CCNA and CCNP Wireless Certification Updates

Overview

In January of 2012, Cisco introduced updates to its current CCNA and CCNP wireless certifications. As with all technologies, different ones mature and new ones are developed and the coverage of this needs to be reflected in the certification requirements. With this update, Cisco has changed the certification to reflect the current version number of software used on modern devices as well as increased the coverage of 802.11n and voice and video over wireless technologies. All of these new exams are available through Pearson VUE and can be scheduled at the candidates pace. The older version of these exams will continue to be available for a limited time before they are retired. Candidates that are currently studying a specific version of an exam will probably be ok to continue and take the older exam; any new candidates just beginning studying for them should focus on the content that is covered on the new exams. The following sections will display the current availability information of the older exams and show the different changes that have been reflected in the exam objectives compared with their former versions.

Implementing Cisco Unified Wireless Networking Essentials (IUWNE) – CCNA Wireless

There are currently two different versions of the IUWNE exam available, these include the 640-721 and 640-722. The 640-721 exam is slated to be End of Life (EOL) on May 11, 2012. The following list shows how the different topics differ between the older and the newer exam.

Existed in v1 curriculum

Added to the v2 curriculum

Removed from v2 curriculum

A.Describe WLAN fundamentals

Describe basics of spread spectrum technology (modulation, DSS, OFDM, MIMO, Channels reuse and overlap, Rate-shifting, CSMA/CA)
Describe the impact of various wireless technologies (Bluetooth, WiMAX, ZigBee, cordless phone)
Describe wireless regulatory bodies, standards and certifications (FCC, ETSI, 802.11a/b/g/n, WiFi Alliance)
Describe WLAN RF principles (antenna types, RF gain/loss, EIRP, refraction, reflection, ETC)
Describe networking technologies used in wireless (SSID –> WLAN_ID –> Interface — >VLAN, 802.1q trunking)
Describe wireless topologies (IBSS, BSS, ESS, Point-to-Point, Point-to-Multipoint, basic Mesh, bridging)
Describe 802.11 authentication and encryption methods (Open, Shared, 802.1X, EAP, TKIP, AES)
Describe frame types (associated/unassociated, management, control, data)
Describe basic RF deployment considerations related to site survey design of data or VoWLAN applications, common RF interference sources such as devices, building material, AP location, and basic RF site survey design related to channel reuse, signal strength, and cell overlap

B.Install a basic Cisco wireless LAN

Describe the basics of the Cisco Unified Wireless Network architecture (Split MAC, LWAPP, stand-alone AP versus controller-based AP, specific hardware examples)
Describe the Cisco Mobility Express Wireless architecture (Smart Business Communication System — SBCS, Cisco Config Agent — CCA, 526WLC, 521AP – stand-alone and controller-based)
Install and configure autonomous access points in the small business environment
Describe the modes of controller-based AP deployment (local, monitor, HREAP, sniffer, rogue detector, bridge)
Describe controller-based AP discovery and association (OTAP, DHCP, DNS, Master-Controller, Primary-Secondary-Tertiary, n+1 redundancy)
Describe roaming (Layer 2 and Layer 3, intra-controller and inter-controller, mobility groups)
Configure a WLAN controller and access points WLC: ports, interfaces, WLANs, NTP, CLI and Web UI, CLI wizard, LAG AP: Channel, Power
Configure the basics of a stand-alone access point (no lab) (Express setup, basic security)
Describe RRM
Verify basic wireless network operation

C.Install Wireless Clients

Describe client OS WLAN configuration (Windows, Apple, and Linux.)Added – such as Service Set Identifier (SSID), security selection, and authentication
Install Cisco ADU
Describe basic CSSC
Describe basic AnyConnect 3.0 or above wireless configuration parameters
Describe CCX versions 1 through 5

D.Implement basic WLAN Security

Describe the general framework of wireless security and security components (authentication, encryption, MFP, IPS)
Describe and configure authentication methods (Guest, PSK, 802.1X, WPA/WPA2 with EAP- TLS, EAP-FAST, PEAP, LEAP)
Describe and configure encryption methods (WPA/WPA2 with TKIP, AES)
Describe and configure the different sources of authentication (PSK, EAP-local or – external, Radius)
Implement wireless Guest networking

