Free Exam Questions Download

Exam Description

Implementing Cisco Intrusion Prevention System v7.0  (IPS v7.0) exam is associated with the Cisco Certified Network Professional Security certification. This exam tests a candidate’s knowledge and skills needed to deploy Cisco IPS-based security solutions. Successful graduates will be able to reduce risk to the IT infrastructure and applications using Cisco IPS features, and provide detailed operations support for the Cisco IPS. Candidates can prepare for this exam by taking the Implementing Cisco Intrusion Prevention System course.

Exam Topics

The following information provides general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes the guidelines below may change at any time without notice.

Pre-Production Design

• Choose Cisco IPS technologies to implement HLD      
• Choose Cisco products  to implement HLD      
• Choose Cisco IPS features to implement HLD      
• Integrate Cisco network security solutions with other security technologies      
• Create and test initial Cisco IPS configurations for new devices/services    

Complex Support Operations

• Optimize Cisco IPS security infrastructure device performance       
• Create complex network security rules, to meet the security policy requirements      
• Configure and verify the IPS features to identify threats and dynamically block them from entering the network      
• Maintain, update and tune IPS signatures      
• Use CSM and MARS for IPS management, deployment, and advanced event correlation.       
• Optimize security functions, rules, and configuration    

Advanced Troubleshooting

• Advanced Cisco IPS security software configuraiton fault finding and repairing
• Advanced Cisco IPS sensor and module hardware fault finding and repairing  

Exam Description

Deploying Cisco ASA VPN Solutions (VPN  v1.0) exam is associated with the CCNP Security and Cisco VPN Specialist certifications. This exam tests a candidate’s knowledge and skills needed to deploy Cisco ASA-based VPN solutions. Successful graduates will be able to reduce risk to the IT infrastructure and applications using Cisco ASA VPN features, and provide detailed operations support for the Cisco ASA. Candidates can prepare for this exam by taking the Deploying Cisco ASA VPN Solutions course.

Exam Topics

The following information provides general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes the guidelines below may change at any time without notice.

Pre-Production Design

• Choose ASA VPN technologies to implement HLD based on given requirements      
• Choose the correct ASA model and license to implement HLD based on given performance requirements      
• Choose the correct ASA VPN features to implement HLD based on given corporate security policy and network requirements      
• Integrate ASA VPN solutions with other security technology domains (CSD, ACS, Device managers, Cert servers, etc.)    

Complex Operations Support

• Optimize ASA VPN performance, functions, and configurations      
• Configure and verify complex ASA VPN networks using features such as DAP, CSD, Smart tunnels, Anyconnect SSLVPN, Clientless SSLVPN, Site-to-Site VPN, RA VPN, certificates, QOS, etc. to meet security policy requirements.       
• Create complex ASA network security rules using such features as ACLs, DAP, VPN profiles, certificates, MPF, etc, to meet the corporate security policy    

Advanced Troubleshooting

• Perform advanced ASA VPN configuration and troubleshooting

Exam Description

The 642-617 Deploying Cisco ASA Firewall Solutions (FIREWALL v1.0) exam is associated with the CCNP Security and Cisco Firewall Specialist certifications. This exam tests a candidate’s knowledge and skills needed to implement and maintain Cisco ASA-based perimeter solutions. Successful graduates will be able to reduce risk to the IT infrastructure and applications using Cisco ASA features, and provide detailed operations support for the Cisco ASA. Candidates can prepare for this exam by taking the Deploying Cisco ASA Firewall Solutions course.

Exam Topics

The following information provides general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes the guidelines below may change at any time without notice.

Pre-Production Design

• Choose ASA Perimeter Security technologies/features to implement HLD based on given security requirements
• Choose the correct ASA model to implement HLD based on given performance requirements 
• Create and test initial ASA appliance configurations using CLI    
• Determine which ASA licenses will be required based on given requirements      

Complex Operations Support

• Optimize ASA Perimeter Security features performance, functions, and configurations

• Create complex ASA security perimeter policies  such as ACLs, NAT/PAT, L3/L4/L7 stateful inspections, QoS policies, cut-thru proxy, threat detection, botnet detection/filter using CLI and/or ASDM

