Subnetting is the most mathematically tested skill — practice calculating subnet IDs, broadcast addresses, and valid host ranges quickly in your head. For the OSI model: memorise which protocol runs at which layer. TCP = transport (3-way handshake, reliable). UDP = transport (no handshake, fast). IP = network. Ethernet = data link.

• OSI model — 7 layers and what each does
• TCP/IP model and protocol mapping
• Ethernet: CSMA/CD, frame structure, MAC addresses
• IPv4 addressing and subnetting (VLSM, CIDR)
• IPv6: address types (unicast/multicast/anycast), EUI-64, dual-stack
• Network device roles: router, switch, hub, AP, firewall

VLANs and trunking are the most tested topics in this domain. Trunk ports carry traffic for multiple VLANs; access ports carry traffic for one VLAN. The native VLAN (default VLAN 1) is untagged on a trunk. Root bridge election: lowest bridge ID (priority + MAC) wins. PortFast should only be enabled on access ports connected to end devices, never on trunk ports.

• VLANs: creating, assigning ports, purpose (segmentation, security)
• Trunk links: 802.1Q encapsulation, native VLAN
• Inter-VLAN routing: router-on-a-stick vs Layer 3 switch
• Spanning Tree Protocol (STP/RSTP): root bridge election, port states, PortFast
• EtherChannel: LACP vs PAgP
• Wireless: 802.11 standards (a/b/g/n/ac/ax), WPA2/WPA3, AP modes (autonomous vs lightweight)

OSPF is the most tested routing protocol. Know: Hello/Dead timers, DR/BDR election (highest priority, then highest RID), OSPF area 0 as backbone. For static routes: AD = 1. Lower AD = more trustworthy. Floating static route = higher AD than dynamic route, used as a backup that activates only when the dynamic route disappears.

• Static routes: next-hop IP vs exit interface
• OSPF: DR/BDR election, LSA types, area types, wildcard masks
• Default gateway and default routes (0.0.0.0/0)
• Administrative distance: directly connected (0), static (1), OSPF (110), RIP (120)
• IPv4 and IPv6 routing principles
• Floating static routes (higher AD as backup)

PAT (Port Address Translation / NAT overload) allows many private IPs to share one public IP by mapping unique port numbers — this is what home routers use. DHCP DORA is reliably tested: client broadcasts Discover; server responds with Offer; client broadcasts Request; server confirms with Acknowledge. NTP: stratum 0 = reference clock; stratum 1 = server connected to stratum 0; lower stratum = more accurate.

• NAT/PAT: static NAT, dynamic NAT, PAT (overload)
• DHCP: DORA process (Discover, Offer, Request, Acknowledge)
• DNS: A records, AAAA records, PTR records, resolution process
• NTP: stratum levels, NTP master, syncing network devices
• SNMP: versions (v1/v2c/v3), OIDs, traps, community strings
• Syslog: severity levels (0-7), centralised logging

ACL placement is reliably tested: standard ACLs filter on source IP only — place near destination (to avoid blocking too much). Extended ACLs filter on source+destination IP, port, and protocol — place near source (to stop unwanted traffic early). Memorise ACL processing: IOS checks top-to-bottom, first match wins, implicit deny all at end.

• ACLs: standard (source IP only) vs extended (src+dst IP, port, protocol)
• ACL placement: standard = near destination, extended = near source
• DHCP snooping: blocks rogue DHCP servers on untrusted ports
• Dynamic ARP Inspection (DAI): validates ARP against DHCP snooping table
• 802.1X port-based authentication
• VPN types: site-to-site (IPsec) vs remote access (SSL/TLS)

The most conceptual domain — no deep coding required. Understand what SDN does (separates where routing decisions are made from where traffic is forwarded). REST API verbs: GET = read; POST = create; PUT = replace; PATCH = update; DELETE = remove. JSON uses {curly braces} for objects and [square brackets] for arrays — know how to read a simple JSON structure.

• SDN: control plane vs data plane separation, northbound/southbound APIs
• REST APIs: GET/POST/PUT/DELETE, JSON/YAML data formats
• Python basics: variables, loops, if/else, requests library
• Ansible: agentless, playbooks, YAML syntax, idempotency
• Cisco DNA Center (DNAC) for intent-based networking