Skip links

Network+, Security+, CCNA

Certification

Network+, Security+, CCNA

This course prepares students to take the CompTIA Network+ N10-009, CompTIA Security+ SY0-701, and Cisco 200-301 - Implementing and Administering Cisco Solutions (CCNA) certification exams. This course includes FREE access for 12 months to a cloud based lab platform to assist students develop the practical information technology (IT) skills necessary to succeed in high in demand IT jobs.

Hours

210

Access Length

12 Months

Delivery

Self-Paced

Share

$2,761.00

Course Overview

The CompTIA Network+ certification validates your ability to install, configure, and manage wired and wireless networks. It demonstrates that you have the skills to troubleshoot common network problems and ensure network security. This certification is ideal for those who are beginning their careers in IT networking or want to validate their foundational network knowledge. Earning your CompTIA Network+ certification will give you a competitive edge in the job market and help you advance your IT career.

This course can benefit you in two ways. If you intend to pass the CompTIA Security+ (Exam SY0-701) certification examination, this course can be a significant part of your preparation. But certification is not the only key to professional success in the field of IT security. Today’s job market demands individuals with demonstrable skills, and the information and activities in this course can help you build your cybersecurity skill set so that you can confidently perform your duties in any entry-level security role.

Cisco CCNA Part 1 course introduces the fundamentals of the most important topics in TCP/IP networking (networking, focusing on Ethernet LANs, WANs, Virtual LANs (VLANs), Spanning Tree Protocol (STP), and IP routing). Students will learn the details of how to implement IPv4 routing in Cisco routers and the core concepts of IPv6. 

The CCNA Official Cert Guide, Part 2 includes the topics that help students build an enterprise network so all devices can communicate with all other devices and includes the majority of the new security topics added to the new CCNA 200-301 certification as well as a few of the classic topics found in previous CCNA R&S exams. Students will then turn their attention away from the concept-configure-verify approach to topics that will be presented more from an architecture and design perspective. Finally, students will examine a wide range of products and architectures that also enable better operations and automation – how controllers can separate out part of the work formerly done by networking devices, the advantages of these new controller-based models, and details about Cisco Software-Defined Access (SDA), a controller-based networking approach to building enterprise campus networks.

This course includes FREE access for 12 months to a cloud based lab platform to assist students in developing the practical information technology (IT) skills necessary to succeed in high in demand IT jobs.  This cloud based lab solution uses real equipment that enables our students to execute each practical task in a safe environment that is accessible from anywhere without needing to buy their own hardware or risk damage to their own system.

Along with providing the necessary hardware in a virtual environment, students gain access to high quality practical exercises that cover many of the exam topics they will encounter on their certifying exams.

This course prepares students to take the CompTIA Network+ N10-009, CompTIA Security+ SY0-701, and Cisco 200-301 – Implementing and Administering Cisco Solutions (CCNA) certification exams.

Course Outline:

CompTIA Network+ N10-009 Curriculum:
Lesson 1: Explaining Network Topologies

Computer networks are complex systems that incorporate multiple functions, standards, and proprietary technologies. The Open Systems Interconnection (OSI) model is used to try to simplify some of this complexity. It divides network technologies among seven functional layers. This makes it easier to separate and focus on individual concepts and technologies while retaining an understanding of relationships between functions of technologies placed in other layers.

This module uses the OSI model to give you an overview of the technologies that you will be studying in the rest of the course. You will compare the functions of these layers in the OSI model and apply those concepts to the installation and configuration of a small office/home office network.

You will also learn how to apply a methodology to structure troubleshooting activity, so that you can diagnose and resolve problems efficiently.

Lesson 2: Supporting Cabling and Physical Installations

At the Physical layer, networks are made from different cabling types and their connectors and transceivers. These establish direct links between nodes in a local segment. At the Data Link layer, nodes in these segments are given a standard means of exchanging data as frames.

As they are closely related, networking products often define standards for both the Physical and Data Link layers. While plenty of products have been used in the past, many cabled networks are now based on the Ethernet standards. Understanding the options and specifications for Ethernet are essential to building and supporting networks of all sizes.

In this module, you will summarize standards for deploying Ethernet over copper and fiber optic media types and identify the tools and techniques required to deploy and troubleshoot Ethernet cabling.

Lesson 3: Configuring Interfaces and Switches

Cabling establishes the links between nodes on the network, but each node also requires a network interface that both connects the cabling and performs the Data Link layer addressing and framing functions necessary for communications.

