The Network Expert: May 2009

Sunday, May 31, 2009

Internetwork Expert CCIE Voice Updates

Internetwork Expert has posted about their Voice Updates that will be coming this year.

You can read the post directly at this Link.

Script of the Post below.

CCIE Voice Products Updates!

By Petr Lapukhov, CCIE #16379

Hi everyone!

We are excited to announce our newest release of IEWB-VO VOL1 labs covering the new CCIE Voice blueprint, which becomes effective as of July this year. The first of the CCIE Voice v3.0 labs are now out in beta format, in addition to new Voice Racks available to rent covering the new topology! All current customers who have purchased IEWB-VO VOL1 will automatically receive the new updates in their members account at no additional cost. Each section of the new VOL1 includes technology-focused labs with explanations, verifications, further reading links, and dedicated troubleshooting sections.

The initial release covers Cisco Unified Communications Manager Express (CUCME, formally known as Call Manager Express or CME). We will continue releasing new voice content covering all new blueprint topics, with a new section being released each week. The next release will include more CUCME labs, as well as Unity Express tasks, followed by the first of the new Unified Communications Manager Labs! The initial VOL1 release covers the following topics:

CUCME Basic Configuration
Phone Registration & Number Assignment (SCCP Phones)
SIP Phones
ISDN PRI
IOS Call Routing
Voice Translation Rules
Shared Line
Night Service
After-Hours Setup
Single Number Reach
Softkey Customization - SCCP
Softkey Customization - SIP
Octo-Line
Conference Resources
Transcoding Resources
B-ACD
Voice Hunt Groups
Ephone Hunt groups
Dynamic Hunt groups

The new voice racks are fully compliant with the CCIE Voice hardware specification posted at Cisco’s website: CCIE Voice Hardware Specification. To many folks out there, the new hardware lists is a huge relief, as the many old and expensive devices including the 6500 switch and the VG248 are now gone. Plus, the addition of SIP phones allows for more flexible choice of softphone software, not limited to the small set of SCCP-compatible products available on the market.

As for the people preparing using the old blueprint, our rack rentals support the old CCIE Voice hardware specification as well. Nothing will change until the lasts days the old blueprint remains valid.

Thank you, and be sure to check back often for more updates!

Saturday, May 30, 2009

Cisco Live 2009

I am signed up for Cisco Live 2009 in San Francisco. I am currently working on my schedule but this is what I have so far.

Sunday June 28th
1:00 PM GENCCBU-5610 - Contact Center and Collaboration Communities General Session
2:30 PM GENCCBU-5611 - Contact Center and Collaboration Community User Groups Welcome Reception

Monday June 30th
1:00 PM BRKNMS-2658 - Securely Managing Your Networks and SNMPv3
3:00 PM ITMATO-1015 - The Network: Enabling Next-Generation Enterprise Architecture

Tuesday June 31st
7:30 AM BRKRST-2102 - Deploying IP/MPLS VPNs
10:00 AM GENKEY-5501 - Opening Keynote and Welcome Address with John Chambers
12:00 PM BRKDCT-2951 - Deploying Nexus 7000 in Data Center Networks
4:00 PM BRKAPP-2005 - Deploying Cisco Wide Area Application Services (WAAS)

Wednesday July 1st
8:00 AM BRKSEC-2000 - Secure Enterprise Design
10:30 AM GENKEY-5564 - Cisco Technology Keynote with Padmasree Warrior
12:00 PM BRKAPP-3006 - Troubleshooting Cisco Wide Area Application Services
2:30 PM GENSSN-4464 - Super Session: Data Center Virtualization Architectures
4:00 PM BRKRST-2041 - Enterprise WAN Architectures and Design Principles
7:30 PM Customer Event - Customer Appreciation Event

Thursday July 2nd
8:00 AM BRKRST-2042 - Highly Available Wide Area Network Design
10:30 AM GENKEY-5565 - Closing Guest Keynote: Guy Kawasaki
12:00 PM BRKSEC-2008 - PCI Compliance
2:30 PM BRKRST-2503 - Cisco TelePresence Network Infrastructure Design for Enterprise

Friday, May 29, 2009

Cisco Unifying its In-House Data Centers

Cisco Unifying its In-House Data Centers

Cisco Systems (CSCO) will shift all of its in-house data centers to the company’s new Unified Computing System in the next two years, the company said this week. The migration will take place as part of a rolling hardware refresh that will see all of Cisco’s data centers gradually converted to the company’s new infrastructure platform.

