Home > Store

CCNA 200-301 Official Cert Guide, Volume 2, 2nd Edition

Register your product to gain access to bonus material or receive a coupon.

CCNA 200-301 Official Cert Guide, Volume 2, 2nd Edition

Best Value Purchase

Book + eBook Bundle

  • Your Price: $66.74
  • List Price: $119.98
  • About Premium Edition eBooks
  • The Premium Edition eBook and Practice Test is a digital-only certification preparation product combining an eBook with enhanced Pearson Test Prep practice tests.

    Your purchase will deliver:

    • Link to download the Pearson Test Prep exam engine
    • Access code for question database
    • eBook in the following formats, accessible from your Account page after purchase:

    EPUB The open industry format known for its reflowable content and usability on supported mobile devices.

    PDF The popular standard, which reproduces the look and layout of the printed page.

    This eBook requires no passwords or activation to read. We customize your eBook by discreetly watermarking it with your name, making it uniquely yours.

    eBook FAQ

    eBook Download Instructions

More Purchase Options

Book

  • Your Price: $43.99
  • List Price: $54.99
  • Usually ships in 24 hours.

Premium Edition eBook

  • Your Price: $51.99
  • List Price: $64.99
  • Estimated Release: Jul 22, 2024
  • About Premium Edition eBooks
  • The Premium Edition eBook and Practice Test is a digital-only certification preparation product combining an eBook with enhanced Pearson Test Prep practice tests.

    Your purchase will deliver:

    • Link to download the Pearson Test Prep exam engine
    • Access code for question database
    • eBook in the following formats, accessible from your Account page after purchase:

    EPUB The open industry format known for its reflowable content and usability on supported mobile devices.

    PDF The popular standard, which reproduces the look and layout of the printed page.

    This eBook requires no passwords or activation to read. We customize your eBook by discreetly watermarking it with your name, making it uniquely yours.

    eBook FAQ

    eBook Download Instructions

Description

  • Copyright 2025
  • Dimensions: 7-3/8" x 9-1/8"
  • Pages: 752
  • Edition: 2nd
  • Book
  • ISBN-10: 0-13-821495-6
  • ISBN-13: 978-0-13-821495-1

Trust the best-selling Official Cert Guide series from Cisco Press to help you learn, prepare, and practice for exam success. It is built with the objective of providing assessment, review, and practice to help ensure you are fully prepared for your certification exam.

CCNA 200-301 Official Cert Guide, Volume 2, Second Edition presents you with an organized test-preparation routine using proven series elements and techniques. Do I Know This Already? quizzes open each chapter and enable you to decide how much time you need to spend on each section. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly.

  • Master Cisco CCNA 200-301 exam topics
  • Assess your knowledge with chapter-opening quizzes
  • Review key concepts with exam preparation tasks
  • Practice with realistic exam questions in the practice test software

CCNA 200-301 Official Cert Guide, Volume 2, Second Edition from Cisco Press enables you to succeed on the exam the first time and is the only self-study resource approved by Cisco. Best-selling author Wendell Odom shares preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills.

This complete study package includes

  • A test-preparation routine proven to help you pass the exams
  • Do I Know This Already? quizzes, which enable you to decide how much time you need to spend on each section
  • Chapter-ending Key Topic tables, which help you drill on key concepts you must know thoroughly
  • The powerful Pearson Test Prep Practice Test software, complete with hundreds of well-reviewed, exam-realistic questions, customization options, and detailed performance reports
  • A free copy of the CCNA 200-301 Network Simulator Volume 2 Lite software, complete with meaningful lab exercises that help you hone your hands-on skills with the command-line interface for routers and switches
  • Links to a series of hands-on config labs developed by the author
  • Online, interactive practice exercises that help you enhance your knowledge and hone your configuration skills
  • More than 2 hours of video mentoring from the author
  • An online, interactive Flash Cards application to help you drill on Key Terms by chapter
  • A final preparation chapter, which guides you through tools and resources to help you craft your review and test-taking strategies
  • Study plan suggestions and templates to help you organize and optimize your study time

Well regarded for its level of detail, study plans, assessment features, hands-on labs, and challenging review questions and exercises, this official study guide helps you master the concepts and techniques that ensure your exam success.