Also, not many networks are established by directly connecting each end system to every other local system. Cabling and support costs are reduced by using intermediate systems to establish local networks. These intermediate systems are deployed as network appliances such as hubs, bridges, and switches. Installing and configuring these devices will be a regular task for you during your career in network administration.

Lesson 4: Configuring Network Addressing

The Physical and Data Link layers covered in the previous course modules establish local links between nodes. At the Network layer—layer 3—these individual networks can be connected together into a network of networks, or internetwork.

In this module, you will identify the addressing and data delivery methods of the Internet Protocol (IP). IP is at the heart of most modern networks and consequently one of the most important topic areas for a network professional to understand and apply.

IP is implemented on network hosts using a wide variety of configuration interfaces and tools. You must be confident about selecting an appropriate tool to use to complete a particular support or troubleshooting task.

This module also introduces IPv6 addressing concepts and highlights some key differences between IPv6 and IPv4.

Lesson 5: Configuring Routing and Advanced Switching

Now that you are aware of the basic concepts of IP addressing and forwarding, you can start identifying ways that paths between networks are implemented. Routers work at layer 3 to aggregate information about neighboring networks and forward packets along an appropriate path to their final destination.

While configuring routing infrastructure is often a senior job role, you should understand basic concepts and be able to apply them to solve common issues.

Lesson 6: Implementing Network Services

Layers 1 through 3 of the OSI model are concerned with addressing and packet forwarding and delivery. This basic connectivity is established for the purpose of transporting application data. In this module, you will describe how protocols at layer 4 provision the transport services that network applications depend upon. Also, this module identifies application protocols that perform low-level network operations tasks, such as providing dynamic address or name resolution services.

Lesson 7: Explaining Application Services

Where DHCP and DNS support basic network operations, other Application layer protocols provide platforms for user-level services, such as websites, databases, file/printer sharing, email, and voice/video calling.

You must be able to identify the ports used by these services and their performance and security requirements so that you can assist with product deployments and upgrades and perform basic troubleshooting.

Lesson 8: Supporting Network Management

So far in this course, you have learned about all the different network media and topologies plus the application protocols that go toward building network connectivity and services. In this module, you will demonstrate use of tools and management methods that will help you document network assets, determine baselines, and optimize your network’s performance.

Lesson 9: Explaining Network Security Concepts

You have identified the basic components and concepts for deploying and monitoring a network, but a network implementation is not complete without security mechanisms. In this module, you will describe basic concepts related to network security. As a networking professional, it is part of your responsibility to understand these fundamental concepts so that you can support network security controls.

Lesson 10: Applying Network Security Features

Authentication and authorization policies and systems enforce access control. Access control ensures that an organization’s data is processed and stored securely. During your career in network support, you will often have to configure accounts and permissions and troubleshoot issues arising from access control.

Lesson 11: Supporting Network Security Design

The idea of an office network with web, file, and messaging services is a familiar one, but it is not the only use of networking. Networks are also used to support industrial and fulfillment processes, for example. The types and variety of services run over a network have a direct impact on its design, and on the security design especially. To support these diverse networks, you must be able to explain segmentation and security zone concepts. You should also be able to describe the technologies used to ensure the physical security of a network site.

Lesson 12: Configuring Wireless Networks

Wireless media technologies have distinct advantages for businesses over cabling. They can be easier to install to existing premises, and they support the device mobility that users require from laptop or smartphone-based access to networks. Wireless technology implementations offer various advantages, but you need to understand their limitations and security issues to support them properly in your network environments.

Lesson 13: Comparing Remote Access Methods

Most local networks require some sort of external connection, whether to the global Internet or within an enterprise WAN. These long-distance communications are typically facilitated by service provider links. Supporting WAN and Internet access effectively is an essential competency to learn.

User services and network management often require the creation of various types of remote access, including virtual private networks (VPNs). While remote access makes networks more usable and accessible, it also broadens the attack surface. You must understand the implications of different remote access models and protocols so that you can support their secure use.

Lesson 14: Summarizing Cloud Concepts

As the Internet becomes more robust and capable of matching the performance of local networks, many services are being moved from on-premises servers to cloud providers. Even where services are kept on-site, the different requirements and design principles of datacenters are essential competencies for network technicians at all levels.

This module completes the Network+ course by summarizing the software-driven virtualization, automation, and orchestration functionality that underpins cloud services.

