This section focuses on the CCNA 200-301 exam

The Cisco Certified Network Associate is the holy grail of entry-level certifications that somebody wanting to get into IT as a Network Administrator should want to achieve. It is only preceded by Network+ and Security+ in scope. Some employers consider a CCNA holder to be well qualified even without an accompanying Computer Science degree or experience. The CCNA has long been the gold standard when it comes to entry-level certifications. Because of this, I find it very valuable to have and why I pursued a CCNA before my other certifications.
The Cisco Certified Network Associate v1.0 (CCNA 200-301) exam is a 120-minute exam associated with the CCNA certification.

Here is a link to the the Cisco Learn Documentation for CCNA

Let's first give a brief overview of the exam objectives and percentage of coverage in the new exam which was released earlier this year. The CCNA covers your knowledge and skill on:

Skills Measured

Please click a link below to navigate to that learning module.

NOTE: The bullets that follow each of the skills measured are intended to illustrate how they are assessing that skill. The list is not definitive or exhaustive.

How to read the exam blueprint verbs:

Define - Candidates are expected to provide a clear and precise explanation or description of a concept, term, or technology.
Describe - This implies providing a detailed account or characteristics of a particular topic, technology, or process.
Explain - Similar to "describe," but it often requires a deeper level of understanding, with the expectation that candidates provide more in-depth information and reasoning.
Compare - Highlighting the similarities and differences between two or more concepts, technologies, or solutions.
Identify - You need to recognize and specify particular components, issues, or elements within the given context. It involves pinpointing and naming specific items.
Configure - For configuration-related tasks, candidates should be able to set up or adjust configurations for specific technologies, devices, or components. This often involves practical, hands-on skills.
Verify - Verifying means confirming that a configuration or setup is working correctly or as expected. It involves testing and ensuring proper functionality.
Interpret - Interpreting in the context of Cisco exams means analyzing data or information to draw meaningful conclusions. This typically requires a deep understanding of the subject and the ability to make sense of complex data.
Recognize - This involves acknowledging or identifying specific components, mechanisms, or data. It's about being able to spot and identify key elements within a given context.

Network Fundamentals (20%)

Explain the role and function of network components
• Routers
• Layer 2 and Layer 3 switches
• Next-generation firewalls and IPS
• Access points
• Controllers (Cisco DNA Center and WLC)
• Endpoints
• Servers
• PoE
Describe characteristics of network topology architectures
• Two-tier
• Three-tier
• Spine-leaf
• Small office/home office (SOHO)
• On-premise and cloud
Compare physical interface and cabling types
• Single-mode fiber, multimode fiber, copper
• Connections (Ethernet shared media and point-to-point)
Identify interface and cable issues (collisions, errors, mismatch duplex, and/or speed)
Compare TCP to UDP
Configure and verify IPv4 addressing and subnetting
Describe the need for private IPv4 addressing
Configure and verify IPv6 addressing and prefix
Describe IPv6 address types
• Unicast (global, unique local, and link local)
• Anycast
• Multicast
• Modified EUI 64
Verify IP parameters for Client OS (Windows, Mac OS, Linux)
Describe wireless principles
• Non-overlapping Wi-Fi channels
• RF
• Encryption
Explain virtualization fundamentals (server virtualization, containers, and VRFs)
Describe switching concepts
• MAC learning and aging
• Frame switching
• Frame flooding
• MAC address table

Network Access (20%)

Configure and verify VLANs (normal range) spanning multiple switches
• Access ports (data and voice)
• Default VLAN
• InterVLAN connectivity
Configure and verify interswitch connectivity
• Trunk ports
• 802.1Q
• Native VLAN
Configure and verify Layer 2 discovery protocols (CDP and LLDP)
Configure and verify (Layer 2/Layer 3) EtherChannel (LACP and PAgP)
Describe the need for and basic operations of Rapid PVST+, Spanning Tree Protocol, and identify basic operations
• Root port, root bridge (primary/secondary), and other port names
• Port states (forwarding/blocking)
• PortFast benefits
Compare Cisco Wireless Architectures and AP modes
Describe physical infrastructure connections of WLAN components (AP, WLC, access/trunk ports, and LAG)
Describe AP and WLC management access connections (Telnet, SSH, HTTP, HTTPS, console, and TACACS+/RADIUS)
Configure the components of a wireless LAN access for client connectivity using GUI only such as WLAN creation, security settings, QoS profiles, and advanced WLAN settings

IP Connectivity (25%)

Interpret the components of routing table
• Routing protocol code
• Prefix
• Network mask
• Next hop
• Administrative distance
• Metric
• Gateway of last resort
Determine how a router makes a forwarding decision by default
• Longest match
• Administrative distance
• Routing protocol metric
Configure and verify IPv4 and IPv6 static routing
• Default route
• Network route
• Host route
• Floating static
Configure and verify single area OSPFv2
• Neighbor adjacencies
• Point-to-point
• Broadcast (DR/BDR selection)
• Router ID
Describe the purpose, functions, and concepts of first hop redundancy protocols

IP Services (10%)

Configure and verify inside source NAT using static and pools
Configure and verify NTP operating in a client and server mode
Explain the role of DHCP and DNS within the network
Explain the function of SNMP in network operations
Describe the use of syslog features including facilities and levels
Configure and verify DHCP client and relay
Explain the forwarding per-hop behavior (PHB) for QoS such as classification, marking, queuing, congestion, policing, shaping
Configure network devices for remote access using SSH
Describe the capabilities and function of TFTP/FTP in the network

Security Fundamentals (15%)

Define key security concepts (threats, vulnerabilities, exploits, and mitigation techniques)
Describe security program elements (user awareness, training, and physical access control)
Configure and verify device access control using local passwords
Describe security password policies elements, such as management, complexity, and password alternatives (multifactor authentication, certificates, and biometrics)
Describe IPsec remote access and site-to-site VPNs
Configure and verify access control lists
Configure Layer 2 security features (DHCP snooping, dynamic ARP inspection, and port security)
Differentiate authentication, authorization, and accounting concepts
Describe wireless security protocols (WPA, WPA2, and WPA3)
Configure WLAN using WPA2 PSK using the GUI

Automation and Programmability (10%)

Explain how automation impacts network management
Compare traditional networks with controller-based networking
Describe controller-based and software defined architectures (overlay, underlay, and fabric)
• Separation of control plane and data plane
• North-bound and south-bound APIs
Compare traditional campus device management with Cisco DNA Center enabled device management
Describe characteristics of REST-based APIs (CRUD, HTTP verbs, and data encoding)
Recognize the capabilities of configuration management mechanisms Puppet, Chef, and Ansible
Interpret JSON encoded data