This official study guide has been fully updated to help you master the topics on the latest CCNA 200-301 exam. Volume 2 topic coverage includes

  • Wireless LANs
  • IP access control lists
  • Security services
  • IP services
  • Network architecture
  • Network automation

Content Update Program

This fully updated second edition includes the latest topics and additional information covering changes to the latest CCNA 200-301 exam. Visit ciscopress.com/newcerts for information on annual digital updates for this book that align to Cisco exam blueprint version changes.

Companion Website:

The companion website contains more than 600 unique practice exam questions, including two Volume 2 exam banks and four full CCNA exam banks, CCNA Network Simulator Lite software, online review and practice exercises, Key Term flashcards, and 2+ hours of video training.

In addition to the wealth of updated content, this new edition includes a series of free hands-on exercises to help you master several real-world configuration and troubleshooting activities. These exercises can be performed on the CCNA 200-301 Network Simulator Lite, Volume 2 software included for free on the companion website that accompanies this book. This software, which simulates the experience of working on actual Cisco routers and switches, contains the following lab exercises, covering the ACL topics in Part II:

  1. ACL I
  2. ACL II
  3. ACL III
  4. ACL IV
  5. ACL V
  6. ACL VI
  7. ACL Analysis I
  8. Named ACL I
  9. Named ACL II
  10. Named ACL III
  11. Standard ACL Configuration Scenario
  12. Extended ACL Configuration Scenario I
  13. Extended ACL Configuration Scenario II

If you are interested in exploring more hands-on labs and practice configuration and troubleshooting with more router and switch commands, go to www.pearsonitcertification.com/networksimulator for demos and to review the latest products for sale.

Also available from Cisco Press for CCNA study is the CCNA 200-301 Official Cert Guide Volume 2 Premium Edition eBook and Practice Test, Second Edition. This digital-only certification preparation product combines an eBook with an enhanced Pearson Test Prep Practice Test.

This integrated learning package

  • Enables you to focus on individual topic areas or take complete, timed exams
  • Includes direct links from each question to detailed tutorials to help you understand the concepts behind the questions
  • Provides unique sets of exam-realistic practice questions
  • Tracks your performance and provides feedback on a module-by-module basis, laying out a complete assessment of your knowledge to help you focus your study where it is needed most

Premium Edition

The exciting new CCNA 200-301 Official Cert Guide, Volume 2, Premium Edition eBook and Practice Test, Second Edition is a digital-only certification preparation product combining an eBook with enhanced Pearson Test Prep Practice Test. This eBook, combined with CCNA 200-301 Official Cert Guide, Volume 1, Second Edition, cover all the exam topics on the CCNA 200-301 exam. The Premium Edition eBook and Practice Test contains the following items:

  • The CCNA 200-301 Premium Edition Practice Test, including four full Volume 2 practice exams, eight full CCNA practice exams, and enhanced practice test features
  • PDF and EPUB formats of CCNA 200-301 Official Cert Guide, Volume 2, Second Edition from Cisco Press, which are accessible via your PC, tablet, and smartphone

About the Premium Edition Practice Test

This Premium Edition contains an enhanced version of the Pearson Test Prep practice test software with four full practice exams. In addition, it contains all the chapter-opening assessment questions from the book. This integrated learning package

  • Enables you to focus on individual topic areas or take complete, timed exams
  • Includes direct links from each question to detailed tutorials to help you understand the concepts behind the questions
  • Provides unique sets of exam-realistic practice questions
  • Tracks your performance and provides feedback on a module-by-module basis, laying out a complete assessment of your knowledge to help you focus your study where it is needed most

About the Premium Edition eBook

CCNA 200-301 Official Cert Guide, Volume 2, Second Edition from Cisco Press enables you to succeed on the exam the first time and is the only self-study resource approved by Cisco. Best-selling author Wendell Odom shares preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills.

