Here is the official Expanded Blueprint for ENCOR that I promised my students. Please note there is a change log following the expanded blueprint as there will be tweaks and improvements to this work.

If you love this document – please feel free to share it. If you don’t like it, then just go away. 😉

• 1.0 Architecture
  • 1.1 Design Principles in an Enterprise
    • 3 Tier “Classic”
      • Function of each layer
    • 2 Tier “Collapsed Core”
    • 2 Tier “Spine-Leaf”
      • Function of each layer
      • Connectivity between layers
    • Fabric Capacity Planning
      • Overlay vs Underlay
    • High Availability
      • Redundancy
      • First Hop Redundancy Protocol (FHRP)
        • HSRP
        • VRRP
        • GLBP
      • Stateful Switchover
  • 1.2 Design Principles in WLAN
    • Wireless deployment models
      • CAPWAP
      • Centralized
      • Distributed
      • Controller-less
      • Controller-based
      • Cloud
      • Remote branch (FlexConnect)
    • Location services
      • Clients
      • RFID tracking
  • 1.3 On-prem versus cloud infrastructure deployments
    • CapEx versus OpEx
    • Reduced procurement delays
    • Pay as you go
    • Security
    • Flexibility
    • Global
    • API-centric
  • 1.4 SD-WAN
    • Traditional WAN issues
    • SD-WAN components
    • Control plane
    • Data plane
  • 1.5 SD-Access
    • Control plane
    • Data plane
    • Policy plane
    • Traditional campus and SD-Access integration
  • 1.6 Wired and wireless QoS
    • QoS approaches
    • QoS DiffServ components
    • Wireless QoS policies
  • 1.7 Hardware versus switching mechanisms
    • Process switching
    • CEF switching
      • RIB
      • FIB
    • MAC address table
    • TCAM
• 2.0 Virtualization
  • 2.1 Device virtualization technologies
    • Type 1 hypervisor
    • Type 2 hypervisor
    • Virtual machine
    • Virtual switching
  • 2.2 Data path virtualization
    • Virtual Routing and Forwarding (VRF)
    • Generic Routing Encapsulation (GRE)
    • IPsec
  • 2.3 Network virtualization concepts
    • LISP
    • VXLAN
• 3.0 Infrastructure
  • 3.1 Layer 2
    • Static 802.1Q trunks
    • Dynamic 802.1Q trunks
    • switchport nonegotiate
    • Allowed VLANs on trunks
    • VTP
    • VTP pruning
    • Static Layer 2 EtherChannel
    • Dynamic Layer 2 EtherChannel
    • Static Layer 3 EtherChannel
    • Dynamic Layer 3 EtherChannel
    • RSTP
    • MSTP
  • 3.2 Layer 3
    • Compare EIGRP and OSPF
      • Algorithm
      • Load balancing
      • Path selection
      • Path operations
      • Metric
    • Configure and verify OSPF
      • Normal areas
      • Filtering
      • Summarization
      • Passive interface
      • Network types
      • Neighbor states
    • Configure and verify eBGP
      • eBGP Multihop
      • BGP neighbor states
      • BGP best path selection algorithm
  • 3.3 Wireless
    • Layer 1 concepts
      • RF power
      • EIRP
      • RSSI
      • SNR
      • Sources of interference
        • Microwaves
        • Radar
        • Baby monitors
        • Cordless phones
        • Neighbors
    • CCX
    • 802.11
    • AP modes
      • Local
      • Monitor
      • FlexConnect
      • Sniffer
      • Rogue Detector
      • Bridge
      • Flex + Bridge
      • SE-Connect
    • AP boot process
    • AP discovery of WLC
      • Internal preset
      • DHCP and DNS
        • DHCP option 43
        • CISCO-CAPWAP-CONTROLLER.local-domain
      • Broadcast
    • Antenna types
      • Omnidirectional
        • Dipole
        • Integrated
      • Directional
        • Yagi
        • Dish
    • Roaming
      • Intracontroller
      • Intercontroller
      • Layer 2
      • Layer 3
      • Enhancements
        • CCKM
        • Key Caching
        • 802.11r
      • Anchor versus Foreign
      • Mobility Groups
    • Troubleshooting the WLC, APs, Clients
      • Autonomous AP to switch
      • Lightweight AP to WLC
      • Client to AP
  • 3.4 IP Services
    • Network Time Protocol theory
    • Configure and verify dynamic inside source NAT/PAT
    • Configure and verify HSRP
    • Configure and verify VRRP
    • Configure and verify GLBP
    • PIM theory
      • Multicast tree
      • RPF check
      • PIM-SM
      • PIM-DM
      • PIM-S/D Mode
      • Auto-RP
      • BSR
      • Static RP
      • Bidirectional PIM
      • SSM
    • IGMP theory
      • Version 2
      • Version 3
• 4.0 Network Assurance
  • 4.1 Tools
    • Debugs
    • Conditional debugs
    • Trace
    • PING
    • SNMP
  • 4.2 syslog
  • 4.3 NetFlow and Flexible NetFlow
  • 4.4 SPAN/RSPAN/ERSPAN
  • 4.5 IP SLA
    • IP SLA Responder
  • 4.6 Cisco DNA Center
    • Workflows
  • 4.7 NETCONF and RESTCONF
• 5.0 Security
  • 5.1 Device access control
    • Device lines protections
      • Privilege levels
    • Password protections
      • service password-encryption
      • secret passwords
    • AAA
  • 5.2 Infrastructure security features
    • ACLs
      • Operation
      • Standard
      • Extended
    • CoPP theory and operation
  • 5.3 REST API Security
    • Classic HTTP
    • Token
    • OAuth
  • 5.4 Wireless security
    • EAP variations
    • WebAuth
    • PSK
    • WEP, WPA, WPA2, WPA3
  • Components (theory only)
    • Unified Threat Defense
    • Cisco AMP
    • Firepower NGFW
    • Firepower NGIPS
    • Firepower Management Center
    • TrustSec
    • MACSec
    • 802.1X
    • MAB
    • WebAuth
• 6.0 Automation
  • 6.1 Basic Python theory
  • 6.2 Create JSON file
    • Basic syntax
    • Use all data types
    • Compare to XML
  • 6.3 YANG theory (relate to NETCONF and RESTCONF)
  • 6.4 APIs for DNA Center and vManage
  • 6.5 REST API Response Codes
    • Informational responses (100–199)
    • Successful responses (200–299)
    • Redirects (300–399)
    • Client errors (400–499)
    • Server errors (500–599)
  • 6.6 EEM
    • Applet
    • Script
  • 6.7 Automation tools
    • Chef
    • Puppet
    • Ansible
    • SaltStack

Change Log

• 3/26/2020 completed the initial draft