CCNA 200-301 考纲结构速览
High Contrast
Dark Mode
Light Mode
Sepia
Forest
1 min read183 words

CCNA 200-301 考纲结构速览

CCNA 200-301 是 Cisco 的入门网络认证——考核范围宽,从基础协议到安全到自动化都有涉及。本章把 CCNA 考纲和本书内容一一对应,让你知道哪些知识已经覆盖、哪里需要补充。

考试基本信息

考试代码:200-301 CCNA
时长:120 分钟
题目数量:约 100-120 题(选择、拖放、仿真题)
通过分数:825/1000
费用:约 $330(美元),各地考试中心价格不同
语言:英文(部分地区有中文选项)
有效期:3 年(需要继续教育或重考续期)
考试形式:
多选题(单选/多选)
拖放题(拖动配置到正确位置)
仿真题(在 Cisco 模拟器中配置真实命令)← 高分关键
填空题(较少)

考纲六大领域(Domain)

Domain                                      权重    对应本书章节
──────────────────────────────────────────────────────────────────────
1. Network Fundamentals(网络基础)          20%     Ch01-Ch02
2. Network Access(网络接入)                20%     Ch03 + Ch09
3. IP Connectivity(IP 连通性)             25%     Ch04-Ch05
4. IP Services(IP 服务)                   10%     Ch02 + Ch07
5. Security Fundamentals(安全基础)         15%     Ch06
6. Automation and Programmability(自动化)  10%     本书不涵盖

Domain 1:Network Fundamentals(20%)

1.1  Explain the role and function of network components
路由器、交换机、防火墙、AP、WLC、终端的作用
← 本书 Ch01 全部覆盖
1.2  Describe characteristics of network topology architectures
2-tier(Access-Distribution)/ 3-tier(Access-Distribution-Core)
Spine-Leaf(数据中心)/ WAN / SOHO
1.3  Compare physical interface and cabling types
Single-mode / Multi-mode 光纤,铜缆类型(Cat5e/6/6a)
1.4  Identify interface and cable issues(在 Cisco 模拟器中)
排查 Up/Down,错误帧,速率/双工不匹配
1.5  Compare TCP to UDP
← 本书 Ch01§2 全部覆盖
1.6  Configure and verify IPv4 addressing and subnetting
← 本书 Ch02 全部覆盖(重点!)
1.7  Describe the need for private IPv4 addressing
← 本书 Ch02§1 覆盖
1.8  Configure and verify IPv6 addressing and prefix
IPv6 地址配置命令(补充,本书简介)
1.9  Compare IPv4 and IPv6
← 本书 Ch01, Ch02 有覆盖
1.10 Verify IP parameters for Client OS(Windows/Linux/macOS)
ipconfig, ip addr, ifconfig 输出解读

Domain 2:Network Access(20%)

2.1  Configure and verify VLANs spanning multiple switches
← 本书 Ch03§3 全部覆盖
2.2  Configure and verify interswitch connectivity
Trunk 配置:switchport mode trunk, allowed vlan
← 本书 Ch03§3 覆盖
2.3  Configure and verify Layer 2 discovery protocols(CDP/LLDP)
show cdp neighbors / show lldp neighbors
(本书未专门覆盖,需补充)
2.4  Configure and verify(Layer 2/Layer 3)EtherChannel
LACP / PAgP 配置命令
(本书未专门覆盖,需补充)
2.5  Interpret basic operations of Rapid PVST+ Spanning Tree Protocol
← 本书 Ch03§2 覆盖 RSTP
2.6  Describe Cisco Wireless Architectures and AP modes
← 本书 Ch09 全部覆盖
2.7  Describe physical infrastructure connections of WLAN
← 本书 Ch09 覆盖

Domain 3:IP Connectivity(25%)——最重分量

3.1  Interpret the components of routing table
← 本书 Ch04§1 全部覆盖
3.2  Determine how a router makes a forwarding decision by default
最长前缀匹配、管理距离
← 本书 Ch04§1 覆盖
3.3  Configure and verify IPv4 and IPv6 static routing
← 本书 Ch04 全部覆盖
3.4  Configure and verify single area OSPFv2
← 本书 Ch05§1-§2 全部覆盖
3.5  Describe the purpose, functions and concepts of first hop redundancy
HSRP(Hot Standby Router Protocol):虚拟网关 IP/MAC
VRRP / GLBP(概念了解)
(本书未覆盖,需补充)