Link

Sunday, May 24, 2009

CCIE Security Written Blueprint v2.0

CCIE Security Written Exam Blueprint Version 2.0

Information taken from:
http://www.cisco.com/web/learning/le3/ccie/security/wr_exam_blueprint_v2.html

The Security written exam (350-018) has 100 multiple-choice questions and is two hours in duration. The topic areas listed are general guidelines for the type of content that is likely to appear on the exam. Please note, however, that other relevant or related topic areas may also appear.

General Networking
1. Networking Basics
2. OSI Layers
3. TCP/IP Protocols
4. Switching (VTP, VLANs, Spanning Tree, Trunking, etc.)
5. Routing Protocols (RIP, EIGRP, OSPF, and BGP)
6. IP Multicast
Security Protocols, Ciphers and Hash Algorithms
1. RADIUS
2. TACACS+
3. Ciphers RSA, DSS, RC4
4. Message Digest 5 (MD5)
5. Secure Hash Algorithm (SHA)
6. EAP PEAP TKIP TLS
7. Data Encryption Standard (DES)
8. Triple DES (3DES)
9. Advanced Encryption Standard (AES)
10. IP Security (IPSec)
11. Authentication Header (AH)
12. Encapsulating Security Payload (ESP)
13. Internet Key Exchange (IKE)
14. Certificate Enrollment Protocol (CEP)
15. Transport Layer Security (TLS)
16. Secure Socket Layer (SSL)
17. Point to Point Tunneling Protocol (PPTP)
18. Layer 2 Tunneling Protocol (L2TP)
19. Generic Route Encapsulation (GRE)
20. Secure Shell (SSH)
21. Pretty Good Privacy (PGP)
Application Protocols
1. Hypertext Transfer Protocol (HTTP)
2. Simple Mail Transfer Protocol (SMTP)
3. File Transfer Protocol (FTP)
4. Domain Name System (DNS)
5. Trivial File Transfer Protocol (TFTP)
6. Network Time Protocol (NTP)
7. Lightweight Directory Access Protocol (LDAP)
8. Syslog
Security Technologies
1. Packet Filtering
2. Content Filtering
3. URL Filtering
4. Authentication Technologies
5. Authorization technologies
6. Proxy Authentication
7. Public Key Infrastructure (PKI)
8. IPSec VPN
9. SSL VPN
10. Network Intrusion Prevention Systems
11. Host Intrusion Prevention Systems
12. Event Correlation
13. Adaptive Threat Defense (ATD)
14. Network Admission Control (NAC)
15. 802.1x
16. Endpoint Security
17. Network Address Translation
Cisco Security Appliances and Applications
1. Cisco Secure PIX Firewall
2. Cisco Intrusion Prevention System (IPS)
3. Cisco VPN 3000 Series Concentrators
4. Cisco EzVPN Software and Hardware Clients
5. Cisco Adaptive Security Appliance (ASA) Firewall
6. Cisco Security Monitoring, Analysis and Response System (MARS)
7. Cisco IOS Firewall
8. Cisco IOS Intrusion Prevention System
9. Cisco IOS IPSec VPN
10. Cisco IOS Trust and Identity
11. Cisco Secure ACS for Windows
12. Cisco Secure ACS Solution Engine
13. Cisco Traffic Anomaly Detectors
14. Cisco Guard DDoS Mitigation Appliance
15. Cisco Catalyst 6500 Series Security Modules (FWSM, IDSM, VPNSM, WebVPN, SSL modules)
16. Cisco Traffic Anomaly Detector Module & Cisco Guard Service Module
Cisco Security Management
1. Cisco Adaptive Security Device Manager (ASDM)
2. Cisco Router & Security Device Manager (SDM)
3. Cisco Security Manager (CSM)
Cisco Security General
1. IOS Specifics
2. Routing and Switching Security Features: IP & MAC Spoofing, MAC Address Controls, Port Security, DHCP Snoop, DNS Spoof.
3. NetFlow
4. Layer 2 Security Features
5. Layer 3 Security Features
6. Wireless Security
7. IPv6 Security
Security Solutions
1. Network Attack Mitigation
2. Virus and Worms Outbreaks
3. Theft of Information
4. DoS/DDoS Attacks
5. Web Server & Web Application Security
Security General
1. Policies - Security Policy Best Practices
2. Information Security Standards (ISO 17799, ISO 27001, BS7799)
3. Standards Bodies
4. Common RFCs (e.g. RFC1918, RFC2827, RFC2401)
5. BCP 38
6. Attacks, Vulnerabilities and Common Exploits - recon, scan, priv escalation, penetration, cleanup, backdoor
7. Security Audit & Validation
8. Risk Assessment
9. Change Management Process
10. Incident Response Framework
11. Computer Security Forensics