CompTIA Security+ SY0-701 Curriculum:
Lesson 1: Summarize Fundamental Security Concepts

Security is an ongoing process that includes assessing requirements, setting up organizational security systems, hardening and monitoring those systems, responding to attacks in progress, and deterring attackers. If you can summarize the fundamental concepts that underpin security functions, you can contribute more effectively to a security team. You must also be able to explain the importance of compliance factors and best practice frameworks in driving the selection of security controls and how departments, units, and professional roles within different types of organizations implement the security function.

Lesson 2: Compare Threat Types

To make an effective security assessment, you must be able to explain strategies for both defense and attack. Your responsibilities are likely to lie principally in defending assets, but to do this you must be able to explain the tactics, techniques, and procedures of threat actors. You must also be able to differentiate the types and capabilities of threat actors and the ways they can exploit the attack surface that your networks and systems expose.

Lesson 3: Explain Cryptographic Solutions

The protect cybersecurity function aims to build secure IT processing systems that exhibit the attributes of confidentiality, integrity, and availability. Many of these systems depend wholly or in part on cryptography. As an information security professional, you must understand the concepts underpinning cryptographic algorithms and their implementation in secure protocols and services. A s trong technical understanding of the subject will enable you to explain the importance of cryptographic systems and to select appropriate technologies to meet a given security goal.

Lesson 4: Implement Identity and Access Management

Each network user and host device must be identified with an account so that you can control their access to your organization’s applications, data, and services. The processes that support this requirement are referred to as identity and access management (IAM). Within IAM, authentication technologies ensure that only valid subjects (users or devices) can operate an account. Authentication requires the account holder to submit credentials that should only be known or held by them in order to access the account. There are many authentication technologies, and it is imperative that you be able to implement and maintain these security controls.

Lesson 5: Secure Enterprise Network Architecture

Managing user authentication and authorization is only one part of building secure information technology services. The network infrastructure must also be designed to run services with the properties of confidentiality, integrity, and availability. While design might not be a direct responsibility for you at this stage in your career, you should understand the factors that underpin design decisions, so that you can assist with analysis and planning.

Lesson 6: Secure Cloud Network Architecture

Cloud network architecture encompasses a range of concepts and technologies designed to ensure the confidentiality, integrity, and availability of data and applications within cloud-based environments. Cloud architecture and modern software deployment practices enable seamless integration, management, and optimization of resources within cloud-based environments. Key features include on-demand provisioning, elasticity, and scalability, which allow rapid deployment and dynamic adjustments to computing, storage, and network resources as required.

Lesson 7: Explain Resiliency and Site Security Concepts

Security architecture resilience refers to the design and implementation of systems and networks in a way that allows them to withstand and recover quickly from disruptions or attacks. This includes redundancy, fail-safe mechanisms, and robust incident response plans. By building resilience into the security architecture, cybersecurity teams ensure that even if a breach occurs, the impact is minimized, and normal operations can be restored quickly. Physical security protects personnel, hardware, software, networks, and data from physical actions and events that could cause severe damage or loss to an organization. This includes controls like access badges, CCTV systems, and locks, as well as sensors for intrusion detection. Physical security is a critical aspect of cybersecurity, as a breach in physical security can lead to direct access to systems and data, bypassing other cybersecurity measures.

Lesson 8: Explain Vulnerability Management

Vulnerability management is critical to any organization’s cybersecurity strategy, encompassing identifying, evaluating, treating, and reporting security vulnerabilities in operating systems, applications, and other components of an organization’s IT operations. Vulnerability management may involve patching outdated systems, hardening configurations, or upgrading to more secure versions of operating systems. For applications, it might include code reviews, security testing, and updating third-party libraries.

Lesson 9: Evaluate Network Security Capabilities

Secure baselines, hardening, wireless security, and network access control are fundamental concepts in cybersecurity. Secure baselines establish a set of standardized security configurations for different types of IT assets, such as operating systems, networks, and applications. These baselines represent a starting point for security measures, offering a defined minimum level of security that all systems must meet. Hardening is the process of reducing system vulnerabilities to make IT resources more resilient to attacks. It involves disabling unnecessary services, configuring appropriate permissions, applying patches and updates, and ensuring adherence to secure configurations defined by the secure baselines. Wireless security describes the measures to protect wireless networks from threats and unauthorized access. This includes using robust encryption (like WPA3), secure authentication methods (like RADIUS in enterprise mode), and monitoring for rogue access points.

