Introduction
Are you interested in taking the Cisco CCIE Enterprise Infrastructure certification exam? If so, this blog is for you. As you already know, CCIE (Cisco Certified Internetwork Expert) is an expert-level exam that is highly respected in the networking industry. The CCIE Enterprise certification showcases your ability to design, implement, and manage complex enterprise infrastructure, including routing, switching, network services, and security.
Related Articles
But, why is it important to have knowledge of the CCIE Enterprise Infrastructure syllabus? Well, the syllabus covers a wide range of topics, including network fundamentals as well as advanced security protocols. Hence, it is crucial to understand the CCIE Enterprise syllabus to get familiar with the topics that will be part of the exam. PyNet Labs’ CCIE Enterprise Infrastructure training delves deep into these critical areas, equipping you with the knowledge and skills required to tackle the exam with confidence.
In this blog, you will get to know about all the topics that are part of the CCIE enterprise syllabus to help you prepare for your exam. Before getting into more details let’s first understand the CCIE Enterprise Infrastructure v1.1 Practical Exam.
CCIE Enterprise Infrastructure v1.1 Practical Exam
To become a CCIE Enterprise Infrastructure certified professional, you’ll need to first pass a qualifying exam i.e., CCNP ENCOR (350-401) or Implementing Cisco Enterprise Network Core Technologies V1.1. It is a 120-minute exam.
After clearing the CCNP ENCOR, you can go for the CCIE Enterprise Infrastructure V1.1 lab exam which is an 8-hour lab exam. It tests your ability to design, implement, and manage complex enterprise infrastructure.
So, what topics are covered in the CCIE enterprise infrastructure syllabus? Below we have explained the syllabus with each topic that will be part of the exam.
CCIE Enterprise Infrastructure Syllabus for Version 1.1
The CCIE Enterprise Infrastructure Syllabus is your roadmap to conquering the CCIE Enterprise exam. Here are the topics that are covered under the CCIE Enterprise Training –
- Network Infrastructure – This includes core concepts like switching, VLANs, and network management.
- Software Defined Infrastructure – Explore Cisco SD-Access and its role in automating and simplifying network management.
- Transport Technologies and Solutions – Get a deep dive into technologies like MPLS (Multiprotocol Label Switching) for efficient data traffic management.
- Infrastructure Security and Services – Master essential security protocols and tools to safeguard your network.
- Infrastructure Automation and Programmability – Learn to leverage automation tools and scripting to optimize network processes.
Here is the detailed CCIE Enterprise Syllabus in a tabular form –
| Section | Weightage | Objectives |
|---|---|---|
| Network Infrastructure | 30% | 1.1 Switched campus 1.1.a Switch administration 1.1.a (i) MAC address table Management 1.1.a (ii) L2 Maximum Transmission Unit 1.1.a (iii) Errdisable recovery 1.1.b Layer 2 protocols 1.1.b (i) Cisco Discovery Protocol, Link Layer Discovery Protocol 1.1.b (ii) Unidirectional Link Detection 1.1.c VLAN technologies 1.1.c (i) Voice VLAN 1.1.c (ii) Normal range and extended range VLANs 1.1.c (iii) Native VLAN 1.1.c (iv) Access ports 1.1.c (v) Trunk ports (802.1Q) 1.1.c (vi) Manual VLAN pruning 1.1.d EtherChannel 1.1.d (i) Identify multichassis EtherChannel use cases 1.1.d (ii) Layer 2, Layer 3 1.1.d(iii)EtherChannel misconfiguration guard 1.1.d (iv) Load balancing 1.1.d (v) Link Aggregation Control Protocol, static 