Want to Pass 200-125 Exam In Next HOURS? Get it now →
November 7, 2018

Point Checklist: 200 125 ccna

Your success in Cisco cisco 200 125 is our sole target and we develop all our ccna 200 125 torrent braindumps in a way that facilitates the attainment of this target. Not only is our 200 125 ccna study material the best you can find, it is also the most detailed and the most updated. ccna routing and switching 200 125 Practice Exams for Cisco CCNA Routing and Switching ccna routing and switching 200 125 are written to the highest standards of technical accuracy.

P.S. Download 200-125 vce are available on Google Drive, GET MORE: https://drive.google.com/open?id=1G0OQvn58oVaFHU8QUjdLariF4zPSu0BB


New Cisco 200-125 Exam Dumps Collection (Question 6 - Question 15)

Q1. A network administrator is configuring ACLs on a Cisco router, to allow traffic from hosts on networks 192.168.146.0, 192.168.147.0, 192.168.148.0, and 192.168.149.0 only. Which two ACL statements, when combined, would you use to accomplish this task? (Choose two.)

A. access-list 10 permit ip 192.168.146.0 0.0.1.255

B. access-list 10 permit ip 192.168.147.0 0.0.255.255

C. access-list 10 permit ip 192.168.148.0 0.0.1.255

D. access-list 10 permit ip 192.168.149.0 0.0.255.255

E. access-list 10 permit ip 192.168.146.0 0.0.0.255

F. access-list 10 permit ip 192.168.146.0 255.255.255.0

Answer: A,C

Explanation:

u201caccess-list 10 permit ip 192.168.146.0 0.0.1.255u201d would allow only the 192.168.146.0 and

192.168.147.0 networks, and u201caccess-list 10 permit ip 192.168.148.0 0.0.1.255u201d would allow only the 192.168.148.0 and 192.168.149.0 networks.



Q2. What authentication type is used by SNMPv2?

A. HMAC-MD5

B. HMAC-SHA

C. CBC-DES

D. community strings

Answer: D

Explanation:

SNMP Versions

Cisco IOS software supports the following versions of SNMP:

u2022SNMPv1 u2014 The Simple Network Management Protocol: A Full Internet Standard, defined in RFC 1157. (RFC 1157 replaces the earlier versions that were published as RFC 1067 and RFC 1098.) Security is based on community strings.

u2022SNMPv2c u2014 The community-string based Administrative Framework for SNMPv2. SNMPv2c (the "c" stands for "community") is an Experimental Internet Protocol defined in RFC 1901, RFC 1905, and RFC 1906. SNMPv2c is an update of the protocol operations and data types of SNMPv2p (SNMPv2 Classic), and uses the community-based security model of SNMPv1.

u2022SNMPv3 u2014 Version 3 of SNMP. SNMPv3 is an interoperable standards-based protocol defined in RFCs 2273 to 2275. SNMPv3 provides secure access to devices by a combination of authenticating and encrypting packets over the network.

SNMP Security Models and Levels

Model Level

Authentication Encryption What Happens v1 noAuthNoPriv

Community String No

Uses a community string match for authentication. v2c

noAuthNoPriv Community String No

Uses a community string match for authentication. v3

noAuthNoPriv Username

No

Uses a username match for authentication. v3

authNoPriv MD5 or SHA

No

Provides authentication based on the HMAC-MD5 or HMAC-SHA algorithms. v3

authPriv MD5 or SHA DES

Provides authentication based on the HMAC-MD5 or HMAC-SHA algorithms. Provides DES 56-bit encryption in addition to authentication based on the CBC-DES (DES-56) standard.

Reference: http://www.cisco.com/c/en/us/td/docs/ios/12_2/configfun/configuration/guide/ffun_c/fcf014.h tml



Q3. Which protocol can cause overload on a CPU of a managed device?

A. Netflow

B. WCCP

C. IP SLA

D. SNMP

Answer: D

Explanation:

Sometimes, messages like this might appear in the router console:

%SNMP-3-CPUHOG: Processing [chars] of [chars]

They mean that the SNMP agent on the device has taken too much time to process a request.

You can determine the cause of high CPU use in a router by using the output of the show process cpu command.

Note: A managed device is a part of the network that requires some form of monitoring and management (routers, switches, servers, workstations, printersu2026).



Q4. What are three values that must be the same within a sequence of packets for Netflow to consider them a network flow? (Choose three.)

A. source IP address

B. source MAC address

C. egress interface

D. ingress interface

E. destination IP address

F. IP next-hop

Answer: A,D,E

Explanation:

Each packet that is forwarded within a router or switch is examined for a set of IP packet attributes. These attributes are the IP packet identity or fingerprint of the packet and determine if the packet is unique or similar to other packets.