This complete study package includes

  • A test-preparation routine proven to help you pass the exams
  • Do I Know This Already? quizzes, which enable you to decide how much time you need to spend on each section
  • Chapter-ending Key Topic tables, which help you drill on key concepts you must know thoroughly
  • The powerful Pearson Test Prep Practice Test software, complete with hundreds of well-reviewed, exam-realistic questions, customization options, and detailed performance reports
  • A free copy of the CCNA 200-301 Network Simulator Volume 2 Lite software, complete with meaningful lab exercises that help you hone your hands-on skills with the command-line interface for routers and switches
  • Links to a series of hands-on config labs developed by the author
  • Online, interactive practice exercises that help you enhance your knowledge and hone your configuration skills
  • More than 2 hours of video mentoring from the author
  • An online, interactive Flash Cards application to help you drill on Key Terms by chapter
  • A final preparation chapter, which guides you through tools and resources to help you craft your review and test-taking strategies
  • Study plan suggestions and templates to help you organize and optimize your study time

Well regarded for its level of detail, study plans, assessment features, hands-on labs, and challenging review questions and exercises, this official study guide helps you master the concepts and techniques that ensure your exam success.

This official study guide has been fully updated to help you master the topics on the latest CCNA 200-301 exam. Volume 2 topic coverage includes

  • Wireless LANs
  • IP access control lists
  • Security services
  • IP services
  • Network architecture
  • Network automation

Content Update Program

This fully updated second edition includes the latest topics and additional information covering changes to the latest CCNA 200-301 exam. Visit ciscopress.com/newcerts for information on annual digital updates for this book that align to Cisco exam blueprint version changes.

Companion Website:

The companion website contains more than 800 unique practice exam questions including four Volume 2 exam banks and eight full CCNA exam banks, CCNA Network Simulator Lite software, online review and practice exercises, Key Term flashcards, and 2+ hours of video training.

In addition to the wealth of updated content, this new edition includes a series of free hands-on exercises to help you master several real-world configuration and troubleshooting activities. These exercises can be performed on the CCNA 200-301 Network Simulator Lite, Volume 2 software included for free on the companion website that accompanies this book. This software, which simulates the experience of working on actual Cisco routers and switches, contains the following 13 lab exercises, covering the ACL topics in Part II:

  1. ACL I
  2. ACL II
  3. ACL III
  4. ACL IV
  5. ACL V
  6. ACL VI
  7. ACL Analysis I
  8. Named ACL I
  9. Named ACL II
  10. Named ACL III
  11. Standard ACL Configuration Scenario
  12. Extended ACL Configuration Scenario I
  13. Extended ACL Configuration Scenario II

If you are interested in exploring more hands-on labs and practice configuration and troubleshooting with more router and switch commands, go to www.pearsonitcertification.com/networksimulator for demos and to review the latest products for sale.

Sample Content

Sample Pages

Download the sample pages (includes Chapter 16)