E.Operate basic WCS

Describe key features of WCS and Navigator (versions and licensing)
Install/upgrade WCS and configure basic administration parameters (ports, O/S version, strong passwords, service vs. application)
Configure controllers and APs (using the Configuration tab not templates)
Configure and use maps in the WCS (add campus, building, floor, maps, position AP)Added view client location and view CleanAir zones of influence
Use the WCS monitor tab and alarm summary to verify the WLAN operations
Generate standard WCS reports (inventory, CleanAir, client-related, AP-related, and utilization)

F.Conduct basic WLAN Maintenance and Troubleshooting

Identify basic WLAN troubleshooting methods for controllers, access points, and clients methodologies
Describe basic RF deployment considerations related to site survey design of data or VoWLAN applications, Common RF interference sources such as devices, building material, AP location Basic RF site survey design related to channel reuse, signal strength, cell overlap
Describe the use of WLC show, debug and logging
Describe the use of the WCS client troubleshooting tool
Transfer WLC config and O/S using maintenance tools and commands
Describe and differentiate WLC WLAN management access methods (console port, CLI, telnet, ssh, http, https, wired versus wireless management)

Conducting Cisco Unified Wireless Site Survey (CUWSS) – CCNP Wireless

There are currently two different versions of the CUWSS exam available, these include the 642-731 and 642-732. The 642-731 exam is slated to be End of Life (EOL) on May 11, 2012. The following list shows how the different topics differ between the older and the newer exam.

Existed in v1 curriculum

Added to the v2 curriculum

Removed from v2 curriculum

I.Prepare for the Site Survey

A.Identify customer requirements, such as:

Business and RF application needs (voice, data, location, and so on)
Industry vertical
Customer questionnaire

B.Identify customer facility requirements

single-floor
multi-floor
campus (indoor and outdoor)
warehouse
Obtain digital floor plans from customer

C.Identify customer requirements for type of client devices

D.Identify regulatory issues

Country codes (-e, -i, -a, -n)

E.Identify safety and aesthetic considerations

NEC Ratings
Fire codes
OSHA
MSHA
Site-specific hazard awareness

F.Assess existing network infrastructure

G.Assess logistical considerations (resources, time, access, deployment requirements, and so on)

H.Determine 802.11n impact on network infrastructure

II.Plan for the Site Survey

A.Select proper survey model:

Data
Voice
Video
Location
Bridging (point-to-point; point-to-multipoint)
Hybrid

B.Determine proper deployment characteristics:

Dense deployment
Highly mobile (Many cells, high-reliability, and fast-moving clients) vs. nomadic (temporary position)
Indoor and outdoor mesh
Use Predictive Cisco Wireless Control System (WCS) planning tools

C.Select survey equipment

D.Determine site survey best practices for customer environment

E.Identify impact of material attenuation

F.Identify survey documentation needed for customer report

III.Conduct the Site Survey

A.Conduct a Layer 1 survey (Cisco Spectrum Expert)

B.Select proper antenna to conduct the site survey

C.Conduct the Layer 2 site survey for indoor environment

Select proper access point to conduct the site survey (use what is purchased)
Configure access point
Survey with proper client
Utilize proper survey techniques

D.Conduct the Layer 2 site survey for outdoor point-to-point and point-to-multipoint networks

E.Conduct the Layer 2 site survey for outdoor mesh network

IV.Design the RF Network

A.Determine infrastructure requirements

AC power and Power over Ethernet (PoE)
Understand cableplant considerations
Mounting considerations National Electrical Manufacturers Association (NEMA)
Outdoor grounding and lightning protection
Rack capacity
Switch port capacity

B.Determine the AP count and subsequent controller and license requirements

Autonomous vs. controller-based deployment

C.Generate the WLAN design documentation

Indoor
Outdoor mesh
Outdoor point-to-point and multipoint

V.Conduct Post Deployment Assessment

A.Verify RF coverage

Utilize tools (for example, AirMagnet) for audit
RRM, controller, network appliance tweaks

B.Verify network applications and performance

Apply WCS tools (voice readiness, location readiness, site calibration, and so on)

C.Reconcile any deployment issues

D.Assemble and deliver installation report to customer

Implementing Advanced Cisco Unified Wireless Security (IAUWS) – CCNP Wireless

There are currently two different versions of the IAUWS exam available, these include the 642-736 and 642-737. The 642-736 exam is slated to be End of Life (EOL) on May 11, 2012. The following list shows how the different topics differ between the older and the newer exam.

Existed in v1 curriculum

Added to the v2 curriculum

Removed from v2 curriculum

I.Integrate client device security

A.Describe Extensive Authentication Protocol (EAP) authentication process

B.Configure client for secure EAP authentication (EAP-FAST, TLS, PEAP, two factor authentication)

C. Configure the CSSC.

C.Configure the AnyConnect client

D.Understand impact of security configurations on application and client roaming.

