Back to Dashboard
Module 21
Final Exam Review and Practice
β Previous Module
Next Module β
# π CCNA 200-301 - Video 21: Final Exam Review and Practice ## Deep Study Notes --- ## π Learning Objectives By the end of this video, you should be able to: - Review key concepts from all 20 videos - Identify common exam topics and question patterns - Practice with scenario-based questions - Understand exam strategies and time management - Identify weak areas for final preparation --- ## π§ Core Concepts - Exam Overview ### 1. CCNA 200-301 Exam Blueprint **Exam Overview:** | Aspect | Details | |--------|---------| | **Exam Code** | 200-301 CCNA | | **Duration** | 120 minutes | | **Questions** | 90-110 (multiple choice, drag-drop, simulation, testlets) | | **Passing Score** | 825-850 out of 1000 (varies) | | **Cost** | $300 USD | **Topic Weighting:** | Domain | Percentage | Key Topics | |--------|------------|------------| | **Network Fundamentals** | 20% | OSI/TCP/IP models, IPv4/IPv6 addressing, switching concepts | | **Network Access** | 20% | VLANs, trunking, STP, EtherChannel, wireless | | **IP Connectivity** | 25% | Routing (static, OSPF), inter-VLAN routing, NAT | | **IP Services** | 10% | DHCP, DNS, NTP, QoS, SNMP, syslog, NetFlow | | **Security Fundamentals** | 15% | ACLs, port security, DHCP snooping, AAA, VPNs | | **Automation & Programmability** | 10% | SDN, REST APIs, JSON/YAML, Ansible, DNA Center | --- ### 2. Key Concepts Review by Domain #### Domain 1: Network Fundamentals ``` βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β NETWORK FUNDAMENTALS - KEY CONCEPTS β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ β β β OSI Model (7 Layers): β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β 7 - Application β HTTP, FTP, SMTP, DNS, DHCP β β β β 6 - Presentation β Encryption, compression, translation β β β β 5 - Session β Session management, dialog control β β β β 4 - Transport β TCP (reliable), UDP (fast) β β β β 3 - Network β IP addressing, routing (routers) β β β β 2 - Data Link β MAC addressing, switching (switches) β β β β 1 - Physical β Bits, cables, connectors β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β TCP/IP Model (4 Layers): β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β Application β Combines OSI 5,6,7 β β β β Transport β TCP/UDP β β β β Internet β IP, ICMP, ARP β β β β Network Access β Ethernet, Wi-Fi β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β IPv4 Private Address Ranges: β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β 10.0.0.0/8 (10.0.0.0 - 10.255.255.255) β β β β 172.16.0.0/12 (172.16.0.0 - 172.31.255.255) β β β β 192.168.0.0/16 (192.168.0.0 - 192.168.255.255) β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β IPv6 Address Types: β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β Global Unicast: 2000::/3 β β β β Link-Local: FE80::/10 β β β β Unique Local: FD00::/8 β β β β Multicast: FF00::/8 β β β β Loopback: ::1 β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ ``` #### Domain 2: Network Access ``` βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β NETWORK ACCESS - KEY CONCEPTS β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ β β β VLANs: β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β’ Access Port: Single VLAN, untagged traffic β β β β β’ Trunk Port: Multiple VLANs, 802.1Q tagging β β β β β’ Native VLAN: Untagged traffic on trunk β β β β β’ Default VLAN: VLAN 1 (avoid using for security) β β β β β’ Extended VLANs: 1006-4094 (VTP transparent required) β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β STP (Spanning Tree Protocol): β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β’ Purpose: Prevent Layer 2 loops β β β β β’ Root Bridge: Lowest Bridge ID (Priority + MAC) β β β β β’ Port Roles: Root, Designated, Alternate (Blocking) β β β β β’ Port States: Blocking β Listening β Learning β Forwarding β β β β β’ Convergence: 50 seconds (default STP) β β β β β’ RSTP (802.1w): Faster convergence (< 10 sec) β β β β β’ PortFast: Bypass STP on access ports β β β β β’ BPDU Guard: Disable port if BPDU received β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β EtherChannel: β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β’ LACP (802.3ad): IEEE standard, modes: Active/Passive β β β β β’ PAgP: Cisco proprietary, modes: Desirable/Auto β β β β β’ Requirements: Same speed, duplex, VLAN config β β β β β’ Load Balancing: Per-flow (src/dst MAC/IP/port) β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β Wireless: β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β’ 2.4 GHz Channels: 1, 6, 11 (non-overlapping) β β β β β’ 802.11ac (Wi-Fi 5): 5 GHz, up to 6.9 Gbps β β β β β’ 802.11ax (Wi-Fi 6): 2.4/5 GHz, OFDMA β β β β β’ WPA2: AES-CCMP encryption β β β β β’ WPA3: SAE (replaces PSK), GCMP-256 encryption β β β β β’ CAPWAP: Control (5246), Data (5247) β β β β β’ Mobility Express: Embedded controller on AP (1-25 APs) β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ ``` #### Domain 3: IP Connectivity ``` βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β IP CONNECTIVITY - KEY CONCEPTS β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ β β β Routing: β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β’ Static Route: ip route [network] [mask] [next-hop] β β β β β’ Default Route: ip route 0.0.0.0 0.0.0.0 [next-hop] β β β β β’ OSPF: Link-state, metric = cost (10^8 / bandwidth) β β β β β’ OSPF Areas: Area 0 (backbone), non-backbone connect to area 0 β β β β β’ OSPFv3: Router ID required, configured on interface β β β β β’ EIGRP: Advanced distance vector, Cisco proprietary β β β β β’ AD (Administrative Distance): Static=1, OSPF=110, EIGRP=90 β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β Inter-VLAN Routing: β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β’ Router-on-a-Stick: Subinterfaces + 802.1Q trunk β β β β β’ Layer 3 Switch: SVIs + ip routing β β β β β’ Legacy: Physical router per VLAN (not scalable) β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β FHRP (First Hop Redundancy Protocols): β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β’ HSRP: Cisco proprietary, Active/Standby, virtual IP β β β β β’ VRRP: IEEE standard, Master/Backup β β β β β’ GLBP: Cisco proprietary, load balancing, AVG/AVF β β β β β’ Default priority: 100, higher wins β β β β β’ Hello: 3 sec, Hold: 10 sec β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β NAT: β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β’ Static NAT: 1:1 permanent mapping β β β β β’ Dynamic NAT: Many-to-many (pool) β β β β β’ PAT (NAT Overload): Many-to-one (most common) β β β β β’ Inside Local: Private IP as seen from inside β β β β β’ Inside Global: Public IP as seen from outside β β β β β’ Outside Local/Global: Destination IP addresses β β β β β’ ip nat inside / ip nat outside on interfaces β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ ``` #### Domain 4: IP Services ``` βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β IP SERVICES - KEY CONCEPTS β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ β β β DHCP (Dynamic Host Configuration Protocol): β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β’ DORA: Discover, Offer, Request, Acknowledge β β β β β’ Ports: Server UDP 67, Client UDP 68 β β β β β’ IP Helper: ip helper-address [dhcp-server] β β β β β’ APIPA: 169.254.0.0/16 (when DHCP fails) β β β β β’ Lease Renewal: 50% (T1), 87.5% (T2) β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β DNS (Domain Name System): β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β’ A: IPv4 address, AAAA: IPv6 address, CNAME: alias β β β β β’ MX: Mail exchange, NS: