CCNP ENCOR Strategy
Staying Focused on the Goal
I’ve been thinking a lot about how much time I need to put into reading and memorizing theory versus putting time into the lab. What I’ve been doing is a more thorough read-through and note-taking process, supplemented with some labbing of almost every topic as I go through the CCNP Official Cert Guide.
However, I’ve changed my strategy slightly to tackle strictly the exam topics. After all, my goal is to pass the CCNP ENCOR exam, in pursuit of the CCNP certification; everything else is ancillary. While there is benefit in learning and taking in-depth notes on many of the certification topics, I can’t let that slow down what my actual goal is. For that reason, I’ve broken down the exam topics into two categories: configuration topics, and non-configuration topics.
I chose to tackle the exam this way to make it absolutely clear which topics I need to spend time practicing configuration on versus which ones I just need to know theory about. This might seem obvious to others, but I found myself diving too deep into some topics and reading further about what best practices for that item involved. Clearly identifying the list and keeping it handy seems to help me stay out of many of the rabbit holes. After I pass the ENCOR exam, the plan is to tackle ENARSI, so many of the routing topics that I won’t be configuring will come back up in the second exam anyway.
For reference, the list I put together is below.
Configuration Topics
- Configure and verify data path virtualization technologies
- VRF
- GRE and IPsec tunneling
- Configure and verify common Spanning Tree Protocols (RSTP, MST) and Spanning Tree enhancements such as root guard and BPDU guard
- Configure routing concepts of EIGRP and OSPF (advanced distance vector vs. link state, load balancing, path selection, path operations, metrics, and area types)
- Configure simple OSPFv2/v3 environments, including multiple areas, summarization, and filtering (neighbor adjacency, point-to-point, and broadcast network types, and passive-interface)
- Configure and verify eBGP between directly connected neighbors (best path selection algorithm and neighbor relationships)
- Configure NAT/PAT
- Configure first hop redundancy protocols, such as HSRP, VRRP
- Configure and verify Flexible NetFlow
- Configure SPAN/RSPAN/ERSPAN
- Configure and verify IPSLA
- Configure and verify NETCONF and RESTCONF
- Configure and verify device access conftrol
- Lines and local user authentication
- Authentication and authorization using AAA
- Configure and verify infrastructure security features
- ACLs
- CoPP
- Construct valid JSON-encoded files
- Construct an EEM applet to automate configuration, troubleshooting, or data collection
Non-Configuration Topics
- Explain the different design principles used in an enterprise network
- High-level enterprise network design such as 2-tier, 3-tier, fabric, and cloud
- High availability techniques such as redundancy, FHRP, and SSO
- Explain the working principles of Cisco Catalyst SD-WAN solution
- SD-WAN control and data planes elements
- Benefits and limitations of Catalyst SD-WAN solution
- Explain the working principles of the Cisco SD-Access solution
- SD-Access control and data planes elements
- Traditional campus interoperating with SD-Access
- Interpret QoS configurations
- Describe device virtualization technologies
- Hypervisor type 1 and 2
- Virtual machine
- Virtual switching
- Describe network virtualization concepts
- LISP
- VXLAN
- Troubleshoot static and dynamic 802.1q trunking protocols
- Troubleshoot static and dynamic Etherchannels
- Describe policy-based routing
- Interpret network time protocol configurations such as NTP and PTP
- Describe multicast protocols, such as RPF check, PIM SM, IGMP v2/v3, SSM, bidir, and MSDP
- Diagnose network problems using such as debugs, conditional debugs, traceroute, ping, SNMP, and syslog
- Describe how Cisco Catalyst Center (formerly Cisco DNA Center) is used to apply network configuration, monitoring, and management using traditional and AI-powered workflows
- Describe REST API security
- Describe the components of network security design
- Threat defense
- Endpoint security
- Next-generation firewall
- TrustSec and MACsec
- Interpret basic Python components and scripts
- Describe the high-level principles and benefits of data modeling language, such as YANG
- Describe APIs for CIsco Catalyst Center and SD-WAN Manager
- Interpret REST API response codes and results in payload using Cisco Catalyst Center and RESTCONF
- Compare agent vs. agentless orchestration tools
656 Words
2026-03-30 00:00