Saturday, May 23, 2009

CCIE Security Lab Blueprint v3.0

CCIE Security Lab Exam Blueprint Version 3.0

Information taken from:
http://www.cisco.com/web/learning/le3/ccie/security/lab_exam_blueprint_v3.html

Please review the Lab Exam Overview for general information about the CCIE Security lab exam. This lab exam blueprint v3.0 is a detailed outline of the topics likely to appear on the lab exam effective mid-April 2009. Knowledge of troubleshooting is an important skill and candidates are expected to diagnose and solve issues as part of the CCIE lab exam. The topics listed are guidelines and other relevant or related topics may also appear. Candidates for lab exams scheduled in mid April'09 or later should prepare using the v3.0 blueprints below. In general, new product features become eligible for testing on CCIE lab exams six months after general release.

Implement secure networks using Cisco ASA Firewalls
1. Perform basic firewall Initialization
2. Configure device management
3. Configure address translation (nat, global, static)
4. Configure ACLs
5. Configure IP routing
6. Configure object groups
7. Configure VLANs
8. Configure filtering
9. Configure failover
10. Configure Layer 2 Transparent Firewall
11. Configure security contexts (virtual firewall)
12. Configure Modular Policy Framework
13. Configure Application-Aware Inspection
14. Configure high availability solutions
15. Configure QoS policies
Implement secure networks using Cisco IOS Firewalls
1. Configure CBAC
2. Configure Zone-Based Firewall
3. Configure Audit
4. Configure Auth Proxy
5. Configure PAM
6. Configure access control
7. Configure performance tuning
8. Configure advanced IOS Firewall features
Implement secure networks using Cisco VPN solutions
1. Configure IPsec LAN-to-LAN (IOS/ASA)
2. Configure SSL VPN (IOS/ASA)
3. Configure Dynamic Multipoint VPN (DMVPN)
4. Configure Group Encrypted Transport (GET) VPN
5. Configure Easy VPN (IOS/ASA)
6. Configure CA (PKI)
7. Configure Remote Access VPN
8. Configure Cisco Unity Client
9. Configure Clientless WebVPN
10. Configure AnyConnect VPN
11. Configure XAuth, Split-Tunnel, RRI, NAT-T
12. Configure High Availability
13. Configure QoS for VPN
14. Configure GRE, mGRE
15. Configure L2TP
16. Configure advanced Cisco VPN features
Configure Cisco IPS to mitigate network threats
1. Configure IPS 4200 Series Sensor Appliance
2. Initialize the Sensor Appliance
3. Configure Sensor Appliance management
4. Configure virtual Sensors on the Sensor Appliance
5. Configure security policies
6. Configure promiscuous and inline monitoring on the Sensor Appliance
7. Configure and tune signatures on the Sensor Appliance
8. Configure custom signatures on the Sensor Appliance
9. Configure blocking on the Sensor Appliance
10. Configure TCP resets on the Sensor Appliance
11. Configure rate limiting on the Sensor Appliance
12. Configure signature engines on the Sensor Appliance
13. Use IDM to configure the Sensor Appliance
14. Configure event action on the Sensor Appliance
15. Configure event monitoring on the Sensor Appliance
16. Configure advanced features on the Sensor Appliance
17. Configure and tune Cisco IOS IPS
18. Configure SPAN & RSPAN on Cisco switches
Implement Identity Management
1. Configure RADIUS and TACACS+ security protocols
2. Configure LDAP
3. Configure Cisco Secure ACS
4. Configure certificate-based authentication
5. Configure proxy authentication
6. Configure 802.1x
7. Configure advanced identity management features
8. Configure Cisco NAC Framework
Implement Control Plane and Management Plane Security
1. Implement routing plane security features (protocol authentication, route filtering)
2. Configure Control Plane Policing
3. Configure CP protection and management protection
4. Configure broadcast control and switchport security
5. Configure additional CPU protection mechanisms (options drop, logging interval)
6. Disable unnecessary services
7. Control device access (Telnet, HTTP, SSH, Privilege levels)
8. Configure SNMP, Syslog, AAA, NTP
9. Configure service authentication (FTP, Telnet, HTTP, other)
10. Configure RADIUS and TACACS+ security protocols
11. Configure device management and security
Configure Advanced Security
1. Configure mitigation techniques to respond to network attacks
2. Configure packet marking techniques
3. Implement security RFCs (RFC1918/3330, RFC2827/3704)
4. Configure Black Hole and Sink Hole solutions
5. Configure RTBH filtering (Remote Triggered Black Hole)
6. Configure Traffic Filtering using Access-Lists
7. Configure IOS NAT
8. Configure TCP Intercept
9. Configure uRPF
10. Configure CAR
11. Configure NBAR
12. Configure NetFlow
13. Configure Anti-Spoofing solutions
14. Configure Policing
15. Capture and utilize packet captures
16. Configure Transit Traffic Control and Congestion Management
17. Configure Cisco Catalyst advanced security features
Identify and Mitigate Network Attacks
1. Identify and protect against fragmentation attacks
2. Identify and protect against malicious IP option usage
3. Identify and protect against network reconnaissance attacks
4. Identify and protect against IP spoofing attacks
5. Identify and protect against MAC spoofing attacks
6. Identify and protect against ARP spoofing attacks
7. Identify and protect against Denial of Service (DoS) attacks
8. Identify and protect against Distributed Denial of Service (DDoS) attacks
9. Identify and protect against Man-in-the-Middle (MiM) attacks
10. Identify and protect against port redirection attacks
11. Identify and protect against DHCP attacks
12. Identify and protect against DNS attacks
13. Identify and protect against Smurf attacks
14. Identify and protect against SYN attacks
15. Identify and protect against MAC Flooding attacks
16. Identify and protect against VLAN hopping attacks
17. Identify and protect against various Layer2 and Layer3 attacks

