Back to CCNA 200-301

CCNA 200-301 · Cheat Sheet

Automation & Programmability (10%)

Tip: Use your browser's print function (Ctrl+P / Cmd+P) to save as PDF for offline study.

CCNA 200-301 Cheat Sheet: Automation & Programmability (10%)

Quick Cues → Answers

Q: What is the fundamental difference between Ansible and Terraform?

  • Ansible: Configuration management tool; agentless, push-based, YAML syntax, idempotent
  • Terraform: Infrastructure as Code (IaC); declarative, manages desired state, idempotent

Q: REST API — 401 vs. 403?

  • 401 Unauthorized: Authentication failed (missing/invalid credentials)
  • 403 Forbidden: Authenticated but lacks permission

Q: What are the two API directions in SDN?

  • Northbound API: Management → Controller (policy, intent)
  • Southbound API: Controller → Devices (network state changes)

Q: Ansible agent requirement?

  • None — agentless; uses SSH only

---

Controller-Based Networking (SDN)

|---------|-----------|---------|

---

REST APIs

|-------------|---------|-------------|

Key REST Properties

  • Stateless: Each request independent; server holds no session state
  • 401 Unauthorized: No valid credentials
  • 403 Forbidden: Valid credentials, insufficient permissions
  • 404 Not Found: Resource does not exist

---

JSON Data Format

``json { "device": "router1", "interfaces": [ {"name": "Gi0/0", "ip": "10.1.1.1"}, {"name": "Gi0/1", "ip": "10.2.1.1"} ], "enabled": true, "port": 22 } `

|---------|------|---------|

---

Configuration Management Tools

|---------|-----------|--------------|

Ansible Playbook Structure

`yaml ---
  • hosts: all_routers
gather_facts: no tasks: - name: Configure OSPF cisco.ios.ios_config: commands: - router ospf 1 - network 10.0.0.0 0.0.0.255 area 0
``

---

Network Automation Impact

|---------|---------|

---

AI & Machine Learning in Networking

|----------|-------------|

---

Easily-Confused Pairs

|------|-------------|

ConceptDefinitionExample
SDNSeparation of control plane from data planeOpenFlow, OpenDaylight
Northbound APIController ← Management appsREST API to Catalyst Center
Southbound APIDevice ← ControllerOpenFlow, NETCONF, RESTCONF
Intent-Based Networking (IBN)User defines intent; system enforces policyCatalyst Center assurance
Catalyst CenterCisco's SDN controller for enterpriseReplaces old Prime Infrastructure
SD-WANDecoupled WAN control; branch autonomyViptela (Cisco), Meraki
HTTP MethodPurposeStatus Code
GETRetrieve resource200 OK
POSTCreate new resource201 Created
PUTReplace entire resource200 OK / 204 No Content
PATCHPartial update200 OK / 204 No Content
DELETERemove resource204 No Content
ElementTypeExample
StringText, quoted"hostname": "R1"
NumberInteger or float"port": 22
Booleantrue/false"enabled": true
ArrayOrdered list, [ ][{"if": "Gi0/0"}]
ObjectKey-value pairs, { }{"name": "R1"}
nullNo value"description": null
FeatureAnsibleTerraform
TypeConfig mgmt (push)Infrastructure as Code (declarative)
AgentNone (agentless/SSH)None required; uses APIs
SyntaxYAML (playbooks)HCL (modules)
StateTask-based (imperative)Desired state (declarative)
IdempotentYes (by design)Yes (apply multiple times safely)
Primary UseDevice configuration, app deploymentCloud/infrastructure provisioning
Push vs. PullPush (controller → devices)Pull (state file)
BenefitMeaning
ConsistencySame config across all devices; reduces human error
SpeedDeploy 100 devices in seconds vs. hours manual
Version ControlGit tracks all changes; audit trail and rollback capability
ScalabilityAdd devices without manual intervention
Intent-BasedAdmin specifies "what" not "how"; controller enforces
Use CaseApplication
Anomaly DetectionCatalyst Center Assurance; flagging unusual traffic patterns
Predictive MaintenanceML models predict link failure before it occurs
Security Threat DetectionBehavioral ML for zero-day intrusion detection
Network OptimizationAuto-tuning QoS policies based on traffic history
PairDistinction
Northbound vs. SouthboundNorth = management → controller (policy); South = controller → devices (config)
401 vs. 403401 = bad credentials; 403 = good credentials, no permission
Ansible vs. TerraformAnsible = push config mgmt; Terraform = declarative IaC
Idempotent vs. ImperativeIdempotent = same result every run; Imperative = step-by-step instructions
Agentless vs. Agent-basedAnsible = agentless (SSH only); Puppet/Chef = agent (removed from v1.1)
---

High-Yield

Aligned to the Cisco CCNA 200-301 exam topics.

Make this cheat sheet yours

Personalize this sheet — focus it however you study, or build one from the exact questions you keep getting wrong.

Sign up free to create a personalized cheat sheet.