Name server, PTR: Reverse lookup β β β β β’ Hierarchy: Root β TLD β Authoritative β β β β β’ Recursive vs. Iterative queries β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β NTP (Network Time Protocol): β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β’ UDP 123 β β β β β’ Stratum: Lower = more accurate (0=atomic, 1=primary) β β β β β’ Command: ntp server [ip] β β β β β’ Show: show ntp status, show ntp associations β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β QoS (Quality of Service): β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β’ Classification: Marking traffic (DSCP, CoS) β β β β β’ Queuing: Priority, bandwidth allocation β β β β β’ Policing: Drop traffic exceeding rate β β β β β’ Shaping: Buffer traffic exceeding rate β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ ``` #### Domain 5: Security Fundamentals ``` βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β SECURITY - KEY CONCEPTS β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ β β β ACLs (Access Control Lists): β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β’ Standard (1-99): Source IP only, place near destination β β β β β’ Extended (100-199): Source/dest IP, protocol, port β β β β β’ Named: Editable, descriptive names β β β β β’ Processing: Top-down, first match wins, implicit deny β β β β β’ Wildcard mask: 0=check, 1=ignore β β β β β’ Host = 0.0.0.0, any = 255.255.255.255 β β β β β’ Established: Match TCP packets with ACK/RST flag β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β Port Security: β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β’ switchport port-security β β β β β’ Maximum MAC addresses: switchport port-security maximum [num] β β β β β’ Violation modes: shutdown (errdisable), restrict, protect β β β β β’ Sticky MAC: Dynamically learn and save MAC addresses β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β DHCP Snooping: β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β’ Trusted ports: Connected to legitimate DHCP server β β β β β’ Untrusted ports: Block DHCP server messages β β β β β’ Prevents rogue DHCP servers β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β AAA (Authentication, Authorization, Accounting): β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β’ RADIUS: UDP, combines authentication and authorization β β β β β’ TACACS+: TCP, separates authentication, authorization, accountingβ β β β β’ Local authentication: username/password on device β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ ``` #### Domain 6: Automation & Programmability ``` βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β AUTOMATION - KEY CONCEPTS β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ β β β SDN (Software-Defined Networking): β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β’ Control Plane: Centralized controller β β β β β’ Data Plane: Packet forwarding β β β β β’ Northbound APIs: Application β Controller β β β β β’ Southbound APIs: Controller β Devices (OpenFlow, NETCONF) β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β Cisco DNA Center: β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β’ Automation: Day 0/1/2 provisioning β β β β β’ Assurance: Health scores, anomaly detection β β β β β’ Security: Segmentation, threat detection β β β β β’ Platform: REST APIs, workflows β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β REST APIs: β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β’ GET: Retrieve data β β β β β’ POST: Create resource β β β β β’ PUT/PATCH: Update resource β β β β β’ DELETE: Remove resource β β β β β’ Status codes: 2xx success, 4xx client error, 5xx server error β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β Data Formats: β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β’ JSON: Key-value, lightweight, most common β β β β β’ XML: Tag-based, more verbose β β β β β’ YAML: Indentation-based, used in Ansible β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β NETCONF/RESTCONF: β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β’ NETCONF: SSH port 830, XML β β β β β’ RESTCONF: HTTP/HTTPS, JSON/XML β β β β β’ YANG: Data modeling language β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ ``` --- ### 3. Common Exam Question Patterns **Type 1: Command Identification** - Which command configures a static route? - What does `show ip interface brief` display? - Which command enables OSPF on an interface? **Type 2: Scenario-Based Troubleshooting** - "PC1 cannot ping PC2. What is the issue?" - "Users cannot access internet. Which command should you run first?" - "A switch port is in errdisable. What caused this?" **Type 3: Protocol and Concept Understanding** - "Which protocol prevents Layer 2 loops?" - "What is the purpose of the native VLAN?" - "Which NAT type uses port numbers to differentiate connections?" **Type 4: Configuration Ordering** - Drag and drop the correct sequence of commands - Order of operations for a specific task **Type 5: Simulation (Packet Tracer)** - Configure routers, switches, or hosts to meet requirements - Troubleshoot and fix broken configurations --- ### 4. Practice Questions - Mixed Topics **Question 1:** A network administrator configures a router with the following commands: ``` Router(config)# ip route 0.0.0.0 0.0.0.0 192.168.1.1 ``` What is the purpose of this command? A) Configure a static route to the 192.168.1.0 network B) Configure a default route to 192.168.1.1 C) Configure a route to the loopback interface D) Configure a route to the router's own interface <details> <summary>Answer</summary> <b>B) Configure a default route to 192.168.1.1</b> - `0.0.0.0 0.0.0.0` is the default route, matching all destinations. </details> --- **Question 2:** A switch has the following configuration on interface Fa0/1: ``` interface FastEthernet0/1 switchport mode access switchport access vlan 10 spanning-tree portfast spanning-tree bpduguard enable ``` What happens if a BPDU is received on this interface? A) The interface goes into errdisable state B) The interface becomes a trunk C) The interface shuts down permanently D) The interface ignores the BPDU <details> <summary>Answer</summary> <b>A) The interface goes into errdisable state</b> - BPDU guard disables the port when a BPDU is received on a PortFast-enabled port. </details> --- **Question 3:** Which of the following are valid private IP address ranges? (Select three) A) 10.0.0.0 - 10.255.255.255 B) 172.16.0.0 - 172.31.255.255 C) 192.168.0.0 - 192.168.255.255 D) 169.254.0.0 - 169.254.255.255 <details> <summary>Answer</summary> <b>A, B, C</b> - 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16 are RFC 1918 private ranges. 