200-301 Cisco Certified Network Associate Exam

Duration: 120 minutes
Languages: English and Japanese
Price: $ USD, plus tax or use Cisco Learning Credits
Associated certification : CCNA

Exam overview
This exam tests your knowledge and skills related to:

Network fundamentals
Network access
IP connectivity
IP services
Security fundamentals
Automation and programmability

Exam Description: CCNA Exam v1.0 (CCNA 200-301) is a 120-minute exam associated with the CCNA certification. This exam tests a candidate’s knowledge and skills related to network fundamentals, network access, IP connectivity, IP services, security fundamentals, and automation and programmability. The course, Implementing and Administering Cisco Solutions (CCNA), helps candidates prepare for this exam.

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. To better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

Examkingdom Cisco 200-301 Exam pdf,

MCTS Training, MCITP Trainnig

Best Cisco 200-301 Free downloads , Cisco 200-301 Dumps at Certkingdom.com

20% 1.0 Network Fundamentals
1.1 Explain the role and function of network components
1.1.a Routers
1.1.b Layer 2 and Layer 3 switches
1.1.c Next-generation firewalls and IPS
1.1.d Access points
1.1.e Controllers (Cisco DNA Center and WLC)
1.1.f Endpoints
1.1.g Servers
1.1.h PoE
1.2 Describe characteristics of network topology architectures
1.2.a Two-tier
1.2.b Three-tier
1.2.c Spine-leaf
1.2.d WAN
1.2.e Small office/home office (SOHO)
1.2.f On-premise and cloud
1.3 Compare physical interface and cabling types
1.3.a Single-mode fiber, multimode fiber, copper
1.3.b Connections (Ethernet shared media and point-to-point)
1.4 Identify interface and cable issues (collisions, errors, mismatch duplex, and/or speed)
1.5 Compare TCP to UDP
1.6 Configure and verify IPv4 addressing and subnetting
1.7 Describe the need for private IPv4 addressing
1.8 Configure and verify IPv6 addressing and prefix
1.9 Describe IPv6 address types
1.9.a Unicast (global, unique local, and link local)
1.9.b Anycast
1.9.c Multicast
1.9.d Modified EUI 64
1.10 Verify IP parameters for Client OS (Windows, Mac OS, Linux)
1.11 Describe wireless principles
1.11.a Nonoverlapping Wi-Fi channels
1.11.b SSID
1.11.c RF
1.11.d Encryption
1.12 Explain virtualization fundamentals (server virtualization, containers, and VRFs)
1.13 Describe switching concepts
1.13.a MAC learning and aging
1.13.b Frame switching
1.13.c Frame flooding
1.13.d MAC address table

20% 2.0 Network Access

2.1 Configure and verify VLANs (normal range) spanning multiple switches
2.1.a Access ports (data and voice)
2.1.b Default VLAN
2.1.c InterVLAN connectivity
2.2 Configure and verify interswitch connectivity
2.2.a Trunk ports
2.2.b 802.1Q
2.2.c Native VLAN
2.3 Configure and verify Layer 2 discovery protocols (Cisco Discovery Protocol and LLDP)
2.4 Configure and verify (Layer 2/Layer 3) EtherChannel (LACP)
2.5 Interpret basic operations of Rapid PVST+ Spanning Tree Protocol
2.5.a Root port, root bridge (primary/secondary), and other port names
2.5.b Port states (forwarding/blocking)
2.5.c PortFast
2.6 Describe Cisco Wireless Architectures and AP modes
2.7 Describe physical infrastructure connections of WLAN components (AP, WLC, access/trunk ports, and LAG)
2.8 Describe AP and WLC management access connections (Telnet, SSH, HTTP, HTTPS, console, and TACACS+/RADIUS)
2.9 Interpret the wireless LAN GUI configuration for client connectivity, such as WLAN creation, security settings, QoS profiles, and advanced settings

25% 3.0 IP Connectivity
3.1 Interpret the components of routing table
3.1.a Routing protocol code
3.1.b Prefix
3.1.c Network mask
3.1.d Next hop
3.1.e Administrative distance
3.1.f Metric
3.1.g Gateway of last resort
3.2 Determine how a router makes a forwarding decision by default
3.2.a Longest prefix match
3.2.b Administrative distance
3.2.c Routing protocol metric
3.3 Configure and verify IPv4 and IPv6 static routing
3.3.a Default route
3.3.b Network route
3.3.c Host route
3.3.d Floating static
3.4 Configure and verify single area OSPFv2
3.4.a Neighbor adjacencies
3.4.b Point-to-point
3.4.c Broadcast (DR/BDR selection)
3.4.d Router ID
3.5 Describe the purpose, functions, and concepts of first hop redundancy protocols

