What Is the CCNA Certification? Everything You Need to Know
Your complete roadmap to understanding and earning the Cisco CCNA certification.
The Cisco Certified Network Associate (CCNA) certification is one of the most recognized entry-level credentials in the IT industry. It validates your ability to install, configure, operate, and troubleshoot medium-sized routed and switched networks. The current exam (200-301) covers a broad range of topics including network fundamentals, IP connectivity, security fundamentals, automation, and programmability. Unlike previous iterations, the modern CCNA is a single exam that does not require any prerequisites. This guide will walk you through everything you need to know about the CCNA, from exam domains to real-world CLI commands you must master.
Understanding the CCNA Exam Structure
The CCNA 200-301 exam is 120 minutes long and contains 100-120 questions. Question types include multiple-choice, drag-and-drop, simulations, and testlets. The exam covers six major domains: Network Fundamentals (20%), Network Access (20%), IP Connectivity (25%), IP Services (10%), Security Fundamentals (15%), and Automation & Programmability (10%). You need a passing score of approximately 825 out of 1000. The exam costs $300 USD and is valid for three years.
Exam domains and weightings:
- Network Fundamentals: 20%
- Network Access: 20%
- IP Connectivity: 25%
- IP Services: 10%
- Security Fundamentals: 15%
- Automation & Programmability: 10%Focus heavily on IP Connectivity (OSPF, routing) and Network Access (VLANs, STP) — they make up nearly half the exam.
Simulation questions are scored partially — you must complete all required steps to earn full points.
Mastering Basic Cisco IOS CLI Commands
You must be comfortable navigating the Cisco IOS command-line interface. Start with basic commands to enter privileged EXEC mode, view configurations, and save changes. Practice on real hardware or simulators like Packet Tracer or GNS3. Knowing how to use the 'show' commands is critical for troubleshooting.
Router> enable
Router# configure terminal
Router(config)# hostname R1
R1(config)# interface gigabitethernet 0/0
R1(config-if)# ip address 192.168.1.1 255.255.255.0
R1(config-if)# no shutdown
R1(config-if)# end
R1# copy running-config startup-configUse the '?' key for context-sensitive help and 'Tab' to auto-complete commands.
Always use 'copy running-config startup-config' or 'write memory' to save changes — they are lost on reload otherwise.
Configuring VLANs and Trunking
VLANs segment a network into broadcast domains. On a Cisco switch, create VLANs, assign ports, and configure trunk links between switches using 802.1Q encapsulation. This is a core skill tested in the Network Access domain.
Switch# configure terminal
Switch(config)# vlan 10
Switch(config-vlan)# name Sales
Switch(config-vlan)# vlan 20
Switch(config-vlan)# name Engineering
Switch(config-vlan)# exit
Switch(config)# interface fastethernet 0/1
Switch(config-if)# switchport mode access
Switch(config-if)# switchport access vlan 10
Switch(config-if)# interface fastethernet 0/24
Switch(config-if)# switchport mode trunk
Switch(config-if)# switchport trunk allowed vlan 10,20Use 'show vlan brief' to verify VLAN assignments and 'show interfaces trunk' to check trunk status.
Native VLAN mismatch on a trunk can cause connectivity issues — ensure both sides match.
Configuring Static and Dynamic Routing (OSPF)
Routing enables communication between different networks. Static routes are simple but not scalable. OSPF is a link-state dynamic routing protocol widely used in enterprise networks. You must configure OSPF with proper network statements and verify neighbor adjacencies.
R1(config)# ip route 0.0.0.0 0.0.0.0 192.168.1.254
R1(config)# router ospf 1
R1(config-router)# router-id 1.1.1.1
R1(config-router)# network 192.168.1.0 0.0.0.255 area 0
R1(config-router)# network 10.0.0.0 0.255.255.255 area 0
R1(config-router)# end
R1# show ip ospf neighbor
R1# show ip route ospfUse 'passive-interface default' on interfaces not connected to OSPF neighbors to reduce overhead.
OSPF requires a router ID — if not set manually, it uses the highest loopback or physical IP, which can cause instability.
Implementing Access Control Lists (ACLs)
ACLs filter traffic based on source/destination IP addresses and protocols. Standard ACLs (1-99) filter only source IP, while extended ACLs (100-199) filter source, destination, and port. Apply ACLs close to the source for efficiency.
R1(config)# access-list 100 permit tcp 192.168.1.0 0.0.0.255 host 10.0.0.1 eq 80
R1(config)# access-list 100 deny ip any any
R1(config)# interface gigabitethernet 0/0
R1(config-if)# ip access-group 100 in
R1(config-if)# end
R1# show access-lists 100Extended ACLs should be applied as close to the source as possible to conserve bandwidth.