• Perform initial setup on the AIP-SSM and CSC-SSM using CLI and/or ASDM

• Configure, verify and troubleshoot High Availability ASAs (A/S and A/A FO) operations using CLI and/or ASDM

• Configure, verify and troubleshoot static routing and dynamic routing protocols on the ASA using CLI and/or ASDM

• Configure, verify and troubleshoot ASA transparent firewall operations using CLI

• Configure, verify and troubleshoot management access/protocols on the ASA using CLI and/or ASDM

Describe Advanced Troubleshooting

• Advanced ASA security perimeter configuraiton/software/hardware troubleshooting using CLI and/or ASD fault finding and repairing

Exam Description

The 642-637 Secure v1.0 Securing Networks with Cisco Routers and Switches exam is associated with the CCSP, and CCNP Security certifications. This exam tests a candidate’s knowledge and skills needed to secure Cisco IOS Software router and switch-based networks, and provide security services based on Cisco IOS Software. Candidates can prepare for this exam by taking the Securing Networks with Cisco Routers and Switches course.

Exam Topics

The following information provides general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes the guidelines below may change at any time without notice.

Pre-Production Design

• Choose Cisco IOS technologies to implement HLD

• Choose Cisco products to implement HLD

• Choose Cisco IOS features to implement HLD 2

• Integrate Cisco network security solutions with other security technologies
• Create and test initial Cisco IOS configurations for new devices/services

Complex Operations Support

• Optimize Cisco IOS security infrastructure device performance
• Create complex network security rules to meet the security policy requirements
• Optimize security functions, rules, and configuration
• Configure & verify NAT to dynamically mitigate identified threats to the network
• Configure & verify IOS Zone Based Firewalls including advanced application inspections and URL filtering
• Configure & verify the IPS features to identify threats and dynamically block them from entering the network
• Maintain, update and tune IPS signatures
• Configure & verify IOS VPN features
• Configure & verify Layer 2 and Layer 3 security features   

Advanced Troubleshooting

• Advanced Cisco IOS security software configuraiton fault finding and repairing
• Advanced Cisco routers and switches hardware fault finding and repairing

The topic areas listed are general guidelines for the type of content that is likely to appear on the exam. Please note, however, that other relevant  or related topic areas may also appear.

Exam Sections and Sub-task Objectives

1.00    Analyze design requirements

1.01    Analyze business requirements, conflicts, and constraints

1.02    Analyze technical requirements, conflicts, and constraints

1.03    Analyze physical requirements

1.04    Analyze existing network

2.00    Develop network designs

2.01    Identify the technology to resolve a specific design problem

2.02    Analyze the impact on the existing network and services

2.03    Incorporate best practices within the network design

2.04    Incorporate business requirements within the network design

3.00    Implement network design

3.01    Analyze implementation options

3.02    Design an implementation plan

4.00    Validate and optimize network design

4.01    Analyze design choices based on specifications

4.02    Validate design

4.03    Optimize design

Exam Description

The 640-553 Implementing Cisco IOS Network Security (IINS) exam is associated with the CCNA Security certification. This exam tests a candidate’s knowledge of securing Cisco routers and switches and their associated networks. It leads to validated skills for installation, troubleshooting and monitoring of network devices to maintain integrity, confidentiality and availability of data and devices and develops competency in the technologies that Cisco uses in its security infrastructure.

Candidates can prepare for this exam by taking the Implementing Cisco IOS Network Security (IINS) course.

Exam Topics

The following topics are general guidelines for the content likely to be included on the Implementing Cisco IOS Network Security (IINS) exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

Describe the security threats facing modern network infrastructures

• Describe and list mitigation methods for common network attacks

• Describe and list mitigation methods for Worm, Virus, and Trojan Horse attacks

• Describe the Cisco Self Defending Network architecture

Secure Cisco routers

• Secure Cisco routers using the SDM Security Audit feature

• Use the One-Step Lockdown feature in SDM to secure a Cisco router

• Secure administrative access to Cisco routers by setting strong encrypted passwords, exec timeout, login failure rate and using IOS login enhancements

• Secure administrative access to Cisco routers by configuring multiple privilege levels