Friday, May 22, 2009

CCIE Routing & Switching Lab Blueprint v4.0

The CCIE Routing & Switching Lab Exam Blueprints Verion 4.0.

Information taken from:
https://cisco.hosted.jivesoftware.com/docs/DOC-4375

CCIE Routing and Switching Lab Exam Topics (Blueprint) v4.0

The following topics are general guidelines for the content likely to be included on the lab exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice. Login to access this content

Download PDF now

Exam Sections and Sub-task Objectives

1.00	Implement Layer 2 Technologies	√
1.10	Implement Spanning Tree Protocol (STP)
	(a) 802.1d
	(b) 802.1w
	(c) 801.1s
	(d) Loop guard
	(e) Root guard
	(f) Bridge protocol data unit (BPDU) guard
	(g) Storm control
	(h) Unicast flooding
	(i) Port roles, failure propagation, and loop guard operation
1.20	Implement VLAN and VLAN Trunking Protocol (VTP)
1.30	Implement trunk and trunk protocols, EtherChannel, and load-balance
1.40	Implement Ethernet technologies
	(a) Speed and duplex
	(b) Ethernet, Fast Ethernet, and Gigabit Ethernet
	(c) PPP over Ethernet (PPPoE)
1.50	Implement Switched Port Analyzer (SPAN), Remote Switched Port Analyzer (RSPAN), and flow control
1.60	Implement Frame Relay
	(a) Local Management Interface (LMI)
	(b) Traffic shaping
	(c) Full mesh
	(d) Hub and spoke
	(e) Discard eligible (DE)
1.70	Implement High-Level Data Link Control (HDLC) and PPP
2.00	Implement IPv4
2.10	Implement IP version 4 (IPv4) addressing, subnetting, and variable-length subnet masking (VLSM)
2.20	Implement IPv4 tunneling and Generic Routing Encapsulation (GRE)
2.30	Implement IPv4 RIP version 2 (RIPv2)
2.40	Implement IPv4 Open Shortest Path First (OSPF)
	(a) Standard OSPF areas
	(b) Stub area
	(c) Totally stubby area
	(d) Not-so-stubby-area (NSSA)
	(e) Totally NSSA
	(f) Link-state advertisement (LSA) types
	(g) Adjacency on a point-to-point and on a multi-access network
	(h) OSPF graceful restart
2.50	Implement IPv4 Enhanced Interior Gateway Routing Protocol (EIGRP)
	(a) Best path
	(b) Loop-free paths
	(c) EIGRP operations when alternate loop-free paths are available, and when they are not available
	(d) EIGRP queries
	(e) Manual summarization and autosummarization
	(f) EIGRP stubs
2.60	Implement IPv4 Border Gateway Protocol (BGP)
	(a) Next hop
	(b) Peering
	(c) Internal Border Gateway Protocol (IBGP) and External Border Gateway Protocol (EBGP)
2.70	Implement policy routing
2.80	Implement Performance Routing (PfR) and Cisco Optimized Edge Routing (OER)
2.90	Implement filtering, route redistribution, summarization, synchronization, attributes, and other advanced features
3.00	Implement IPv6
3.10	Implement IP version 6 (IPv6) addressing and different addressing types
3.20	Implement IPv6 neighbor discovery
3.30	Implement basic IPv6 functionality protocols
3.40	Implement tunneling techniques
3.50	Implement OSPF version 3 (OSPFv3)
3.60	Implement EIGRP version 6 (EIGRPv6)
3.70	Implement filtering and route redistribution
4.00	Implement MPLS Layer 3 VPNs
4.10	Implement Multiprotocol Label Switching (MPLS)
4.20	Implement Layer 3 virtual private networks (VPNs) on provider edge (PE), provider (P), and customer edge (CE) routers
