This is a short, no-nonsense blog that focuses on the various Cisco exam blueprint updates relating to the five study plans I've created. Each study plan has a corresponding link below so you can quickly jump to the one that interests you. Visit my Courses page to view my content or my Jobaid page to download my study plans, Postman collections, and other helpful items.
The updates to this exam blueprint are quite minor and include:
Because none of these topics required a new project or hands-on demonstration, I've added a few clips to the proper courses within this learning path to cover the aforementioned topics. The blueprint was largely unchanged.
This blueprint's update only substituted one word of significance: removing Puppet and replacing it with Terraform. In my existing course, I used Puppet to manage Cisco Nexus via its NX-API to demonstrate "git revert". For that reason, I won't be removing Puppet from the updates because I still think it is useful information to have even if Cisco does not intend to test on it. However, I've reduced its focus in my study plan as well.
To replace it, I've added a new 30 minute module to cover Terraform. This includes an architecture overview as well as several demonstrations. The demos include Terraform installation, setup, and plan development. Specifically, I deploy a new Cisco Catalyst 8000V router into AWS, then configure it using the new Terraform IOS-XE provider. This leverages RESTCONF behind the scenes, which requires some creative initial configuration steps. The project also leverages Terraform "output" and "destroy" commands for completeness.
The main difference for this exam is a broad expansion of the Cisco Catalyst Center (formerly DNA Center) APIs to include Software Defined Access (SDA). The new blueprint also removed the multi-vendor integration and third-party SDK topics. Few customers leverage these technologies, which is probably the reason Cisco removed it from the blueprint. I still briefly mention their existence in the courses, but do not demonstrate them.
Introducing SDA automation required a new 30 minute module because this technology is quite complex. Configuring a basic SDA fabric from scratch requires many API calls. After briefly describing the SDA architecture, we immediately jump into demonstrations, using a Cisco dCloud hardware lab to build a new SDA fabric. I wrap up by validating the SDA fabric's configuration in the GUI so that network operators will know how to monitor the system in production.
This blueprint has many administrative changes detailing the new Cisco branding of its various security products. Because these changes are aesthetic and do not impact the behavior of the APIs, I consolidate this product renaming effort into a single clip to avoid unnecessarily updating the entire learning path. This update is similar to that described earlier in DEVASC.
The significant blueprint update is the addition of Cisco's eXtended Detection and Response (XDR) service. This required a new 20 minute module on the topic. Because it can integrate with the entire Cisco Secure product suite as well as many third-party products, it is commonly used for centralized threat hunting and analysis. That's exactly what I demonstrate in this new module, passing in some example text so that XDR can extract observables from it, then enriching the details for the various observables.
The only updates include VRF-lite for EIGRP and BGP. Since the blueprint already included MPLS layer-3 VPNs, viewers already learned how to use VRFs with BGP for PE-CE routing, but I added a new clip to specifically cover BGP with VRF-lite. I took that opportunity to also introduce some "local-as" route hairpinning, which is a common real life use case.
As it relates to EIGRP, I originally demonstrated VRF-lite with static routing as an underlay for a DMVPN/EIGRP overlay. For completeness, I added a new clip to specifically demonstrate VRF-lite with EIGRP. These updates are technically required by the blueprint, but are added as detours to avoid ruining the existing network topologies.
Subscribe by adding "www.njrusmc.net" to your RSS/Atom reader!