The practical and conceptual knowledge you need to attain CCNP Enterprise certification
From one of the most trusted study guide publishers comes CCNP Enterprise Certification Study Guide: Exam 350-401. This guide helps you develop practical knowledge and best practices for critical aspects of enterprise infrastructure so you can gain your CCNP Enterprise certification. If you’re hoping to attain a broader range of skills and a solid understanding of Cisco technology, this guide will also provide fundamental concepts for learning how to implement and operate Cisco enterprise network core technologies.
By focusing on real-world skills, each chapter prepares you with the knowledge you need to excel in your current role and beyond. It covers emerging and industry-specific topics, such as SD-WAN, network design, wireless, and automation. This practical guide also includes lessons on:
● Automation
● Network assurance
● Security
● Enterprise infrastructure
● Dual-stack architecture
● Virtualization
In addition to helping you gain enterprise knowledge, this study guidecan lead you toward your Cisco specialist certification.
When you purchase this guide, you get access to the information you need to prepare yourself for advances in technology and new applications, as well as online study tools such as:
● Bonus practice exams
● Pre-made flashcards
● Glossary of key terms
● Specific focus areas
Expand your skillset and take your career to the next level with CCNP Enterprise Certification Study Guide.
Table of Contents
Introduction xxi
Assessment Test xxviii
Chapter 1 Networking Fundamentals 1
The OSI Model 2
The Upper Layers: Application, Presentation, and Session 4
Making Sense of Layers 4
The Lower Layers: Physical, Data Link, Network, and Transport 6
Layer 1: The Physical Layer 7
Layer 2: The Data Link Layer 8
A Brief History of Ethernet 8
The MAC Address Table 10
Maximum Transmission Unit 12
Subnet Limits 12
Layer 3: The Network Layer 13
Forwarding within a Subnet 14
Forwarding between Subnets 14
Address Resolution Protocol 16
Fragmentation 17
Routing vs. Forwarding 18
Layer 4: The Transport Layer 18
Transmission Control Protocol 19
Encapsulation and Decapsulation 21
Summary 22
Exam Essentials 22
Review Questions 24
Chapter 2 Spanning Tree Protocols 29
The Need for Spanning Tree 31
VLANs and Trunking 32
Dynamic Trunking 34
Unconditional Trunking 35
Active and Allowed VLANs 36
Rapid Per-VLAN Spanning Tree 38
Electing the Root Bridge 38
Calculating the Root Ports 41
Calculating the Root Ports of Indirectly Connected Switches 44
Modifying Port Cost 46
Modifying Port Priority 47
Calculating Blocked Ports 48
Port States 49
Port Roles 49
Link Types 49
Multiple Spanning Tree 50
Root Bridges and Port Priority 52
Internal Spanning Tree 53
Native VLAN 54
Topology Change Detection 55
Spanning Tree Extensions 55
Root Guard 55
BPDU Guard and BPDU Filter 57
Unidirectional Link Detection 58
Loop Guard 58
Summary 58
Exam Essentials 59
Exercises 60
Review Questions 62
Chapter 3 Enterprise Network Design 67
Physical Network Architectures 68
Comparing Campus and Data Center Networks 69
The Three-Tier Architecture 70
The Two-Tier Collapsed Core: A Cheaper Alternative 73
Layer 2 Design 74
Switched and Routed Interfaces 75
Switched Topologies 76
Routed Access Topology 81
EtherChannels 82
Load-Balancing Methods 83
Static EtherChannels 84
Port Aggregation Control Protocol 88
Link Aggregation Control Protocol 90
First-Hop Redundancy Protocols 91
Hot Standby Router Protocol 92
Virtual Router Redundancy Protocol 94
Gateway Load-Balancing Protocol 95
Summary 97
Exam Essentials 98
Review Questions 100
Chapter 4 Wireless LAN (WLAN) 105
Radio Frequency Fundamentals 106
Frequency and Amplitude 107
Carrier Frequency 109
Power Levels 110
WLAN 802.11 Standards 115
The Physical Layer: Frequencies and Channels 115
Layer 2: 802.11 Media Access Control (MAC) 119
Access Point Modes 124
Autonomous 124
Lightweight 124
Wireless LAN Controller Selection Process 125
Roaming and Location Services 126
Roaming 126
Location Services 128
Summary 128
Exam Essentials 129
Review Questions 130
Chapter 5 Open Shortest Path First (OSPF) 135
Link-State Advertisements 136
OSPF Areas 137
LSA Types 137
Neighbor Operations 141
Configuring OSPF 142
Configuring Area 0 on a Broadcast Network 142
Viewing Neighbor Adjacencies 143
Rigging the Designated Router Election 144
Viewing and Understanding LSAs 146
Authentication 154
Passive Interfaces 158
Injecting a Default Route 159
Inter-Area Summarization 161
Route Filtering 162
Distribute Lists 162
Summary 163
Exam Essentials 164
Exercises 164
Review Questions 166
Chapter 6 Enhanced Interior Gateway Routing Protocol (EIGRP) 171
EIGRP Fundamentals 172
EIGRP Packet Types 172