Domain 4:IP Services(10%)

4.1  Configure and verify inside source NAT
← 本书 Ch02 + Ch06 有覆盖 NAT 概念
4.2  Configure and verify NTP
NTP 服务器/客户端配置(Cisco 命令)
4.3  Explain the role of DHCP and DNS within the network
← 本书 Ch02§1, Ch01§3 覆盖
4.4  Explain the function of SNMP in network operations
SNMP v1/v2c/v3,OID,MIB,Get/Set/Trap
4.5  Describe the use of syslog features(levels/facilities)
Emergency(0) ~ Debug(7) 日志级别
(本书未专门覆盖)
4.6  Configure and verify DHCP client and relay
ip helper-address(DHCP 中继)
4.7  Explain the forwarding per-hop behavior(PHB)for QoS
DSCP 标记,CoS,流量分类(VoIP 优先)
4.8  Configure network devices for remote access using SSH
← DevOps 指南有覆盖

Domain 5:Security Fundamentals(15%)

5.1  Define key security concepts(threats, attacks, vulnerabilities)
中间人攻击、ARP 欺骗、DoS/DDoS、Social Engineering
5.2  Describe security program elements
用户意识培训、AAA、多因素认证
5.3  Configure and verify device access control(local passwords)
Cisco 设备密码加密:service password-encryption
5.4  Configure and verify access control lists(ACL)
← 本书 Ch06 有覆盖原理(但 Cisco 命令需补充)
5.5  Configure and verify Layer 2 security features
Port Security / 802.1X / DHCP Snooping / DAI
5.6  Compare authentication, authorization, and accounting concepts(AAA)
5.7  Describe wireless security protocols(WPA2/WPA3)
← 本书 Ch09§2 全部覆盖
5.8  Configure WLAN using WPA2 PSK

Domain 6:Automation and Programmability(10%)

6.1  Explain how automation impacts network management
传统手动管理 vs 自动化(减少错误,加快部署)
6.2  Compare traditional networks with controller-based networking
SDN(Software Defined Networking):Cisco DNA Center, ACI
数据平面 vs 控制平面 vs 管理平面
6.3  Describe controller-based and software defined architectures
Underlay / Overlay / Fabric 概念
Cisco SD-Access, SD-WAN
6.4  Compare traditional campus device management with Cisco DNA Center
GUI 配置 vs Intent-Based Networking
6.5  Describe characteristics of REST and JSON API
GET/POST/PUT/DELETE HTTP 方法
JSON 格式(键值对、数组)
6.6  Recognize the capabilities of configuration management
Ansible, Puppet, Chef(概念,不要求动手配置)
6.7  Recognize components of JSON-encoded data
JSON 语法识别(考试给 JSON 要能读懂)
← 本书不专门覆盖,需要其他学习资源

本书覆盖度总览

Domain                  本书覆盖度    重点章节
──────────────────────────────────────────────────────────────
网络基础(Domain 1)    ████████░░  85%  Ch01-Ch02
网络接入(Domain 2)    ██████░░░░  60%  Ch03、Ch09
IP 连通性(Domain 3)   ████████░░  85%  Ch04-Ch05
IP 服务(Domain 4)     ████░░░░░░  40%  Ch02、Ch06
安全基础(Domain 5)    ██████░░░░  65%  Ch06、Ch09
自动化(Domain 6)      ░░░░░░░░░░   5%  未涵盖
──────────────────────────────────────────────────────────────
总体覆盖度              约 65%
需要额外补充:
① Cisco IOS 命令语法(本书以 Linux/FRR 为主)
② EtherChannel / CDP / LLDP
③ HSRP / VRRP(第一跳冗余协议)
④ QoS / SNMP / Syslog
⑤ 自动化和 SDN(Domain 6)

下一节本书章节与考纲考点对照表——详细的考点 ↔ 章节双向索引,快速定位每个考点在本书的哪里。