1. Analyzing Campus Network Designs

Enterprise Campus Architecture

• Describe Cisco SONA
• Evaluate the benefits of the enterprise campus architecture
• Determine the function of the core layer
• Evaluate the impact of traffic types on the network infrastructure

Cisco Lifecycle Services and Network Implementation

• Describe the PPDIOO life-cycle approach
• Describe PPDIOO implementation planning

2. Implementing VLANs in Campus Networks

Applying Best Practices for VLAN Topologies

• Describe the different VLAN segmentation models
• Given an enterprise VLAN network design, describe the information needed to create an implementation plan, identify the choices that need to be made, and analyze the consequences of those choices
• Given an enterprise VLAN network design that
  contains end-to-end VLANs and trunks, create an implementation and verification plan; then successfully execute that plan
• Given an enterprise VLAN network design that contains VTP, create an implementation and verification plan; then successfully execute that plan

Configuring Private VLANs

• Describe PVLANs
• Configure isolated PVLANs
• Configure community PVLANs
• Given an enterprise VLAN network design that
  contains PVLANs, create an implementation and verification plan; then successfully execute that plan
• Configure PVLANs across multiple switches

Configuring Link Aggregation with EtherChannel

• Understand the benefits of EtherChannel
• Compare the PAGP and the LACP
• Given an enterprise VLAN network design that contains Layer 2 EtherChannel links, create an implementation and verification plan; then
  successfully execute that plan
• Given an enterprise VLAN network design that contains load balancing among the ports included in an EtherChannel, create an implementation and verification plan; then successfully execute that plan

3. Implementing Spanning Tree

Spanning Tree Protocol Enhancements

• Describe the various STP standards
• Describe STP operations
• Implement and configure PVRST+
• Understand RSTP port roles
• Verify RSTP configurations
• Describe MSTP
• Implement and configure MSTP

Describing STP Stability Mechanisms

• Protect the operation of STP
• Configure BPDUGuard
• Configure BPDUFilter
• Configure RootGuard
• Configure LoopGuard
• Configure UDLD to detect and shut down unidirectional links
• Optimize STP operations by using the right combination of STP stability features

4. Implementing Inter-VLAN Routing

Describing Routing Between VLANs

• Configure both a switch and router to accommodate inter-VLAN packet transfer using an external router
• Describe a Layer 3 SVI
• Understand commands that are used to configure an SVI
• Describe a routed port on a multilayer switch
• Understand commands that are used to configure a routed port on a multilayer switch
• Configure Layer 3 Ether Channel links
• Configure inter-VLAN routing on a multilayer switch
• Configure DHCP services on a Layer 3 switch

Deploying Multilayer Switching with Cisco Express Forwarding

• Understand the process of multilayer switching, and how it differs when you are performing Layer 2 versus Layer 3 switching
• Understand the packet and frame header rewriting that is performed by a multilayer switch
• Explain Layer 3 switch processing
• Describe the various switching methods that are available on a Cisco switch
• Describe and configure Cisco Express Forwarding on a Cisco switch

5. Implementing a Highly Available Network

Understanding High Availability

• Evaluate the uses, requirements, benefits, and performance expectations of high availability in a given enterprise network design
• Describe resiliency for high availability
• Design the network for optimal redundancy

Implementing High Availability

• Implement high availability at the switch level
• Use Cisco StackWise technology on access switches
• Evaluate the impact of too little redundancy
• Assess the impact of uplink failure

Implementing Network Monitoring

• Implement network monitoring
• Configure IP SLA technology

6. Implementing Layer 3 High Availability

Configuring Layer 3 Redundancy with HSRP

• Describe routing issues
• Identify the router redundancy process
• Configure HSRP operations
• Describe and fine-tune HSRP Troubleshoot HSRP

Configuring Layer 3 Redundancy with VRRP and GLBP

• Describe VRRPIdentify the VRRP operations process
• Configure VRRP
• Describe GLBP
• Identify the GLBP operations process
• Configure GLBP

7. Minimizing Service Loss and Data Theft in a Campus Network

Understanding Switch Security Issues

• Describe switch and Layer 2 security as a subset of an overall network security plan
• Describe how a rogue device gains unauthorized access to a network
• Categorize switch attack types and list mitigation options
• Describe how a MAC flooding attack works to overflow a CAM Campus Backbone Layer table
• Describe how port security is used to block input from devices based on Layer 2 restrictions
• Describe the procedure for configuring port security on a switch
• Describe the methods that can be used for authentication using AAA
• Describe port-based authentication using 802.1X

Protecting Against VLAN Attacks

• Describe how VLAN hopping occurs and why it is a security vulnerability
• Explain the procedure for configuring a switch to mitigate VLAN hopping attacks
• Describe VACLs and their purpose as part of VLAN security
• Explain the procedure for configuring VACLs

Protecting Against Spoofing Attacks

• Identify DHCP spoofing attacks
• Prevent attacks using DHCP snooping
• Configure DHCP snooping
• Describe ARP poisoning
• Protect against ARP spoofing attacks with DAI

Securing Network Services

• Identify Cisco Discovery Protocol and LLDP vulnerabilities
• Identify Telnet protocol vulnerabilities
• Configure SSH
• Configure vty ACLs
• Configure Cisco IOS secure HTTP server
• Understand switch security considerations

8. Accommodating Voice and Video in Campus Networks

Planning for Support of Voice in a Campus Network

• Discuss the components of a VoIP network and the components of IP telephony
• Compare the uniform bandwidth consumption of voice traffic to the intermittent bandwidth consumption of data traffic
• Compare video bandwidth consumption to voice and
  data bandwidth consumption based on video application types
• Identify a solution for latency, jitter, bandwidth, packet loss, reliability, and security for voice and video traffic integration into a data network

Integrating and Verifying VoIP in a Campus Infrastructure

• Plan for VoIP requirements
• Describe Voice VLANs
• Configure and Verify Voice VLANs
• Plan PoE requirements and configure PoE
• Provide additional services required by VoIP devices
• Create a Test Plan for VoIP integration

Working with Specialists to Accommodate Voice and Video on Campus Switches

• Describe high availability applied to VoIP or video traffic
• Build an integrated voice/video/data campus network
• Explain the need for QoS for VoIP and video integration

9: Integrating Wireless LANs into a Campus Network

Comparing WLANs with Campus Networks

• Describe WLANs
• Compare wired and wireless LAN
• Describe main wireless LAN topologies
• Describe the settings specific to WLANs, such as SSIDs, and WLAN-to-VLAN mapping

Assessing the Impact of WLANs on Campus Networks

• Describe WLAN implementations
• Compare WLAN solutions
• Assess traffic flow in an autonomous AP configuration and its impact on the campus LAN
• Assess traffic flow in an controller-based configuration and its impact on the campus LAN

Preparing the Campus Infrastructure for WLANs

• Decide on the best placement for APs and controllers
• Configure switches for WLAN devices
• Gather WLAN requirements
• Plan WLAN integration
• Create a test plan