Lesson 10: Assess Endpoint Security Capabilities

Security strategies may include additional considerations for mobile devices such as smartphones and tablets. While keeping the operating system and applications updated is still crucial, other practices such as disabling unnecessary features (like Bluetooth and NFC when not in use), limiting app permissions, and avoiding unsecured Wi-Fi networks become increasingly important. Installing trusted security apps, enabling device encryption, and enforcing screen locks are essential considerations. Mobile device management (MDM) solutions help manage and control security features across various mobile devices.

Lesson 11: Enhance Application Security Capabilities

Secure protocol and application development concepts are essential pillars of robust cybersecurity. Protocols such as HTTPS, SMTPS, and SFTP provide encrypted communication channels, ensuring data confidentiality and integrity during transmission. Similarly, email security protocols like SPF, DKIM, and DMARC work to authenticate sender identities and safeguard against phishing and spam. Secure coding practices encompass input validation to thwart attacks like SQL injection or XSS, enforcing the principle of least privilege to minimize exposure during a breach, implementing secure session management, and consistently updating and patching software components. Developers must also design software that generates structured, secure logs to support effective monitoring and alerting capabilities.

Lesson 12: Explain Incident Response and Monitoring Concepts

From a day-to-day perspective, incident response means investigating the alerts produced by monitoring systems and issues reported by users. This activity is guided by policies and procedures and assisted by various technical controls. Incident response is a critical security function, and will be a very large part of your work as a security professional. You must be able to summarize the phases of incident handling and utilize appropriate data sources to assist an investigation. Where incident response emphasizes the swift eradication of malicious activity, digital forensics requires patient capture, preservation, and analysis of evidence using verifiable methods. You may be called on to assist with an investigation into the details of a security incident and to identify threat actors. To assist these investigations, you must be able to summarize the basic concepts of collecting and processing forensic evidence that could be used in legal action or for strategic counterintelligence.

Lesson 13: Analyze Indicators of Malicious Activity

The preparation phase of incident response identifies data sources that can support investigations. It also provisions tools to aggregate and correlate this data and partially automate its analysis to drive an alerting and monitoring system. While automated detection is a huge support for the security team, it cannot identify all indicators of malicious activity. As an incident responder, you must be able to identify signs in data sources that point to a particular type of attack.

Lesson 14: Summarize Security Governance Concepts

Security governance is a critical aspect of an organization’s overall security posture, providing a framework that guides the management of cybersecurity risks. It involves developing, implementing, and maintaining policies, procedures, standards, and guidelines to safeguard information assets and technical infrastructure. Security governance encompasses the roles and responsibilities of various stakeholders, emphasizing the need for a culture of security awareness throughout the organization. Governance frameworks must manage and maintain compliance with relevant laws, regulations, and contractual obligations while supporting the organization’s strategic objectives. Effective security governance also involves continuous monitoring and improvement to adapt to evolving threats and changes in the business and regulatory environment.

Lesson 15: Explain Risk Management Processes

Effective risk management practices involve systematically identifying, assessing, mitigating, and monitoring organizational risks. Audits provide an independent and objective evaluation of processes, controls, and compliance, ensuring adherence to standards and identifying gaps that pose risks. On the other hand, assessments help evaluate the effectiveness of risk management strategies, identify potential vulnerabilities, and prioritize mitigation efforts. By combining audits and assessments, organizations can comprehensively understand risks, implement appropriate controls, and continuously monitor and adapt their risk management strategies to protect against potential threats. These practices are essential for maintaining proactive and resilient security operations while ensuring compliance with legal mandates.

Lesson 16: Summarize Data Protection and Compliance Concepts

Data protection and compliance encompass a range of practices and principles aimed at safeguarding sensitive information, ensuring privacy, and adhering to applicable laws and regulations. Data protection involves implementing measures to secure data against unauthorized access, loss, or misuse. It includes practices such as encryption, access controls, data backup, and secure storage. Compliance refers to conforming to legal, regulatory, and industry requirements relevant to data handling, privacy, security, and transparency. Organizations can safeguard individuals’ privacy, ensure data security, fulfill legal requirements, and establish credibility with customers, partners, and regulatory authorities by comprehending and implementing these data protection and compliance principles. Compliance with applicable data protection laws, regulations, and standards is crucial for organizations to avoid legal liabilities, reputational damage, and financial penalties associated with noncompliance.

