ENCC_v1.0
ENCC_v1.0 copied to clipboard
Published
2 years ago
•
bigevilbeard
bigevilbeard
Useful Documents for 300-440 ENCC v1.0
Designing and Implementing Cloud Connectivity v1.0 (300-440) Exam Study
Useful Documents for 300-440 ENCC v1.0
For the Designing and Implementing Cloud Connectivity v1.0 (ENCC 300-440) exam, the following AWS, Azure, and Google Cloud resources will aid anyone studying for the exam. These resources can also be beneficial for other exams within the Cisco Multicloud Specialist Certifications.
Exam Topics
1.0 Architecture Models (15%)
1.1 Internet-based connectivity to cloud providers
1.1.a Native IPsec
Relevant Resources:
- Cisco ASA Site-to-Site VPN
- Security for VPNs with IPsec Configuration Guide, Cisco IOS XE
- AWS Site-to-Site VPN
- Azure VPN Gateway Overview
- Google Cloud VPN Overview
- SAFE Secure Cloud Architecture Guide
- Enterprise Core ENCOR 350-401 and Advanced Routing ENARSI 300-410 Official Cert Guide Library
1.1.b Cisco SD-WAN internet connectivity
Relevant Resources:
- Cisco SD-WAN Design Guide
- Cisco SD-WAN: Secure and Optimize Cloud-Enabled Branch
- AWS Site-to-Site VPN
- Google Cloud VPN Overview
- Azure VPN Gateway Overview
1.2 Private connectivity to cloud providers
1.2.a MPLS provider
1.2.b Colocation provider
1.2.c SDCI regional cross-connect
Relevant Resources:
- Cisco Cloud OnRamp for Colocation
- Cisco Cloud OnRamp for MPLS
- AWS Direct Connect User Guide
- Azure ExpressRoute Overview
- Google Cloud Interconnect Overview
- Cisco Cloud Infrastructure
- Enterprise Core ENCOR 350-401 and Advanced Routing ENARSI 300-410 Official Cert Guide Library
1.3 Connectivity to SaaS cloud providers
1.3.a Direct internet access models into SaaS
1.3.b Indirect access models via a Cloud Security Provider
1.3.c SaaS connectivity via a centralized internet gateway
1.3.d Dedicated connectivity to a SaaS provider
Relevant Resources:
- Cisco SD-WAN Design Guide
- AWS Direct Connect User Guide
- Azure ExpressRoute Overview
- Google Cloud Interconnect Overview
2.0 Design (15%)
2.1 Recommend connectivity model for HA, resiliency, SLAs, reliability
2.2 Recommend connectivity model based on bandwidth, QoS, dedicated vs shared, multi-homing, routing
2.3 Recommend connectivity model for regulatory compliance (NIST, FEDRAMP, ISO)
2.4 Describe cloud-native security policies (AWS, Azure, Google Cloud)
Relevant Resources:
- Shared Responsibility Model for Resiliency
- Azure reliability documentation
- The building blocks of reliability in Google Cloud
- AWS Transit Gateway Guide
- Azure Virtual Network Integration
- Google Cloud Networks Overview
- Cisco Cloud Infrastructure
- Enterprise Core ENCOR 350-401 and Advanced Routing ENARSI 300-410 Official Cert Guide Library
- What Is the NIST Cybersecurity Framework?
- FedRAMP Authorized Solutions for Government
3.0 IPsec Cloud Connectivity (25%)
3.1 Configure IPsec to cloud endpoint
3.2 Configure IPsec between on-prem and cloud-hosted routers
3.3 Configure routing with BGP and OSPF
Relevant Resources:
- AWS Site-to-Site VPN
- Azure VPN Gateway
- Google Cloud VPN
- AWS Route Tables
- Azure Virtual Network Integration
- VPC firewall rules
- Cisco Cloud Infrastructure
- Enterprise Core ENCOR 350-401 and Advanced Routing ENARSI 300-410 Official Cert Guide Library
4.0 SD-WAN Cloud Connectivity (25%)
4.1 Configure SD-WAN to cloud providers
4.2 Configure SD-WAN OnRamp to SaaS
4.3 Configure SD-WAN policies (security, routing, application)
Relevant Resources:
- Cisco Software-Defined Wide Area Networks: Designing, Deploying and Securing Your Next Generation WAN with Cisco SD-WAN
- Cisco SD-WAN Policies
- Cisco SD-WAN Design Guide
- Cisco SD-WAN Cloud OnRamp Configuration Guide
- AWS Site-to-Site VPN
- Azure VPN Gateway
- Google Cloud VPN
- Cisco Cloud Infrastructure
- Enterprise Core ENCOR 350-401 and Advanced Routing ENARSI 300-410 Official Cert Guide Library
5.0 Operation (20%)
5.1 Diagnose IPsec connectivity issues
5.2 Diagnose routing issues
5.3 Diagnose SD-WAN connectivity issues
5.4 Diagnose SD-WAN policy issues
Relevant Resources:
bigevilbeard