CCNA Certification Changes 2013 Summary

On 26 March 2013, Cisco announced new CCNA certifications.. Here is my interpretation of the changes.

In a nutshell

ICND1 is now considerably harder, absorbing much of the ICND2 content (IPv6, ACLs, VLANs and OSPF) while ICND2 seems to be much leaner having lost most of its content to ICND1.

ICND1 now has more emphasis on VLANs and IPv6, less emphasis on WAN technologies. OSPF is now included as the routing protocol, and RIP can finally Rest In Peace. (RIP is gone). [Edit 2013-04-08. Curiously, the topic Link State vs Distance Vector  is still included.  One wonders…]

There is no content on Wireless in ICND1 or ICND2 and Variable Length Subnet Masking (VLSM)/route summarisation has moved from ICND2 to ICND1, so too has Access Control Lists (ACLs).

All in all, the new ICND1 now has more difficult concepts to handle than the old ICND1.


From what I see in the industry, ICND1 is a better match to industry needs than it was previously, with the notable exception of WiFi.  Even the most basic home network has WiFi today, and ANY basic networking certification should include enough information to make graduates realise the limitations of deploying Integrated access points as opposed to planning a proper ESS.  The ICND2 exam topics unfortunately still include Frame Relay, but thankfully now includes PPPoE and FHRP

I am saddened to see RIP go, but only because it served as a simple example to explain other routing concepts.  I can live with that.  On the other hand, the move to include OSPF in ICND1 is positive.  I am surprised to see that Cisco didn’t take the opportunity to push EIGRP towards the earlier certification rather than OSPF, since EIGRP is Cisco’s baby (although now an open standard).  Could this be an indication that Cisco sees OSPF as the routing protocol of the future?  I think it does.

I am disappointed that Cisco couldn’t prepare their documentation better.  Having Exam topics like: [Edit 2013-04-08: Cisco has now updated the list of topics to be approximately three times as long!  Now I’m even more convinced the new ICND1 is much harder than before]

Configure and verify network device security features such as

with NO list of features following the “as” makes me hope like crazy that they have put more effort into the exam question preparation. I have found in the past that there have been questions on Ciso exams with the same level of quality control displayed in this example. Such poor quality frustrates exam candidates and devalues the whole process.  Sadly, the quality of the ICND2 topics is even more poorly prepared, with the topic Managing Cisco IOS Files is stuck right in the middle of the IP Routing Technologies section (a typo I’m sure) which again worries me purely form the viewpoint that the people who prepared this document so badly are the same people that prepare the exams. Worse still, there are topics as vague as:

Identify enhanced switching technologies

with no indication as to the particular enhanced technologies.  Previously this had been stated as:

Identify enhanced switching technologies  (including: VTP, RSTP, VLAN, PVSTP, 802.1q)

so candidates at least had some idea of what was expected.

ICND2 now includes FHRP, Syslog and SNMP components, and (at last) PPPoE implementation and troubleshooting.  IPv6, VLSM, VLANs and VLAN trunking and OSPF have all moved to ICND1, although OSPF is repeated for ICND2.  Frame relay still persists, in spite of the fact that the ISPs I deal with have had no NEW frame relay customers in years.

Etherchannel is specifically mentioned, but I suspect candidates are actually expected to understand the IEEE 802.3ad/ax Link Aggregation standard as well as/instead of Cisco’s old proprietary Etherchannel implementation of the protocol.  I think the inclusion of a topic specifically mentioning Etherchannel reflects Cisco arrogance – “We wrote the standard so we can call it what we like!”


The certification is no longer called CCNA. It is now called CCNA Routing and Switching.
CCENT is still CCENT.


The ICND1 exam is now 100-101. Previously it was 640-822. It is still 90 mins, 40-50 questions.
The ICND2 exam is now 200-101. Previously it was 640-816. It is still 75 mins, but has 50-60 questions rather than 40-50 questions.
The CCNA (combined ICND1 & ICND2) exam is now 200-120. Previously it was 840-802. It is still 90 mins, 40-50 questions.