Cisco CCNA 200-301 Part 1 Curriculum:
Lesson 1: Introduction to Networking

This first part of the book introduces the fundamentals of the most important topics in TCP/IP networking. Chapter 1 provides a broad look at TCP/IP, introducing the common terms, big concepts, and major protocols for TCP/IP. Chapter 2 then examines local-area networks (LAN), which are networks that connect devices that are located near each other; for instance, in the same building. Chapter 3 then shows how to connect those LANs across long distances with wide-area networks (WAN) with a focus on how routers connect LANs and WANs to forward data between any two devices in the network.

Lesson 2: Implementing Ethernet LANs

Part I provided a broad look at the fundamentals of all parts of networking, focusing on Ethernet LANs, WANs, and IP routing. Parts II and III now drill into depth about the details of Ethernet, which was introduced in Chapter 2, “Fundamentals of Ethernet LANs.”

Part II begins that journey by discussing the basics of building a small Ethernet LAN with Cisco Catalyst switches. The journey begins by showing how to access the user interface of a Cisco switch so that you can see evidence of what the switch is doing and configure the switch to act in the ways you want it to act. At this point, you should start using whatever lab practice option you chose in the “Your Study Plan” section that preceded Chapter 1, “Introduction to TCP/IP Networking.” (And if you have not yet finalized your plan for how to practice your hands-on skills, now is the time.)

After you complete Chapter 4 and see how to get into the command-line interface (CLI) of a switch, the next three chapters step through some important foundations of how to implement LANs—foundations used by every company that builds LANs with Cisco gear. Chapter 5 takes a close look at Ethernet switching—that is, the logic used by a switch—and how to know what a particular switch is doing. Chapter 6 shows the ways to configure a switch for remote access with Telnet and Secure Shell (SSH), along with a variety of other useful commands that will help you when you work with any real lab gear, simulator, or any other practice tools. Chapter 7, the final chapter in Part II, shows how to configure and verify the operation of switch interfaces for several important features, including speed, duplex, and auto-negotiation.

Lesson 3: Implementing VLANs and STP

Part II of this book introduces the basics of Ethernet LANs, both in concept and in how to implement the features. However, the two primary features discussed in Part III of this book—Virtual LANs (VLANs) and Spanning Tree Protocol (STP)—impact almost everything you have learned about Ethernet so far. VLANs allow a network engineer to create separate Ethernet LANs through simple configuration choices. The ability to separate some switch ports into one VLAN and other switch ports into another VLAN give network designers a powerful tool for creating networks. Once created, VLANs also have a huge impact on how a switch works, which then impacts how you verify and troubleshoot the operation of a campus LAN.

STP—and the related and similar Rapid STP (RSTP)—acts to prevent frames from looping around a LAN. Without STP or RSTP, in LANs with redundant links, broadcasts and some other frames would be forwarded around and around the LAN, eventually clogging the LAN so much as to make it unusable.

The current CCNA 200-301 exam blueprint includes exam topics for the configuration and verification of VLANs and related topics. However, the CCNA exam topics only mention RSTP concepts rather than configuration/verification. To that end, Part III opens with Chapter 8, which goes to the configuration/verification depth with VLAN topics, followed by Chapter 9, which introduces the concepts of STP and RSTP.

Part III closes with Chapter 10, which includes some RSTP configuration, along with Layer 2 EtherChannel configuration.

Lesson 4: IPv4 Addressing

The book makes a big transition at this point. Part I gave you a broad introduction to networking, and Parts II and III went into some detail about the dominant LAN technology today: Ethernet. Part IV transitions from Ethernet to the network layer details that sit above Ethernet and WAN technology, specifically IP Version 4 (IPv4).

Thinking about the network layer requires engineers to shift how they think about addressing. Ethernet allows the luxury of using universal MAC addresses, assigned by the manufacturers, with no need to plan or configure addresses. Although the network engineer needs to understand MAC addresses, MAC already exists on each Ethernet NIC, and switches learn the Ethernet MAC addresses dynamically without even needing to be configured to do so. As a result, most people operating the network can ignore the specific MAC address values for most tasks.

Conversely, IP addressing gives us flexibility and allows choice, but those features require planning, along with a much deeper understanding of the internal structure of the addresses. People operating the network must be more aware of the network layer addresses when doing many tasks. To better prepare you for these Layer 3 addressing details, this part breaks down the addressing details into four chapters, with an opportunity to learn more in preparation for the CCNP Enterprise certification.