Table of Contents

Introduction xxxi
Part I Wireless LANs 3
Chapter 1
Fundamentals of Wireless Networks 4
Do I Know This Already? Quiz 4
Foundation Topics 6
Comparing Wired and Wireless Networks 6
Wireless LAN Topologies 7
Basic Service Set 8
Distribution System 10
Extended Service Set 12
Independent Basic Service Set 13
Other Wireless Topologies 14
Repeater 14
Workgroup Bridge 15
Outdoor Bridge 16
Mesh Network 17
Wireless Bands and Channels 17
Chapter Review 20
Chapter 2 Analyzing Cisco Wireless Architectures 22
Do I Know This Already? Quiz 22
Foundation Topics 24
Autonomous AP Architecture 24
Cloud-based AP Architecture 26
Split-MAC Architectures 28
Comparing Cisco Wireless LAN Controller Deployments 32
Cisco AP Modes 35
FlexConnect Mode 36
Chapter Review 37
Chapter 3 Securing Wireless Networks 40
Do I Know This Already? Quiz 40
Foundation Topics 42
Anatomy of a Secure Connection 42
Authentication 43
Message Privacy 44
Message Integrity 45
Wireless Client Authentication Methods 46
Open Authentication 46
WEP 47
802.1x/EAP 47
LEAP 48
EAP-FAST 49
PEAP 49
EAP-TLS 50
Wireless Privacy and Integrity Methods 50
TKIP 50
CCMP 51
GCMP 51
WPA, WPA2, and WPA3 51
Chapter Review 53
Chapter 4 Building a Wireless LAN 56
Do I Know This Already? Quiz 56
Foundation Topics 58
Connecting a Cisco AP 58
Accessing a Cisco WLC 59
Connecting a Cisco WLC 63
WLC Physical Ports 63
Configuring a WLAN 65
Configuring a WLAN on an IOS-XE WLC 67
Step 1: Configure a WLAN Profile 69
Step 2: Configure a Policy Profile 74
Step 3: Map the WLAN and Policy Profiles to a Policy Tag 77
Step 4: Apply the Policy Tag to Some APs 78
Configuring a WLAN on an AireOS WLC 79
Step 1: Create a Dynamic Interface 79
Step 2: Create a New WLAN 80
Step 3: Configure the WLAN 81
Configuring WLAN Security 83
Configuring WLAN QoS 85
Configuring Advanced WLAN Settings 85
Finalizing WLAN Configuration 86
Chapter Review 87
Part I Review 88
Part II IP Access Control Lists 91
Chapter 5
Introduction to TCP/IP Transport and Applications 92
Do I Know This Already? Quiz 92
Foundation Topics 94
TCP/IP Layer 4 Protocols: TCP and UDP 94
Transmission Control Protocol 95
Multiplexing Using TCP Port Numbers 95
Popular TCP/IP Applications 98
Connection Establishment and Termination 100
Error Recovery and Reliability 101
Flow Control Using Windowing 102
User Datagram Protocol 103
TCP/IP Applications 104
Uniform Resource Identifiers 104
Finding the Web Server Using DNS 105
Transferring Files with HTTP 108
How the Receiving Host Identifies the Correct Receiving Application 109
HTTP Versions 110
HTTP 1.0 and 1.1 110
HTTP/2 and TLS 110
HTTP 3.0 111
Chapter Review 112
Chapter 6 Basic IPv4 Access Control Lists 114
Do I Know This Already? Quiz 114
Foundation Topics 116
IPv4 Access Control List Basics 116
ACL Location and Direction 116
Matching Packets 117
Taking Action When a Match Occurs 118
Types of IP ACLs 118
Standard Numbered IPv4 ACLs 119
List Logic with IP ACLs 119
Matching Logic and Command Syntax 121
Matching the Exact IP Address 121
Matching a Subset of the Address with Wildcard Masks 122
Binary Wildcard Masks 123
Finding the Right Wildcard Mask to Match a Subnet 124
Matching Any/All Addresses 124
Implementing Standard IP ACLs 125
Standard Numbered ACL Scenario 1 125
Standard Numbered ACL Scenario 2 127
Troubleshooting and Verification Tips 129
Practice Applying Standard IP ACLs 130
Practice Building access-list Commands 130
Reverse Engineering from ACL to Address Range 131
Chapter Review 133
Chapter 7 Named and Extended IP ACLs 136
Do I Know This Already? Quiz 136
Foundation Topics 138
Named ACLs and ACL Editing 138
Named IP Access Lists 138
Editing ACLs 140
Editing Named ACLs 140
Editing Numbered ACLs 143
Extended IP Access Control Lists 144
Matching the Protocol, Source IP, and Destination IP 145
Matching TCP and UDP Port Numbers 147
Extended IP ACL Configuration 150
Extended IP ACL Example 1: Packets to Web Servers 151
Extended IP ACL Example 2: Packets from Web Servers 153
Adjusting ACLs for HTTP/3 154