E.Troubleshoot client wireless connectivity issues (packet analyzers, debugs, logs, WCS, ACS)

F.Understand client security risks (driver update, MS hot fixes)

II.Design and integrate wireless network with NAC

A. Understand the architectures; inband, out-of-band

Agent vs. agent less

B. Describe the high level authentication process flow

NAC Appliance Server
NAC Appliance Manager
WLC
External authentication sources

C. Configure the WLC for NAC

D. Verify wireless authentication with NAC

III. Implement secure wireless connectivity services

A. Configure authentication

Controller with or without external LDAP database
H-REAP APs for WAN failure
802.1X authentication for APs

B. Configure autonomous AP for RADIUS authentication

C. Configure management frame protection on clients and controllers

D. Configure IBN (RADIUS based VLAN and ACLs, AAA override)

E. Configure ACS for integration with wireless network

F. Configure client and server side digital certificate services

G. Implement ACLs on controller

CPU ACLs
WLAN, interface, client identity ACLs

H. Troubleshoot secure wireless connectivity services:

Packet analyzers, debugs, logs, WCS, ACS
Firewall ports
ACS and Controller authorization and authentication for clients

IV. Design and implement Guest Access services

A. Understand the architectures for guest access services

VLAN-based
Anchor/DMZ/redundancy/scaling
NAC guest server
Wired guest access
Bandwidth limiting

B. Configure guest access accounts

Lobby ambassador (controller, WCS-based)
Static
NAC guest server

C. Configure controller web auth

Pass through
Internal/external
Authentication
Email
Custom splash page (internal/external/per WLAN)
Understand design considerations (DNS, proxy)
Pre-authentication ACL
Wired guest access
Install third party certificate on controller

D. Configure the anchor and internal controllers

E. Troubleshoot guest access issues:

Debugs, logs, WCS, ACS
Firewall ports
Mping and eping
Proxies

V. Translate organizational and regulatory security policies and enforce security compliances

A. Describe regulatory compliance considerations, such as: HIPAA, PCI, SOX Added – and FERPA

PCI Audit – Covered above

B. Segment traffic into different VLANS, based upon:

Security
Application
QoS

C. Configure admin security on controller: Added – and WCS

TACACS+ and ACS integration
Local
Radius and AAA server integration
Access point admin credential
Admin roles

D. Manage WLC/WCS alarms:

SNMP/Trap receivers
Syslog
SMTP
MARS
ACS log

E. Describe security audit tools

AirMagnet
Packet Captures
Penetration testing
Third-party software (AirMagnet Airwise)
PCI Audit tool in WCS

VI. Configure native WLC security feature sets – IPS/IDS

A. Utilize WCS or controller for IDS and threat mitigation strategies, such as:

Signature
Custom signature
Rogue classification management/(auto) containment
Rogue reporting/location (WCS only)
Switchport tracing (WCS only)
Integrate Cisco spectrum expert to WCS
Client exclusion
CleanAir

B. Categorize and mitigate wireless vulnerabilities, such as:

802.11 client driver fuzzing (can’t be mitigated)
Wireless packet injection (can’t be mitigated)
Client misconfiguration
DoS (RF jamming)
Anomalous behavior attacks (i.e. association/authentication attacks)
Signature attacks (i.e. NetStumbler – undetectable at this time)
Eavesdropping (i.e. wild packets, Honeypot)
High jacking (mimicry) (i.e. evil Twin, HoneyPotting)
Social engineering (i.e. human attack)

VII. Integrate wireless network with advanced security platforms – IPS/IDS

A. Understand Cisco’s end-to-end security solutions and how they integrate with Cisco’s wireless solutions, such as:

CS-Mars
AnyConnect 3.0 and Above
NAC appliance
NAC guest server
Wired IPS
ACS, CSA, etc.

B. Understand the CUWN firewall port configuration requirements

ACLs
IP port pass-through
DMZ

C. Configure the controller for wired IPS/IDS

Including adaptive IDS (MSE)

D. Configure CSA

D. Configure wireless Intrusion Prevention System (IPS)(MSE)

Implementing Cisco Unified Wireless Voice Networks (IUWVN) – CCNP Wireless

There are currently two different versions of the IUWVN exam available, these include the 642-741 and 642-742. The 642-741 exam is slated to be End of Life (EOL) on May 11, 2012. The following list shows how the different topics differ between the older and the newer exam.

