www.networkershome.

com
Course overview

CCIE Enterprise Infrastructure (v1.0)

Exam Topics – Practical Exam
Exam Description:

The Cisco CCIE Enterprise Infrastructure (v1.0) Practical Exam is an eight-hour, hands-on exam that
requires a candidate to plan, design, deploy, operate, and optimize dual stack solutions (IPv4 and IPv6) for
complex enterprise networks.

Candidates are expected to program and automate the network within their exam, as per exam topics
below. The following topics are general guidelines for the content likely to be included on the exam.
Your knowledge, skills and abilities on these topics will be tested throughout the entire network lifecycle,
unless explicitly specified otherwise within this document.

The exam is closed book and no outside reference materials are allowed.

1. Network Infrastructure (30%)

1.1 Switched campus

● Switch administration

● Managing MAC address table

● Errdisable recovery

● L2 MTU

1.1.b Layer 2 protocols

● CDP, LLDP

● UDLD

1.1.c VLAN technologies

● Access ports

● Trunk ports (802.1Q)

● Native VLAN

+91-8447971084 | +91-9611027980 [email protected]

 www.networkershome.com
Course overview
● Manual VLAN pruning

● VLAN database

● Normal range and extended range VLANs

● Voice VLAN

● VTP

1.1.d EtherChannel

● LACP, static

● Layer 2, Layer 3

● Load balancing

● EtherChannel Misconfiguration Guard

1.1.e Spanning Tree Protocol

● PVST+, Rapid PVST+, MST

● Switch priority, port priority, path cost, STP timers

● PortFast, BPDU Guard, BPDU Filter

● Loop Guard, Root Guard

1.2 Routing Concepts

● Administrative distance

● VRF-lite

● Static routing

● Policy Based Routing

● VRF-aware routing with any routing protocol

● Route filtering with any routing protocol

● Manual summarization with any routing protocol

● Redistribution between any pair of routing protocols

● Routing protocol authentication

● Bidirectional Forwarding Detection

+91-8447971084 | +91-9611027980 [email protected]

 www.networkershome.com
Course overview

1.3 EIGRP

● Adjacencies

● Best path selection

● RD, FD, FC, successor, feasible successor

● Classic Metrics and Wide Metrics

● Operations

● General operations

● Topology table

● Packet types

● Stuck In Active

● Graceful shutdown

● EIGRP load balancing

● Equal-cost

● Unequal-cost

● Add-path

● EIGRP Named Mode

● Optimization, convergence and scalability

● Fast convergence requirements

● Query propagation boundaries

● IP FRR (single hop)

● Leak-map with summary routes

● EIGRP stub with leak map

1.4 OSPF (v2 and v3)

● Adjacencies

● Network types, area types

● Path preference

+91-8447971084 | +91-9611027980 [email protected]

 www.networkershome.com
Course overview

● Operations

● General operations

● Graceful shutdown

● GTSM (Generic TTL Security Mechanism)

● Optimization, convergence and scalability

● Metrics

● LSA throttling, SPF tuning, fast hello

● LSA propagation control (area types)

● Stub router

● Loop-free alternate

● Prefix suppression

1.5 BGP

● IBGP and EBGP peer relationships

● Peer-group/update-group, template

● Active, passive

● Timers

● Dynamic neighbors

● 4-byte AS numbers

● Private AS

● Path selection

● Attributes

● Best path selection algorithm

● Load balancing

● Routing policies

● Attribute manipulation

● Conditional advertisement

+91-8447971084 | +91-9611027980 [email protected]

 www.networkershome.com
Course overview

● Outbound Route Filtering

● Standard and extended communities

● Multi-homing

● AS path manipulations

● local-AS, allowas-in, remove-private-as

● Prepend

● Regexp

● Convergence and scalability

●Route reflector

● Aggregation, as-set

● Other BGP features

● Multipath, add-path

● Soft reconfiguration, Route Refresh

1.6 Multicast

● Layer 2 multicast

● IGMPv2, IGMPv3

● IGMP Snooping, PIM Snooping

● IGMP Querier

● IGMP Filter

● MLD

● Reverse path forwarding check

● PIM

● Sparse Mode

● Static RP, BSR, AutoRP

● Group to RP Mapping

● Bidirectional PIM

+91-8447971084 | +91-9611027980 [email protected]

 www.networkershome.com
Course overview
● Source-Specific Multicast

● Multicast boundary, RP announcement filter

● PIMv6 Anycast RP

● IPv4 Anycast RP using MSDP

● Multicast multipath

2. Software Defined Infrastructure (25%)

2.1 Cisco SD Access

● Design a Cisco SD Access solution

● Underlay network (IS-IS, manual/PnP)

● Overlay fabric design (LISP, VXLAN, Cisco TrustSec)

● Fabric domains (single-site and multi-site using SD-WAN transit)

● Cisco SD Access deployment

● Cisco DNA Center device discovery and device management

● Add fabric node devices to an existing fabric

● Host onboarding (wired endpoints only)

● Fabric border handoff

● Segmentation

● Macro-level segmentation using VNs

● Micro-level segmentation using SGTs (using Cisco ISE)

● Assurance

● Network and client health (360)

