Exam Domains and Weights

CCNA 200-301 v1.1 Domains and Weights

The blueprint splits into six domains with fixed percentage weights. Cisco does not reveal exact per-domain question counts, but weights map closely to how many items you will see, so they drive study allocation. Memorize these six numbers — they sum to 100%.

Domain 1 — Network Fundamentals (20%)

The conceptual bedrock. High-yield subtopics:

• Device roles: routers, Layer 2/3 switches, next-gen firewalls, IPS, access points, WLAN controllers, endpoints, servers, PoE.
• Topologies: two-tier (access/distribution+core collapsed), three-tier, spine-leaf, SOHO, WAN, on-prem vs cloud.
• Cabling/interfaces: single-mode vs multimode fiber, copper UTP categories, when to choose each.
• TCP vs UDP: connection-oriented handshake/sequencing vs connectionless; know which apps use each.
• IPv4 subnetting and RFC 1918 private ranges (10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16).
• IPv6: global unicast (2000::/3), unique local (FC00::/7), link-local (FE80::/10), multicast (FF00::/8), EUI-64, SLAAC.
• Wireless RF: non-overlapping 2.4 GHz channels 1, 6, 11.
• Virtualization: VMs, containers, type-1 vs type-2 hypervisors.

Study Tip: Subnetting lives here but bleeds into every domain. Master it first; routing, VLAN design, NAT, and ACLs all assume instant subnet math.

Domain 2 — Network Access (20%)

Layer 2 switching and wireless:

• VLANs across multiple switches, access ports, default/data/voice VLANs, inter-VLAN routing.
• Trunking: 802.1Q tagging, native VLAN (untagged — a classic mismatch trap), DTP awareness.
• Spanning Tree: RSTP (802.1w), root-bridge election by lowest bridge ID, port roles/states, PortFast, plus the v1.1 hardening features root guard, loop guard, BPDU guard, BPDU filter.
• EtherChannel: Layer 2/3 bundles, LACP (open standard) vs PAgP (Cisco) vs static "on".
• Discovery: CDP (Cisco) and LLDP (open standard).
• Wireless: autonomous, lightweight/split-MAC with a WLC, cloud-managed APs; basic WLAN/GUI setup.

Common Trap: A native-VLAN mismatch on a trunk does not drop the link — it silently merges VLANs and triggers CDP/STP warnings. Expect a troubleshooting item on exactly this.

Wireless management questions also frequently contrast deployment models: an autonomous AP holds its own config, while a lightweight/split-MAC AP offloads control to a WLC via CAPWAP, centralizing policy. Know that LACP and LLDP are the open-standard halves of their respective pairs (PAgP and CDP are Cisco-proprietary) — Cisco loves a "which is vendor-neutral" item.

Domain 3 — IP Connectivity (25%) — Highest Weight

Routing and the forwarding decision. Spend the most time here.

• Routing table anatomy: prefix, mask, next hop, administrative distance (connected 0, static 1, OSPF 110, RIP 120, EIGRP internal 90), metric, route source code, gateway of last resort.
• Forwarding logic: longest-prefix match wins first; ties broken by lowest AD, then lowest metric.
• Static routing: default (0.0.0.0/0), network, host (/32), and floating static (higher AD as backup).
• OSPFv2 single-area: router ID selection (manual > highest loopback > highest active interface), neighbor adjacency states, DR/BDR election on broadcast networks, cost = reference-bw / interface-bw (default reference 100 Mbps).
• First-hop redundancy: HSRP, VRRP, GLBP — concepts and roles only, not configuration.

Worked example: A router learns 10.1.1.0/24 via OSPF (AD 110) and 10.1.1.0/26 via RIP (AD 120). It installs both — longest-prefix match means the /26 is preferred for 10.1.1.0–63 regardless of the higher AD, because AD only breaks ties between identical prefixes.

Domain 4 — IP Services (10%)

The "easy points" if you drilled them:

• NAT/PAT: static NAT, dynamic NAT pools, PAT overload (many private to one public via port translation).
• DHCP: DORA (Discover, Offer, Request, Ack), relay/ip helper-address, pools.
• NTP stratum hierarchy; DNS forward/reverse; SNMP v2c vs v3 (v3 adds auth/encryption), GET/SET/TRAP.
• Syslog severity 0–7: Emergency, Alert, Critical, Error, Warning, Notice, Informational, Debug — mnemonic "Every Awesome Cisco Engineer Will Need Ice-cream Daily."
• QoS: per-hop behaviors, DSCP marking, queuing basics.

Domain 5 — Security Fundamentals (15%)

• Concepts: threat vs vulnerability vs exploit; common attacks (MAC flooding, ARP spoofing, DHCP starvation).
• Device hardening: enable secret, service password-encryption, SSH over Telnet.
• ACLs: standard (1–99, source only) vs extended (100–199, source+dest+port); implicit deny-all at the end.
• Layer 2 defense: port security, DHCP snooping, dynamic ARP inspection.
• AAA: TACACS+ (TCP 49, full command authorization, Cisco) vs RADIUS (UDP, combines auth+authz).
• Wireless security: WPA2 vs WPA3, 802.1X/EAP, PSK.

Domain 6 — Automation & Programmability (10%)

• Controller-based vs traditional networking; control plane vs data plane; overlay/underlay/fabric.
• Northbound APIs (controller to apps, often REST/JSON) vs southbound APIs (controller to devices).
• REST verbs GET/POST/PUT/DELETE; reading JSON key/value and arrays.
• Ansible (agentless, YAML, push) and Terraform (declarative IaC); plus v1.1 AI/ML in operations.

On the Exam: Items are shuffled across domains, never grouped. A subnet question, a WPA3 question, and an OSPF sim can appear back-to-back, so practice rapid context switching.