This article will help students study effectively for the CCNP ENCOR certification exam. Cisco publishes a roadmap every 12 months to add or remove exam topics based on relevance and importance. There is also an on-going shift that affects how many questions you will get per knowledge domain. For example, security with 20% of exam points could have most of the questions on only two topics.
| Knowledge Domain | Scoring |
| Architecture | 15% |
| Virtualization | 10% |
| Infrastructure | 30% |
| Network Assurance | 15% |
| Security | 20% |
| Automation | 10% |
It is crucial for students to create a study plan based on coverage of all topics and spend more time on key topics. Top 10 exam topics are required to answer questions in multiple knowledge domains. Exam points are weighted higher for core topics and that will affect your test score.
Software-Defined Networking (SDN)
The first topic on this top 10 list is Software-Defined Networking (SDN). This is associated with topics listed within architecture and virtualization domains. Topics include SD-Access, SD-WAN, VRFs, and tunneling. Cisco SD-Access fabric is based on VXLAN overlays (VTEP, VNI, NVI) and LISP routing architecture.
Most of it is conceptual knowledge such as explain and describe however there is configuration of VRFs and tunnel interfaces. You could also include Cisco Catalyst Center (formerly DNAC) in this topic since it is the SDN controller and based on REST APIs. There is a slight marketing edge as well with Cisco promoting the shift to automation.
Wireless
Cisco wireless is a prevalent topic listed in architecture, infrastructure, and security domains. You will get questions on wireless segmentation with mobility groups, tags, and profiles. This is not surprising since the new 9800 fabric controller is based on this implementation model. There are also radio resource management (RRM) techniques as well for managing and optimizing wireless performance. Some examples of RRM techniques supported with Cisco 9800 controllers include DCA, CHD, TPC, FRA, and DFS.
It is important to know how to navigate the wireless controller GUI and analyze settings for client troubleshooting issues. Cisco CML has a wireless controller image (vWLC) that is probably the best study option unless you have access at work. Finally there is wireless security topics such as 802.1X and WebAuth that are crucial to enterprise connectivity and align with SDN topics.
Configuration Labs
Cisco announced recently that all performance-based labs will now be placed at the beginning of the exam. You can count on having around 5-6 labs comprised of mostly configuration and some troubleshooting topics. The coverage is broad since there are configuration topics listed in most knowledge domains. Infrastructure has the most points so topics such as OSPF and BGP configuration are often tested along with SDN topics such as VRFs and GRE.
Layer 2 troubleshooting is listed with the syllabus for trunking and Etherchannel (LACP) protocols. This is more CCNA-level quite frankly and less of a trip point for students. You should also know spanning tree configuration at the CCNP-level to include IEEE RSTP, MST, and integration with non-Cisco equipment. The best recommendation is to study all topics where configuration keyword is mentioned and know how to interpret output from basic commands. It would be worthwhile to create a root cause analysis study sheet for Layer 2 and Layer 3 protocols along with system error messages.
Open Shortest Path First (OSPF)
OSPF is an open standard routing protocol that is listed as an infrastructure topic for both concept and configuration. Anytime you have the configuration keyword used there is also verify and how to interpret the output of show commands. Infrastructure is 30% of all exam points and key to passing the exam.
Configuration subtopics are pretty standard with multi-area deployment based on interface and global methods. There is also OSPF DR election, area route summarization, and passive interfaces. Interestingly, OSPF does not support automatic summarization of routes. Know the differences between OSPF and EIGRP in the context of feature support and how to interpret errors in log files. For example, you will often get routing protocol errors when there is an adjacency or interface status problem. The same is true of Layer 2 protocols where an interface mismatch generates a system error message.
Access Control Lists (ACLs)
This is a security topic that is also included in the CCNA exam. The difference with CCNP ENCOR exam is going to be level of complexity. You will get extended numbered and named ACLs since they are more complex and provide additional filtering options. There could be questions on protocols such as filtering ICMP and OSPF multicast for example. Know how to edit extended ACLs dynamically and how to apply ACL for optimal filtering. Control Plane Policing (CoPP) is also based on extended ACLs that classify traffic classes and apply QoS policing for security purposes.
REST APIs
The purpose of REST APIs is to enable web-based communication between clients and servers. REST APIs also enable M2M communication between servers and also between network devices. This is a topic listed in both the security and automation knowledge domains. Cisco Catalyst Center (formerly DNAC) is based on REST APIs that manage fabric and non-fabric network endpoints. You should know the structure of a REST APIs such as headers, payload, URI, and HTTP response codes. Study REST API authentication methods such as basic, JWT, API keys, and OAuth2. Know the differences between them, advantages and where TLS encryption is included.
Scripting
Anecdotal evidence suggests automation and wireless are some of the most problematic topics on the CCNP ENCOR exam. Comments also suggest there is not adequate coverage in training courses and books.
Scripting is an automation topic and includes Python, JSON serialization, and Embedded Event Manager (EEM). You should know how to interpret Python scripts in the context of networking applications. For example, how to import JSON configuration records or show operational status of an interface.
Learn how to read, write, and parse JSON records with Python. Study examples available from Cisco and other sources to learn python functions, methods, and modules for network management. There are also questions on concepts and commands for creating basic EEM scripts. Promoting automation is the reason for Catalyst Center, REST APIs, and scripting topics on the exam.
Cisco Catalyst Center
Cisco has changed the platform name of Cisco DNA Center (DNAC) to Cisco Catalyst Center. This is both an automation and network assurance topic based on SDN architecture since it is a controller. Catalyst Center is the flagship network management automation platform that also manages non-fabric devices. The questions could include REST APIs that are used to configure, monitor, and troubleshoot network devices.
Workflows are created from various REST API methods and implemented for management functions such as onboarding for example. RESTCONF is also an important tool used with Catalyst Center for automating network operations. Know the components of RESTCONF requests and responses for communication with network devices. You should also know the differences between NETCONF and RESTCONF southbound interfaces.
External BGP (eBGP)
This routing protocol is listed as an infrastructure configuration topic. You should know how to configure basic external BGP neighbor relationships for directly connected peers. It is important to know how to advertise routes for connected and non-connected subnets as well. Select commands to verify that TCP connectivity is established and the BGP routing table. You could also have questions on BGP best path selection algorithm.
IOS Commands
Finally this last topic refers to IOS commands used for troubleshooting, configuration, and to verify operational state. There are a lot of configuration and verify topics on the CCNP ENCOR syllabus. It is important to know how to interpret the output of IOS commands and answer questions based on that. This applies to both configuration snippets and show commands. Troubleshooting commands also include debug traces, ping, and traceroute results. Learn how to interpret results for configuration and operational state based on show commands.