Existed in v1 curriculum

Added to the v2 curriculum

Removed from v2 curriculum

I. Describe voice over wireless architecture

A. Describe voice as it applies to the wireless network

Components (hardware, software)
Call setup and data flow overview
Other wireless voice and video services
Standards
Cisco Compatible Extensions (voice features)
WMM
UAPSD
Codecs
SCCP and SIP

B. Design wireless for voice

RSSI and SNR
Cell overlap requirements
Cell separations
Traffic separation
Delay, jitter, and QoS
Testing Tools (AirMagnet and Veriwave)
CAC,TSPEC
Verify voice readiness:
WCS voice readiness tool
.11n
Wireless voice client requirements

C. Utilize other design considerations, as per the voice design guide (VAD, MoH, Load Balancing, and so on)

D. Validate wireless network design for voice readiness:

Utilize the WVS voice readiness tool
Validate site survey for voice

II. Implement VoWLAN

A. Configure wireless client devices

Reference current best practice guidelines
Device security considerations

B. Configure the WLAN for VoWLAN

Best practice guidelines
Security configurations (PEAP, EAP-TLS, EAP-FAST)
CCKM/PKC, 802.11r

C. Describe hardware/software requirements

D. Configure infrastructure devices

E. Troubleshoot VoWLAN implementation

Spectrum Expert
AirMagnet VoFi analyzer
Traffic stream Metrics (TSM)
Incremental complexity testing

III. Implement QoS for wireless applications

A. Identify general considerations for wired QoS:

Configurations
DSCP/802.1p
Voice VLAN

B. Describe Wireless QoS deployment schemes:

WMM
802.11e
Mapping — wired to wireless

C. Configure WCS/WLC for QoS:

CAC
TSPEC
QBSS
Queues
Bandwidth Reservation
Disable “DHCP required”
Disable Address Resolution Protocol (ARP) unicast
Enable ARP caching
Cisco Identity Based Networking Services (IBN)

D. Reference most current best practice guidelines

IV. Implement multicast over wireless

A. Understand general multicast concepts:

PIM modes
CGMP
IGMP snooping
RP

B. Describe implications for multicast in 802.11

Data rates
Unicast/multicast modes
Roaming
Mesh
Controllers multicast groups
Video Stream (Reliable Multicast)

C. Configure multicast in a wireless network

Infrastructure multicast group
IGMP snooping on the controller
Video Stream (reliable multicast)
Mobility Group multicast

D. Troubleshoot multicast in a wireless network

Packet captures
Show IPM route
Controller logs
Debugs
- “debug bcast igmp enable”
- “debug mobility multicast enable”

V. Prepare the wireless network for video or high-bandwidth applications

A. Implement QoS for latency-sensitive applications

B. Describe benefits of 802.11n for video

C. Determine bandwidth requirements

D. Understand interconnectivity for devices on the wired side (QoS):

WLC to wired network

D. Identify application specific wireless network requirements

WLC to wired network
Multicast for wireless video
Wireless security cameras
Real-time video streaming/video conferencing

Implementing Cisco Unified Wireless Mobility Services (IUWMS) – CCNP Wireless

There are currently two different versions of the IUWMS exam available, these include the 642-746 and 642-747. The 642-746 exam is slated to be End of Life (EOL) on May 11, 2012. The following list shows how the different topics differ between the older and the newer exam.

Existed in v1 curriculum

Added to the v2 curriculum

Removed from v2 curriculum

I. Implement Location Based Services

A. Describe the impact of DAS for location based services

B. Tracking mobile clients

Either active RFID tag or WiFi devices

C. Understand the applications of RFID

Compare and contrast WCS and MobileView

D. Calibrate RSSI for the Cisco and AeroScout implementation

E. Configure, generate, interpret location and event notifications

F. Configure and tune the location appliance

Understand WCS/MSE/WLC traffic patterns impact on design
NMSP

F. Configure and tune the Mobility Services Engine (for example, Simple Network Management Protocol (SNMP) impact on network traffic and platform hardware)

G. Understand AP/antenna deployment model for location

H. Understand location techniques:

Angulations
Cell of origin
TDoA/ToA Lateration
RSS Lateration
Pattern Recognition
RF Fingerprinting