Practice Building access-list Commands 155
ACL Implementation Considerations 156
Chapter Review 157
Chapter 8 Applied IP ACLs 160
Do I Know This Already? Quiz 160
Foundation Topics 162
ACLs and Network Infrastructure Protocols 162
Filtering DNS 163
Filtering ICMP 164
Filtering OSPF 165
Filtering DHCP 167
Filtering SSH and Telnet 169
Filtering for End User SSH/Telnet 169
Filtering for Router VTY Access 171
Comparing ACLs in IOS and IOS XE 173
Configuration Syntax and Show Commands 173
Resequencing ACL Sequence Numbers 174
Using a Second (Common) Interface ACL 175
Matching Multiple Nonconsecutive Ports with eq 177
Chapter Review 177
Part II Review 180
Part III Security Services 183
Chapter 9
Security Architectures 184
Do I Know This Already? Quiz 184
Foundation Topics 186
Security Terminology 186
Common Security Threats 188
Attacks That Spoof Addresses 188
Denial-of-Service Attacks 189
Reflection and Amplification Attacks 191
Man-in-the-Middle Attacks 191
Address Spoofing Attack Summary 193
Reconnaissance Attacks 193
Buffer Overflow Attacks 194
Malware 194
Human Vulnerabilities 195
Password Vulnerabilities 196
Password Alternatives 196
Controlling and Monitoring User Access 198
Developing a Security Program to Educate Users 200
Chapter Review 201
Chapter 10 Securing Network Devices 202
Do I Know This Already? Quiz 202
Foundation Topics 204
Securing IOS Passwords 204
Encrypting Older IOS Passwords with service password-encryption 205
Encoding the Enable Passwords with Hashes 206
Interactions Between Enable Password and Enable Secret 206
Making the Enable Secret Truly Secret with a Hash 207
Improved Hashes for Ciscos Enable Secret 209
Encoding the Passwords for Local Usernames 210
Firewalls and Intrusion Prevention Systems 211
Traditional Firewalls 211
Security Zones 213
Intrusion Prevention Systems (IPS) 215
Cisco Next-Generation Firewalls 216
Cisco Next-Generation IPS 218
Chapter Review 219
Chapter 11 Implementing Switch Port Security 222
Do I Know This Already? Quiz 222
Foundation Topics 224
Port Security Concepts and Configuration 224
Configuring Port Security 225
Verifying Port Security 228
Port Security MAC Addresses 229
Port Security Violation Modes 230
Port Security Shutdown Mode 231
Port Security Protect and Restrict Modes 233
Chapter Review 235
Chapter 12 DHCP Snooping and ARP Inspection 238
Do I Know This Already? Quiz 238
Foundation Topics 240
DHCP Snooping 240
DHCP Snooping Concepts 240
A Sample Attack: A Spurious DHCP Server 241
DHCP Snooping Logic 242
Filtering DISCOVER Messages Based on MAC Address 243
Filtering Messages That Release IP Addresses 244
DHCP Snooping Configuration 245
Configuring DHCP Snooping on a Layer 2 Switch 246
Limiting DHCP Message Rates 248
DHCP Snooping Configuration Summary 249
Dynamic ARP Inspection 250
DAI Concepts 250
Review of Normal IP ARP 250
Gratuitous ARP as an Attack Vector 251
Dynamic ARP Inspection Logic 253
Dynamic ARP Inspection Configuration 254
Configuring ARP Inspection on a Layer 2 Switch 254
Limiting DAI Message Rates 257
Configuring Optional DAI Message Checks 258
IP ARP Inspection Configuration Summary 259
Chapter Review 260
Part III Review 264
Part IV IP Services 267
Chapter 13
Device Management Protocols 268
Do I Know This Already? Quiz 268
Foundation Topics 270
System Message Logging (Syslog) 270
Sending Messages in Real Time to Current Users 270
Storing Log Messages for Later Review 271
Log Message Format 272
Log Message Severity Levels 272
Configuring and Verifying System Logging 273
The debug Command and Log Messages 276
Network Time Protocol (NTP) 277
Setting the Time and Time Zone 278
Basic NTP Configuration 279
NTP Reference Clock and Stratum 281
Analyzing Topology Using CDP and LLDP 283
Examining Information Learned by CDP 283
Configuring and Verifying CDP 286
Examining Information Learned by LLDP 287
Configuring and Verifying LLDP 290
LLDP-MED and TLVs 292
Chapter Review 293
Chapter 14 Network Address Translation 298
Do I Know This Already? Quiz 298
Foundation Topics 300
Network Address Translation Concepts 300