169.254.0.0/16 is APIPA (link-local). </details> --- **Question 4:** A router has the following configuration: ``` interface GigabitEthernet0/0.10 encapsulation dot1Q 10 ip address 192.168.10.1 255.255.255.0 ``` What is this configuration used for? A) Configuring a VLAN access port B) Configuring a router-on-a-stick subinterface C) Configuring a DHCP server D) Configuring a static route <details> <summary>Answer</summary> <b>B) Configuring a router-on-a-stick subinterface</b> - The subinterface with 802.1Q encapsulation is used for router-on-a-stick inter-VLAN routing. </details> --- **Question 5:** Which SNMP version provides authentication and encryption? A) SNMPv1 B) SNMPv2c C) SNMPv3 D) SNMPv2 <details> <summary>Answer</summary> <b>C) SNMPv3</b> - SNMPv3 provides authentication and encryption via the User-based Security Model (USM). </details> --- **Question 6:** A network engineer needs to configure a switch port to carry traffic for VLANs 10, 20, and 30. Which configuration is correct? A) `switchport mode access` and `switchport access vlan 10` B) `switchport mode trunk` and `switchport trunk allowed vlan 10,20,30` C) `switchport mode trunk` and `switchport trunk native vlan 10` D) `switchport mode access` and `switchport access vlan all` <details> <summary>Answer</summary> <b>B) `switchport mode trunk` and `switchport trunk allowed vlan 10,20,30`</b> - Trunk ports carry multiple VLANs; the allowed VLAN list specifies which VLANs are permitted. </details> --- **Question 7:** What is the purpose of the `ip helper-address` command? A) Enable DHCP server on the router B) Forward DHCP broadcasts to a DHCP server in another subnet C) Configure DNS server address D) Enable IP routing <details> <summary>Answer</summary> <b>B) Forward DHCP broadcasts to a DHCP server in another subnet</b> - IP helper-address converts DHCP broadcasts to unicast and forwards them to the specified server. </details> --- **Question 8:** Which protocol is used for streaming telemetry? A) SNMP B) NETCONF C) gRPC D) RESTCONF <details> <summary>Answer</summary> <b>C) gRPC</b> - gRPC (Google Remote Procedure Call) is used for high-performance streaming telemetry. </details> --- **Question 9:** A network administrator wants to prevent unauthorized devices from connecting to a switch port. Which feature should be configured? A) STP B) VLAN C) Port Security D) EtherChannel <details> <summary>Answer</summary> <b>C) Port Security</b> - Port security restricts which MAC addresses can connect to a switch port. </details> --- **Question 10:** Which of the following are correct about OSPF? (Select two) A) Uses cost as metric (10^8 / bandwidth) B) Uses hop count as metric C) Link-state routing protocol D) Distance vector routing protocol <details> <summary>Answer</summary> <b>A and C</b> - OSPF is a link-state protocol that uses cost (derived from bandwidth) as its metric. </details> --- **Question 11:** What is the correct order of the DHCP DORA process? A) Discover, Acknowledge, Request, Offer B) Discover, Offer, Request, Acknowledge C) Offer, Discover, Request, Acknowledge D) Request, Discover, Offer, Acknowledge <details> <summary>Answer</summary> <b>B) Discover, Offer, Request, Acknowledge</b> - DORA: Discover β Offer β Request β Acknowledge. </details> --- **Question 12:** Which command displays the MAC address table on a Cisco switch? A) `show mac-address-table` B) `show mac address-table` C) `show arp` D) `show cam table` <details> <summary>Answer</summary> <b>B) `show mac address-table`</b> - This is the correct command to display the MAC address table (CAM table). </details> --- **Question 13:** A company has 500 internal devices and only 5 public IP addresses. Which NAT type is most appropriate? A) Static NAT B) Dynamic NAT C) PAT (NAT Overload) D) NAT Pool <details> <summary>Answer</summary> <b>C) PAT (NAT Overload)</b> - PAT allows many devices to share a few public IP addresses using port numbers. </details> --- **Question 14:** What is the purpose of Spanning Tree Protocol (STP)? A) Increase network speed B) Prevent Layer 2 loops C) Provide IP addressing D) Route between VLANs <details> <summary>Answer</summary> <b>B) Prevent Layer 2 loops</b> - STP prevents loops by blocking redundant links. </details> --- **Question 15:** Which data format is most commonly used in Ansible playbooks? A) JSON B) XML C) YAML D) CSV <details> <summary>Answer</summary> <b>C) YAML</b> - Ansible uses YAML for playbooks due to its human-readable syntax. </details> --- ### 5. Exam Strategies **Time Management:** | Question Type | Time Allocation | |---------------|-----------------| | Multiple Choice | 60-90 seconds | | Drag and Drop | 60-90 seconds | | Simulation (Packet Tracer) | 3-5 minutes | | Testlet | 5-8 minutes | **Exam Strategy Tips:** ``` βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β EXAM STRATEGIES β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ β β β 1. READ THE QUESTION CAREFULLY β β β’ Identify what is being asked (what is the problem?) β β β’ Look for keywords: "most likely", "first", "best", "not" β β β β 2. PROCESS OF ELIMINATION β β β’ Eliminate obviously wrong answers first β β β’ Narrow down to 2 options, then choose the best β β β β 3. SIMULATIONS (Packet Tracer) β β β’ Verify current configuration with show commands β β β’ Identify the problem before making changes β β β’ Make minimal changes to fix the issue β β β’ Verify the fix works β β β β 4. FLAG AND REVIEW β β β’ Flag difficult questions and come back later β β β’ Don't spend too much time on one question β β β β 5. COMMAND MEMORY β β β’ Memorize key show commands β β β’ Know configuration mode syntax β β β’ Understand command output β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ ``` --- ### 6. Final Review Checklist | Domain | Check | Key Topics to Review | |--------|-------|---------------------| | **Network Fundamentals** | β | OSI/TCP/IP models, IPv4 subnetting, IPv6 addressing, private IPs, MAC addresses | | **Network Access** | β | VLANs, trunking, STP (states, root bridge, port roles), EtherChannel, wireless (802.11, security) | | **IP Connectivity** | β | Static routes, OSPF (configuration, areas), inter-VLAN routing, FHRP (HSRP/VRRP/GLBP), NAT | | **IP Services** | β | DHCP (DORA, relay), DNS (record types), NTP (stratum), QoS basics | | **Security** | β | ACLs (standard/extended, wildcard), port security, DHCP snooping, AAA | | **Automation** | β | SDN, REST APIs, JSON/XML/YAML, NETCONF/RESTCONF, Ansible, Cisco DNA Center | --- ### 7. Command Quick Reference | Category | Command | Purpose | |----------|---------|---------| | **General** | `show running-config` | View current configuration | | | `show startup-config` | View saved configuration | | | `copy running-config startup-config` | Save configuration | | | `reload` | Reboot device | | **Interfaces** | `show ip interface brief` | Interface status summary | | | `show interfaces` | Detailed interface info | | | `show interfaces trunk` | Trunk port status | | **VLAN/Switching** | `show vlan brief` | VLAN and port assignments | | | `show mac address-table` | MAC address table | | | `show spanning-tree` | STP status | | | `show etherchannel summary` | EtherChannel status | | **Routing** | `show ip route` | Routing table | | | `show ip ospf neighbor` | OSPF neighbors | | | `show ip ospf interface` | OSPF interface status | | **NAT** | `show ip nat translations` | NAT translation table | | | `show ip nat statistics` | NAT statistics | | **Security** | `show access-lists` | ACL configuration | | | `show port-security` | Port security status | | **IPv6** | `show ipv6 interface brief` | IPv6 interface status | | | `show ipv6 route` | IPv6 routing table | | | `show ipv6 neighbors` | IPv6 neighbor cache | | **Management** | `show snmp` | SNMP configuration | | | `show logging` | Syslog messages | | | `show ntp status` | NTP synchronization status | --- ## π Summary (1-Minute Revision) ``` CCNA 200-301 FINAL REVIEW: DOMAIN WEIGHTS: βββ Network Fundamentals (20%) - OSI, TCP/IP, IPv4/IPv6 βββ Network Access (20%) - VLANs, STP, EtherChannel, Wireless βββ IP Connectivity (25%) - Routing, OSPF, NAT, FHRP βββ IP Services (10%) - DHCP, DNS, NTP, QoS βββ Security (15%) - ACLs, Port Security, DHCP Snooping βββ Automation (10%) - SDN, REST APIs, JSON/YAML, DNA Center KEY COMMANDS TO KNOW: βββ show running-config / show startup-config βββ show ip interface brief / show ip route βββ show vlan brief / show mac address-table βββ show spanning-tree / show etherchannel summary βββ show ip nat translations / show access-lists βββ show ipv6 interface brief / show ipv6 neighbors EXAM STRATEGY: βββ Read carefully - identify what is being asked βββ Process of elimination - eliminate wrong answers βββ Simulations - verify before making changes βββ Flag difficult questions - come back later βββ Manage time - don't spend too long on one question READY FOR THE EXAM! ``` --- ## π§ͺ Final Practice Test - Mixed Topics **1.