• Secure administrative access to Cisco routers by configuring role based CLI

• Secure the Cisco IOS image and configuration file

Implement AAA on Cisco routers using local router database and external ACS

• Explain the functions and importance of AAA

• Describe the features of TACACS+ and RADIUS AAA protocols

• Configure AAA authentication

• Configure AAA authorization

• Configure AAA accounting

Mitigate threats to Cisco routers and networks using ACLs

• Explain the functionality of standard, extended, and named IP ACLs used by routers to filter packets

• Configure and verify IP ACLs to mitigate given threats (filter IP traffic destined for Telnet, SNMP, and DDoS attacks) in a network using CLI

• Configure IP ACLs to prevent IP address spoofing using CLI

• Discuss the caveats to be considered when building ACLs

Implement secure network management and reporting

• Use CLI and SDM to configure SSH on Cisco routers to enable secured management access

• Use CLI and SDM to configure Cisco routers to send Syslog messages to a Syslog server

Mitigate common Layer 2 attacks

• Describe how to prevent layer 2 attacks by configuring basic Catalyst switch security features

Implement the Cisco IOS firewall feature set using SDM

• Describe the operational strengths and weaknesses of the different firewall technologies

• Explain stateful firewall operations and the function of the state table

• Implement Zone Based Firewall using SDM

Implement the Cisco IOS IPS feature set using SDM

• Define network based vs. host based intrusion detection and prevention

• Explain IPS technologies, attack responses, and monitoring options

• Enable and verify Cisco IOS IPS operations using SDM

Implement site-to-site VPNs on Cisco Routers using SDM

• Explain the different methods used in cryptography

• Explain IKE protocol functionality and phases

• Describe the building blocks of IPSec and the security functions it provides

• Configure and verify an IPSec site-to-site VPN with pre-shared key authentication using SDM

Exam Description

The Designing Cisco Network Service Architectures (ARCH) exam is the exam associated with the CCDP certification. This exam tests a candidate’s knowledge of the latest development in network design and technologies, including network infrastructure, intelligent network services and converged network solutions. Candidates can prepare for this exam by taking the ARCH Designing Cisco Network Service Architectures course.

Exam Topics

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

Design advanced enterprise campus networks

• Design for High Availability in enterprise networks

• Design Layer 2 and Layer 3 campus Infrastructures using best practices

• Describe enterprise network virtualization considerations

• Design for infrastructure services including voice, video, and QoS

• Identify Network Management Capabilities in Cisco IOS Software

Design advanced IP addressing and routing solutions for enterprise networks

• Create summarizable and structured addressing designs

• Describe IPv6 for campus design considerations

• Create stable and scalable routing designs for EIGRP for IPv4

• Describe IPv4 multicast routing
• Create IPv4 multicast services and security designs
• Create stable and scalable routing designs for OSPF for IPv4
• Create stable and scalable routing designs for BGP for IPv4

Design WAN services for enterprise networks

• Describe Layer 1 – 3 WAN connectivity options including optical networking, MetroEthernet, VPLS, and MPLS VPNs

• Describe IPsec VPN technology options

• Evaluate WAN service provider design considerations including features, SLAs, and WAN backup

• Create site-to-site VPNs designs with appropriate technologies, scaling, and topologies

Design an enterprise data center

• Describe data center network infrastructure best practices
• Describe the components and technologies of a SAN network
• Describe integrated fabric designs using Nexus technology
• Describe network and server virtualization technologies  for the data center
• Create an effective E-Commerce design
• Design a high availability data center network that is modular and flexible

Design security services

• Create firewall designs
• Create NAC appliance designs
• Create IPS/IDS designs
• Create remote access VPN designs for the teleworker

Exam Description

This exam indicates a foundation or apprentice knowledge of network design for the Cisco converged networks based on SONA (Cisco’s Service-Oriented Network Architecture). CCDA certified professionals can design routed and switched network infrastructures and services involving LAN, WAN, and broadband access for businesses and organizations.

Exam Topics

The following information provides general guidelines for the content likely to be included on the Designing Cisco Internetworking exam. However, other related topics may also appear on any specific delivery of the exam.