IPv4 Address Conservation with NAT 300
Inside Source NAT 302
Static NAT 303
Inside Local and Inside Global Addresses 303
Dynamic NAT 304
Overloading NAT with Port Address Translation 306
NAT Configuration and Troubleshooting 307
Static NAT Configuration 308
Dynamic NAT Configuration 310
Dynamic NAT Verification 312
NAT Overload (PAT) Configuration 314
NAT Troubleshooting 317
Chapter Review 318
Chapter 15 Quality of Service (QoS) 322
Do I Know This Already? Quiz 322
Foundation Topics 324
Introduction to QoS 324
QoS: Managing Bandwidth, Delay, Jitter, and Loss 324
Types of Traffic 325
Data Applications 325
Voice and Video Applications 327
QoS as Mentioned in This Book 328
QoS on Switches and Routers 329
Classification and Marking 329
Classification Basics 329
Matching (Classification) Basics 330
Classification on Routers with ACLs and NBAR 331
Marking IP DSCP and Ethernet CoS 332
Marking the IP Header 333
Marking the Ethernet 802.1Q Header 333
Other Marking Fields 334
Defining Trust Boundaries 334
DiffServ Suggested Marking Values 335
Expedited Forwarding (EF) 336
Assured Forwarding (AF) 336
Class Selector (CS) 336
Guidelines for DSCP Marking Values 337
Queuing 337
Round-Robin Scheduling (Prioritization) 338
Low Latency Queuing 339
A Prioritization Strategy for Data, Voice, and Video 341
Shaping and Policing 341
Policing 342
Where to Use Policing 342
Shaping 344
Setting a Good Shaping Time Interval for Voice and Video 345
Congestion Avoidance 346
TCP Windowing Basics 346
Congestion Avoidance Tools 347
Chapter Review 348
Chapter 16 First Hop Redundancy Protocols 350
Do I Know This Already? Quiz 350
Foundation Topics 352
First Hop Redundancy Protocols 352
The Need for Redundancy in Networks 353
The Need for a First Hop Redundancy Protocol 354
The Three Solutions for First-Hop Redundancy 356
Hot Standby Router Protocol 356
HSRP Virtual IP and MAC Addresses 357
HSRP Failover 357
HSRP Load Balancing 359
HSRP Interface Tracking 359
HSRP Recovery and Preemption 360
HSRP Versions 361
VRRP and GLBP Concepts 362
Virtual Router Redundancy Protocol (VRRP) 362
GLBP Concepts 363
Similarities of GLBP, HSRP, and VRRP 363
GLBP Active/Active Load Balancing 364
Chapter Review 366
Chapter 17 SNMP, FTP, and TFTP 368
Do I Know This Already? Quiz 368
Foundation Topics 370
Simple Network Management Protocol 370
SNMP Variable Reading and Writing: SNMP Get and Set 371
SNMP Notifications: Traps and Informs 372
The Management Information Base 372
Securing SNMP 374
FTP and TFTP 376
Managing Cisco IOS Images with FTP/TFTP 376
The IOS File System 376
Upgrading IOS Images 378
Copying a New IOS Image to a Local IOS File System Using TFTP 378
Listing the Files in the IOS File System 379
Verifying IOS Code Integrity with MD5 or SHA512 381
Copying Images with FTP 382
The FTP and TFTP Protocols 384
FTP Protocol Basics 384
FTP Active and Passive Modes 385
TFTP Protocol Basics 387
Chapter Review 388
Part IV Review 392
Part V Network Architecture 395
Chapter 18
LAN Architecture 396
Do I Know This Already? Quiz 396
Foundation Topics 398
Analyzing Campus LAN Topologies 398
Two-Tier Campus Design (Collapsed Core) 399
Three-Tier Campus Design (Core) 400
Topology Design Terminology 402
Ethernet Physical Media and Standards 403
Ethernet UTP Links at the Access Layer 403
Multigig Ethernet on CAT 5E Cabling 405
Fiber Uplinks 406
Small Office/Home Office 407
Power over Ethernet (PoE) 408
PoE Basics 409
PoE Operation 409
PoE and LAN Design 411
Chapter Review 412
Chapter 19 WAN Architecture 414
Do I Know This Already? Quiz 414
Foundation Topics 416
Metro Ethernet 416
Metro Ethernet Physical Design and Topology 416
Ethernet WAN Services and Topologies 418
Ethernet Line Service (Point-to-Point) 418
Ethernet LAN Service (Full Mesh) 419
Layer 3 Design Using Metro Ethernet 420
Layer 3 Design with E-Line Service 420
Layer 3 Design with E-LAN Service 421
Multiprotocol Label Switching (MPLS) 422
MPLS VPN Physical Design and Topology 423
Layer 3 with MPLS VPN 424
Internet VPNs 425