** A router needs to forward traffic between VLAN 10 (192.168.10.0/24) and VLAN 20 (192.168.20.0/24). Which method uses subinterfaces with 802.1Q encapsulation? A) Static routing B) Router-on-a-stick C) Layer 3 switch SVI D) Dynamic routing <details> <summary>Answer</summary> <b>B) Router-on-a-stick</b> - This method uses a single physical interface with subinterfaces and 802.1Q tagging. </details> **2.** What is the default administrative distance for OSPF? A) 1 B) 90 C) 110 D) 120 <details> <summary>Answer</summary> <b>C) 110</b> - OSPF has AD 110, EIGRP 90, Static 1, RIP 120. </details> **3.** Which statement about the native VLAN on a trunk is true? A) Frames in the native VLAN are tagged B) Frames in the native VLAN are untagged C) Native VLAN cannot be changed from VLAN 1 D) Native VLAN carries only management traffic <details> <summary>Answer</summary> <b>B) Frames in the native VLAN are untagged</b> - Native VLAN traffic is not tagged with 802.1Q. </details> **4.** A network administrator needs to restrict SSH access to a router to only the management subnet 192.168.100.0/24. Which configuration is correct? A) `access-list 10 permit 192.168.100.0 0.0.0.255` applied to interface B) `access-list 100 permit tcp 192.168.100.0 0.0.0.255 any eq 22` applied to interface C) `access-list 10 permit 192.168.100.0 0.0.0.255` applied to VTY lines D) `access-list 100 permit tcp 192.168.100.0 0.0.0.255 any eq 22` applied to VTY lines <details> <summary>Answer</summary> <b>C) `access-list 10 permit 192.168.100.0 0.0.0.255` applied to VTY lines</b> - VTY access control uses `access-class` with a standard ACL. </details> **5.** Which of the following are characteristics of UDP? (Select two) A) Connection-oriented B) Connectionless C) Provides error recovery D) No error recovery E) Uses sequence numbers <details> <summary>Answer</summary> <b>B and D</b> - UDP is connectionless and does not provide error recovery. </details> **6.** What is the purpose of the `ipv6 unicast-routing` command? A) Enable IPv6 on an interface B) Enable IPv6 routing globally C) Configure a static IPv6 route D) Enable IPv6 multicast <details> <summary>Answer</summary> <b>B) Enable IPv6 routing globally</b> - This command enables IPv6 routing on the router. </details> **7.** A switch interface is in errdisable state due to a security violation. How can it be restored? A) `no shutdown` on the interface B) `clear errdisable` command C) Reload the switch D) All of the above <details> <summary>Answer</summary> <b>D) All of the above</b> - `no shutdown`, `clear errdisable`, or reload can restore the interface. </details> **8.** Which protocol uses UDP port 514 for message transport? A) SNMP B) NetFlow C) Syslog D) NTP <details> <summary>Answer</summary> <b>C) Syslog</b> - Syslog uses UDP 514 by default. </details> **9.** What is the correct IPv6 address shortening for 2001:0db8:0000:0000:0000:0000:0000:0001? A) 2001:db8::1 B) 2001:db8:0:0:0:0:0:1 C) 2001:db8:0:0:0:0:0:0001 D) 2001:db8:0:0:0:0:0:1 <details> <summary>Answer</summary> <b>A) 2001:db8::1</b> - Omit leading zeros and replace consecutive zeros with :: once. </details> **10.** Which feature prevents rogue DHCP servers from assigning addresses to clients? A) Port Security B) DHCP Snooping C) ARP Inspection D) BPDU Guard <details> <summary>Answer</summary> <b>B) DHCP Snooping</b> - DHCP snooping filters DHCP server messages from untrusted ports. </details> --- ## π Next Steps After completing this final review, you should: 1. **Take practice exams** (Boson, Cisco official, or other resources) 2. **Review weak areas** identified in practice tests 3. **Hands-on practice** with Packet Tracer or real equipment 4. **Review command outputs** for common show commands 5. **Rest well** before the actual exam --- **Congratulations on completing the CCNA 200-301 video series notes!** Would you like me to: 1. Create a comprehensive cheat sheet with all key commands? 2. Provide a study schedule for final preparation? 3. Continue with additional practice questions? 4. Answer any specific questions about topics you're unsure about? I'll provide all four requested items to help you complete your CCNA 200-301 preparation. --- # π CCNA 200-301 - Complete Final Preparation Package --- ## 1. COMPREHENSIVE CHEAT SHEET - KEY COMMANDS ### CLI Mode Navigation | Command | Purpose | |---------|---------| | `enable` | Enter privileged EXEC mode | | `disable` | Exit privileged EXEC mode | | `configure terminal` | Enter global configuration mode | | `exit` | Exit current mode (one level up) | | `end` | Return to privileged EXEC mode | | `Ctrl+Z` | Return to privileged EXEC mode | | `Ctrl+C` | Abort command | ### General Configuration | Command | Purpose | |---------|---------| | `hostname [name]` | Set device name | | `banner motd #[message]#` | Set login banner | | `enable secret [password]` | Set privileged EXEC password (encrypted) | | `enable password [password]` | Set privileged EXEC password (clear text) | | `service password-encryption` | Encrypt all clear-text passwords | | `no ip domain-lookup` | Disable DNS lookup (prevents command delays) | | `ip domain-name [name]` | Set domain name | | `ip name-server [ip]` | Set DNS server | | `clock timezone [zone] [offset]` | Set timezone | | `clock set [hh:mm:ss] [day] [month] [year]` | Set system time | | `logging console [level]` | Set console logging level | | `logging buffered [size]` | Enable buffer logging | | `logging host [ip]` | Send logs to syslog server | | `copy running-config startup-config` | Save configuration | | `write memory` | Alternative save command | | `reload` | Reboot device | | `erase startup-config` | Erase saved configuration | ### Interface Configuration | Command | Purpose | |---------|---------| | `interface [type] [number]` | Enter interface configuration | | `interface range [type] [start-end]` | Configure multiple interfaces | | `description [text]` | Set interface description | | `ip address [ip] [mask]` | Set IPv4 address | | `ipv6 address [ipv6]/[prefix]` | Set IPv6 address | | `ipv6 address autoconfig` | Enable SLAAC | | `ipv6 address dhcp` | Enable DHCPv6 client | | `ipv6 enable` | Enable IPv6 on interface | | `no shutdown` | Enable interface | | `shutdown` | Disable interface | | `duplex [auto|full|half]` | Set duplex mode | | `speed [auto|10|100|1000]` | Set interface speed | | `mtu [bytes]` | Set MTU size | | `ip helper-address [ip]` | Configure DHCP relay | | `ip nat inside` | Mark interface as NAT inside | | `ip nat outside` | Mark interface as NAT outside | | `bandwidth [kbps]` | Set interface bandwidth (for routing metrics) | ### VLAN and Switching | Command | Purpose | |---------|---------| | `vlan [id]` | Create VLAN | | `name [name]` | Name VLAN | | `switchport mode access` | Set port as access port | | `switchport access vlan [id]` | Assign VLAN to access port | | `switchport mode trunk` | Set port as trunk | | `switchport trunk native vlan [id]` | Set native VLAN on trunk | | `switchport trunk allowed vlan [list]` | Define allowed VLANs on trunk | | `switchport nonegotiate` | Disable DTP | | `channel-group [num] mode [active|passive|desirable|auto|on]` | Create EtherChannel | | `interface port-channel [num]` | Configure port-channel