific details about how IPv6 forwards IPv6 packets from one host to another.
Lesson 8: IP Version 6
This book began with an overview of the fundamentals of LANs, WANs, and IP routing. It then described Ethernet LANs (wired LANs) in some depth over the course of seven chapters. The book then meandered through many chapters exploring the many concepts of IPv4 and IPv6 addressing, routing, and how to implement those features in Cisco devices.
This final part of Volume 1 turns our attention back to the LAN, not to wired Ethernet LANs, but to IEEE 802.11 wireless LANs—in other words, Wi-Fi. The four chapters in this part of the book lay down the foundations of how wireless LANs work and then show how to implement wireless LANs using Cisco devices.
Building wireless LANs requires some thought because the endpoints that use the LAN do not sit in one place and connect via a known cable and known switch port. To explain those details, Chapter 26 begins with the basics of how a wireless client can connect to the wireless network through a wireless access point (AP). After you learn the foundations in Chapter 26, Chapter 27 takes an architectural view of wireless LANs to discuss how you might build a wireless LAN for an enterprise, which requires much different thinking than, for instance, building a wireless LAN for your home.
Chapter 28 completes the three concepts-focused wireless LAN chapters by working through the alphabet soup that is wireless LAN security. The fact that wireless LAN clients come and go means that the LAN may be under constant attack as an easy place for an attacker to gain access to the network, so wireless LANs must use effective security. Finally, Chapter 29 closes by showing how to configure an enterprise wireless LAN using Cisco APs and the Cisco Wireless LAN Controller (WLC) from the WLC’s graphical interface.
Cisco CCNA 200-301 Part 2 Curriculum:
Lesson 1: IP Access Control Lists
The CCNA Official Cert Guide, Volume 2 includes the topics that help you build an enterprise network so all devices can communicate with all other devices. Parts I and II of this book focus on how to secure that enterprise network so that only the appropriate devices and users can communicate.
Part I focuses on IP Version 4 (IPv4) access control lists (ACLs). ACLs are IPv4 packet filters that can be programmed to look at IPv4 packet headers, make choices, and either allow a packet through or discard the packet. Because you can implement IPv4 ACLs on any router, a network engineer has a large number of options of where to use ACLs, without adding additional hardware or software, making ACLs a very flexible and useful tool.
Chapter 1 begins this part with an introduction to the TCP/IP transport layer protocols TCP and UDP, along with an introduction to several TCP/IP applications. This chapter provides the necessary background to understand the ACL chapters and to better prepare you for upcoming discussions of additional security topics in Part II and IP services topics in Part III.
Chapters 2 and 3 get into details about ACLs. Chapter 2 discusses ACL basics, avoiding some of the detail to ensure that you master several key concepts. Chapter 3 then looks at the much wider array of ACL features to make you ready to take advantage of the power of ACLs and to be ready to better manage those ACLs.
Lesson 2: Security Services
With the introduction of the new CCNA certification in early 2020, Cisco expanded the number of security topics in comparison to the old CCNA Routing and Switching certification. Part II includes the majority of the new security topics added to the new CCNA 200-301 certification as well as a few of the classic topics found in previous CCNA R&S exams.
Chapter 4 kicks off Part II with a wide description of security threats, vulnerabilities, and exploits. This introductory chapter sets the stage to help you think more like a security engineer.
Chapters 5, 6, and 8 then focus on a wide range of short security topics. Those topics include Chapter 5’s discussion of how to protect router and switch logins and passwords, along with an introduction to the functions and roles of firewalls or intrusion protection systems (IPSs). Chapters 6 and 8 then get into three separate security features built into Cisco switches: port security (Chapter 6), DHCP Snooping (Chapter 8), and Dynamic ARP Inspection (DAI). All three security features require a switch to examine frames as they enter the switch interface. This information enables port security, DHCP Snooping, and DAI to decide whether to allow the message to continue on its way.
Chapter 7 discusses the Dynamic Host Configuration Protocol (DHCP) as an end to itself. While this topic is actually an IP Service and would be a great fit for Part III (IP Services), the topics in Chapter 8 require that you know DHCP, so Chapter 7 sets that stage.
Lesson 3: Services
Part III shifts to a variety of topics that can be found in almost every network. None are required for a network to work, but many happen to be useful services. Most happen to use IP or support the IP network in some way, so Part III groups the topics together as IP Services.
Part III begins and ends with chapters that examine a series of smaller topics. First, Chapter 9 examines several IP services for which the CCNA exam requires you to develop configuration and verification skills. Those services include logging and syslog, the Network Time Protocol (NTP), as well as two related services: CDP and LLDP.