Describe the Methodology used to design a network

• Describe developing business trends

• Identify Network Requirements to Support the Organization

• Describe the tools/process to characterize an existing network

• Describe the top down approach to network design

• Describe Network Management Protocols and Features

Describe network structure and modularity

• Describe the Network Hierarchy

• Describe the Modular Approach in Network Design

• Describe network architecture for the enterprise

Design Basic Enterprise Campus Networks

• Describe Campus Design considerations

• Design the Enterprise Campus Network

• Design the enterprise data center

• Describe enterprise network virtualization tools

Design Enterprise Edge and Remote Network Modules

• Describe the Enterprise Edge, branch, and Teleworker design characteristics

• Describe physical and logical WAN connectivity

• Design the branch office WAN solutions

• Describe Access Network solutions for a remote worker

• Design the WAN to support selected redundancy methodologies

• Identify Design Considerations for a Remote Data Center

Design IP Addressing and Routing Protocols

• Describe IPv4 Addressing

• Describe IPv6 Addressing

• Identify Routing Protocol Considerations in an Enterprise Network

• Design a Routing Protocol Deployment

Design network services

• Describe the security lifecycle

• Identify Cisco technologies to mitigate security vulnerabilities

• Select appropriate Cisco security solutions and deployment placement

• Describe high level voice and video architectures

• Identify the design considerations for voice/video services

• Describe Cisco Unified Wireless Network Architectures and Features
• Design wireless network using controllers

CCIE Routing & Switching Lab Exam Topics v4.0 (Blueprint)

down load PDF now:

http://www.wupload.com/file/2611609502/CCIE_RS_Lab_exam_topics_d-4375_aaC.pdf

Exam Sections and Sub-task Objectives
1.00 Implement Layer 2 Technologies √
1.10 Implement Spanning Tree Protocol (STP)
(a) 802.1d
(b) 802.1w
(c) 801.1s
(d) Loop guard
(e) Root guard
(f) Bridge protocol data unit (BPDU) guard
(g) Storm control
(h) Unicast flooding
(i) Port roles, failure propagation, and loop guard operation
1.20 Implement VLAN and VLAN Trunking Protocol (VTP)
1.30 Implement trunk and trunk protocols, EtherChannel, and load-balance
1.40 Implement Ethernet technologies
(a) Speed and duplex
(b) Ethernet, Fast Ethernet, and Gigabit Ethernet
(c) PPP over Ethernet (PPPoE)
1.50 Implement Switched Port Analyzer (SPAN), Remote Switched Port Analyzer (RSPAN), and flow control
1.60 Implement Frame Relay
(a) Local Management Interface (LMI)
(b) Traffic shaping
(c) Full mesh
(d) Hub and spoke
(e) Discard eligible (DE)
1.70 Implement High-Level Data Link Control (HDLC) and PPP
2.00 Implement IPv4
2.10 Implement IP version 4 (IPv4) addressing, subnetting, and variable-length subnet masking (VLSM)
2.20 Implement IPv4 tunneling and Generic Routing Encapsulation (GRE)
2.30 Implement IPv4 RIP version 2 (RIPv2)
2.40 Implement IPv4 Open Shortest Path First (OSPF)
(a) Standard OSPF areas
(b) Stub area
(c) Totally stubby area
(d) Not-so-stubby-area (NSSA)
(e) Totally NSSA
(f) Link-state advertisement (LSA) types
(g) Adjacency on a point-to-point and on a multi-access network
(h) OSPF graceful restart
2.50 Implement IPv4 Enhanced Interior Gateway Routing Protocol (EIGRP)
(a) Best path
(b) Loop-free paths
(c) EIGRP operations when alternate loop-free paths are available, and when they are not available
(d) EIGRP queries
(e) Manual summarization and autosummarization
(f) EIGRP stubs
The following topics are general guidelines for the content likely to be included on the lab exam. However,
other related topics may also appear on any specific delivery of the exam. In order to better reflect the
contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.
Original information is located on the Cisco Learning Network  – www.cisco.com/go/learningnetwork
Cisco Systems, Inc. – All Rights Reserved © 2009 1 of 32.60 Implement IPv4 Border Gateway Protocol (BGP)
(a) Next hop
(b) Peering
(c) Internal Border Gateway Protocol (IBGP) and External Border Gateway Protocol (EBGP)
2.70 Implement policy routing
2.80 Implement Performance Routing (PfR) and Cisco Optimized Edge Routing (OER)
2.90
Implement filtering, route redistribution, summarization, synchronization, attributes, and other advanced
features
3.00 Implement IPv6
3.10 Implement IP version 6 (IPv6) addressing and different addressing types
3.20 Implement IPv6 neighbor discovery
3.30 Implement basic IPv6 functionality protocols
3.40 Implement tunneling techniques
3.50 Implement OSPF version 3 (OSPFv3)
3.60 Implement EIGRP version 6 (EIGRPv6)
3.70 Implement filtering and route redistribution
4.00 Implement MPLS Layer 3 VPNs
4.10 Implement Multiprotocol Label Switching (MPLS)
4.20
Implement Layer 3 virtual private networks (VPNs) on provider edge (PE), provider (P), and customer
edge (CE) routers
4.30 Implement virtual routing and forwarding (VRF) and Multi-VRF Customer Edge (VRF-Lite)
5.00 Implement IP Multicast
5.10 Implement Protocol Independent Multicast (PIM) sparse mode
5.20 Implement Multicast Source Discovery Protocol (MSDP)
5.30 Implement interdomain multicast routing
5.40
Implement PIM Auto-Rendezvous Point (Auto-RP), unicast rendezvous point (RP), and bootstrap router
(BSR)
5.50 Implement multicast tools, features, and source-specific multicast
5.60
Implement IPv6 multicast, PIM, and related multicast protocols, such as Multicast Listener Discovery
(MLD)
6.00 Implement Network Security
6.01 Implement access lists
6.02 Implement Zone Based Firewall
6.03 Implement Unicast Reverse Path Forwarding (uRPF)
6.04 Implement IP Source Guard
6.05
Implement authentication, authorization, and accounting (AAA) (configuring the AAA server is not
required, only the client-side (IOS) is configured)
6.06 Implement Control Plane Policing (CoPP)
6.07 Implement Cisco IOS Firewall
6.08 Implement Cisco IOS Intrusion Prevention System (IPS)
6.09 Implement Secure Shell (SSH)
6.10 Implement 802.1x
6.11 Implement NAT
6.12 Implement routing protocol authentication
6.13 Implement device access control
6.14 Implement security features
7.00 Implement Network Services
7.10 Implement Hot Standby Router Protocol (HSRP)
7.20 Implement Gateway Load Balancing Protocol (GLBP)
7.30 Implement Virtual Router Redundancy Protocol (VRRP)
7.40 Implement Network Time Protocol (NTP)
7.50 Implement DHCP
7.60 Implement Web Cache Communication Protocol (WCCP)
Original information is located on the Cisco Learning Network  – www.cisco.com/go/learningnetwork
Cisco Systems, Inc. – All Rights Reserved © 2009 2 of 38.00 Implement Quality of Service (QoS)
8.10 Implement Modular QoS CLI (MQC)
(a) Network-Based Application Recognition (NBAR)
(b) Class-based weighted fair queuing (CBWFQ),  modified deficit round robin (MDRR), and low latency
queuing (LLQ)
(c) Classification
(d) Policing
(e) Shaping
(f) Marking
(g) Weighted random early detection (WRED) and random early detection (RED)
(h) Compression
8.20 Implement Layer 2 QoS: weighted round robin (WRR), shaped round robin (SRR), and policies
8.30 Implement link fragmentation and interleaving (LFI) for Frame Relay
8.40 Implement generic traffic shaping
8.50 Implement Resource Reservation Protocol (RSVP)
8.60 Implement Cisco AutoQoS
9.00 Troubleshoot a Network
9.10 Troubleshoot complex Layer 2 network issues
9.20 Troubleshoot complex Layer 3 network issues
9.30 Troubleshoot a network in response to application problems
9.40 Troubleshoot network services
9.50 Troubleshoot network security
10.00 Optimize the Network
10.01 Implement syslog and local logging
10.02 Implement IP Service Level Agreement SLA
10.03 Implement NetFlow
10.04 Implement SPAN, RSPAN, and router IP traffic export (RITE)
10.05 Implement Simple Network Management Protocol (SNMP)
10.06 Implement Cisco IOS Embedded Event Manager (EEM)
10.07 Implement Remote Monitoring (RMON)
10.08 Implement FTP
10.09 Implement TFTP
10.10 Implement TFTP server on router
10.11 Implement Secure Copy Protocol (SCP)
10.12 Implement HTTP and HTTPS
10.13 Implement Telnet