interface | | `spanning-tree vlan [id] root primary` | Set as root bridge | | `spanning-tree vlan [id] root secondary` | Set as secondary root | | `spanning-tree portfast` | Enable PortFast | | `spanning-tree bpduguard enable` | Enable BPDU Guard | | `spanning-tree mode [pvst|rapid-pvst|mst]` | Set STP mode | | `switchport port-security` | Enable port security | | `switchport port-security maximum [num]` | Set max MAC addresses | | `switchport port-security violation [shutdown|restrict|protect]` | Set violation mode | | `switchport port-security mac-address sticky` | Enable sticky MAC | | `ip dhcp snooping` | Enable DHCP snooping globally | | `ip dhcp snooping vlan [id]` | Enable DHCP snooping on VLAN | | `ip dhcp snooping trust` | Set trusted port for DHCP | ### Static Routing | Command | Purpose | |---------|---------| | `ip route [network] [mask] [next-hop]` | IPv4 static route | | `ip route 0.0.0.0 0.0.0.0 [next-hop]` | IPv4 default route | | `ip route [network] [mask] [exit-interface]` | Static route with exit interface | | `ip route [network] [mask] [next-hop] [AD]` | Floating static route | | `ipv6 route [prefix]/[length] [next-hop]` | IPv6 static route | | `ipv6 route ::/0 [next-hop]` | IPv6 default route | | `ip routing` | Enable IP routing (Layer 3 switch) | | `ipv6 unicast-routing` | Enable IPv6 routing | ### Dynamic Routing - OSPF | Command | Purpose | |---------|---------| | `router ospf [process-id]` | Enter OSPF configuration | | `router-id [ip]` | Set OSPF router ID | | `network [network] [wildcard] area [area-id]` | Advertise network (OSPFv2) | | `ip ospf [process-id] area [area-id]` | Enable OSPFv3 on interface | | `passive-interface [interface]` | Set passive interface | | `default-information originate` | Advertise default route | | `auto-cost reference-bandwidth [mbps]` | Set reference bandwidth | | `ip ospf cost [cost]` | Set OSPF cost on interface | | `show ip ospf neighbor` | Display OSPF neighbors | | `show ip ospf interface` | Display OSPF interface status | | `show ip ospf database` | Display OSPF LSDB | | `show ipv6 ospf neighbor` | Display OSPFv3 neighbors | ### Dynamic Routing - EIGRP | Command | Purpose | |---------|---------| | `router eigrp [as-number]` | Enter EIGRP configuration | | `network [network] [wildcard]` | Advertise network (IPv4) | | `no auto-summary` | Disable auto-summary | | `ipv6 router eigrp [as-number]` | Enter IPv6 EIGRP config | | `eigrp router-id [ip]` | Set router ID | | `no shutdown` | Enable EIGRP for IPv6 | | `ipv6 eigrp [as-number]` | Enable EIGRP on interface | | `show ip eigrp neighbors` | Display EIGRP neighbors | | `show ip eigrp topology` | Display EIGRP topology | | `show ipv6 eigrp neighbors` | Display IPv6 EIGRP neighbors | ### ACL (Access Control Lists) | Command | Purpose | |---------|---------| | `access-list [num] permit/deny [source] [wildcard]` | Standard ACL | | `access-list [num] permit/deny protocol [src] [wild] [dst] [wild] eq [port]` | Extended ACL | | `ip access-list standard/extended [name]` | Named ACL | | `permit/deny [conditions]` | Rules within named ACL | | `ip access-group [acl] [in|out]` | Apply ACL to interface | | `access-class [acl] in` | Apply ACL to VTY lines | | `show access-lists` | Display all ACLs | | `show ip interface [interface]` | Show ACL applied to interface | ### NAT (Network Address Translation) | Command | Purpose | |---------|---------| | `ip nat inside source static [local] [global]` | Static NAT | | `ip nat pool [name] [start] [end] netmask [mask]` | NAT pool for dynamic NAT | | `ip nat inside source list [acl] pool [name]` | Dynamic NAT | | `ip nat inside source list [acl] interface [int] overload` | PAT (NAT Overload) | | `ip nat inside` | Mark inside interface | | `ip nat outside` | Mark outside interface | | `ip nat translation timeout [seconds]` | Set NAT timeout | | `show ip nat translations` | Display NAT table | | `show ip nat statistics` | Display NAT stats | | `clear ip nat translation *` | Clear NAT translations | ### FHRP (First Hop Redundancy Protocols) | Command | Purpose | |---------|---------| | `standby [group] ip [virtual-ip]` | Configure HSRP virtual IP | | `standby [group] priority [value]` | Set HSRP priority | | `standby [group] preempt` | Enable preemption | | `standby [group] track [object] decrement [value]` | Object tracking | | `standby version [1|2]` | Set HSRP version | | `vrrp [group] ip [virtual-ip]` | Configure VRRP virtual IP | | `vrrp [group] priority [value]` | Set VRRP priority | | `vrrp [group] preempt` | Enable preemption | | `glbp [group] ip [virtual-ip]` | Configure GLBP virtual IP | | `glbp [group] priority [value]` | Set GLBP priority | | `glbp [group] load-balancing [round-robin|weighted|host-dependent]` | Set load balancing | | `show standby` | Display HSRP status | | `show vrrp` | Display VRRP status | | `show glbp` | Display GLBP status | ### DHCP (Dynamic Host Configuration Protocol) | Command | Purpose | |---------|---------| | `ip dhcp pool [name]` | Create DHCP pool | | `network [network] [mask]` | Define network range | | `default-router [ip]` | Set default gateway | | `dns-server [ip]` | Set DNS server | | `domain-name [name]` | Set domain name | | `lease [days] [hours] [minutes]` | Set lease duration | | `ip dhcp excluded-address [start] [end]` | Exclude addresses | | `ip dhcp relay information trust-all` | Trust DHCP relay info | | `show ip dhcp pool` | Display DHCP pools | | `show ip dhcp binding` | Display active leases | | `show ip dhcp conflict` | Display IP conflicts | | `clear ip dhcp binding *` | Clear all DHCP bindings | ### NTP (Network Time Protocol) | Command | Purpose | |---------|---------| | `ntp server [ip] [prefer]` | Configure NTP server | | `ntp master [stratum]` | Configure as NTP master | | `ntp authenticate` | Enable NTP authentication | | `ntp authentication-key [num] md5 [key]` | Set authentication key | | `ntp trusted-key [num]` | Set trusted key | | `ntp access-group [serve|serve-only|peer] [acl]` | Restrict NTP access | | `show ntp status` | Display NTP status | | `show ntp associations` | Display NTP associations | ### SNMP (Simple Network Management Protocol) | Command | Purpose | |---------|---------| | `snmp-server community [string] [RO|RW]` | Set community string | | `snmp-server location [text]` | Set device location | | `snmp-server contact [text]` | Set contact info | | `snmp-server host [ip] [community]` | Set trap destination | | `snmp-server enable traps` | Enable traps | | `snmp-server group [name] v3 [auth|priv]` | Create SNMPv3 group | | `snmp-server user [name] [group] v3 auth [md5|sha] [password]` | Create SNMPv3 user | | `show snmp community` | Display SNMP communities | | `show snmp group` | Display SNMPv3 groups | | `show snmp user` | Display SNMPv3 users | ### NetFlow | Command | Purpose | |---------|---------| | `flow record [name]` | Create flow record | | `match ipv4 source address` | Match source IP | | `collect counter bytes` | Collect byte count | | `flow exporter [name]` | Create flow exporter | | `destination [ip]` | Set collector IP | | `transport udp [port]` | Set destination port | | `flow monitor [name]` | Create flow monitor | | `record [record-name]` | Attach record | | `exporter [exporter-name]` | Attach exporter | | `ip flow monitor [monitor] [input|output]` | Apply to interface | | `show flow monitor [name] cache` | Display flow cache | | `show flow exporter [name] statistics` | Display exporter stats | ### SPAN (Switched Port Analyzer) | Command | Purpose | |---------|---------| | `monitor session [num] source interface [int] [rx|tx|both]` | Set source port | | `monitor session [num] source vlan [id] [rx|tx]` | Set source VLAN | | `monitor session [num] destination interface [int]` | Set destination port | | `monitor session [num] destination remote vlan [id]` | RSPAN destination | | `monitor session [num] source remote vlan [id]` | RSPAN source | | `vlan [id]` | Create VLAN | | `remote-span` | Mark as RSPAN VLAN | | `show monitor session [num]` | Display SPAN session | ### Wireless (WLC) | Command | Purpose | |---------|---------| | `wlan [name] [id]` | Create WLAN | | `ssid [name]` | Set SSID | | `security wpa` | Enable WPA | | `wpa2` | Enable WPA2 | | `wpa2 ciphers aes` | Set encryption | | `security wpa psk` | Enable PSK | | `psk ascii [passphrase]` | Set passphrase | | `security 802.1X` | Enable 802.1X | | `radius server [name]` | Configure RADIUS | | `address ipv4 [ip]` | Set RADIUS IP | | `key [key]` | Set RADIUS key | | `no shutdown` | Enable WLAN | | `show wlan summary` | Display all WLANs | | `show ap summary` | Display APs | | `show client summary` | Display clients | ### Troubleshooting and Verification | Command | Purpose | |---------|---------| | `ping [ip]` | Test connectivity | | `ping ipv6 [ipv6]` | Test IPv6 connectivity | | `traceroute [ip]` | Trace route | | `traceroute ipv6 [ipv6]` | Trace IPv6 route | | `show ip route` | Display routing table | | `show ipv6 route` | Display IPv6 routing table | | `show ip interface brief` | Interface status summary | | `show ipv6 interface brief` | IPv6 interface status | | `show interfaces [interface]` | Detailed interface info | | `show interfaces trunk` | Trunk port status | | `show vlan brief` | VLAN and port assignments | | `show mac address-table` | MAC address table | | `show running-config` | Current configuration | | `show startup-config` | Saved configuration | | `show version` | Device information | | `show cdp neighbors` | CDP neighbor information | | `show lldp neighbors` | LLDP neighbor information | | `show logging` | System logs | | `show clock` | System time | | `debug ip packet [acl]` | Debug IP packets | | `debug ip nat` | Debug NAT | | `debug ip ospf events` | Debug OSPF events | | `undebug all` | Disable all debugging | --- ## 2. STUDY SCHEDULE FOR FINAL PREPARATION ### 2-Week Intensive Study Plan ``` βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β WEEK 1 - DOMAIN REVIEW β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ β β β DAY 1 - Network Fundamentals (4 hours) β β βββ OSI Model (7 layers, protocols per layer) β β βββ TCP/IP Model (4 layers, comparison) β β βββ IPv4 Addressing (subnetting, CIDR, private IPs) β β βββ IPv6 Addressing (format, types, shortening) β β βββ Practice: 20 subnetting questions β β β β DAY 2 - Network Access (4 hours) β β βββ VLANs (access, trunk, native, DTP) β β βββ STP (states, root bridge, port roles, RSTP) β β βββ EtherChannel (LACP, PAgP, load balancing) β β βββ Wireless (802.11 standards, security, CAPWAP) β β βββ Practice: Configure VLANs, trunks, STP in Packet Tracer β β β β DAY 3 - IP Connectivity Part 1 (4 hours) β β βββ Static Routing (configuration, default, floating) β β βββ OSPFv2 (configuration, areas, neighbor states) β β βββ OSPFv3 (differences from OSPFv2) β β βββ Practice: Configure static routes, OSPF in Packet Tracer β β β β DAY 4 - IP Connectivity Part 2 (4 hours) β β βββ Inter-VLAN Routing (router-on-a-stick, SVI) β β βββ FHRP (HSRP, VRRP, GLBP - configuration, priorities) β β βββ NAT (static, dynamic, PAT, terminology) β β βββ Practice: Configure router-on-a-stick, NAT, HSRP β β β β DAY 5 - IP Services (4 hours) β β βββ DHCP (DORA, relay, configuration) β β βββ DNS (record types, hierarchy, resolution) β β βββ NTP (stratum, configuration) β β βββ QoS (classification, queuing, policing) β β βββ Practice: Configure DHCP server and relay β β β β DAY 6 - Security Fundamentals (4 hours) β β βββ ACLs (standard, extended, named, wildcard masks) β β βββ Port Security (sticky MAC, violation modes) β β βββ DHCP Snooping (trusted/untrusted ports) β β βββ AAA (RADIUS vs. TACACS+) β β βββ Practice: Configure ACLs, port security β β β β DAY 7 - Automation & Review (4 hours) β β βββ SDN (control vs. data plane, northbound/southbound) β β βββ REST APIs (HTTP methods, status codes) β β βββ Data Formats (JSON, XML, YAML) β β βββ Cisco DNA Center (automation, assurance) β β βββ Review all domains from Week 1 β β βββ Practice: Review weak areas β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ ``` ``` βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β WEEK 2 - PRACTICE & SIMULATIONS β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ β β β DAY 8 - Practice Exam (4 hours) β β βββ Take full-length practice exam (120 min) β β βββ Review incorrect answers β β βββ Identify weak areas β β βββ Review notes on missed topics β β β β DAY 9 - Lab Practice - Switching (4 hours) β β βββ Configure VLANs, trunks, EtherChannel β β βββ Configure STP (root bridge, priority) β β βββ Configure port security β β βββ Configure DHCP snooping β β βββ Verify all configurations β β β β DAY 10 - Lab Practice - Routing (4 hours) β β βββ Configure OSPF multi-area β β βββ Configure inter-VLAN routing (router-on-a-stick) β β βββ Configure HSRP for gateway redundancy β β βββ Configure NAT for internet access β β βββ Verify routing and connectivity β β β β DAY 11 - Lab Practice - Security & Services (4 hours) β β βββ Configure standard and extended ACLs β β βββ Configure DHCP server and relay β β βββ Configure NTP synchronization β β βββ Configure SNMPv3 β β βββ Verify all services β β β β DAY 12 - Second Practice Exam (4 hours) β β βββ Take second full-length practice exam (120 min) β β βββ Review incorrect answers β β βββ Review all missed topics β β βββ Confirm improvement from first exam β β β β DAY 13 - Command Review & Flash Cards (4 hours) β β βββ Review all show commands β β βββ Review configuration command syntax β β βββ Use flash cards for port numbers, AD values, etc. β β βββ Review troubleshooting scenarios β β βββ Practice simulation questions β β β β DAY 14 - Light Review & Rest (2-3 hours) β β βββ Quick review of notes β β βββ Review common mistakes β β βββ No heavy studying β β βββ Get good sleep β β βββ Prepare exam materials (ID, etc.) β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ ``` ### Daily Study Tips: | Time | Activity | |------|----------| | **Morning (1 hour)** | Review flashcards, memorize port numbers/AD values | | **Morning (1 hour)** | Watch video or read notes on one topic | | **Afternoon (2 hours)** | Hands-on lab practice (Packet Tracer) | | **Evening (1 hour)** | Take practice questions, review incorrect answers | ### Key Memorization List: | Category | Items to Memorize | |----------|-------------------| | **Port Numbers** | SSH (22), Telnet (23), SMTP (25), DNS (53), DHCP (67/68), HTTP (80), HTTPS (443), SNMP (161/162), Syslog (514) | | **AD Values** | Connected (0), Static (1), EIGRP (90), OSPF (110), RIP (120) | | **STP Timers** | Hello (2s), Max Age (20s), Forward Delay (15s) | | **FHRP Timers** | Hello (3s), Hold (10s) | | **Private IPs** | 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16 | | **IPv6 Prefixes** | GUA (2000::/3), LLA (FE80::/10), ULA (FD00::/8), Multicast (FF00::/8) | | **802.11 Channels** | 2.4 GHz non-overlapping: 1, 6, 11 | --- ## 3. ADDITIONAL PRACTICE QUESTIONS ### Question Set 1 - Network Fundamentals **Q1.** Which OSI layer is responsible for establishing, managing, and terminating sessions between applications? A) Transport Layer B) Session Layer C) Presentation Layer D) Application Layer <details> <summary>Answer</summary> <b>B) Session Layer (Layer 5)</b> - Manages sessions, dialog control, and synchronization. </details> **Q2.