Chapter 12, at the end of Part III, closes with another series of smaller topics—although the CCNA 200-301 exam topics require only conceptual knowledge, not configuration skills for these topics. This chapter includes First Hop Redundancy Protocols (FHRPs), Simple Network Management Protocol (SNMP), and two related protocols: TFTP and FTP.
The two middle chapters in Part III also focus on IP-based services, beginning with Chapter 10’s examination of Network Address Translation (NAT). Almost every network uses NAT with IPv4, although in many cases, the firewall implements NAT. This chapter shows how to configure and verify NAT in a Cisco router.
Chapter 11 at first may give the appearance of a large chapter about one topic—Quality of Service—and it does focus on QoS; however, QoS by nature includes a wide variety of individual QoS tools. This chapter walks you through the basic concepts of the primary QoS features.
Lesson 4: Network Architecture
Part IV turns the attention away from the concept-configure-verify approach needed for many of the topics seen earlier in this book and in CCNA 200-301 Official Cert Guide, Volume 1. Instead, this part collects topics that will be presented more from an architecture and design perspective. In fact, the CCNA 200-301 exam organizes six exam topics with this same approach, all listed under exam topic 1.2 “Describe characteristics of network topology architectures.” The chapters in this part examine most of those topics.
First, Chapter 13 revisits LAN switching, which was covered to some depth in Volume 1. This chapter discusses campus LAN design concepts and terminology, like the 2 tier and 3 tier terms listed in the exam topics. This chapter also discusses how to supply power over that LAN infrastructure using Power over Ethernet (PoE), as well as the term small office/home office (SOHO).
CCNA 200-301 mentions WAN as an end to itself in one exam topic within the context of topology and architecture. Chapter 14 takes that thread and presents three major WAN architectures, going beyond the concepts you need to know to support the simple WAN cases used in the examples throughout both books so far. Those topics include MPLS VPN WANs, Ethernet WANs, and Internet VPNs.
Chapter 15 completes the architecture-focused chapters with a discussion of cloud architectures. This chapter begins by defining basic concepts and terms related to data centers and cloud and closes with design discussions that show packet flows in a public cloud environment.
Lesson 5: Network Automation
Part V of this book includes most of the network automation topics from the CCNA blueprint; however, the part includes as much discussion of how Cisco and others have changed the way networks work to enable better automation as it discusses tools and processes to automate networks.
Chapters 16 and 17 examine a wide range of products and architectures that also enable better operations and automation. Chapter 16 discusses how controllers can separate out part of the work formerly done by networking devices. The chapter shows the advantages of these new controller-based models and details a few examples. Chapter 17 then goes on to give more detail about Cisco Software-Defined Access (SDA), a controller-based networking approach to building enterprise campus networks.
Chapters 18 and 19 discuss a few more specific details about network automation. Controllers typically include REST APIs and often return data to automation programs in the form of formatted data like JSON. Chapter 18 introduces these concepts. Chapter 19 then moves on to discuss IT automation tools, specifically Ansible, Puppet, and Chef, with a focus on how to use these tools for network automation.
Lesson 6: Final Review
Now that you have finished the bulk of this book, you could just register for your Cisco CCNA exam, show up, and take the exam. However, if you spend a little time thinking about the exam event itself, learning more about the user interface of the real Cisco exams and the environment at the Pearson VUE testing centers, you will be better prepared, particularly if this is your first Cisco exam.
This first of two major sections in this chapter gives some advice about the Cisco exams and the exam event itself, specifically about:
- Question types
- Your time budget
- A sample time-check method
- The final week
- The 24 hours before the exam
- The final 30 minutes before the exam
- The hour after the exam
Cisco 200-301 – Implementing and Administering Cisco Solutions (CCNA) Live Labs:
- Networking Concepts – Part One
- Networking Concepts – Part Two
- IP Addressing and Virtualization Concepts
- Switching Fundamentals – Part One
- Switching Fundamentals – Part Two
- Configuring VLANs – Part One
- Configuring VLANs – Part Two
- Static and Dynamic Routing Principles
- Configure OSPFv2
- FHRP Configuration and Verification
- Static NAT Configuration
- NTP Configuration
- DHCP Concepts, Configuration and Verification
- Network Traffic Management using SNMP
- Configuring Syslog for Switching and Routing
- Remote Management Techniques
- Using File Transfer Protocols on Routers
- Network Management Tools
- Applying Security Protocols
- QoS for Routing Configuration using PHB
- Security Mitigation Techniques
- Wireless Architecture and Application
All necessary course materials are included.
This course prepares students to take the CompTIA A+ 220-1101 and 220-1102, CompTIA N10-008 Network+, CompTIA Security+ SY0-601 and the Cisco 200-301 – Implementing and Administering Cisco Solutions (CCNA) national certification exams.
ProTrain, LLC is not affiliated with and has no relationship with Cisco Systems, Inc.