Cisco Certified Network Associate

Explain the role and function of network components (routers, L2/L3 switches, firewalls, APs, controllers).

Describe characteristics of network topology architectures (2-tier, 3-tier, spine-leaf, WAN, small office).

Compare physical interface and cabling types (single-mode fiber, multimode fiber, copper, PoE).

Identify interface and cable issues (collisions, errors, duplex/speed mismatch).

Compare TCP and UDP protocols and their applicable use cases.

Configure and verify IPv4 addressing and subnetting (VLSM, CIDR notation).

Describe the need for private IPv4 addressing and NAT/PAT concepts.

Configure and verify IPv6 addressing and prefix.

Compare IPv6 address types (global unicast, unique local, link local, multicast, anycast).

Verify IP parameters for Client OS (Windows, Mac OS, Linux).

Describe wireless principles (non-overlapping channels, SSID, RF, encryption).

Explain virtualization fundamentals (server, containers, VMs, NFV).

Describe switching concepts (CAM table, MAC learning, flood/forward, L2 forwarding).

Configure and verify VLANs (normal range) spanning multiple switches.

Configure and verify interswitch connectivity (trunk ports, 802.1Q, native VLAN).

Configure and verify Layer 2 discovery protocols (Cisco Discovery Protocol and LLDP).

Configure and verify (Layer 2/Layer 3) EtherChannel (LACP).

Interpret basic operations of Rapid PVST+ Spanning Tree Protocol (root port, root bridge).

Describe Cisco Wireless Architectures and AP modes (autonomous, lightweight, cloud).

Describe physical infrastructure connections of WLAN components (AP, WLC, access/trunk ports).

Configure the components of a wireless LAN access for client connectivity using GUI only.

Interpret the components of a routing table (routing protocol code, prefix, next hop, AD, metric).

Determine how a router makes a forwarding decision by default (LPM, AD, metric).

Configure and verify IPv4 and IPv6 static routing (default routes, floating routes).

Configure and verify single-area OSPFv2 (neighbor adjacencies, point-to-point, broadcast, passive interfaces).

Describe the purpose and functions of First Hop Redundancy Protocols (HSRP, VRRP).

Configure and verify inside source NAT using static and pools.

Configure and verify NTP operating in a client/server mode.

Explain the role of DHCP and DNS within the network.

Explain the function of SNMP in network operations.

Describe the use of syslog features including facilities and levels.

Configure and verify DHCP client and relay.

Explain the forwarding per-hop behavior (PHB) for QoS (classification, marking, queuing, shaping, policing).

Configure network devices for remote access using SSH.

Describe the capabilities and function of TFTP/FTP in the network.

Define key security concepts (threats, vulnerabilities, exploits, mitigation techniques).

Describe security program elements (user awareness, training, physical access control).

Configure device access control using local passwords and privilege levels.

Describe security password policies (length, complexity, multi-factor authentication, password manager).

Describe IPsec remote access and site-to-site VPNs.

Configure and verify access control lists (standard, extended, named, numbered).

Configure Layer 2 security features (DHCP snooping, Dynamic ARP Inspection, port security).

Differentiate authentication, authorization, and accounting concepts and their implementation.

Describe wireless security protocols (WPA, WPA2, WPA3) and their mechanisms.

Configure WLAN using WPA2 PSK using the GUI.

Explain how automation impacts network management (intent-based networking, SDN).

Compare traditional networks with controller-based networking (Cisco DNA Center, ACI).

Describe controller-based and software-defined architectures (overlay, underlay, fabric).

Compare traditional campus device management with Cisco DNA Center-enabled device management.

Describe characteristics of REST-based APIs (CRUD, HTTP verbs, data encoding: JSON, XML).

Recognize the capabilities of configuration management mechanisms (Puppet, Chef, Ansible).

Interpret JSON encoded data.