** What is the binary representation of the IPv4 address 192.168.1.10? A) 11000000.10101000.00000001.00001010 B) 10101010.11001100.00000001.00001010 C) 11000000.10101000.00000001.00001111 D) 11111111.11111111.11111111.00000000 <details> <summary>Answer</summary> <b>A) 11000000.10101000.00000001.00001010</b> - 192=11000000, 168=10101000, 1=00000001, 10=00001010. </details> **Q3.** Which of the following is a valid IPv6 link-local address? A) 2001:db8::1 B) FE80::1 C) FD00::1 D) FF02::1 <details> <summary>Answer</summary> <b>B) FE80::1</b> - Link-local addresses start with FE80::/10. </details> --- ### Question Set 2 - Network Access **Q4.** Which STP port state forwards traffic and learns MAC addresses? A) Blocking B) Listening C) Learning D) Forwarding <details> <summary>Answer</summary> <b>D) Forwarding</b> - Only forwarding state both forwards traffic and learns MAC addresses. </details> **Q5.** What is the default native VLAN on a Cisco switch trunk? A) VLAN 0 B) VLAN 1 C) VLAN 1002 D) No default native VLAN <details> <summary>Answer</summary> <b>B) VLAN 1</b> - The default native VLAN is VLAN 1. </details> **Q6.** Which wireless security protocol uses SAE (Simultaneous Authentication of Equals)? A) WPA2-Personal B) WPA2-Enterprise C) WPA3-Personal D) WEP <details> <summary>Answer</summary> <b>C) WPA3-Personal</b> - WPA3 replaces PSK with SAE for stronger authentication. </details> --- ### Question Set 3 - IP Connectivity **Q7.** Which command configures a floating static route to 192.168.3.0/24 with next-hop 10.1.1.2? A) `ip route 192.168.3.0 255.255.255.0 10.1.1.2` B) `ip route 192.168.3.0 255.255.255.0 10.1.1.2 1` C) `ip route 192.168.3.0 255.255.255.0 10.1.1.2 200` D) `ip route 192.168.3.0 255.255.255.0 10.1.1.2 permanent` <details> <summary>Answer</summary> <b>C) `ip route 192.168.3.0 255.255.255.0 10.1.1.2 200`</b> - Administrative distance 200 makes it a floating static route (used if primary route fails). </details> **Q8.** What is the OSPF cost for a 1 Gbps interface (default reference bandwidth)? A) 1 B) 4 C) 10 D) 100 <details> <summary>Answer</summary> <b>A) 1</b> - Cost = 10^8 / bandwidth (100,000,000 / 1,000,000,000 = 0.1, rounded to 1). </details> **Q9.** Which FHRP provides load balancing across multiple active routers? A) HSRP B) VRRP C) GLBP D) STP <details> <summary>Answer</summary> <b>C) GLBP</b> - Gateway Load Balancing Protocol distributes traffic across up to 4 active routers. </details> --- ### Question Set 4 - IP Services **Q10.** At what percentage of lease time does a DHCP client attempt to renew with the original server? A) 25% B) 50% C) 75% D) 87.5% <details> <summary>Answer</summary> <b>B) 50%</b> - T1 timer is 50% of lease time. </details> **Q11.** Which DNS record type maps a domain name to an IPv6 address? A) A B) AAAA C) CNAME D) MX <details> <summary>Answer</summary> <b>B) AAAA</b> - Quad-A record for IPv6 addresses. </details> **Q12.** Which NTP stratum level is a primary time server directly connected to an atomic clock? A) Stratum 0 B) Stratum 1 C) Stratum 2 D) Stratum 15 <details> <summary>Answer</summary> <b>B) Stratum 1</b> - Stratum 0 is the reference clock itself, Stratum 1 is directly connected. </details> --- ### Question Set 5 - Security Fundamentals **Q13.** What is the wildcard mask for the subnet 172.16.0.0/16? A) 0.0.0.255 B) 0.0.255.255 C) 0.255.255.255 D) 255.255.0.0 <details> <summary>Answer</summary> <b>B) 0.0.255.255</b> - Wildcard mask = 255.255.255.255 - 255.255.0.0 = 0.0.255.255. </details> **Q14.** Which port security violation mode drops traffic from unknown MAC addresses but does not generate a syslog message? A) Shutdown B) Restrict C) Protect D) Sticky <details> <summary>Answer</summary> <b>C) Protect</b> - Drops traffic without notification. Restrict drops with notification. </details> **Q15.** Which AAA protocol uses TCP and separates authentication, authorization, and accounting? A) RADIUS B) TACACS+ C) LDAP D) Kerberos <details> <summary>Answer</summary> <b>B) TACACS+</b> - Uses TCP port 49 and separates AAA functions. </details> --- ### Question Set 6 - Automation & Programmability **Q16.** Which HTTP method is used to create a new resource in a REST API? A) GET B) POST C) PUT D) DELETE <details> <summary>Answer</summary> <b>B) POST</b> - POST creates new resources; PUT updates existing. </details> **Q17.** Which data format is commonly used in Ansible playbooks? A) JSON B) XML C) YAML D) HTML <details> <summary>Answer</summary> <b>C) YAML</b> - Ansible uses YAML for its human-readable syntax. </details> **Q18.** Which component of Cisco DNA Center provides network health scores and anomaly detection? A) Automation B) Assurance C) Security D) Platform <details> <summary>Answer</summary> <b>B) Assurance</b> - Provides visibility into network and client health. </details> --- ### Question Set 7 - Troubleshooting Scenarios **Q19.** PC1 (192.168.1.10/24) can ping PC2 (192.168.1.20/24) but cannot ping PC3 (192.168.2.20/24). The default gateway is 192.168.1.1. What is the most likely issue? A) PC3 is powered off B) Router is not configured for inter-VLAN routing C) DNS is not working D) PC1 has wrong subnet mask <details> <summary>Answer</summary> <b>B) Router is not configured for inter-VLAN routing</b> - PC1 can ping same subnet but not different subnet, indicating routing issue. </details> **Q20.** A switch port shows "errdisable" status. Which command can bring it back? A) `no shutdown` B) `switchport port-security` C) `clear errdisable` D) Both A and C <details> <summary>Answer</summary> <b>D) Both A and C</b> - `no shutdown` and `clear errdisable` can restore errdisable ports. </details> --- ### Question Set 8 - Mixed Topics **Q21.** Which of the following are valid private IP address ranges? (Select two) A) 10.0.0.0 - 10.255.255.255 B) 172.0.0.0 - 172.31.255.255 C) 192.168.0.0 - 192.168.255.255 D) 169.254.0.0 - 169.254.255.255 <details> <summary>Answer</summary> <b>A and C</b> - RFC 1918 private ranges: 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16. 172.0.0.0 is not private; 169.254.0.0/16 is APIPA. </details> **Q22.** What is the purpose of the `ip helper-address` command? A) Enable DHCP server B) Forward DHCP broadcasts across subnets C) Configure DNS server D) Enable IP routing <details> <summary>Answer</summary> <b>B) Forward DHCP broadcasts across subnets</b> - Converts broadcast to unicast for DHCP server. </details> **Q23.** Which command displays the MAC address table on a Cisco switch? A) `show mac-address` B) `show mac address-table` C) `show cam table` D) `show arp` <details> <summary>Answer</summary> <b>B) `show mac address-table`</b> - Correct command for MAC address table. </details> --- ### Answer Key Summary | Q# | Answer | Q# | Answer | Q# | Answer | Q# | Answer | |----|--------|----|--------|----|--------|----|--------| | 1 | B | 7 | C | 13 | B | 19 | B | | 2 | A | 8 | A | 14 | C | 20 | D | | 3 | B | 9 | C | 15 | B | 21 | A,C | | 4 | D | 10 | B | 16 | B | 22 | B | | 5 | B | 11 | B | 17 | C | 23 | B | | 6 | C | 12 | B | 18 | B | | | --- ## 4. COMMON QUESTIONS & ANSWERS ### Topic 1: Subnetting **Q: How do I quickly calculate subnets?