Part IV examines most of the basic details of IPv4 addressing and subnetting, mostly from the perspective of operating an IP network. Chapter 11 takes a grand tour of IPv4 addressing as implemented inside a typical enterprise network. Chapters 12, 13, and 14 looks at some of the specific questions people must ask themselves when operating an IPv4 network.

Lesson 5: IPv4 Routing

Parts V and VI work together to reveal the details of how to implement IPv4 routing in Cisco routers. To that end, Part V focuses on the most common features for Cisco routers, including IP address configuration, connected routes, and static routes. Part VI then goes into some detail about the one IP routing protocol discussed in this book: OSPF Version 2 (OSPFv2).

Part V follows the progression of topics. First, Chapter 15 examines the fundamentals of routers—the physical components, how to access the router command-line interface (CLI), and the configuration process. Chapter 15 makes a close comparison of the switch CLI and its basic administrative commands so that you have to learn only new commands that apply to routers but not to switches.

Chapter 16 then moves on to discuss how to configure routers to route IPv4 packets in the most basic designs. Those designs require a simple IP address/mask configuration on each interface, with the addition of a static route command—a command that directly configures a route into the IP routing table—for each destination subnet.

By the end of Chapter 16, you should have a solid understanding of how to enable IP addressing and routing in a Cisco router, so Chapter 17 continues the progression into more challenging but more realistic configurations related to routing between subnets in a LAN environment. Most LANs use many VLANs, with one subnet per VLAN. Cisco routers and switches can be configured to route packets between those subnets, with more than a few twists in the configuration.

Finally, Part V closes with a chapter about troubleshooting IPv4 routing. The chapter features the ping and traceroute commands, two commands that can help you discover not only whether a routing problem exists but also where the problem exists. Chapters 15, 16, and 17 show how to confirm whether a route has been added to one router’s routing table, while the commands discussed in Chapter 18 teach you how to test the end-to-end routes from sending host to receiving host.

Lesson 6: OSPF

Part IV began the story in this book about IP Version 4 (IPv4) addressing. Part V continued that story with how to implement addressing in Cisco routers, along with a variety of methods to route packets between local interfaces. But those topics delayed the discussion of one of the most important topics in TCP/IP, namely IP routing protocols.

Routers use IP routing protocols to learn about the subnets in an internetwork, choose the current best routes to reach each subnet, and to add those routes to each router’s IP routing table. Cisco chose to include one and only one IP routing protocol in the CCNA 200-301 exam: the Open Shortest Path First (OSPF) routing protocol. This entire part focuses on OSPF as an example of how routing protocols work.

Lesson 7: IP Version 6

So far, this book has mostly ignored IP version 6 (IPv6). This part reverses the trend, collecting all the specific IPv6 topics into four chapters.

The chapters in Part VII walk you through the same topics discussed throughout this book for IPv4, often using IPv4 as a point of comparison. Certainly, many details differ when comparing IPv4 and IPv6. However, many core concepts about IP addressing, subnetting, routing, and routing protocols remain the same. The chapters in this part build on those foundational concepts, adding the specific details about how IPv6 forwards IPv6 packets from one host to another.

Lesson 8: IP Version 6

This book began with an overview of the fundamentals of LANs, WANs, and IP routing. It then described Ethernet LANs (wired LANs) in some depth over the course of seven chapters. The book then meandered through many chapters exploring the many concepts of IPv4 and IPv6 addressing, routing, and how to implement those features in Cisco devices.

This final part of Volume 1 turns our attention back to the LAN, not to wired Ethernet LANs, but to IEEE 802.11 wireless LANs—in other words, Wi-Fi. The four chapters in this part of the book lay down the foundations of how wireless LANs work and then show how to implement wireless LANs using Cisco devices.

Building wireless LANs requires some thought because the endpoints that use the LAN do not sit in one place and connect via a known cable and known switch port. To explain those details, Chapter 26 begins with the basics of how a wireless client can connect to the wireless network through a wireless access point (AP). After you learn the foundations in Chapter 26, Chapter 27 takes an architectural view of wireless LANs to discuss how you might build a wireless LAN for an enterprise, which requires much different thinking than, for instance, building a wireless LAN for your home.

