Cisco Certified Network Associate Study Guide [175 Minute Read]

Welcome & Introduction

Welcome to the MindMesh Academy CCNA 200-301 Study Guide—your comprehensive resource for mastering the Cisco Certified Network Associate certification exam.

This guide uses a first-principles pedagogical approach, meaning we don't just tell you what to memorize—we teach you why networks work the way they do, giving you the reasoning tools to answer questions you've never seen before.

What makes this guide different:
  • First-principles foundation before diving into exam topics
  • Decision frameworks you can apply to any scenario
  • Exam traps called out explicitly throughout
  • Configuration examples with IOS CLI commands
  • Practice questions with detailed rationales

Syllabus Version: CCNA 200-301 v1.1 (Skills measured as of August 20, 2024)

Exam Purpose & Audience

The CCNA 200-301 exam validates your ability to install, configure, operate, and troubleshoot medium-sized routed and switched networks. This certification is the foundation for all Cisco networking certifications and demonstrates competency in:

  • Network fundamentals and architecture
  • Network access technologies (switching, wireless)
  • IP connectivity (routing protocols)
  • IP services (NAT, DHCP, DNS, NTP)
  • Security fundamentals
  • Automation and programmability
Exam DetailInformation
Exam Code200-301 CCNA
Duration120 minutes
Questions100-120 (varies)
Passing Score~825/1000 (scaled)
Question TypesMultiple choice, drag-and-drop, simulations
LanguagesEnglish, Japanese
Cost$300 USD
PrerequisiteNone (but hands-on experience recommended)
Exam Domain Weights:
Loading diagram...

(Table of Contents - For Reference)