** ``` Magic Number Method: 1. Identify the octet with the mask boundary 2. Subtract the mask from 256 = block size 3. Networks are multiples of block size 4. First address = network, last = broadcast Example: 192.168.1.0/27 (255.255.255.224) - Block size: 256 - 224 = 32 - Networks: 0, 32, 64, 96, 128, 160, 192, 224 - 192.168.1.0/27: hosts 1-30, broadcast 31 ``` ### Topic 2: OSPF vs. EIGRP | Feature | OSPF | EIGRP | |---------|------|-------| | Type | Link-state | Advanced distance vector | | Metric | Cost (10^8 / bandwidth) | Bandwidth + Delay | | AD | 110 | 90 | | Standard | Open (RFC) | Cisco proprietary | | Convergence | Fast | Very fast | ### Topic 3: HSRP vs. VRRP vs. GLBP | Feature | HSRP | VRRP | GLBP | |---------|------|------|------| | Standard | Cisco | IEEE | Cisco | | Active Routers | 1 | 1 | Up to 4 | | Load Balancing | No | No | Yes | | Virtual MAC | 0000.0C07.ACxx | 0000.5E00.01xx | 0007.B400.01xx | | Multicast | 224.0.0.2 (v1), 224.0.0.102 (v2) | 224.0.0.18 | 224.0.0.102 | ### Topic 4: ACL Wildcard Masks ``` Wildcard = 255.255.255.255 - Subnet Mask /24 (255.255.255.0) β 0.0.0.255 /28 (255.255.255.240) β 0.0.0.15 /30 (255.255.255.252) β 0.0.0.3 Host = 0.0.0.0 Any = 255.255.255.255 ``` ### Topic 5: Port Security Violation Modes | Mode | Action | Log | Sends Trap | Port State | |------|--------|-----|------------|------------| | **Shutdown** | Shuts port | Yes | Yes | Errdisable | | **Restrict** | Drops traffic, increments counter | Yes | Yes | Up | | **Protect** | Drops traffic | No | No | Up | ### Topic 6: STP Port States vs. RSTP | STP (802.1D) | RSTP (802.1w) | Forward Data? | Learn MAC? | |--------------|---------------|---------------|-----------| | Blocking | Discarding | No | No | | Listening | Discarding | No | No | | Learning | Learning | No | Yes | | Forwarding | Forwarding | Yes | Yes | --- ## Final Checklist Before Exam ``` βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β EXAM DAY CHECKLIST β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ β β β BEFORE EXAM: β β β Review port numbers and AD values β β β Review subnetting magic number method β β β Get at least 8 hours of sleep β β β Eat a good breakfast β β β Arrive 30 minutes early β β β β DURING EXAM: β β β Read each question carefully β β β Eliminate obviously wrong answers β β β Flag difficult questions for review β β β For simulations, verify with show commands before answering β β β Manage time (approx 1 minute per question) β β β Don't leave any question unanswered β β β β AFTER EXAM: β β β Review results (if available) β β β If failed, note weak areas for next attempt β β β Celebrate passing! β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ ``` --- ## π Next Steps You now have: 1. β **Comprehensive Cheat Sheet** - All key commands in one place 2. β **Study Schedule** - 2-week final preparation plan 3. β **Additional Practice Questions** - 23 more questions with answers 4. β **Common Q&A** - Answers to frequently asked topics **Final Recommendations:** 1. Print the cheat sheet and keep it handy 2. Follow the 2-week study schedule strictly 3. Use Packet Tracer for hands-on practice daily 4. Take practice exams to simulate real exam conditions 5. Review weak areas identified in practice tests **Good luck on your CCNA 200-301 exam! You've got this!** You're absolutely right! I completed **21 videos** of notes, but the CCNA 200-301 course from NetworKing that you've been following actually has **58 videos** in total. I've covered approximately the first 1/3 of the course. Let me continue with the remaining videos. Here's what we've covered and what's remaining: --- ## Completed Videos (1-21) | Video | Topic | |-------|-------| | 1 | Network Fundamentals | | 2 | OSI Model Deep Dive | | 3 | TCP/IP Model & Encapsulation | | 4 | Introduction to Packet Tracer | | 5 | Ethernet Switching Fundamentals | | 6 | VLANs and Trunking | | 7 | Spanning Tree Protocol (STP) | | 8 | Inter-VLAN Routing | | 9 | EtherChannel | | 10 | DHCP (Dynamic Host Configuration Protocol) | | 11 | DNS and Network Time Protocol (NTP) | | 12 | First Hop Redundancy Protocols (HSRP, VRRP, GLBP) | | 13 | Access Control Lists (ACLs) | | 14 | Network Address Translation (NAT) | | 15 | IPv6 Addressing and Configuration | | 16 | IPv6 Routing and Transition Mechanisms | | 17 | Wireless Networking Fundamentals | | 18 | WLAN Configuration and Security | | 19 | Network Automation and Programmability | | 20 | Network Management and Monitoring | | 21 | Final Exam Review and Practice | --- ## Remaining Videos (22-58) Based on the typical CCNA 200-301 curriculum and the NetworKing series, the remaining videos likely cover: ``` βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β REMAINING VIDEOS - 37 MORE β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ β β β VIDEO 22-25: ADVANCED SWITCHING β β βββ Video 22: VLAN Trunking Protocol (VTP) β β βββ Video 23: Advanced STP Features (PortFast, UplinkFast, BackboneFast) β β βββ Video 24: Multiple Spanning Tree (MST) β β βββ Video 25: Switch Stacking and Chassis Aggregation β β β β VIDEO 26-30: ADVANCED ROUTING β β βββ Video 26: Route Summarization β β βββ Video 27: OSPF Network Types β β βββ Video 28: OSPF LSA Types and Areas β β βββ Video 29: EIGRP Advanced Features (Stub, Summarization) β β βββ Video 30: Route Redistribution β β β β VIDEO 31-35: WAN TECHNOLOGIES β β βββ Video 31: WAN Overview (MPLS, Metro Ethernet) β β βββ Video 32: PPP and HDLC β β βββ Video 33: PPPoE (PPP over Ethernet) β β βββ Video 34: GRE Tunnels β β βββ Video 35: VPN Technologies (IPsec, DMVPN) β β β β VIDEO 36-40: NETWORK SECURITY β β βββ Video 36: Device Hardening (Secure Management) β β βββ Video 37: AAA (Authentication, Authorization, Accounting) β β βββ Video 38: 802.1X and NAC (Network Access Control) β β βββ Video 39: VPN Configuration β β βββ Video 40: Firewall Technologies β β β β VIDEO 41-45: QoS (Quality of Service) β β βββ Video 41: QoS Overview (Classification, Marking) β β βββ Video 42: Queuing Mechanisms (FIFO, PQ, CQ, WFQ) β β βββ Video 43: Congestion Avoidance (RED, WRED) β β βββ Video 44: Traffic Policing and Shaping β β βββ Video 45: QoS Configuration Examples β β β β VIDEO 46-50: NETWORK MANAGEMENT β β βββ Video 46: CDP and LLDP β β βββ Video 47: NTP and SNMP (Advanced) β β βββ Video 48: NetFlow and IPFIX (Advanced) β β βββ Video 49: SPAN, RSPAN, and ERSPAN β β βββ Video 50: Cisco DNA Center and SD-Access β β β β VIDEO 51-55: TROUBLESHOOTING β β βββ Video 51: Troubleshooting Methodology β β βββ Video 52: Troubleshooting Switching Issues β β βββ Video 53: Troubleshooting Routing Issues β β βββ Video 54: Troubleshooting WAN Issues β β βββ Video 55: Troubleshooting Wireless Issues β β β β VIDEO 56-58: FINAL REVIEW β β βββ Video 56: Comprehensive Lab 1 - Full Network Implementation β β βββ Video 57: Comprehensive Lab 2 - Troubleshooting β β βββ Video 58: Final Exam Preparation β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ ``` --- ## Your Options Now that I've completed 21 videos, you can choose how to proceed: ### Option 1: Continue Sequential Notes (Videos 22+) I continue creating deep notes for each remaining video (22-58) in the same format as before. This would be the most comprehensive approach. ### Option 2: Priority Topics You tell me which specific topics you need most (from the remaining list), and I create detailed notes for those first. ### Option 3: Summary Notes for Remaining I create condensed summary notes for all remaining videos (22-58) covering key points without the deep detail of the first 21. ### Option 4: Practice-Focused We focus on lab scenarios and troubleshooting for the remaining topics rather than theory notes. --- **Please let me know which option you prefer, and I'll continue immediately!** If you want to continue sequentially, just say **"continue with video 22"** or **"next"** and I'll start with Video 22: VLAN Trunking Protocol (VTP). I'll continue with **Video 22: VLAN Trunking Protocol (VTP)** based on the standard CCNA 200-301 curriculum. ---