CCIE Routing & Switching Written Exam Topics v4.0 (Blueprint)
Exam Sections and Sub-task Objectives
1.00 Implement Layer 2 Technologies √
1.10 Implement Spanning Tree Protocol (STP)
(a) 802.1d
(b) 802.1w
(c) 802.1s
(d) Loop guard
(e) Root guard
(f) Bridge protocol data unit (BPDU) guard
(g) Storm control
(h) Unicast flooding
(i) Port roles, failure propagation, and loop guard operation
1.20 Implement VLAN and VLAN Trunking Protocol (VTP)
1.30 Implement trunk and trunk protocols, EtherChannel, and load-balance
1.40 Implement Ethernet technologies
(a) Speed and duplex
(b) Ethernet, Fast Ethernet, and Gigabit Ethernet
(c) PPP over Ethernet (PPPoE)
1.50 Implement Switched Port Analyzer (SPAN), Remote Switched Port Analyzer (RSPAN), and flow control
1.60 Implement Frame Relay
(a) Local Management Interface (LMI)
(b) Traffic shaping
(c) Full mesh
(d) Hub and spoke
(e) Discard eligible (DE)
1.70 Implement High-Level Data Link Control (HDLC) and PPP
2.00 Implement IPv4
2.10 Implement IP version 4 (IPv4) addressing, subnetting, and variable-length subnet masking (VLSM)
2.20 Implement IPv4 tunneling and Generic Routing Encapsulation (GRE)
2.30 Implement IPv4 RIP version 2 (RIPv2)
2.40 Implement IPv4 Open Shortest Path First (OSPF)
(a) Standard OSPF areas
(b) Stub area
(c) Totally stubby area
(d) Not-so-stubby-area (NSSA)
(e) Totally NSSA
(f) Link-state advertisement (LSA) types
(g) Adjacency on a point-to-point and on a multi-access network
(h) OSPF graceful restart
2.50 Implement IPv4 Enhanced Interior Gateway Routing Protocol (EIGRP)
(a) Best path
(b) Loop-free paths
(c) EIGRP operations when alternate loop-free paths are available, and when they are not available
(d) EIGRP queries
(e) Manual summarization and autosummarization
(f) EIGRP stubs
The comprehensive CCIE R&S Written Exam (#350-001) has 100 multiple-choice questions and is two hours
in duration. The topic areas listed are general guidelines for the type of content that is likely to appear on the
exam. Please note, however, that other relevant or related topic areas may also appear.
Original information is located on the Cisco Learning Network  – www.cisco.com/go/learningnetwork
Cisco Systems, Inc. – All Rights Reserved © 2009 1 of 32.60 Implement IPv4 Border Gateway Protocol (BGP)
(a) Next hop
(b) Peering
(c) Internal Border Gateway Protocol (IBGP) and External Border Gateway Protocol (EBGP)
2.70 Implement policy routing
2.80 Implement Performance Routing (PfR) and Cisco Optimized Edge Routing (OER)
2.90
Implement filtering, route redistribution, summarization, synchronization, attributes, and other advanced
features
3.00 Implement IPv6
3.10 Implement IP version 6 (IPv6) addressing and different addressing types
3.20 Implement IPv6 neighbor discovery
3.30 Implement basic IPv6 functionality protocols
3.40 Implement tunneling techniques
3.50 Implement OSPF version 3 (OSPFv3)
3.60 Implement EIGRP version 6 (EIGRPv6)
3.70 Implement filtering and route redistribution
4.00 Implement MPLS Layer 3 VPNs
4.10 Implement Multiprotocol Label Switching (MPLS)
4.20
Implement Layer 3 virtual private networks (VPNs) on provider edge (PE), provider (P), and customer
edge (CE) routers
4.30 Implement virtual routing and forwarding (VRF) and Multi-VRF Customer Edge (VRF-Lite)
5.00 Implement IP Multicast
5.10 Implement Protocol Independent Multicast (PIM) sparse mode
5.20 Implement Multicast Source Discovery Protocol (MSDP)
5.30 Implement interdomain multicast routing
5.40
Implement PIM Auto-Rendezvous Point (Auto-RP), unicast rendezvous point (RP), and bootstrap router
(BSR)
