200-125 Exam
Amazing ccna 200 125 study guide secrets
Exam Code: 125 200 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: CCNA Cisco Certified Network Associate CCNA (v3.0)
Certification Provider: Cisco
Free Today! Guaranteed Training- Pass ccna routing and switching 200 125 pdf Exam.
Q151. - (Topic 3)
Refer to the graphic.
R1 is unable to establish an OSPF neighbor relationship with R3. What are possible reasons for this problem? (Choose two.)
A. All of the routers need to be configured for backbone Area 1.
B. R1 and R2 are the DR and BDR, so OSPF will not establish neighbor adjacency with R3.
C. A static route has been configured from R1 to R3 and prevents the neighbor adjacency from being established.
D. The hello and dead interval timers are not set to the same values on R1 and R3.
E. EIGRP is also configured on these routers with a lower administrative distance.
F. R1 and R3 are configured in different areas.
Answer: D,F
Explanation:
This question is to examine the conditions for OSPF to create neighborhood.
So as to make the two routers become neighbors, each router must be matched with the following items:
1. The area ID and its types;
2. Hello and failure time interval timer;
3. OSPF Password (Optional).
Q152. - (Topic 8)
On which type of port can switches interconnect for multi-VLAN communication?
A. interface port
B. access port
C. switch port
D. trunk port
Answer: D
Q153. - (Topic 5)
Refer to the exhibit.
Which subnet mask will place all hosts on Network B in the same subnet with the least amount of wasted addresses?
A. 255.255.255.0
B. 255.255.254.0
C. 255.255.252.0
D. 255.255.248.0
Answer: B
Explanation:
310 hosts < 512 = 29 -> We need a subnet mask of 9 bits 0 -> 1111 1111.1111 1111.1111
1110.0000 0000 -> 255.255.254.0
Q154. CORRECT TEXT - (Topic 4)
A corporation wants to add security to its network. The requirements are:
✑ Host B should be able to use a web browser (HTTP) to access the Finance Web Server.
✑ Other types of access from host B to the Finance Web Server should be blocked.
✑ All access from hosts in the Core or local LAN to the Finance Web Server should be blocked.
✑ All hosts in the Core and on local LAN should be able to access the Public Web Server.
You have been tasked to create and apply a numbered access list to a single outbound interface. This access list can contain no more than three statements that meet these requirements.
Access to the router CLI can be gained by clicking on the appropriate host.
✑ All passwords have been temporarily set to “cisco”.
✑ The Core connection uses an IP address of 198.18.132.65.
✑ The computers in the Hosts LAN have been assigned addresses of 192.168.201.1
– 192.168.201.254.
✑ host A 192.168.201.1
✑ host B 192.168.201.2
✑ host C 192.168.201.3
✑ host D 192.168.201.4
✑ The Finance Web Server has been assigned an address of 172.22.237.17.
✑ The Public Web Server in the Server LAN has been assigned an address of 172.22.237.18.
Answer:
Please check the below explanation for all details.
Explanation:
We should create an access-list and apply it to the interface that is connected to the Server LAN because it can filter out traffic from both S2 and Core networks. To see which interface this is, use the “show ip interface brief” command:
Macintosh HD:Users:danielkeller:Desktop:Screen Shot 2015-11-17 at 3.24.34 PM.png From this, we know that the servers are located on the fa0/1 interface, so we will place our numbered access list here in the outbound direction.
Corp1#configure terminal
Our access-list needs to allow host B – 192.168125.2 to the Finance Web Server 172.22.109.17 via HTTP (port 80), so our first line is this:
Corp1(config)#access-list 100 permit tcp host 192.168.125.2 host 172.22.109.17 eq 80
Then, our next two instructions are these:
✑ Other types of access from host B to the Finance Web Server should be blocked.
✑ All access from hosts in the Core or local LAN to the Finance Web Server should be blocked.
This can be accomplished with one command (which we need to do as our ACL needs to be no more than 3 lines long), blocking all other access to the finance web server: Corp1(config)#access-list 100 deny ip any host 172.22.109.17
Our last instruction is to allow all hosts in the Core and on the local LAN access to the Public Web Server (172.22.109.18)
Corp1(config)#access-list 100 permit ip host 172.22.109.18 any Finally, apply this access-list to Fa0/1 interface (outbound direction) Corp1(config)#interface fa0/1
Corp1(config-if)#ip access-group 100 out
Notice: We have to apply the access-list to Fa0/1 interface (not Fa0/0 interface) so that the access-list can filter traffic coming from both the LAN and the Core networks.
To verify, just click on host B to open its web browser. In the address box type
http://172.22.109.17 to check if you are allowed to access Finance Web Server or not. If
your configuration is correct then you can access it.
Click on other hosts (A, C and D) and check to make sure you can’t access Finance Web Server from these hosts. Then, repeat to make sure they can reach the public server at 172.22.109.18. Finally, save the configuration
Corp1(config-if)#end
Corp1#copy running-config startup-config
Q155. - (Topic 3)
What is the default administrative distance of OSPF?