The new exams are offered in English only. Previously these exams had been offered in English, Japanese, Spanish, French, Portuguese, and the 840-802 was also offered in Chinese, Russian, and Korean.

I expect this will change in time.


Here is the list of topics for ICND1 and ICND2. I have highlighted the new content in green, and the old changed content in light grey. The red strikeout content is from the old 640-822 which is no longer relevant and bold red content means I have no idea what it means!


In summary:
More emphasis on VLANs and IPv6. Less emphasis on WANs. RIP is out and OSPF is in.

There is no content on Wireless but you will have to deal with more advanced topics such as Variable Length Subnet Masking (VLSM)/route summarisation and Access Control Lists (ACLs).

All in all, the new ICND1 now has more difficult concepts to handle than the old ICND1.

Operation of IP Data Networks

Recognize the purpose and functions of various network devices such as Routers, Switches, Bridges and Hubs.
Select the components required to meet a given network specification.
Identify common applications and their impact on the network
Describe the purpose and basic operation of the protocols in the OSI and TCP/IP models.
Predict the data flow between two hosts across a network.
Identify the appropriate media, cables, ports, and connectors to connect Cisco network devices to other network devices and hosts in a LAN

LAN Switching Technologies

Determine the technology and media access control method for Ethernet networks
Identify basic switching concepts and the operation of Cisco switches.
Configure and verify initial switch configuration including remote access management.
Verify network status and switch operation using basic utilities such as ping, telnet and ssh.
Describe how VLANs create logically separate networks and the need for routing between them.
Configure and verify VLANs
Configure and verify trunking on Cisco switches 

IP addressing (IPv4 / IPv6)

Describe the operation and necessity of using private and public IP addresses for IPv4 addressing
Identify the appropriate IPv6 addressing scheme to satisfy addressing requirements in a LAN/WAN environment.
Identify the appropriate IPv4 addressing scheme using VLSM and summarization to satisfy addressing requirements in a LAN/WAN environment.
Describe the technological requirements for running IPv6 in conjunction with IPv4 such as dual stack
Describe IPv6 addresses
Describe and verify DNS operation

IP Routing Technologies

Describe basic routing concepts
Configure and verify utilizing the CLI to set basic Router configuration
Configure and verify operation status of an ethernet interface
Verify router configuration and network connectivity
Configure and verify routing configuration for a static or default route given specific routing requirements
Differentiate methods of routing and routing protocols
Configure and verify OSPF (single area)
Configure and verify interVLAN routing (Router on a stick)
Configure SVI interfaces
Configure, verify, and troubleshoot RIPv2

IP Services

Configure and verify DHCP (IOS Router)
Configure, verify and troubleshoot DHCP and DNS operation on a router. (including: CLI/SDM)
Describe the types, features, and applications of ACLs
Configure and verify ACLs in a network environment
Identify the basic operation of NAT
Configure and verify NAT for given network requirements
Configure and verify NTP as a client
Enable NAT for a small network with a single ISP and connection using SDM and verify operation using CLI and ping

Network Device Security

Configure and verify network device security features such as ???
Configure and verify Switch Port Security features such as ???
Configure and verify ACLs to filter network traffic
Configure and verify an ACLs to limit telnet and SSH access to the router


Troubleshoot and correct common problems associated with IP addressing and host configurations.
Troubleshoot and Resolve VLAN problems
Troubleshoot and Resolve trunking problems on Cisco switches
Troubleshoot and Resolve ACL issues
Troubleshoot and Resolve Layer 1 problems

Explain and select the appropriate administrative tasks required for a WLAN

Describe standards associated with wireless media (including: IEEE WI-FI Alliance, ITU/FCC)
Identify and describe the purpose of the components in a small wireless network. (including: SSID, BSS, ESS)
Identify the basic parameters to configure on a wireless network to ensure that devices connect to the correct access point
Compare and contrast wireless security features and capabilities of WPA security (including: open, WEP, WPA-1/2)
Identify common issues with implementing wireless networks

