Top 5 Hardest Topics on the CCNP TSHOOT Exam (and how to prepare for them)

- select the contributor at the end of the page -


Like studying for any certification exam, it is important to come up with a general outline of the topics that are covered on the exam (along with the exam objectives) and prioritize which ones need the most review. Of course the content of this list is greatly determined on the experience of the candidate and what they have done in real life production and testing environments. The TSHOOT exam is one of these exams that is different to prepare for than some of these other exams, it is not as simple as just learning the base concepts of specific features or technologies.

The TSHOOT exam takes a format that is closer to the style of the CCIE (the troubleshooting part). This includes a base scenario and configuration and a number of trouble tickets that must be resolved. This article takes a brief look at five different topics, including three that are important for general troubleshooting and two that are specific to harder-to-troubleshoot features.

Troubleshooting Procedures

For any network engineer it is important to have an understanding of a troubleshooting procedure; there are a couple of different ones that exist but Cisco promotes the one covered here. Good troubleshooting is a process. The seven steps included in the Cisco troubleshooting process include:

Step 1: Defining the Problem – This step is as simple as it sounds, define what the actual problem is. For example, what causes the problem and/or how can it be recreated?

Step 2: Gathering Information – Gather as much information as is needed for the problem to be solved (the amount needed will vary as the experience of the candidate increases).

Step 3: Analyzing the Information – Take the information that was gathered and organize it.

Step 4: Eliminating possible problem causes – From the organized information gathered, eliminate all problem causes that are not relevant to the problem being reported.

Step 5: Formulating a hypothesis about the likely cause of the problem – Formulate a hypothesis as the cause of the problem.

Step 6: Testing the hypothesis – Test the solution to the problem outlined in the hypothesis, hopefully this step is done in the real world in a non-production environment.

Step 7: Solving the problem – If the hypothesis tested was successful in fixing the problem, the solution should be implemented on the production network.

Troubleshooting Approaches

After a base troubleshooting procedure, an engineer typically follows one of the common troubleshooting approaches; which one to use comes with additional experience and on the type of problem being reported. There are six of these common approaches; it is good for any engineer troubleshooting a problem to be at least familiar with these. As a candidate gets more experience, finding which approach to use will not be as formalized, and will be based more organically on the experience of the engineer. These approaches include:


This approach starts at the top of the OSI layer model (this is the application layer). Using this approach, an engineer will determine at which layer a problem is introduced starting from the top. For example, does the application display information from the network? If it does, then the network is working and no problem exists; if it does not, then move down the layers and find out where the network starts working, i.e. does it start working when using a basic ping. This proves layer 4 and below work correctly. This method requires access to the reporting client's machine, which is not always easy or convenient.


This approach works the opposite as Top-Down by starting at the physical layer and working up. For example, start by ensuring that the physical layer is connected to the machine having a problem.

Divide and Conquer

Using this method, the troubleshooter will start the process in the middle of the OSI model layers, typically layer 3/4. For example, begin troubleshooting by testing if the client can ping a known active host; if it works then move up the layers to find the problem. If it does not, move down to find the problem.

Follow the Path

This technique finds the path between source and destination and tries to eliminate the devices that are not causing the reported problem. This technique is used in conjunction with the other common approaches described above.

Spot the differences

This technique compares a known good configuration with the known bad one and tries to determine the problem from the differences in the two.

Move the Problem

This technique is one of the simplest of the available approaches but can be very successful. For example, if a client is having a network connectivity problem, try to exchange the cables with a neighboring client and see if the problem moved. If it did not try to swap network jacks, and so on.

IOS CLI Troubleshooting Tools

Being familiar with basic IOS CLI troubleshooting tools is vital to any candidate trying to troubleshoot a Cisco IOS problem. The simplest of these tools includes ping and tracert along with a number of different show and debug commands specific to each feature. Common ones that are vital include:

  • show ip route
  • show process cpu
  • show mac-address-table
  • show ip interface brief
  • show ip protocols
  • show ip arp among many others.

Make sure to be familiar with the commonly used commands used for the features covered in the TSHOOT course outline.

Troubleshooting Route Redistribution

Route redistribution is a confusing topic for many people, as it requires knowledge of not just the routing protocols, but also the specifics as to how redistribution is configured for each routing protocol as well. To start with, the candidate must be familiar with the configuration of the routing protocols involved; these include OSPF, EIGRP, RIP and possibly BGP. Be familiar with the default metrics (some do not have defaults) that are used for each of these protocols when configuring redistribution along with the default administrative distances. Redistribution troubleshooting for multi-homed bi-directional redistribution will probably not be covered on the TSHOOT exam, but will probably be covered in some form on the CCIE lab so make sure to study it well if CCIE is the final destination.

Troubleshooting the Spanning Tree Protocol (STP)

Many new network-engineering candidates have a problem with understanding the purpose and function of STP. Without this knowledge it is of course almost impossible to successfully troubleshoot an STP problem. Keep in mind that by default on most Cisco switches a copy of STP is running for each configured VLAN, independently. A root switch will be separately selected for each of these and do not be surprised if different switches in the same network are the root switches for different VLANs. The easiest way to be a good STP troubleshooter is to get hands on experience with STP; this can be obtained through different simulation products and through the use of real Cisco switching equipment. Even the cheapest Cisco switches can run STP, make the small investment and buy some equipment if experience is not possible in a work environment.

The use of STP outside of the access layer is getting more and more uncommon with layer 3 links becoming common, from the access layer throughout the rest of the network being a preferred solution.


The TSHOOT exam is one of those exams that really require a great amount of experience coming into it. The candidate must not just be familiar with a few techniques but must know a wide variety. Along with this, the candidate must be well versed in the troubleshooting process. Make sure before going into this exam to have a defined troubleshooting process that will be used across the spectrum of technologies being tested. Take as much time as possible to break down correct configurations and use the show, debug and other commands to see what the effect is and how it can be spotted.

Get our content first. In your inbox.

Loading form...

If this message remains, it may be due to cookies being disabled or to an ad blocker.


Sean Wilkins

Sean Wilkins is an accomplished networking consultant who has been in the IT field for more than 20 years, working with several large enterprises. He is a writer for infoDispersion and his educational accomplishments include: a Master’s of Science in Information Technology with a focus in Network Architecture and Design, and a Master’s of Science in Organizational Management. Sean holds certifications with Cisco (CCNP/CCDP), Microsoft (MCSE) and CompTIA (A+ and Network+).