The Diffusing Update Algorithm (DUAL) 173
Weighted Metrics 176
Configuring EIGRP 178
Equal Cost Multipathing 181
Modifying Metrics 182
Switching Types 186
Unequal Cost Multipathing 187
Summary 190
Exam Essentials 190
Exercises 191
Review Questions 192
Chapter 7 The Border Gateway Protocol (BGP) 197
BGP Fundamentals 198
BGP AS Numbers 199
BGP Session States 201
Configuring BGP 202
Advertising Prefixes 204
Path Selection 205
Route Redistribution among BGP, OSPF, and EIGRP 210
Testing IP Reachability Using Tcl Scripts 214
Troubleshooting 215
Modifying Weight 218
Advertising Summary Routes Using Route Aggregation 220
Route Filtering Using Route Maps and Prefix Lists 222
Summary 225
Exam Essentials 226
Exercises 226
Review Questions 228
Chapter 8 Network Address Translation and Multicast 233
Network Address Translation 234
Address Types 234
Static NAT 236
Dynamic NAT 241
NAT Overload with Port Address Translation 247
Outside Static NAT 250
Removing NAT Configurations 251
Multicast 252
IP Multicast 253
LAN Multicast 253
Multicast Routing 257
Configuring PIM 258
Configuring a Multicast Receiver 262
IP Multicast and Ethernet 264
Summary 265
Exam Essentials 267
Exercises 268
Review Questions 270
Chapter 9 Quality of Service 275
Understanding Quality of Service 276
Classification and Marking 277
Differentiated Services 277
Layer 2 Marking 280
Class Maps and Policy Maps 280
Wireless QoS 281
Policing 284
Single-Rate, Two-Color Policing 284
Single-Rate, Three-Color Policing 285
Two-Rate Policing 287
Queuing 288
Class-Based Weighted Fair Queuing 288
Low-Latency Queuing 293
Explicit Congestion Notification 295
Shaping 295
Summary 297
Exam Essentials 297
Exercises 298
Review Questions 299
Chapter 10 Network Virtualization 303
Virtual Machines, Hypervisors, and Network Virtualization 304
Virtual Machines and Server Virtualization 305
Network Virtualization 307
Generic Routing Encapsulation Tunnels 312
Configuring a GRE Tunnel to Tunnel IPv4 and IPv6 over IPv4 312
Recursive Routing 318
IP Security 319
Internet Key Exchange 320
Encapsulating Security Payload 320
Configuring IPsec in Transport Mode with a GRE Tunnel 321
Configuring IPsec in Tunnel Mode 324
Location/ID Separation Protocol 326
LISP Terminology 328
Configuring LISP 328
Simulating IP Mobility 332
Is LISP a Routing Protocol? 334
Virtual Extensible Local Area Network 334
MAC Address Learning 335
Forwarding 335
Configuring VXLAN 336
VXLAN Control Planes 336
Configuring the Underlay 337
Configuring the Overlay 338
Configuring R1 and R2 339
Virtual Routing and Forwarding 340
Configuring a VRF 340
Configuring Multi-VRF EIGRP 342
Summary 345
Exam Essentials 345
Exercises 346
Review Questions 347
Chapter 11 Software-Defined Networking and Network Programmability 353
What Is Software-Defined Networking? 355
Software-Defined Access 356
SD-Access Layers 357
Physical Layer 357
Network Underlay 358
Fabric Overlay 359
Controller Layer 363
Management Layer 364
Software-Defined WAN 369
vManage Network Management System 370
vSmart Controller 370
vBond Orchestrator 371
vEdge Routers 371
Network Programmability and Automation 372
The Cisco DNA Center Intent API 372
vManage REST API 379
NETCONF 383
Embedded Event Manager 386
Configuration Management Platforms 388
Summary 391
Exam Essentials 391
Exercises 392
Review Questions 393
Chapter 12 Network Security and Monitoring 397
Infrastructure Security 398
Device Access 399
Authentication, Authorization, and Accounting 402
Access Control Lists 407
Control Plane Policing 412
Cisco Security Products 414
AnyConnect Secure Mobility Client 414
Umbrella 414
Advanced Malware Protection ThreatGrid 414
Advanced Malware Protection for Endpoints 415
Firepower Next-Generation Firewall 415
TrustSec 416
MAC Security 418
Wireless Security 418
WebAuth 418
Configuring WPA2 with 802.1X 422
Configuring 802.1X on the Client 422
Configure Preshared Keys 424
Monitoring 425
Conditional Debugs 425
Simple Network Management Protocol (SNMP) 425
Syslog 426
Network Time Protocol 428
NetFlow and Flexible NetFlow 429
Switched Port Analyzer 432
IP Service Level Agreement 434
Summary 436
Exam Essentials 437
Exercises 438
Review Questions 439
Appendix Answers to Review Questions 443
Chapter 1: Networking Fundamentals 444
Chapter 2: Spanning Tree Protocols 445
Chapter 3: Enterprise Network Design 447
Chapter 4: Wireless LAN (WLAN) 448
Chapter 5: Open Shortest Path First (OSPF) 450
Chapter 6: Enhanced Interior Gateway Routing Protocol (EIGRP) 451
Chapter 7: The Border Gateway Protocol (BGP) 453
Chapter 8: Network Address Translation and Multicast 454
Chapter 9: Quality of Service 456
Chapter 10: Network Virtualization 457
Chapter 11: Software-Defined Networking and Network Programmability 459
Chapter 12: Network Security and Monitoring 460
Index 463