1.1.e Spanning Tree Protocol 1.1.e (i) Per VLAN Spanning Tree Plus, Rapid PVST+, Multiple Spanning tree 1.1.e (ii) Loop guard, root guard 1.1.e (iii) PortFast, Bridge Protocol Data Unit (BPDU) guard, BPDU filter 1.1.e (iv) Switch priority, port priority, tuning port/path cost, STP timers 1.2 Routing concepts 1.2.a AD (Administrative distance) 1.2.b Bidirectional Forwarding Detection 1.2.c L3 MTU 1.2.d VRF-Lite 1.2.e VRF-aware routing with Border Gateway Protocol, Enhanced Interior Gateway Routing Protocol, Open Shortest Path First, and static 1.2.f Routing protocol authentication 1.2.g Policy-based routing 1.2.h Redistribution between BGP, EIGRP, OSPF, and static 1.2.i Route leaking between VRFs using route maps and VASI 1.2.j Static routing (unicast, multicast) 1.2.k Route filtering with BGP, EIGRP, OSPF, and static 1.3 EIGRP 1.3.a Adjacencies 1.3.b Best path selection 1.3.b (i) Classic metrics and wide metrics 1.3.b (ii) Reported distance, computed distance, feasible distance, feasibility condition, successor, feasible successor 1.3.c Operations 1.3.c (i) Stuck-in-active 1.3.c (ii) Topology table 1.3.c (iii) Graceful shutdown 1.3.c (iv) General operations 1.3.c (v) Packet types 1.3.d EIGRP named mode 1.3.e Optimization, convergence, and scalability 1.3.e (i) EIGRP stub with leak map 1.3.e (ii) Leak-map with summary routes 1.3.e (iii) Query propagation boundaries 1.4 OSPF (v2 and v3) 1.4.a Adjacencies 1.4.b Network types, area types 1.4.c Open Shortest Path First v3 address family support 1.4.d Path preference 1.4.e Operations 1.4.e (i) Generic TTL Security Mechanism 1.4.e (ii) Graceful shutdown 1.4.e (iii) General operations 1.4.f Optimization, convergence, and scalability 1.4.f (i) Metrics 1.4.f (ii) Prefix suppression 1.4.f (iii) Stub router 1.4.f (iv) LSA throttling, SPF tuning 1.5 BGP (Border gateway Protocol) 1.5.a IBGP and EBGP peer relations 1.5.a (i) Dynamic neighbors 1.5.a (ii) Active, passive 1.5.a (iii) Private AS numbers 1.5.a (iv) Peer groups, templates 1.5.a (v) 4-byte AS numbers 1.5.a (vi) Timers 1.5.b Path selection 1.5.b (i) Load balancing 1.5.b (ii) Best path selection algorithm 1.5.b (iii) Attributes 1.5.c Routing policies 1.5.c (i) Multihoming 1.5.c (ii) Standard and extended communities 1.5.c (iii) Outbound route filtering 1.5.c (iv) Conditional advertisement 1.5.c (v) Attribute manipulation 1.5.d AS path manipulations 1.5.d (i) local-as, allowas-in, remove-private-as 1.5.d (ii) AS path prepending 1.5.d (iii) Regular expressions 1.5.e Convergence and scalability 1.5.e (i) Route reflectors 1.5.e (ii) Aggregation, as-set 1.5.f Many other BGP features which include route refresh and soft reconfiguration. 1.6 Multicast 1.6.a Layer 2 multicast 1.6.a (i) IGMPv2, IGMPv3 1.6.a (ii) IGMP snooping, PIM snooping 1.6.a (iii) IGMP querier 1.6.a (iv) IGMP filter 1.6.a (v) MLD 1.6.b Reverse path forwarding check 1.6.c PIM 1.6.c (i) Sparse mode 1.6.c (ii) Source-Specific Multicast 1.6.c (iii) Multicast multipath 1.6.c (iv) PIMv6 anycast RP 1.6.c (v) Multicast boundary, Rendezvous Point announcement filter 1.6.c (vi) Static RP, BSR, Auto-RP 1.6.c (vii) IPv4 anycast RP using MSDP 1.6.c (viii) Group-to-RP mapping |
