200-125 Exam
Facts about ccna routing and switching 200 125 official cert guide library
Exam Code: ccna 200 125 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: CCNA Cisco Certified Network Associate CCNA (v3.0)
Certification Provider: Cisco
Free Today! Guaranteed Training- Pass cisco 200 125 Exam.
P.S. Download 200-125 dumps are available on Google Drive, GET MORE: https://drive.google.com/open?id=1kYtwvDfK3CIMnjUzKdkde8F69Zg0NhM8
New Cisco 200-125 Exam Dumps Collection (Question 1 - Question 10)
Question No: 1
Refer to exhibit.
A network administrator cannot establish a Telnet session with the indicated router. What is the cause of this failure?
A. A Level 5 password is not set.
B. An ACL is blocking Telnet access.
C. The vty password is missing.
D. The console password is missing.
Answer: C
Explanation:
The login keyword has been set, but not password. This will result in the u201cpassword
required, but none setu201d message to users trying to telnet to this router.
Question No: 2
CORRECT TEXTA network associate is adding security to the configuration of the Corp1 router. The user on host C should be able to use a web browser to access financial information from the Finance Web Server. No other hosts from the LAN nor the Core should be able to use a web browser to access this server. Since there are multiple resources for the corporation at this location including other resources on the Finance Web Server, all other traffic should be allowed.
The task is to create and apply an access-list with no more than three statements that will allow ONLY host C web access to the Finance Web Server. No other hosts will have web access to the Finance Web Server. All other traffic is permitted.
Access to the router CLI can be gained by clicking on the appropriate host.
All passwords have been temporarily set to "cisco".
The Core connection uses an IP address of 198.18.247.65
The computers in the Hosts LAN have been assigned addresses of 192.168.240.1 - 192.168.240.254
u2711 host A 192.168.240.1
u2711 host B 192.168.240.2
u2711 host C 192.168.240.3
Answer:
Corp1#conf t
Corp1(config)# access-list 128 permit tcp host 192.168.240.1 host 172.22.141.26 eq www
Corp1(config)# access-list 128 deny tcp any host 172.22.141.26 eq www
Corp1(config)# access-list 128 permit ip any any
Corp1(config)#int fa0/1
Corp1(config-if)#ip access-group 128 out
Corp1(config-if)#end
Corp1#copy run startup-config
Question No: 3
Which two are features of IPv6? (Choose two.)
A. anycast
B. broadcast
C. multicast
D. podcast
E. allcast
Answer: A,C
Explanation:
IPv6 addresses are classified by the primary addressing and routing methodologies common in networking: unicast addressing, anycast addressing, and multicast addressing.
u2711 A unicast address identifies a single network interface. The Internet Protocol
delivers packets sent to a unicast address to that specific interface.
u2711 An anycast address is assigned to a group of interfaces, usually belonging to different nodes. A packet sent to an anycast address is delivered to just one of the
member interfaces, typically thenearesthost, according to the routing protocolu2021s definition of distance. Anycast addresses cannot be identified easily, they have the same format as unicast addresses, and differ only by their presence in the network at multiple points. Almost any unicast address can be employed as an anycast address.
u2711 A multicast address is also used by multiple hosts, which acquire the multicast
address destination by participating in the multicast distribution protocol among the network routers. A packet that is sent to a multicast address is delivered to all interfaces that have joined the corresponding multicast group.
Topic 10, Infrastructure Security
835.Refer to the exhibit.
The following commands are executed on interface fa0/1 of 2950Switch. 2950Switch(config-if)# switchport port-security
2950Switch(config-if)# switchport port-security mac-address sticky 2950Switch(config-if)# switchport port-security maximum 1
The Ethernet frame that is shown arrives on interface fa0/1. What two functions will occur
when this frame is received by 2950Switch? (Choose two.)
A. The MAC address table will now have an additional entry of fa0/1 FFFF.FFFF.FFFF.
B. Only host A will be allowed to transmit frames on fa0/1.
C. This frame will be discarded when it is received by 2950Switch.
D. All frames arriving on 2950Switch with a destination of 0000.00aa.aaaa will be forwarded out fa0/1.
E. Hosts B and C may forward frames out fa0/1 but frames arriving from other switches will not be forwarded out fa0/1.
F. Only frames from source 0000.00bb.bbbb, the first learned MAC address of 2950Switch, will be forwarded out fa0/1.
Question No: 4
How many bits are contained in each field of an IPv6 address?
A. 24
B. 4
C. 8
D. 16
Answer: D
Explanation:
An IPv6 address is represented as eight groups of four hexadecimal digits, each group representing 16 bits (two octets). The groups are separated by colons (:). An example of an IPv6 address is 2001:0db8:85a3:0000:0000:8a2e:0370:7334.
Question No: 5
How does using the service password-encryption command on a router provide additional security?
A. by encrypting all passwords passing through the router
B. by encrypting passwords in the plain text configuration file
C. by requiring entry of encrypted passwords for access to the device
D. by configuring an MD5 encrypted key to be used by routing protocols to validate routing exchanges
E. by automatically suggesting encrypted passwords for use in configuring the router
Answer: B
Explanation:
By using this command, all the (current and future) passwords are encrypted. This command is primarily useful for keeping unauthorized individuals from viewing your password in your configuration file
Question No: 6
Refer to the exhibit.
A junior network administrator was given the task of configuring port security on SwitchA to allow only PC_A to access the switched network through port fa0/1. If any other device is
detected, the port is to drop frames from this device. The administrator configured the interface and tested it with successful pings from PC_A to RouterA, and then observes the output from these two show commands.
Which two of these changes are necessary for SwitchA to meet the requirements? (Choose two.)
