Recently I chose to renew my Cisco certifications by taking the 350-401 ENCOR exam.

I got my CCNP R&S right before the “change” in Cisco cert structure. During the restructure, my certs got renewed/converted automatically (yay!), but the time was up and I had to finally take another Cisco test to renew.

Please excuse any typos, I’m typing this with one less finger (no it didn’t fall off, just bandaged up) after an injury over the weekend.

Study Materials

  • Blueprint
  • Boson ExSim (Don’t give me that look…. I cram studied, so it helped a little bit)
  • OCG (Official Cert Guide 😉)

Exam Topics

Architecture

Much of this content was familiar from day to day networking tasks and the legacy CCNP tests. Network design topics, QoS, & packet forwarding methods to name a few.

The topics I had to double down on were wireless, SDWAN, & SD-Access. Going through the wireless content I was relieved as my previous experience with Cisco WLCs, FlexConnect, & Mobility slowly started to come back to me.

SD-Access and SDWAN were relatively new topics to me. I had experience with SDWAN conceptually and with other vendors (mainly Palo & Forti), but Cisco’s flavor was new.

I learned about SD-Access and it’s components from the ground up having only a conceptual understanding of the solution. I haven’t seen this solution deployed in the networks I’ve worked, but hope to one day!

Virtualization

Sample Question: Is this a type 1 or 2 hypervisor?

Wait - is this still a Cisco test?! Yes it is. Welcome to 2023 friends.

Along with topics of virtual infrastructure and switching were the topics of VXLAN overlay & LISP. Traditional CCNP topics such as VRF & GRE/IPSEC were also covered.

Infrastructure

Again, more traditional tropics of the L2 and L3 variety (routing, trunking, port-channels, etc.).

More wireless too! Again thankful for my wireless experience. Without it, I would’ve had to work 3x as hard studying this category.

I enjoyed the wireless content. Being a die hard route switch engineer, it was a nice change in scenery (a common theme found throughout this exam).

Network Assurance

I liked the name of this category. Logging, some troubleshooting, monitoring, IPSLA, etc. All fun topics. Check out the blueprint for more.

DNAC (like SDA & SDWAN) was new to me here. There was a decent focus in the content on DNAC API types as well as NETCONF & RESTCONF.

Security

Lot’s of typical security topics surrounding Cisco AAA commands and “line” configuration.

More wireless! I enjoyed this part of the content. As someone who has spent much time figuring out 802.1X in wired & wireless environments, I appreciated the addition of wireless security questions.

Also, what’s an FTD anyways? And - endpoint security on a “networking” exam? That’s ENCOR for ya. It was nice to revisit FTD clusterting and some of the other Cisco security offerings. While they aren’t my favorite in the market (minus Umbrella), it was a nice revisit.

Automation

Did someone say YAML?!

I thoroughly enjoyed the automation portion of the exam. Particularly “6.7” on the blueprint. I haven’t touched python or ansible for networking in a while, but really enjoyed my first set of experiences with automating configuration changes and building out ansible templates.

It was also fun to dig into EEM a bit. I’ve never touched this on a Cisco device so it was a “hey, here’s another tool for the tool belt” moment while studying.

Conclusion

Studying for this exam was kind of a rollercoaster. It wasn’t the Route, Switch, & TShoot this network engineer was used to.

Initially I was a little turned off by it, but after taking the exam I respect Cisco’s new approach.

A network engineer’s scope of responsability and technology discipline is typically a bit wider and deeper than it used to be. This exam forces the studier/taker to go outside of their route switch comfort zone into real world topics they are likely to stumble into on the job.