● Monitoring and troubleshooting

2.2 Cisco SD-WAN

● Design a Cisco SD-WAN solution

● Orchestration plane (vBond, NAT)

● Management plane (vManage)

● Control plane (vSmart, OMP)

+91-8447971084 | +91-9611027980 [email protected]

 www.networkershome.com
Course overview

● Data plane (vEdge/cEdge)

● WAN edge deployment

● Onboarding new edge routers

● Orchestration with zero-touch provisioning/Plug-And-Play

● OMP

● TLOC

● Configuration templates

● Localized policies (only QoS)

● Centralized policies

● Application Aware Routing

● Topologies

3. Transport Technologies and Solutions (15%)

3.1 MPLS

● Operations

● Label stack, LSR, LSP

● LDP

● MPLS ping, MPLS traceroute

● L3VPN

● PE-CE routing

● MP-BGP VPNv4/VPNv6

● Extranet (route leaking)

3.2 DMVPN

● Troubleshoot DMVPN Phase 3 with dual-hub

● NHRP

● IPsec/IKEv2 using pre-shared key

● Per-Tunnel QoS

+91-8447971084 | +91-9611027980 [email protected]

 www.networkershome.com
Course overview
● Identify use cases for FlexVPN

● Site-to-site, Server, Client, Spoke-to-Spoke

● IPsec/IKEv2 using pre-shared key

● MPLS over FlexVPN

4. Infrastructure Security and Services (15%)

4.1 Device Security on Cisco IOS XE

● Control plane policing and protection

● AAA

4.2 Network Security

● Switch security features

● VACL, PACL

● Storm control

● DHCP Snooping, DHCP option 82

● IP Source Guard

● Dynamic ARP Inspection

● Port Security

● Private VLAN

● Router security features

● IPv6 Traffic Filters

● IPv4 Access Control Lists

● Unicast Reverse Path Forwarding

● IPv6 infrastructure security features

● RA Guard

● DHCP Guard

● Binding table

● Device tracking

● ND Inspection/Snooping

+91-8447971084 | +91-9611027980 [email protected]

 www.networkershome.com
Course overview

● Source Guard

● IEEE 802.1X Port-Based Authentication

● Device roles, port states

● Authentication process

● Host modes

4.3 System Management

● Device management

● Console and VTY

● SSH, SCP

● RESTCONF, NETCONF

● SNMP

● v2c

● v3

● Logging

● Local logging, syslog, debugs, conditional debugs

● Timestamps

4.4 Quality of Service

● End to end L3 QoS using MQC

● DiffServ

● CoS and DSCP Mapping

● Classification

● Network Based Application Recognition (NBAR)

● Marking using IP Precedence, DSCP, CoS

● Policing, shaping

● Congestion management and avoidance

● HQoS, Sub-rate Ethernet Link

+91-8447971084 | +91-9611027980 [email protected]

 www.networkershome.com
Course overview
4.5 Network Services

● First Hop Redundancy Protocols

● HSRP, GLBP, VRRP

● Redundancy using IPv6 RS/RA

● Network Time Protocol

● Master, client

● Authentication

● DHCP on Cisco IOS

● Client, server, relay

● Options

● SLAAC/DHCPv6 interaction

● Stateful, stateless DHCPv6

● DHCPv6 Prefix Delegation

● IPv4 Network Address Translation

● Static NAT, PAT

● Dynamic NAT, PAT

● Policy-based NAT, PAT

● VRF-aware NAT, PAT

● IOS-XE VRF-Aware Software Infrastructure (VASI) NAT

4.6 Network optimization

● IP SLA

● ICMP probes

● UDP probes

● TCP probes

● Tracking object

● Flexible NetFlow

+91-8447971084 | +91-9611027980 [email protected]

 www.networkershome.com
Course overview
4.7 Network operations

● Traffic capture

● SPAN

● RSPAN

● ERSPAN

● Embedded Packet Capture

● Cisco IOS-XE troubleshooting tools

● Packet Trace

● Conditional debugger (debug platform condition)

5. Infrastructure Automation and Programmability (15%)

5.1 Data encoding formats

● JSON

● XML

5.2 Automation and scripting

● EEM applets

● Guest shell

● Linux environment

● CLI Python module

● EEM Python module

5.3 Programmability

● Interaction with vManage API

● Python requests library and Postman

● Monitoring endpoints

● Configuration endpoints

● Interaction with Cisco DNA Center API

● HTTP request (GET, PUT, POST) via Python requests library and Postman

● Interaction with Cisco IOS XE API

+91-8447971084 | +91-9611027980 [email protected]

 www.networkershome.com
Course overview
● Via NETCONF/YANG using Python ncclient library

● Via RESTCONF/YANG using Python requests library and Postman

● Deploy and verify model-driven telemetry

● Configure on-change subscription using gRPC

Head Office – Bangalore Branch Office – Noida

L-149,1st,2nd and 3rd Floor, Eshwari Mansion,5th A-33 ,2nd Floor ,Sector 2, Opposite Noida
Main Road, Sector-6 HSR Layout, Bengaluru Metro Station,sector – 15, Noida ,UP – 201301
Karnataka 560102, India
+91-6360345494 / +91-9999158475
+91-8088617460 / +91-8088617460
[email protected]
[email protected]

+91-8447971084 | +91-9611027980 [email protected]