4.30	Implement virtual routing and forwarding (VRF) and Multi-VRF Customer Edge (VRF-Lite)
5.00	Implement IP Multicast
5.10	Implement Protocol Independent Multicast (PIM) sparse mode
5.20	Implement Multicast Source Discovery Protocol (MSDP)
5.30	Implement interdomain multicast routing
5.40	Implement PIM Auto-Rendezvous Point (Auto-RP), unicast rendezvous point (RP), and bootstrap router (BSR)
5.50	Implement multicast tools, features, and source-specific multicast
5.60	Implement IPv6 multicast, PIM, and related multicast protocols, such as Multicast Listener Discovery (MLD)
6.00	Implement Network Security
6.01	Implement access lists
6.02	Implement Zone Based Firewall
6.03	Implement Unicast Reverse Path Forwarding (uRPF)
6.04	Implement IP Source Guard
6.05	Implement authentication, authorization, and accounting (AAA) (configuring the AAA server is not required, only the client-side (IOS) is configured)
6.06	Implement Control Plane Policing (CoPP)
6.07	Implement Cisco IOS Firewall
6.08	Implement Cisco IOS Intrusion Prevention System (IPS)
6.09	Implement Secure Shell (SSH)
6.10	Implement 802.1x
6.11	Implement NAT
6.12	Implement routing protocol authentication
6.13	Implement device access control
6.14	Implement security features
7.00	Implement Network Services
7.10	Implement Hot Standby Router Protocol (HSRP)
7.20	Implement Gateway Load Balancing Protocol (GLBP)
7.30	Implement Virtual Router Redundancy Protocol (VRRP)
7.40	Implement Network Time Protocol (NTP)
7.50	Implement DHCP
7.60	Implement Web Cache Communication Protocol (WCCP)
8.00	Implement Quality of Service (QoS)
8.10	Implement Modular QoS CLI (MQC)
	(a) Network-Based Application Recognition (NBAR)
	(b) Class-based weighted fair queuing (CBWFQ), modified deficit round robin (MDRR), and low latency queuing (LLQ)
	(c) Classification
	(d) Policing
	(e) Shaping
	(f) Marking
	(g) Weighted random early detection (WRED) and random early detection (RED)
	(h) Compression
8.20	Implement Layer 2 QoS: weighted round robin (WRR), shaped round robin (SRR), and policies
8.30	Implement link fragmentation and interleaving (LFI) for Frame Relay
8.40	Implement generic traffic shaping
8.50	Implement Resource Reservation Protocol (RSVP)
8.60	Implement Cisco AutoQoS
9.00	Troubleshoot a Network
9.10	Troubleshoot complex Layer 2 network issues
9.20	Troubleshoot complex Layer 3 network issues
9.30	Troubleshoot a network in response to application problems
9.40	Troubleshoot network services
9.50	Troubleshoot network security
10.00	Optimize the Network
10.01	Implement syslog and local logging
10.02	Implement IP Service Level Agreement SLA
10.03	Implement NetFlow
10.04	Implement SPAN, RSPAN, and router IP traffic export (RITE)
10.05	Implement Simple Network Management Protocol (SNMP)
10.06	Implement Cisco IOS Embedded Event Manager (EEM)
10.07	Implement Remote Monitoring (RMON)
10.08	Implement FTP
10.09	Implement TFTP
10.10	Implement TFTP server on router
10.11	Implement Switch-module Configuration Protocol (SCP)
10.12	Implement HTTP and HTTPS
10.13	Implement Telnet