Internet Access 426
Digital Subscriber Line 426
Cable Internet 427
Wireless WAN (4G, 5G) 428
Fiber (Ethernet) Internet Access 429
Internet VPN Fundamentals 430
Site-to-Site VPNs with IPsec 431
Remote Access VPNs with IPsec 433
Remote Access VPNs with TLS 434
Chapter Review 435
Chapter 20 Cloud Architecture 438
Do I Know This Already? Quiz 438
Foundation Topics 440
Server Virtualization 440
Cisco Server Hardware 440
Server Virtualization and Virtual Machine Basics 441
Networking with Virtual Switches on a Virtualized Host 443
Software Containers 444
The Physical Data Center Network 446
Workflow with a Virtualized Data Center 446
Cloud Computing Services 448
Private Cloud (On-Premise) 449
Public Cloud 450
Cloud and the As a Service Model 451
Infrastructure as a Service 451
Software as a Service 452
(Development) Platform as a Service 453
Virtual Routing and Forwarding (VRF) Instances 454
WAN Traffic Paths to Reach Cloud Services 456
Enterprise WAN Connections to Public Cloud 456
Accessing Public Cloud Services Using the Internet 456
Pros and Cons with Connecting to Public Cloud with Internet 457
Private WAN and Internet VPN Access to Public Cloud 458
Pros and Cons of Connecting to Cloud with Private WANs 459
Intercloud Exchanges 459
Summarizing the Pros and Cons of Public Cloud WAN Options 460
Understanding Cloud Management 460
Chapter Review 465
Part V Review 466
Part VI Network Automation 469
Chapter 21
Introduction to Controller-Based Networking 470
Do I Know This Already? Quiz 471
Foundation Topics 472
SDN and Controller-Based Networks 472
The Data, Control, and Management Planes 472
The Data Plane 473
The Control Plane 474
The Management Plane 475
Cisco Switch Data Plane Internals 475
Controllers and Software Defined Architecture 477
Controllers and Centralized Control 477
The Southbound Interface 478
The Northbound Interface 479
Software Defined Architecture Summary 481
Examples of Network Programmability and SDN 481
OpenDaylight and OpenFlow 481
The OpenDaylight Controller 482
The Cisco Open SDN Controller (OSC) 483
Cisco Application Centric Infrastructure (ACI) 484
ACI Physical Design: Spine and Leaf 484
ACI Operating Model with Intent-Based Networking 486
Summary of the SDN Examples 488
Comparing Traditional Versus Controller-Based Networks 488
How Automation Impacts Network Management 489
Comparing Traditional Networks with Controller-Based Networks 491
Chapter Review 492
Chapter 22 Cisco Software-Defined Access (Cisco SD-Access) 494
Do I Know This Already? Quiz 495
Foundation Topics 496
Cisco SD-Access Fabric, Underlay, and Overlay 496
The Cisco SD-Access Underlay 499
Using Existing Gear for the Cisco SD-Access Underlay 499
Using New Gear for the Cisco SD-Access Underlay 501
The Cisco SD-Access Overlay 503
VXLAN Tunnels in the Overlay (Data Plane) 504
LISP for Overlay Discovery and Location (Control Plane) 505
Cisco Catalyst Center and Cisco SD-Access Operation 509
Cisco Catalyst Center 509
Cisco Catalyst Center and Scalable Groups 510
Issues with Traditional IP-Based Security 511
Cisco SD-Access Security Is Based on User Groups 512
Cisco Catalyst Center as a Network Management Platform 514
Cisco Catalyst Center Similarities to Traditional Management 515
Cisco Catalyst Center and Differences with Traditional Management 516
Artificial Intelligence (AI), Machine Learning (ML), and Operational Management 517
Chapter Review 524
Chapter 23 Understanding REST and JSON 526
Do I Know This Already? Quiz 526
Foundation Topics 528
REST-Based APIs 528
REST-Based (RESTful) APIs 528
Client/Server Architecture 529
Stateless Operation 530
Cacheable (or Not) 530
Background: Data and Variables 530
Simple Variables 530
List and Dictionary Variables 531
REST APIs and HTTP 533
Software CRUD Actions and HTTP Verbs 533
Using URIs with HTTP to Specify the Resource 534
Example of REST API Call to Cisco Catalyst Center 536
Data Serialization and JSON 541
The Need for a Data Model with APIs 542
Data Serialization Languages 544
JSON 544
XML 544
YAML 545
Summary of Data Serialization 546