5.50 Implement multicast tools, features, and source-specific multicast
5.60
Implement IPv6 multicast, PIM, and related multicast protocols, such as Multicast Listener Discovery
(MLD)
6.00 Implement Network Security
6.01 Implement access lists
6.02 Implement Zone Based Firewall
6.03 Implement Unicast Reverse Path Forwarding (uRPF)
6.04 Implement IP Source Guard
6.05
Implement authentication, authorization, and accounting (AAA) (configuring the AAA server is not
required, only the client-side (IOS) is configured)
6.06 Implement Control Plane Policing (CoPP)
6.07 Implement Cisco IOS Firewall
6.08 Implement Cisco IOS Intrusion Prevention System (IPS)
6.09 Implement Secure Shell (SSH)
6.10 Implement 802.1x
6.11 Implement NAT
6.12 Implement routing protocol authentication
6.13 Implement device access control
6.14 Implement security features
7.00 Implement Network Services
7.10 Implement Hot Standby Router Protocol (HSRP)
7.20 Implement Gateway Load Balancing Protocol (GLBP)
7.30 Implement Virtual Router Redundancy Protocol (VRRP)
7.40 Implement Network Time Protocol (NTP)
7.50 Implement DHCP
7.60 Implement Web Cache Communication Protocol (WCCP)
Original information is located on the Cisco Learning Network  – www.cisco.com/go/learningnetwork
Cisco Systems, Inc. – All Rights Reserved © 2009 2 of 38.00 Implement Quality of Service (QoS)
8.10 Implement Modular QoS CLI (MQC)
(a) Network-Based Application Recognition (NBAR)
(b) Class-based weighted fair queuing (CBWFQ),  modified deficit round robin (MDRR), and low latency
queuing (LLQ)
(c) Classification
(d) Policing
(e) Shaping
(f) Marking
(g) Weighted random early detection (WRED) and random early detection (RED)
(h) Compression
8.20 Implement Layer 2 QoS: weighted round robin (WRR), shaped round robin (SRR), and policies
8.30 Implement link fragmentation and interleaving (LFI) for Frame Relay
8.40 Implement generic traffic shaping
8.50 Implement Resource Reservation Protocol (RSVP)
8.60 Implement Cisco AutoQoS
9.00 Troubleshoot a Network
9.10 Troubleshoot complex Layer 2 network issues
9.20 Troubleshoot complex Layer 3 network issues
9.30 Troubleshoot a network in response to application problems
9.40 Troubleshoot network services
9.50 Troubleshoot network security
10.00 Optimize the Network
10.01 Implement syslog and local logging
10.02 Implement IP Service Level Agreement SLA
10.03 Implement NetFlow
10.04 Implement SPAN, RSPAN, and router IP traffic export (RITE)
10.05 Implement Simple Network Management Protocol (SNMP)
10.06 Implement Cisco IOS Embedded Event Manager (EEM)
10.07 Implement Remote Monitoring (RMON)
10.08 Implement FTP
10.09 Implement TFTP
10.10 Implement TFTP server on router
10.11 Implement Secure Copy Protocol (SCP)
10.12 Implement HTTP and HTTPS
10.13 Implement Telnet
11.00 Evaluate proposed changes to a Network
11.01 Evaluate interoperability of proposed technologies against deployed technologies
(a) Changes to routing protocol parameters
(b) Migrate parts of a network to IPv6
(c) Routing Protocol migration
(d) Adding multicast support
(e) Migrate spanning tree protocol
(f) Evaluate impact of new traffic on existing QoS design
11.02 Determine operational impact of proposed changes to an existing network
(a) Downtime of network or portions of network
(b) Performance degradation
(c) Introducing security breaches
11.03 Suggest Alternative solutions when incompatible changes are proposed to an existing network
(a) Hardware/Software upgrades
(b) Topology shifts
(c) Reconfigurations
you can free download the topic PDF :

http://www.wupload.com/file/2611607892/CCIE_RS_Wr_exam_topics_d-4374_aaD.pdf