10% 4.0 IP Services

4.1 Configure and verify inside source NAT using static and pools
4.2 Configure and verify NTP operating in a client and server mode
4.3 Explain the role of DHCP and DNS within the network
4.4 Explain the function of SNMP in network operations
4.5 Describe the use of syslog features including facilities and levels
4.6 Configure and verify DHCP client and relay
4.7 Explain the forwarding per-hop behavior (PHB) for QoS, such as classification, marking, queuing, congestion, policing, and shaping
4.8 Configure network devices for remote access using SSH
4.9 Describe the capabilities and functions of TFTP/FTP in the network

15% 5.0 Security Fundamentals
5.1 Define key security concepts (threats, vulnerabilities, exploits, and mitigation techniques)
5.2 Describe security program elements (user awareness, training, and physical access control)
5.3 Configure and verify device access control using local passwords
5.4 Describe security password policies elements, such as management, complexity, and password alternatives (multifactor authentication, certificates, and biometrics)
5.5 Describe IPsec remote access and site-to-site VPNs
5.6 Configure and verify access control lists
5.7 Configure and verify Layer 2 security features (DHCP snooping, dynamic ARP inspection, and port security)
5.8 Compare authentication, authorization, and accounting concepts
5.9 Describe wireless security protocols (WPA, WPA2, and WPA3)
5.10 Configure and verify WLAN within the GUI using WPA2 PSK

10% 6.0 Automation and Programmability
6.1 Explain how automation impacts network management
6.2 Compare traditional networks with controller-based networking
6.3 Describe controller-based, software defined architecture (overlay, underlay, and fabric)
6.3.a Separation of control plane and data plane
6.3.b Northbound and Southbound APIs
6.4 Compare traditional campus device management with Cisco DNA Center enabled device management
6.5 Describe characteristics of REST-based APIs (CRUD, HTTP verbs, and data encoding)
6.6 Recognize the capabilities of configuration management mechanisms Puppet, Chef, and Ansible
6.7 Recognize components of JSON-encoded data

QUESTION 1
Which authentication method allows a user to log in to an SSO-enabled Cisco Unified Communications application by utilizing a Microsoft Windows login, thereby not requiring any credentials to be entered?

A. Smart Card
B. OAuth
C. form-based
D. Kerberos

Answer: B

Explanation:
The main advantage of Kerberos authentication compared to the other authentication methods is that you do not need to provide your credentials when you log in to Cisco Jabber. If you use Kerberos, the client does not prompt users for credentials, because authentication was already provided to gain access to the Windows desktop. This authentication method allows you to log in to Cisco Jabber with your Microsoft Windows login.

QUESTION 2
When Cisco IM and Presence is configured to use automatic fallback, how long does the Server Recovery Manager service wait for a failed service/server to remain active before an automatic fallback is initiated?

A. 10 minutes
B. 20 minutes
C. 30 minutes
D. 1 hour

Answer: C

Explanation:
Automatic Fallback
Automatic fallback takes place when the server monitors the services and the Server Recovery Manager(SRM) service will automatically fallback users to their homed nodes. The key in this configuration is that the Server Recovery Manager(SRM) service will wait 30 minutes for a failed service/server to remain active before an automatic fallback is initiated. Once this 30 minute up time is established, user sessions are moved back to their homed nodes. The Jabber client will apply the re-log in upper and lower limits for the fallback. Automatic fallback is not the default configuration, but it can be enabled. To enable automatic fallback, change the Enable Automatic Fallback
parameter in the Server Recovery Manager Service Parameters to value True.

QUESTION 3

Which entity is a standard component used for authentication by SAML 2.0?

A. identity provider
B. session broker
C. Internet service provider
D. client access server

Answer: A

QUESTION 4
An engineer must configure a test user mailbox in a newly deployed Cisco Unity Express module. Which console command set reflects the correct configuration in this scenario?

A. Option A
B. Option B
C. Option C
D. Option D

Answer: A

QUESTION 5
Which two command line arguments can you specify when installing Cisco Jabber for windows? (Choose two.)

A. CISCO_UDS_DOMAIN
B. TFTP_ADDRESS
C. VOICEMAIL_SERVER_ADDRESS
D. SERVICES_DOMAIN
E. TFTP

Answer: D, E

QUESTION 6
Which description of an IdP server is true?

A. authenticates user credentials
B. provides user authorization
C. is an authentication request that is generated by a Cisco Unified Communications application
D. consists of pieces of security information that are transferred to the service provider for user authentication

Answer: A

Explanation:
SSO uses Security Assertion Markup Language (SAML) to exchange authentication details between an Identity Provider (IdP) and a service provider. The identity provider authenticates user credentials and issues SAML assertions, which are pieces of security information transferred from the identity provider to the service provider for user authentication. Each assertion is an XML document that

200-301 Cisco Certified Network Associate Exam
Scroll to top