Thursday, May 21, 2009

CCIE Routing & Switching Written Blueprint v4.0

Version 4.0 of the CCIE Routing & Switching Written Exam Blueprint.

This includes the latest modification on May 18th, and adds specifics to the previous announcement.

Information taken from:
https://cisco.hosted.jivesoftware.com/docs/DOC-4374

CCIE ® Routing and Switching Written Exam Topics (Blueprint) v4.0

The comprehensive CCIE R&S Written Exam (#350-001) has 100 multiple-choice questions and is two hours in duration. The topic areas listed are general guidelines for the type of content that is likely to appear on the exam. Please note, however, that other relevant or related topic areas may also appear. Login to access this content

Download PDF now

Exam Sections and Sub-task Objectives

1.00	Implement Layer 2 Technologies	√
1.10	Implement Spanning Tree Protocol (STP)
	(a) 802.1d
	(b) 802.1w
	(c) 801.1s
	(d) Loop guard
	(e) Root guard
	(f) Bridge protocol data unit (BPDU) guard
	(g) Storm control
	(h) Unicast flooding
	(i) Port roles, failure propagation, and loop guard operation
1.20	Implement VLAN and VLAN Trunking Protocol (VTP)
1.30	Implement trunk and trunk protocols, EtherChannel, and load-balance
1.40	Implement Ethernet technologies
	(a) Speed and duplex
	(b) Ethernet, Fast Ethernet, and Gigabit Ethernet
	(c) PPP over Ethernet (PPPoE)
1.50	Implement Switched Port Analyzer (SPAN), Remote Switched Port Analyzer (RSPAN), and flow control
1.60	Implement Frame Relay
	(a) Local Management Interface (LMI)
	(b) Traffic shaping
	(c) Full mesh
	(d) Hub and spoke
	(e) Discard eligible (DE)
1.70	Implement High-Level Data Link Control (HDLC) and PPP
2.00	Implement IPv4
2.10	Implement IP version 4 (IPv4) addressing, subnetting, and variable-length subnet masking (VLSM)
2.20	Implement IPv4 tunneling and Generic Routing Encapsulation (GRE)
2.30	Implement IPv4 RIP version 2 (RIPv2)
2.40	Implement IPv4 Open Shortest Path First (OSPF)
	(a) Standard OSPF areas
	(b) Stub area
	(c) Totally stubby area
	(d) Not-so-stubby-area (NSSA)
	(e) Totally NSSA
	(f) Link-state advertisement (LSA) types
	(g) Adjacency on a point-to-point and on a multi-access network
	(h) OSPF graceful restart
2.50	Implement IPv4 Enhanced Interior Gateway Routing Protocol (EIGRP)
	(a) Best path
	(b) Loop-free paths
	(c) EIGRP operations when alternate loop-free paths are available, and when they are not available
	(d) EIGRP queries
	(e) Manual summarization and autosummarization
	(f) EIGRP stubs
2.60	Implement IPv4 Border Gateway Protocol (BGP)
	(a) Next hop
	(b) Peering
	(c) Internal Border Gateway Protocol (IBGP) and External Border Gateway Protocol (EBGP)
2.70	Implement policy routing
2.80	Implement Performance Routing (PfR) and Cisco Optimized Edge Routing (OER)
2.90	Implement filtering, route redistribution, summarization, synchronization, attributes, and other advanced features
3.00	Implement IPv6
3.10	Implement IP version 6 (IPv6) addressing and different addressing types
3.20	Implement IPv6 neighbor discovery
3.30	Implement basic IPv6 functionality protocols
3.40	Implement tunneling techniques
3.50	Implement OSPF version 3 (OSPFv3)
3.60	Implement EIGRP version 6 (EIGRPv6)
3.70	Implement filtering and route redistribution
4.00	Implement MPLS Layer 3 VPNs
4.10	Implement Multiprotocol Label Switching (MPLS)
4.20	Implement Layer 3 virtual private networks (VPNs) on provider edge (PE), provider (P), and customer edge (CE) routers
4.30	Implement virtual routing and forwarding (VRF) and Multi-VRF Customer Edge (VRF-Lite)
5.00	Implement IP Multicast
5.10	Implement Protocol Independent Multicast (PIM) sparse mode