| Software Defined Infrastructure | 25% | 2.1 Cisco SD-Access 2.1.a Underlay 2.1.a (i) Extended nodes/policy extended nodes 2.1.a (ii) LAN automation / PnP 2.1.a (iii) Manual Device2.1.a (iv) discovery and device management 2.1.b Overlay 2.1.b (ii) Native multicast 2.1.b (iii) Cisco TrustSec policy plane 2.1.b (iv) L2 flooding 2.1.b (v) VXLAN data plane 2.1.c Fabric design 2.1.c (i) Fabric in a box 2.1.c (ii) Multisite 2.1.c (iii) Single-site campus 2.1.d Fabric deployment 2.1.d (i) Port configuration 2.1.d (ii) Adding devices to fabric 2.1.d (iii) Host onboarding 2.1.d (iv) border 2.1.d (v) Border priority 2.1.d (vi) Authentication templates 2.1.e Fabric border handoff 2.1.e (i) Layer 2 border handoff 2.1.e (ii) Peer device (Fusion router) 2.1.e (iii) Software-defined architecture, SDWAN, IP transits 2.1.f Segmentation 2.1.f (i) Macro segmentation using virtual networks 2.1.f (ii) Micro-level segmentation using Security Group tags and Security Group Access Control Lists 2.2 Cisco SD-WAN 2.2.a Controller architecture 2.2.a (i) (vSmart)Control plane 2.2.a (ii) Orchestration plane (vBond) 2.2.a (iii) (vManage)Management plane 2.2.b SD-WAN underlay 2.2.b (i) Transport configuration (underlay and tunnel interfaces, allowed services, TLOC extension) 2.2.b (ii) WAN Edge deployment (hardware) 2.2.b (iii) Wireless Area Network Cloud Edge deployment (AWS, Azure, Google Cloud) 2.2.b (v) Greenfield, brownfield, and hybrid deployments 2.2.c Overlay Management Protocol (OMP) 2.2.c (i) Overlay Management Protocol attributes 2.2.c (ii) Internet Protocol Security key management 2.2.c (iii) Additional features (BGP AS path propagation, Software-defined architecture integration) 2.2.c (iv) Redistribution 2.2.c (v) Route aggregation 2.2.d Configuration templates 2.2.d (i) Device templates 2.2.d (ii) Feature templates 2.2.d (iii) CLI templates 2.2.e Centralized policies 2.2.e (i) Control policies 2.2.e (ii) Application-aware routing policies 2.2.e (iii) Data policies 2.2.f Localized policies 2.2.f (i) Access lists 2.2.f (ii) Route policies |
| Transport Technologies and Solutions | 15% | 3.1 Static point-to-point GRE tunnels 3.2 MPLS 3.2.a Operations 3.2.a (i) Label stack, LSR, Link State Packet 3.2.a (ii) LDP 3.2.a (iii) MPLS ping, Multi-Protocol Label Switching traceroute 3.2.b L3VPN 3.2.b (i) PE-CE routing using BGP 3.2.b (ii) Basic MP-BGP VPNv4/VPNv6 3.3 DMVPN 3.3.a Troubleshoot Dynamic Multipoint Virtual Private Network Phase 3 with dual hub 3.3.a (i) Next Hop Resolution Protocol 3.3.a (ii) IPsec/IKEv2 using preshared key |
| Infrastructure Security and Services | 15% | 4.1 Device security on Cisco IOS XE 4.1.a Control plane policing and protection 4.1.b AAA 4.2 Network security 4.2.a Switch security features 4.2.a (i) Port security 4.2.a (ii) IP Source Guard 4.2.a (iii) DHCP snooping, DHCP option 82 4.2.a (iv) Storm control 4.2.a (v) VACL, PACL 4.2.a (vi) Dynamic ARP Inspection 4.2.b Router security features 4.2.b (i) Unicast Reverse Path Forwarding 4.2.b (ii) IPv4 access control lists 4.2.b (iii) IPv6 traffic filters 4.2.c IPv6 infrastructure security features 4.2.c (i) ND Inspection/Snooping 4.2.c (ii) DHCP Guard 4.2.c (iii) Binding table 4.2.c (iv) Device tracking 4.2.c (v) RA Guard 4.2.c (vi) Source Guard 4.3 System management 4.3.a Device management 4.3.a (i) Console and VTY 4.3.a (ii) SSH, SCP 4.3.a (iii) RESTCONF, NETCONF 4.3.b SNMP (v2c, v3) 4.3.c Logging 4.3.c (i) conditional debugs, Debugs 4.3c (ii) Syslog, Local logging 4.3.c (iii) Configuration change notification and logging 4.3.c (iv) Timestamps 4.4 Quality of Service 4.4.a Congestion management and avoidance architecture 4.4.b Policing, shaping 4.4.c HQoS 4.4.d Marking DSCP values in IPv4 and IPv6 headers 4.4.e Classification, trust boundary 4.4.f Differentiated Services 4.4.g NBAR 4.4.h End-to-end Layer 3 QoS using MQC 4.5 Network services 4.5.a First-Hop Redundancy Protocol 4.5.a (i) Hot Standby Router Protocol, Virtual Router Redundancy Protocol 4.5.a (ii) Redundancy using IPv6 RS/RA 4.5.b Time synchronization protocols 4.5.b (i) Network Time Protocol (NTP) as a client 4.5.b (ii) Precision Time Protocol (PTP) design considerations 4.5.c DHCP on Cisco devices 4.5.c (i) SLAAC/DHCPv6 integration 4.5.c (ii) DHCPv6 Prefix Delegation 4.5.c (iii) Client, server, relay 4.5.c (iv) Stateful, stateless DHCPv6 4.5.c (v) Options 4.5.d IPv4 Network Address Translation 4.5.d (i) Static Network Address Translation NAT, Port Address Translation 4.5.d (ii) VRF-aware NAT, PAT 4.5.d (iii) VRF-aware Software Infrastructure (VASI) NAT 4.5.d (iv) Dynamic NAT, PAT 4.5.d (v) Policy-based NAT, PAT 4.6 Network optimization 4.6.a Flexible NetFlow 4.6.b Tracking objects and lists 4.6.c IP SLA (ICMP, UDP, TCP probes) 4.7 Network operations 4.7.a Traffic capture 4.7.a (i) SPAN (Switch Port Analyzer), Remote SPAN, Encapsulated Remote SPAN 4.7.a (ii) Embedded packet capture 4.7.b Troubleshooting tools 4.7.b (i) Data path packet trace 4.7.b (ii) Conditional debugger (debug platform condition) |
| Infrastructure Automation and Programmability | 15% | 5.1 Data encoding formats 5.1.a JavaScript Object Notation (JSON) 5.1.b Extensible Markup Language (XML) 5.1.c Yet Another Markup Language (YAML) 5.1.d Jinja 5.2 Automation and scripting 5.2.a EEM applets 5.2.b Guest shell 5.2.b (i) Linux environment 5.2.b (ii) CLI Python module 5.2.b (iii) EEM Python module 5.3 Programmability 5.3.a Interaction with vManage API 5.3.a (i) Configuration endpoints 5.3.a (ii) Monitoring endpoints 5.3.a (iii) Python requests library and Postman 5.3.b Interaction with Cisco DNA Center API using HTTP requests (GET, PUT, POST) via Python requests library and Postman 5.3.c Deploy and verify model-driven telemetry 5.3.c (i) Configure on-change subscription using Google-defined Remote Procedure Call (gRPC) |
Now you have a clear understanding of all the topics that are part of the CCIE enterprise infrastructure syllabus.
Frequently Asked Questions
Q1 – What is CCIE enterprise infrastructure?
The CCIE Enterprise Infrastructure certification is an expert-level certification offered by Cisco. You have already heard about Cisco, the global leader in networking technology. This certification validates your expertise in building, managing, and troubleshooting complex enterprise-level network infrastructures.
Q2 – What are the prerequisites for CCIE enterprise infrastructure lab?
There are no formal prerequisite for this exam, but you need to have CCNP ENCOR Certification in order to attempt the lab exam.
Q3 – What is the easiest CCIE exam?
There is no easy CCIE Exam as CCIE is the pinnacle of Cisco Certifications and getting is not easy. One needs to dedicate a lot of time and efforts to clear a CCIE Exam.
Q4 – Is CCIE still in demand?
Yes, CCIE is still worth it and will stay in demand for many years to come. It validates your expertise in various technologies and can earn you a lot of respect among network engineers. Most enterprises still respect a CCIE Certified professional.
Conclusion
Becoming a CCIE Enterprise Infrastructure certified professional is a challenging but rewarding experience. With the updated 2024 syllabus, you’ll be tested on your ability to design, implement, and manage complex enterprise infrastructure, including routing, switching, network services, and security.
By understanding the CCIE Enterprise Infrastructure syllabus and practicing with online resources, you’ll be well on your way to becoming a certified expert in enterprise infrastructure. So, what are you waiting for? Start your CCIE journey today!
This post first appeared on What Is Access Control List (ACL) In Networking?, please read the originial post: here