Recognizing the Components of JSON 546
Interpreting JSON Key:Value Pairs 547
Interpreting JSON Objects and Arrays 547
Minified and Beautified JSON 550
Chapter Review 550
Chapter 24 Understanding Ansible and Terraform 552
Do I Know This Already? Quiz 552
Foundation Topics 554
Device Configuration Challenges and Solutions 554
Configuration Drift 554
Centralized Configuration Files and Version Control 555
Configuration Monitoring and Enforcement 557
Configuration Provisioning 558
Configuration Templates and Variables 559
Files That Control Configuration Automation 561
Ansible and Terraform Basics 562
Ansible 562
Terraform 563
Summary of Configuration Management Tools 565
Chapter Review 566
Part VI Review 568
Part VII Exam Updates and Final Review 571
Chapter 25
CCNA 200-301 Official Cert Guide, Volume 2, Second Edition, Exam Updates 572
The Purpose of This Chapter 572
Additional Technical Content 573
Official Blueprint Changes 573
Impact on You and Your Study Plan 575
News About the Next CCNA Exam Release 576
Updated Technical Content 576
Chapter 26 Final Review 578
Advice About the Exam Event 578
Learn About Question Types 578
Think About Your Time Budget 581
An Example Time-Check Method 581
One Week Before Your Exam 582
24 Hours Before Your Exam 582
30 Minutes Before Your Exam 583
The Hour After Your Exam 583
Exam Review 584
Using Practice Questions 585
Hold Practice Exam Events 586
Exam Scoring on the Real Exam 587
Self-Assessment Suggestions 587
Gap Analysis Using Q&A 589
Advice on How to Answer Exam Questions 590
Additional Exams with the Premium Edition 592
Practicing CLI Skills 593
Adjustments for Your Second Attempt 595
Other Study Tasks 596
Final Thoughts 596
Part VIII Print Appendixes 599
Appendix A
Numeric Reference Tables 601
Appendix B Exam Topics Cross-Reference 607
Appendix C Answers to the Do I Know This Already? Quizzes 619
Glossary 641

Online Appendixes
Appendix D
Topics from Previous Editions
Appendix E Practice for Chapter 6: Basic IPv4 Access Control Lists
Appendix F Study Planner
Glossary


9780138214951 TOC 5/29/2024

Updates

Submit Errata

More Information

Pearson IT Certification Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from Pearson IT Certification and its family of brands. I can unsubscribe at any time.

Overview


Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about Pearson IT Certification products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information


To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.

Surveys

Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites; develop new products and services; conduct educational research; and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.

Newsletters

If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information@informit.com.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information


Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.

Security


Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.

Children


This site is not directed to children under the age of 13.

Marketing


Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information


If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at customer-service@informit.com and we will process the deletion of a user's account.

Choice/Opt-out


Users can always make an informed choice as to whether they should proceed with certain services offered by Adobe Press. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive: www.pearsonitcertification.com/u.aspx.

Sale of Personal Information


Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to NevadaDesignatedRequest@pearson.com.

Supplemental Privacy Statement for California Residents


California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure


Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.

Links


This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact


Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice


We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020