5.20	Implement Multicast Source Discovery Protocol (MSDP)
5.30	Implement interdomain multicast routing
5.40	Implement PIM Auto-Rendezvous Point (Auto-RP), unicast rendezvous point (RP), and bootstrap router (BSR)
5.50	Implement multicast tools, features, and source-specific multicast
5.60	Implement IPv6 multicast, PIM, and related multicast protocols, such as Multicast Listener Discovery (MLD)
6.00	Implement Network Security
6.01	Implement access lists
6.02	Implement Zone Based Firewall
6.03	Implement Unicast Reverse Path Forwarding (uRPF)
6.04	Implement IP Source Guard
6.05	Implement authentication, authorization, and accounting (AAA) (configuring the AAA server is not required, only the client-side (IOS) is configured)
6.06	Implement Control Plane Policing (CoPP)
6.07	Implement Cisco IOS Firewall
6.08	Implement Cisco IOS Intrusion Prevention System (IPS)
6.09	Implement Secure Shell (SSH)
6.10	Implement 802.1x
6.11	Implement NAT
6.12	Implement routing protocol authentication
6.13	Implement device access control
6.14	Implement security features
7.00	Implement Network Services
7.10	Implement Hot Standby Router Protocol (HSRP)
7.20	Implement Gateway Load Balancing Protocol (GLBP)
7.30	Implement Virtual Router Redundancy Protocol (VRRP)
7.40	Implement Network Time Protocol (NTP)
7.50	Implement DHCP
7.60	Implement Web Cache Communication Protocol (WCCP)
8.00	Implement Quality of Service (QoS)
8.10	Implement Modular QoS CLI (MQC)
	(a) Network-Based Application Recognition (NBAR)
	(b) Class-based weighted fair queuing (CBWFQ), modified deficit round robin (MDRR), and low latency queuing (LLQ)
	(c) Classification
	(d) Policing
	(e) Shaping
	(f) Marking
	(g) Weighted random early detection (WRED) and random early detection (RED)
	(h) Compression
8.20	Implement Layer 2 QoS: weighted round robin (WRR), shaped round robin (SRR), and policies
8.30	Implement link fragmentation and interleaving (LFI) for Frame Relay
8.40	Implement generic traffic shaping
8.50	Implement Resource Reservation Protocol (RSVP)
8.60	Implement Cisco AutoQoS
9.00	Troubleshoot a Network
9.10	Troubleshoot complex Layer 2 network issues
9.20	Troubleshoot complex Layer 3 network issues
9.30	Troubleshoot a network in response to application problems
9.40	Troubleshoot network services
9.50	Troubleshoot network security
10.00	Optimize the Network
10.01	Implement syslog and local logging
10.02	Implement IP Service Level Agreement SLA
10.03	Implement NetFlow
10.04	Implement SPAN, RSPAN, and router IP traffic export (RITE)
10.05	Implement Simple Network Management Protocol (SNMP)
10.06	Implement Cisco IOS Embedded Event Manager (EEM)
10.07	Implement Remote Monitoring (RMON)
10.08	Implement FTP
10.09	Implement TFTP
10.10	Implement TFTP server on router
10.11	Implement Switch-module Configuration Protocol (SCP)
10.12	Implement HTTP and HTTPS
10.13	Implement Telnet
11.00	Evaluate proposed changes to a Network
11.01	Evaluate interoperability of proposed technologies against deployed technologies
	(a) Changes to routing protocol parameters
	(b) Migrate parts of a network to IPv6
	(c) Routing Protocol migration
	(d) Adding multicast support
	(e) Migrate spanning tree protocol
	(f) Evaluate impact of new traffic on existing QoS design
11.02	Determine operational impact of proposed changes to an existing network
	(a) Downtime of network or portions of network
	(b) Performance degradation
	(c) Introducing security breaches
11.03	Suggest Alternative solutions when incompatible changes are proposed to an existing network
	(a) Hardware/Software upgrades
	(b) Topology shifts
	(c) Reconfigurations