ACLs have an implicit deny all at the end — if you don't permit desired traffic, it will be blocked.
Understanding Network Automation and Programmability
The CCNA now includes automation topics like SDN, REST APIs, and configuration management tools. You should understand the difference between the data, control, and management planes. Know how tools like Ansible, Puppet, and Chef automate network tasks using YAML or JSON.
---
- name: Configure VLAN on Cisco Switch
hosts: switches
gather_facts: no
tasks:
- name: Create VLAN 30
cisco.ios.ios_vlans:
config:
- vlan_id: 30
name: Guest
state: mergedLearn basic Python scripting and REST API concepts — they are increasingly relevant for network automation roles.
Automation tools require proper credentials and SSH access — test connectivity before running playbooks.
Preparing for Exam Day and Recertification
Schedule your exam through Pearson VUE. Arrive 30 minutes early with two forms of ID. The exam includes a tutorial and a survey — use the full 120 minutes. After passing, your CCNA is valid for three years. Recertify by passing the CCNA exam again, earning 30 CE credits, or passing a higher-level Cisco exam like CCNP.
Recertification options:
- Pass CCNA 200-301 again
- Pass any CCNP exam (e.g., 350-401 ENCOR)
- Earn 30 Continuing Education (CE) credits
- Pass a specialist exam (e.g., 300-410 ENARSI)Use Cisco's official practice exams and the 'Boson ExSim' for realistic simulation practice.
Don't skip the automation and programmability domain — it's 10% of the exam and often overlooked.
Key tips
Use Cisco Packet Tracer for hands-on practice — it's free and covers 90% of CCNA topics.
Create a study schedule: dedicate 1-2 hours daily for 3-4 months. Consistency beats cramming.
Join online communities like r/ccna on Reddit or the Cisco Learning Network for peer support and resources.
Master subnetting cold — you should be able to calculate subnets in under 30 seconds without a calculator.
Take notes on every 'show' command output — understanding what normal looks like helps you spot problems.
Review exam objectives weekly and track your progress. Use the official exam blueprint as a checklist.
Frequently asked questions
What are the prerequisites for the CCNA exam?
There are no formal prerequisites for the CCNA 200-301 exam. However, Cisco recommends having at least one year of networking experience and a basic understanding of IP addressing and network fundamentals. Many candidates start with the Cisco Networking Academy or self-study materials.
How much does the CCNA exam cost?
The CCNA 200-301 exam costs $300 USD. Prices may vary by country due to local taxes. You can purchase exam vouchers directly from Pearson VUE or through Cisco's website. Discounts are sometimes available through Cisco Networking Academy or employer partnerships.
Is the CCNA worth it in 2026?
Yes, the CCNA remains highly valuable. It is a vendor-neutral foundation that opens doors to roles like network administrator, support engineer, and security analyst. With cloud and automation integration, the modern CCNA is more relevant than ever. Many employers list CCNA as a preferred or required credential.
How long does it take to prepare for the CCNA?
Most candidates need 3-6 months of consistent study. If you study 10-15 hours per week, you can be ready in about 4 months. Factors include your prior networking experience, study resources, and hands-on lab time. Using simulators like Packet Tracer accelerates learning.
What happens if I fail the CCNA exam?
You can retake the exam after a mandatory 5-day waiting period. There is no limit on the number of attempts, but you must pay the full exam fee each time. Cisco recommends reviewing your score report to identify weak domains and focusing your studies there before retaking.
Related glossary terms
Dynamic route
A route that is automatically learned and updated by a router using a routing protocol, rather than being manually configured.
Bash script
A Bash script is a text file containing a sequence of commands for the Unix shell Bash, allowing users to automate repetitive tasks and streamline system administration on Linux and macOS.
File Transfer Protocol
File Transfer Protocol (FTP) is a standard network protocol used to transfer files between a client and a server over a TCP/IP network.
Public IP address
A globally unique IP address assigned to a device that allows it to communicate directly over the internet.
Persistent Disk
Persistent Disk is a durable, high-performance block storage service for Google Cloud virtual machines that retains data even after the VM is shut down or deleted.
Extensible Authentication Protocol
Extensible Authentication Protocol (EAP) is a flexible authentication framework used in network access control, particularly in wireless and point-to-point connections, that supports multiple authentication methods without requiring changes to the underlying protocol.
Practice with real exam questions
Apply what you just learned with exam-style practice questions.