Identify security threats to a network and describe general methods to mitigate those threats

Explain today’s increasing network security threats and the need to implement a comprehensive security policy to mitigate the threats
Explain general methods to mitigate common security threats to network devices, hosts, and applications
Describe the functions of common security appliances and applications
Describe security recommended practices including initial steps to secure network devices

Implement and verify WAN links

Describe different methods for connecting to a WAN
Configure and verify a basic WAN serial connection


In summary:
This is a poorly prepared document, and extremely vague.  Topics like Identify enhanced switching technologies could mean anything from cut-though switching to Virtual Port Channels or TRILL or Fabric Path.  Who knows?  It probably doesn’t include those advanced topics, but candidates have a right to know if topics like VTP, Rapid Spanning Tree (aka 802.1D – 2004), 803.1ax Link Aggregation (aka Port Channel) and 802.1ad Provider Bridging (aka Q-in-Q) are included.  The old specification specifically mentioned VTP, RSTP, VLAN, PVSTP and 802.1Q.  The new document doesn’t.

All in all, the new ICND2 now seems simpler than the old ICND1, but because of the vagueness of the topics, I could be grossly wrong.  Many of the old ICND2 topics (IPv6, ACLs, VLANs and OSPF) have moved to ICND1.

LAN Switching Technologies

Identify enhanced switching technologies
Describe enhanced switching technologies (including: VTP, RSTP, VLAN, PVSTP, 802.1q)
Configure and verify PVSTP operation

IP Routing Technologies

Describe the boot process of Cisco IOS routers
Configure and verify operation status of a Serial interface.
Manage Cisco IOS Files
Differentiate methods of routing and routing protocols
Configure and verify OSPF (single area) [Edit 2013-04-08. However, this official document lists  Multi-area OSPF IPv4 Implementation as a topic added to the ICND2 exam]
Configure and verify EIGRP (single AS)

IP Services

Recognize High availability (FHRP)
Configure and verify Syslog
Describe SNMP v2 & v3


Identify and correct common network problems
Utilize netflow data
Troubleshoot and Resolve Spanning Tree operation issues
Troubleshoot and Resolve routing issues
Troubleshoot and Resolve OSPF problems
Troubleshoot and Resolve EIGRP problems
Troubleshoot and Resolve interVLAN routing problems
Troubleshoot and Resolve WAN implementation issues
Monitor NetFlow statistics
Troubleshoot etherchannel problems

WAN Technologies

Identify different WAN Technologies
Configure and verify a basic WAN serial connection
Configure and verify a PPP connection between Cisco routers
Configure and verify Frame Relay on Cisco routers
Implement and troubleshoot PPPoE


About RedNectar Chris Welsh

Professional IT Instructor. All things TCP/IP, Cisco or VoIP
This entry was posted in 802.1ad, 802.3ad, 802.3ax, ACL, CCNA, Certifications, Cisco, EIGRP, Etherchannel, ICND, ICND1, ICND2, IPv6, New CCNA certification, New Cisco certifications, opinion, OSPF, portfast, rant, rapid spanning-tree, RIP, Routing, spanning-tree, VLANs, VLSM, VTP, wifi, wireless network. Bookmark the permalink.

6 Responses to CCNA Certification Changes 2013 Summary

  1. S.V. says:

    Configure and verify Switch Port Security features such as ???
    It does mean to identify what and how many devices connect to the switch, understanding of switchport mode access/trunk, switchport port-security violation protect/restrict/shutdown/mac-address commands

  2. joshgahan89 says:

    Reblogged this on Josh Gahan – Networking and commented:
    For all those interested in the ICND1 and ICND2 exam changes, here is a good overview of it all.

  3. Blake says:

    Umm, yes passive interfaces do come into OSPF…

    • rednectar says:

      Brain freeze. How embarrassing!!! And to think I actually used one yesterday (on lo0). Gone now! Thanks

      • Blake says:

        Why would you do passive on Lo, its already a type loopback, and thus doesn’t try to form adjacencies?

Comments are closed.