Chapter 28 completes the three concepts-focused wireless LAN chapters by working through the alphabet soup that is wireless LAN security. The fact that wireless LAN clients come and go means that the LAN may be under constant attack as an easy place for an attacker to gain access to the network, so wireless LANs must use effective security. Finally, Chapter 29 closes by showing how to configure an enterprise wireless LAN using Cisco APs and the Cisco Wireless LAN Controller (WLC) from the WLC’s graphical interface.

Cisco CCNA 200-301 Part 2 Curriculum:
Lesson 1: IP Access Control Lists

The CCNA Official Cert Guide, Volume 2 includes the topics that help you build an enterprise network so all devices can communicate with all other devices. Parts I and II of this book focus on how to secure that enterprise network so that only the appropriate devices and users can communicate.

Part I focuses on IP Version 4 (IPv4) access control lists (ACLs). ACLs are IPv4 packet filters that can be programmed to look at IPv4 packet headers, make choices, and either allow a packet through or discard the packet. Because you can implement IPv4 ACLs on any router, a network engineer has a large number of options of where to use ACLs, without adding additional hardware or software, making ACLs a very flexible and useful tool.

Chapter 1 begins this part with an introduction to the TCP/IP transport layer protocols TCP and UDP, along with an introduction to several TCP/IP applications. This chapter provides the necessary background to understand the ACL chapters and to better prepare you for upcoming discussions of additional security topics in Part II and IP services topics in Part III.

Chapters 2 and 3 get into details about ACLs. Chapter 2 discusses ACL basics, avoiding some of the detail to ensure that you master several key concepts. Chapter 3 then looks at the much wider array of ACL features to make you ready to take advantage of the power of ACLs and to be ready to better manage those ACLs.

Lesson 2: Security Services

With the introduction of the new CCNA certification in early 2020, Cisco expanded the number of security topics in comparison to the old CCNA Routing and Switching certification. Part II includes the majority of the new security topics added to the new CCNA 200-301 certification as well as a few of the classic topics found in previous CCNA R&S exams.

Chapter 4 kicks off Part II with a wide description of security threats, vulnerabilities, and exploits. This introductory chapter sets the stage to help you think more like a security engineer.

Chapters 5, 6, and 8 then focus on a wide range of short security topics. Those topics include Chapter 5’s discussion of how to protect router and switch logins and passwords, along with an introduction to the functions and roles of firewalls or intrusion protection systems (IPSs). Chapters 6 and 8 then get into three separate security features built into Cisco switches: port security (Chapter 6), DHCP Snooping (Chapter 8), and Dynamic ARP Inspection (DAI). All three security features require a switch to examine frames as they enter the switch interface. This information enables port security, DHCP Snooping, and DAI to decide whether to allow the message to continue on its way.

Chapter 7 discusses the Dynamic Host Configuration Protocol (DHCP) as an end to itself. While this topic is actually an IP Service and would be a great fit for Part III (IP Services), the topics in Chapter 8 require that you know DHCP, so Chapter 7 sets that stage.

Lesson 3: Services

Part III shifts to a variety of topics that can be found in almost every network. None are required for a network to work, but many happen to be useful services. Most happen to use IP or support the IP network in some way, so Part III groups the topics together as IP Services.

Part III begins and ends with chapters that examine a series of smaller topics. First, Chapter 9 examines several IP services for which the CCNA exam requires you to develop configuration and verification skills. Those services include logging and syslog, the Network Time Protocol (NTP), as well as two related services: CDP and LLDP.

Chapter 12, at the end of Part III, closes with another series of smaller topics—although the CCNA 200-301 exam topics require only conceptual knowledge, not configuration skills for these topics. This chapter includes First Hop Redundancy Protocols (FHRPs), Simple Network Management Protocol (SNMP), and two related protocols: TFTP and FTP.

The two middle chapters in Part III also focus on IP-based services, beginning with Chapter 10’s examination of Network Address Translation (NAT). Almost every network uses NAT with IPv4, although in many cases, the firewall implements NAT. This chapter shows how to configure and verify NAT in a Cisco router.

Chapter 11 at first may give the appearance of a large chapter about one topic—Quality of Service—and it does focus on QoS; however, QoS by nature includes a wide variety of individual QoS tools. This chapter walks you through the basic concepts of the primary QoS features.

Lesson 4: Network Architecture

Part IV turns the attention away from the concept-configure-verify approach needed for many of the topics seen earlier in this book and in CCNA 200-301 Official Cert Guide, Volume 1. Instead, this part collects topics that will be presented more from an architecture and design perspective. In fact, the CCNA 200-301 exam organizes six exam topics with this same approach, all listed under exam topic 1.2 “Describe characteristics of network topology architectures.” The chapters in this part examine most of those topics.