A. Port security needs to be globally enabled.
B. Port security needs to be enabled on the interface.
C. Port security needs to be configured to shut down the interface in the event of a violation.
D. Port security needs to be configured to allow only one learned MAC address.
E. Port security interface counters need to be cleared before using the show command.
F. The port security configuration needs to be saved to NVRAM before it can become active.
Answer: B,D
Explanation:
From the output we can see that port security is disabled so this needs to be enabled. Also, the maximum number of devices is set to 2 so this needs to be just one if we want the single host to have access and nothing else.
Question No: 7
CORRECT TEXTThe following have already been configured on the router:
u2711 The basic router configuration
u2711 The appropriate interfaces have been configured for NAT inside and NAT outside.
u2711 The appropriate static routes have also been configured (since the company will be a stub network, no routing protocol will be required)
u2711 All passwords have been temporarily set to u201cciscou201d.
The task is to complete the NAT configuration using all IP addresses assigned by the ISP to provide Internet access for the hosts in the Weaver LAN. Functionality can be tested by clicking on the host provided for testing.
Configuration information: router name u2013 Weaver
inside global addresses u2013 198.18.184.105 - 198.18.184.110/29 inside local addresses - 192.168.100.17 u2013 192.168.100.30/28
number of inside hosts u2013 14
A network associate is configuring a router for the weaver company to provide internet access. The ISP has provided the company six public IP addresses of 198.18.184.105 198.18.184.110. The company has 14 hosts that need to access the internet simultaneously. The hosts in the company LAN have been assigned private space addresses in the range of 192.168.100.17 u2013 192.168.100.30.
Answer:
The company has 14 hosts that need to access the internet simultaneously but we just have 6 public IP addresses from 198.18.184.105 to 198.18.184.110/29. Therefore we have to use NAT overload (or PAT)
Double click on the Weaver router to open it
Router>enable Router#configure terminal
First you should change the router's name to Weaver
Router(config)#hostname Weaver
Create a NAT pool of global addresses to be allocated with their netmask. Weaver(config)#ip nat pool mypool 198.18.184.105 198.18.184.110 netmask 255.255.255.248
Create a standard access control list that permits the addresses that are to betranslated.
Weaver(config)#access-list 1 permit 192.168.100.16 0.0.0.15
Establish dynamic source translation, specifying the access list that was definedin the prior step.
Weaver(config)#ip nat inside source list 1 pool mypool overload
This command translates all source addresses that pass access list 1, which means a source address from 192.168.100.17 to 192.168.100.30, into an address from the pool
named mypool (the pool contains addresses from198.18.184.105 to 198.18.184.110). Overloadkeyword allows to map multiple IP addresses to a single registered IPaddress (many-to-one) by using different ports.
The question said that appropriate interfaces have been configured for NAT inside and NAT outside statements.
This is how to configure the NAT inside and NAT outside, just for yourunderstanding:
Weaver(config)#interface fa0/0 Weaver(config-if)#ip nat inside Weaver(config-if)#exit Weaver(config)#interface s0/0 Weaver(config-if)#ip nat outside Weaver(config-if)#end
Finally, we should save all your work with the following command:
Weaver#copy running-config startup-config
Check your configuration by going to "Host for testing" and type:
C :>ping 192.0.2.114
The ping should work well and you will be replied from 192.0.2.114
Question No: 8
Refer to the exhibit.
A network administrator attempts to ping Host2 from Host1 and receives the results that are shown. What is the problem?
A. The link between Host1 and Switch1 is down.
B. TCP/IP is not functioning on Host1
C. The link between Router1 and Router2 is down.
D. The default gateway on Host1 is incorrect.
E. Interface Fa0/0 on Router1 is shutdown.
F. The link between Switch1 and Router1 is down.
Answer: C
Explanation:
Host1 tries to communicate with Host2. The message destination host unreachable from Router1 indicates that the problem occurs when the data is forwarded from Host1 to Host2. According to the topology, we can infer that the link between Router1 and Router2 is down.
Question No: 9
What are three components that comprise the SNMP framework? (Choose three.)
A. MIB
B. agent
C. set
D. AES
E. supervisor
F. manager
Answer: A,B,F
Explanation:
The SNMP framework consists of three parts:
u2022An SNMP manager u2014 The system used to control and monitor the activities of network devices using SNMP.
u2022An SNMP agent u2014 The software component within the managed device that maintains the data for the device and reports these data, as needed, to managing systems. Cisco Nexus 1000V supports the agent and MIB. To enable the SNMP agent, you must define the relationship between the manager and the agent.
u2022A managed information base (MIB) u2014 The collection of managed objects on the SNMP agent.
SNMP is defined in RFCs 3411 to 3418.
Reference: http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus1000/sw/4_0_4_s_v_1_3/s
ystem_management/configuration/guide/n1000v_system/n1000v_system_10snmp.html
Question No: 10
A network administrator is troubleshooting the OSPF configuration of routers R1 and R2. The routers cannot establish an adjacency relationship on their common Ethernet link.
The graphic shows the output of the show ip ospf interface e0 command for routers R1 and R2. Based on the information in the graphic, what is the cause of this problem?
A. The OSPF area is not configured properly.
B. The priority on R1 should be set higher.
C. The cost on R1 should be set higher.
D. The hello and dead timers are not configured properly.
E. A backup designated router needs to be added to the network.
F. The OSPF process ID numbers must match.
Answer: D
Explanation:
In OSPF, the hello and dead intervals must match and here we can see the hello interval is set to 5 on R1 and 10 on R2. The dead interval is also set to 20 on R1 but it is 40 on R2.
100% Down to date Cisco 200-125 Questions & Answers shared by Allfreedumps, Get HERE: https://www.allfreedumps.com/200-125-dumps.html (New 890 Q&As)