  • Phase 1: First Principles of Network Engineering
    • 1.1. The Network Abstraction: The Three Core Problems
    • 1.2. The OSI Model: Layers as Problem Boundaries
    • 1.3. The TCP/IP Model: How Real Networks Work
    • 1.4. Addressing: The Three Identities of a Device
    • 1.5. Encapsulation: Data Wrapping at Each Layer
    • 1.6. The Forwarding Decision: How Devices Choose Paths
    • 1.7. Reflection Checkpoint
  • Phase 2: Network Fundamentals (20%)
    • 2.1. Network Components and Their Roles
      • 2.1.1. Routers
      • 2.1.2. Layer 2 and Layer 3 Switches
      • 2.1.3. Next-Generation Firewalls and IPS
      • 2.1.4. Access Points
      • 2.1.5. Controllers
      • 2.1.6. Endpoints
      • 2.1.7. Servers
      • 2.1.8. Power over Ethernet (PoE)
    • 2.2. Network Topology Architectures
      • 2.2.1. Two-Tier (Collapsed Core)
      • 2.2.2. Three-Tier (Traditional)
      • 2.2.3. Spine-Leaf
      • 2.2.4. WAN Topologies
      • 2.2.5. Small Office/Home Office (SOHO)
      • 2.2.6. On-Premises and Cloud
    • 2.3. Physical Interfaces and Cabling
      • 2.3.1. Fiber Optic Cables
      • 2.3.2. Copper Cables
      • 2.3.3. Ethernet Connections
    • 2.4. Interface and Cable Issues
    • 2.5. TCP vs UDP
    • 2.6. IPv4 Addressing and Subnetting
      • 2.6.1. Address Structure
      • 2.6.2. Subnetting Process
    • 2.7. Private IPv4 Addressing
    • 2.8. IPv6 Addressing
      • 2.8.1. Address Format
      • 2.8.2. Key Differences
    • 2.9. IPv6 Address Types
      • 2.9.1. Unicast Addresses
      • 2.9.2. Anycast
      • 2.9.3. Multicast
      • 2.9.4. Modified EUI-64
    • 2.10. Client OS IP Parameters
    • 2.11. Wireless Principles
      • 2.11.1. Channels and Bands
      • 2.11.2. SSID and RF Concepts
      • 2.11.3. Wireless Encryption
    • 2.12. Virtualization Fundamentals
      • 2.12.1. Server Virtualization
      • 2.12.2. Containers
      • 2.12.3. VRF (Virtual Routing and Forwarding)
    • 2.13. Switching Concepts
      • 2.13.1. MAC Learning and Aging
      • 2.13.2. Frame Switching Methods
      • 2.13.3. Frame Flooding
      • 2.13.4. MAC Address Table
    • 2.14. Reflection Checkpoint
  • Phase 3: Network Access (20%)
    • 3.1. VLANs Configuration
      • 3.1.1. Access Ports (Data and Voice)
      • 3.1.2. Default VLAN
      • 3.1.3. Inter-VLAN Connectivity
    • 3.2. Interswitch Connectivity (Trunking)
      • 3.2.1. Trunk Ports
      • 3.2.2. 802.1Q Tagging
      • 3.2.3. Native VLAN
    • 3.3. Layer 2 Discovery Protocols
      • 3.3.1. Cisco Discovery Protocol (CDP)
      • 3.3.2. Link Layer Discovery Protocol (LLDP)
    • 3.4. EtherChannel (LACP)
      • 3.4.1. LACP Configuration
      • 3.4.2. Requirements and Verification
    • 3.5. Spanning Tree Protocol (Rapid PVST+)
      • 3.5.1. Root Port, Root Bridge, and Other Port Names
      • 3.5.2. Port States and Roles
      • 3.5.3. PortFast
      • 3.5.4. STP Protection Mechanisms
    • 3.6. Cisco Wireless Architectures
      • 3.6.1. Architecture Types
      • 3.6.2. Lightweight AP Modes
      • 3.6.3. CAPWAP
    • 3.7. WLAN Physical Infrastructure
    • 3.8. Network Device Management Access
    • 3.9. Wireless LAN GUI Configuration
    • 3.10. Reflection Checkpoint
  • Phase 4: IP Connectivity (25%)
    • 4.1. Routing Table Components
      • 4.1.1. Routing Protocol Codes
      • 4.1.2. Prefix and Network Mask
      • 4.1.3. Next Hop
      • 4.1.4. Administrative Distance
      • 4.1.5. Metric
      • 4.1.6. Gateway of Last Resort
    • 4.2. Router Forwarding Decisions
      • 4.2.1. Longest Prefix Match
      • 4.2.2. Administrative Distance
      • 4.2.3. Routing Protocol Metric
    • 4.3. Static Routing (IPv4 and IPv6)
      • 4.3.1. Default Route
      • 4.3.2. Network Route
      • 4.3.3. Host Route
      • 4.3.4. Floating Static Route
    • 4.4. Single Area OSPFv2
      • 4.4.1. Neighbor Adjacencies
      • 4.4.2. Point-to-Point Networks
      • 4.4.3. Broadcast Networks (DR/BDR Selection)
      • 4.4.4. Router ID
      • 4.4.5. OSPF Configuration
    • 4.5. First Hop Redundancy Protocols
      • 4.5.1. FHRP Overview
      • 4.5.2. How FHRPs Work
    • 4.6. Reflection Checkpoint
  • Phase 5: IP Services (10%)
    • 5.1. Network Address Translation (NAT)
      • 5.1.1. NAT Terminology
      • 5.1.2. NAT Types
      • 5.1.3. NAT Configuration
    • 5.2. Network Time Protocol (NTP)
      • 5.2.1. NTP Stratum Levels
      • 5.2.2. NTP Configuration
    • 5.3. DHCP and DNS
      • 5.3.1. DORA Process
      • 5.3.2. DNS Resolution
    • 5.4. SNMP
      • 5.4.1. SNMP Components
      • 5.4.2. SNMP Versions
    • 5.5. Syslog
    • 5.6. DHCP Client and Relay
    • 5.7. Quality of Service (QoS)
      • 5.7.1. QoS Mechanisms
      • 5.7.2. PHB (Per-Hop Behavior)
    • 5.8. SSH Configuration
    • 5.9. TFTP and FTP
    • 5.10. Reflection Checkpoint
  • Phase 6: Security Fundamentals (15%)
    • 6.1. Key Security Concepts
      • 6.1.1. Threat Terminology
      • 6.1.2. Common Threats
    • 6.2. Security Program Elements
    • 6.3. Device Access Control
    • 6.4. Password Policies and Alternatives
    • 6.5. VPNs (IPsec)
    • 6.6. Access Control Lists (ACLs)
      • 6.6.1. ACL Types
      • 6.6.2. ACL Configuration
    • 6.7. Layer 2 Security Features
      • 6.7.1. DHCP Snooping and DAI
      • 6.7.2. Port Security
    • 6.8. AAA Concepts
      • 6.8.1. Authentication, Authorization, Accounting
      • 6.8.2. TACACS+ vs RADIUS
    • 6.9. Wireless Security Protocols
    • 6.10. WLAN WPA2 PSK Configuration
    • 6.11. Reflection Checkpoint
  • Phase 7: Automation and Programmability (10%)
    • 7.1. Automation Impact on Network Management
    • 7.2. Traditional vs Controller-Based Networking
    • 7.3. Software-Defined Architecture
      • 7.3.1. Control Plane vs Data Plane
      • 7.3.2. Northbound and Southbound APIs
      • 7.3.3. Overlay, Underlay, and Fabric
    • 7.4. AI and Machine Learning in Network Operations
    • 7.5. REST APIs
      • 7.5.1. HTTP Methods (CRUD Operations)
      • 7.5.2. API Characteristics
    • 7.6. Configuration Management (Ansible, Terraform)
    • 7.7. JSON Data Encoding
    • 7.8. Reflection Checkpoint
  • Phase 8: Exam Readiness
    • 8.1. Exam Strategy and Time Management
    • 8.2. Quick Reference Decision Trees
    • 8.3. Practice Questions (60 Questions)
  • Phase 9: Glossary
  • Phase 10: Conclusion