First, Chapter 13 revisits LAN switching, which was covered to some depth in Volume 1. This chapter discusses campus LAN design concepts and terminology, like the 2 tier and 3 tier terms listed in the exam topics. This chapter also discusses how to supply power over that LAN infrastructure using Power over Ethernet (PoE), as well as the term small office/home office (SOHO).

CCNA 200-301 mentions WAN as an end to itself in one exam topic within the context of topology and architecture. Chapter 14 takes that thread and presents three major WAN architectures, going beyond the concepts you need to know to support the simple WAN cases used in the examples throughout both books so far. Those topics include MPLS VPN WANs, Ethernet WANs, and Internet VPNs.

Chapter 15 completes the architecture-focused chapters with a discussion of cloud architectures. This chapter begins by defining basic concepts and terms related to data centers and cloud and closes with design discussions that show packet flows in a public cloud environment.

Lesson 5: Network Automation

Part V of this book includes most of the network automation topics from the CCNA blueprint; however, the part includes as much discussion of how Cisco and others have changed the way networks work to enable better automation as it discusses tools and processes to automate networks.

Chapters 16 and 17 examine a wide range of products and architectures that also enable better operations and automation. Chapter 16 discusses how controllers can separate out part of the work formerly done by networking devices. The chapter shows the advantages of these new controller-based models and details a few examples. Chapter 17 then goes on to give more detail about Cisco Software-Defined Access (SDA), a controller-based networking approach to building enterprise campus networks.

Chapters 18 and 19 discuss a few more specific details about network automation. Controllers typically include REST APIs and often return data to automation programs in the form of formatted data like JSON. Chapter 18 introduces these concepts. Chapter 19 then moves on to discuss IT automation tools, specifically Ansible, Puppet, and Chef, with a focus on how to use these tools for network automation.

Lesson 6: Final Review

Now that you have finished the bulk of this book, you could just register for your Cisco CCNA exam, show up, and take the exam. However, if you spend a little time thinking about the exam event itself, learning more about the user interface of the real Cisco exams and the environment at the Pearson VUE testing centers, you will be better prepared, particularly if this is your first Cisco exam.

This first of two major sections in this chapter gives some advice about the Cisco exams and the exam event itself, specifically about:

  • Question types
  • Your time budget
  • A sample time-check method
  • The final week
  • The 24 hours before the exam
  • The final 30 minutes before the exam
  • The hour after the exam
Cisco 200-301 – Implementing and Administering Cisco Solutions (CCNA) Live Labs:
  • Networking Concepts – Part One
  • Networking Concepts – Part Two
  • IP Addressing and Virtualization Concepts
  • Switching Fundamentals – Part One
  • Switching Fundamentals – Part Two
  • Configuring VLANs – Part One
  • Configuring VLANs – Part Two
  • Static and Dynamic Routing Principles
  • Configure OSPFv2
  • FHRP Configuration and Verification
  • Static NAT Configuration
  • NTP Configuration
  • DHCP Concepts, Configuration and Verification
  • Network Traffic Management using SNMP
  • Configuring Syslog for Switching and Routing
  • Remote Management Techniques
  • Using File Transfer Protocols on Routers
  • Network Management Tools
  • Applying Security Protocols
  • QoS for Routing Configuration using PHB
  • Security Mitigation Techniques
  • Wireless Architecture and Application

All necessary course materials are included.

Certification(s):

This course prepares students to take the CompTIA Network+ N10-009, CompTIA Security+ SY0-701, and Cisco 200-301 – Implementing and Administering Cisco Solutions (CCNA) certification exams.

 

ProTrain, LLC is not affiliated with and has no relationship with Cisco Systems, Inc.

System Requirements.

View the general hardware, internet, and software needs you'll want to have covered before enrolling

Get Trained. Get Hired.

This program includes unparalleled training, career support, and coaching. It’s a faster, cheaper alternative to traditional schooling.

Begin your training right now.

Complete your training on your own terms.

Prepare to take certification exams.

Program Support

Focus and target your audience through the right channels.

Career Resources

Focus and target your audience through the right channels.

Payment Plans

Focus and target your audience through the right channels.

MyCAA Grants

Focus and target your audience through the right channels.