A. 90
B. 100
C. 110
D. 120
Answer: C
Explanation:
Administrative distance is the feature that routers use in order to select the best path when there are two or more different routes to the same destination from two different routing protocols. Administrative distance defines the reliability of a routing protocol. Each routing
protocol is prioritized in order of most to least reliable (believable) with the help of an administrative distance value.
Default Distance Value Table
This table lists the administrative distance default values of the protocols that Cisco supports:
Route Source
Default Distance Values
Connected interface 0
Static route 1
Enhanced Interior Gateway Routing Protocol (EIGRP) summary route 5
External Border Gateway Protocol (BGP) 20
Internal EIGRP 90
IGRP 100 OSPF 110
Intermediate System-to-Intermediate System (IS-IS) 115
Routing Information Protocol (RIP) 120
Exterior Gateway Protocol (EGP) 140
On Demand Routing (ODR) 160
External EIGRP 170
Internal BGP 200
Unknown* 255
Q156. - (Topic 8)
Which component of the routing table ranks routing protocols according to their preferences?
A. administrative distance
B. next hop
C. metric
D. routing protocol code
Answer: A
Explanation:
Administrative distance - This is the measure of trustworthiness of the source of the route. If a router learns about a destination from more than one routing protocol, administrative distance is compared and the preference is given to the routes with lower administrative distance. In other words, it is the believability of the source of the route.
Q157. - (Topic 5)
Which three features are added in SNMPv3 over SNMPv2?
A. Message Integrity
B. Compression
C. Authentication
D. Encryption
E. Error Detection
Answer: A,C,D
Explanation:
Cisco IOS software supports the following versions of SNMP:
+ SNMPv1 – The Simple Network Management Protocol: A Full Internet Standard, defined in RFC 1157. (RFC 1157 replaces the earlier versions that were published as RFC 1067 and RFC 1098.) Security is based on community strings.
+ SNMPv2c – The community-string based Administrative Framework for SNMPv2. SNMPv2c (the “c” stands for “community”) is an Experimental Internet Protocol defined in RFC 1901, RFC 1905, and RFC 1906. SNMPv2c is an update of the protocol operations and data types of SNMPv2p (SNMPv2 Classic), and uses the community-based security model of SNMPv1.
+ SNMPv3 – Version 3 of SNMP. SNMPv3 is an interoperable standards-based protocol defined in RFCs 2273 to 2275. SNMPv3 provides secure access to devices by a combination of authenticating and encrypting packets over the network. The security features provided in SNMPv3 are as follows:
– Message integrity: Ensuring that a packet has not been tampered with in transit.
– Authentication: Determining that the message is from a valid source.
– Encryption: Scrambling the contents of a packet prevent it from being learned by an unauthorized source.
Q158. - (Topic 7)
Scenario:
Refer to the topology. Your company has decided to connect the main office with three other remote branch offices using point-to-point serial links.
You are required to troubleshoot and resolve OSPF neighbor adjacency issues between the main office and the routers located in the remote branch offices.
R1 does not form an OSPF neighbor adjacency with R2. Which option would fix the issue?
A. R1 ethernet0/1 is shutdown. Configure no shutdown command.
B. R1 ethernet0/1 configured with a non-default OSPF hello interval of 25; configure no ip ospf hello-interval 25.
C. R2 ethernet0/1 and R3 ethernet0/0 are configured with a non-default OSPF hello
interval of 25; configure no ip ospf hello-interval 25.
D. Enable OSPF for R1 ethernet0/1; configure ip ospf 1 area 0 command under ethernet0/1.
Answer: B
Explanation:
Looking at the configuration of R1, we see that R1 is configured with a hello interval of 25 on interface Ethernet 0/1 while R2 is left with the default of 10 (not configured).
Q159. - (Topic 8)
While troubleshooting a connection problem on a computer, you determined that the computer can ping a specific web server but it cannot connect to TCP port 80 on that server. Which reason for the problem is most likely true?
A. A VLAN number is incorrect.
B. A Route is missing
C. An ARP table entry is missing.
D. An ACL is blocking the TCP port.
Answer: D
Q160. - (Topic 6)
A network administrator is configuring ACLs on a Cisco router, to allow traffic from hosts on networks 192.168.146.0, 192.168.147.0, 192.168.148.0, and 192.168.149.0 only. Which
two ACL statements, when combined, would you use to accomplish this task? (Choose two.)
A. access-list 10 permit ip 192.168.146.0 0.0.1.255
B. access-list 10 permit ip 192.168.147.0 0.0.255.255
C. access-list 10 permit ip 192.168.148.0 0.0.1.255
D. access-list 10 permit ip 192.168.149.0 0.0.255.255
E. access-list 10 permit ip 192.168.146.0 0.0.0.255
F. access-list 10 permit ip 192.168.146.0 255.255.255.0
Answer: A,C
Explanation:
“access-list 10 permit ip 192.168.146.0 0.0.1.255” would allow only the 192.168.146.0 and
192.168.147.0 networks, and “access-list 10 permit ip 192.168.148.0 0.0.1.255” would allow only the 192.168.148.0 and 192.168.149.0 networks.
Topic 7, Infrastructure Management