II. Design WLAN infrastructure for mobility

A. Understand single SSID designs w/ mobility

AP group VLANs
IBN,/
Single SSID/Multiple WLAN

B. Understand implications of L2 and L3 roaming:

Avoid salt and pepper
Minimize intercontroller roaming
Symmetric and asymmetric tunneling

C. Design for high availability

Legacy primary/secondary/tertiary
Backup primary/backup secondary outside of mobility group
Enhanced timers
AP fallback
AP prioritization
Anchor controller redundancy
RF redundancy – coverage hole, RRM, double AP

D. Troubleshoot AP join process using the following solutions:

AP console debug
AP console config
WLC debug
WLC logs
Switchport, DHCP, and VLAN

E. Understand and utilize best practices:

LAG vs. Port-based
RF groups
H-REAP
AP count; per-subnet limitation
Client subnet sizing considerations
Per WLAN client limit
Office Extend
Passive client

F. Define and implement mobility groups/domain:

AP regulatory domain flexibility
24/48/72 WLC mobility size

G. Understand workgroup bridges

WCS managements
Differences between workgroup and universal bridges
Considerations for using workgroup bridges

G. Adjust authentication/EAP timers

H. Tune RF environment for context aware services:

Data rates
Transmit power levels and thresholds
Channels and DCA
Band Select
ClientLink

I. Troubleshooting intercontroller communications

Mobility group formation
RF group formation
Intercontroller roaming

III. Implement MSE architecture

A. Describe MSE architecture:

Context aware
Adaptive wireless IPS
Secure client manager
Mobile intelligent roaming (dual mode phone)
Voice
Guest access - tracking
Spectrum intelligence
Scalability

B. Load MSE application

B. Deploy context-aware services for specific environments

Mixed-use environments
Complex RF environments
Small areas
Timing issues
Adjusting history and location parameters
Multifloor facilities
Re-calibration

C. Integrate third party applications

Server engines
Licensing
Common API

D. Integrate and manage MSE with WCS

Install and Synchronize
Location
Enable tracking
Define the MSE parameters
Understand advanced parameters

E. Maintain MSE:

Database clean-up
Database back-up and restore
Upgrade

F. Troubleshoot MSE

Debug of Network Mobility Services Protocol (NMSP)
Debug of controller
Location accuracy tool
Debug RFID

IV. Implement and manage Enterprise Mesh - Indoor and Outdoor

A. Describe Mesh and benefits

B. Describe Mesh operation modes

RAP
MAP
Ethernet bridge functionality for mesh

C. Implement Mesh:

Hop count
Backhaul caveats (throughput rates, QoS?, path properties,…)
Secondary backhaul
AP authorization (MAC filter entry)
Utilize WLC CLI
Outdoor RF considerations

D. Describe Mesh formation:

Cisco adaptive wireless path protocol (AWPP)
Bridge group names
Parent selection
Understand reconvergence

E. Configure WCS – Mesh focus:

New map for APs
Utilize mesh tree view
Utilize WCS mesh tools
Generate Mesh reports

V. Implement advanced services and manage with WCS and Navigator

A. Install and maintain Cisco WCS/Navigator and perform the following tasks:

Add Cisco WCSs
Add controllers
Adding APs
Adding maps

B. Understand Navigator’s role, features, and functions

C. Implement WCS partitioning

D. Implement time of day AP power savings

E. Implement scheduled WLAN availability

F. Configure reporting

G. Configure background tasks

H. Configure controller and access point templates

I. Monitor and convert autonomous APs

J. Configure WLC auto-provisioning

K. Utilize configuration auditing in Cisco WCS

VI. Utilize Advanced Tuning and Troubleshooting

A. Adjust authentication/EAP timers

B. Tune RF environment:

Data rates
Transmit power levels and thresholds
Channels/DCA

C. Describe Location Appliance Maintenance:

Database clean-up
Database back-up/restore
Upgrade

D. Troubleshoot AP join process:

AP console debug
AP console config
WLC debug
WLC logs
Switchport/DHCP/VLAN

E. Troubleshooting intercontroller communications

Mobility group formation
RF group formation
Intercontroller roaming

F. Troubleshoot Location-based Services:

Location accuracy tool
Mixed-use environments
Complex RF environments
Small areas
Timing issues
Adjusting history/location parameters
Multifloor facilities
Re-calibration
Debug RFID

Summary

As can be seen from the comparison, the majority of the content that was covered on the older version of the exams is also covered in the newer exam which means that studying time has not been wasted if it was spent on the older exam. Take the time to look over the blueprints from Cisco as well as this comparison to prepare for these certifications and exams.