Traditionally, an IP Flow is based on a set of 5 and up to 7 IP packet attributes. IP Packet attributes used by NetFlow:

u2022 IP source address

u2022 IP destination address

u2022 Source port

u2022 Destination port

u2022 Layer 3 protocol type

u2022 Class of Service

u2022 Router or switch interface

All packets with the same source/destination IP address, source/destination ports, protocol interface and class of service are grouped into a flow and then packets and bytes are tallied. This methodology of fingerprinting or determining a flow is scalable because a large

amount of network information is condensed into a database of NetFlow information called the NetFlow cache.

Reference: http://www.cisco.com/c/en/us/products/collateral/ios-nx-os-software/ios-netflow/prod_white_paper0900aecd80406232.html



Q5. Scenario:

Refer to the topology. Your company has decided to connect the main office with three other remote branch offices using point-to-point serial links.

You are required to troubleshoot and resolve OSPF neighbor adjacency issues between the main office and the routers located in the remote branch offices.

An OSPF neighbor adjacency is not formed between R3 in the main office and R4 in the Branch1 office. What is causing the problem?

A. There is an area ID mismatch.

B. There is a Layer 2 issue; an encapsulation mismatch on serial links.

C. There is an OSPF hello and dead interval mismatch.

D. The R3 router ID is configured on R4.

Answer: A

Explanation:

A show running-config command on R3 and R4 shows that R4 is incorrectly configured for area 2:



Q6. How many bits are contained in each field of an IPv6 address?

A. 24

B. 4

C. 8

D. 16

Answer: D

Explanation:

An IPv6 address is represented as eight groups of four hexadecimal digits, each group representing 16 bits (two octets). The groups are separated by colons (:). An example of an IPv6 address is 2001:0db8:85a3:0000:0000:8a2e:0370:7334.



Q7. CORRECT TEXTCentral Florida Widgets recently installed a new router in their office. Complete the network installation by performing the initial router configurations and configuring R1PV2 routing using the router command line interface (CLI) on the RC.

Configure the router per the following requirements: Name of the router is R2

Enable. secret password is cisco

The password to access user EXEC mode using the console is cisco2 The password to allow telnet access to the router is cisco3

IPV4 addresses must be configured as follows:

Ethernet network 209.165.201.0/27 - router has fourth assignable host address in subnet Serial network is 192.0.2.176/28 - router has last assignable host address in the subnet. Interfaces should be enabled.

Router protocol is RIPV2

Attention:

In practical examinations, please note the following, the actual information will prevail.

1. Name or the router is xxx

2. Enable. secret password is xxx

3. Password In access user EXEC mode using the console is xxx

4. The password to allow telnet access to the router is xxx

5. IP information

Answer:

Router>enable

Router#config terminal

Router(config)#hostname R2

R2(config)#enable secret Cisco 1

R2(config)#line console 0

R2(config-line)#password Cisco 2

R2(config-line)#exit R2(config)#line vty 0 4

R2(config-line)#password Cisco 3

R2(config-line)#login

R2(config-line)#exit R2(config)#interface faO/0

R2(config-if)#ip address 209.165.201.4 255.255.255.224

R2(config)#interface s0/0/0

R2(config-if)#ip address 192.0.2.190 255.255.255.240

R2(config-if)#no shutdown

R2(config-if)#exit R2(config)#router rip

R2(config-router)#version 2

R2(config-router)#network 209.165.201.0

R2(config-router)#network 192.0.2.176

R2(config-router)#end

R2#copy run start



Q8. CORRECT TEXTA network associate is adding security to the configuration of the Corp1 router. The user on host C should be able to use a web browser to access financial information from the Finance Web Server. No other hosts from the LAN nor the Core should be able to use a web browser to access this server. Since there are multiple resources for the corporation at this location including other resources on the Finance Web Server, all other traffic should be allowed.

The task is to create and apply an access-list with no more than three statements that will allow ONLY host C web access to the Finance Web Server. No other hosts will have web access to the Finance Web Server. All other traffic is permitted.

Access to the router CLI can be gained by clicking on the appropriate host.

All passwords have been temporarily set to "cisco".

The Core connection uses an IP address of 198.18.247.65

The computers in the Hosts LAN have been assigned addresses of 192.168.240.1 - 192.168.240.254

u2711 host A 192.168.240.1

u2711 host B 192.168.240.2

u2711 host C 192.168.240.3

Answer:

Corp1#conf t

Corp1(config)# access-list 128 permit tcp host 192.168.240.1 host 172.22.141.26 eq www

Corp1(config)# access-list 128 deny tcp any host 172.22.141.26 eq www

Corp1(config)# access-list 128 permit ip any any

Corp1(config)#int fa0/1

Corp1(config-if)#ip access-group 128 out

Corp1(config-if)#end

Corp1#copy run startup-config



Q9. A network administrator needs to configure port security on a switch. Which two statements are true? (Choose two.)

A. The network administrator can apply port security to dynamic access ports.

B. The network administrator can apply port security to EtherChannels.

C. When dynamic MAC address learning is enabled on an interface, the switch can learn new addresses, up to the maximum defined.

D. The sticky learning feature allows the addition of dynamically learned addresses to the running configuration.

E. The network administrator can configure static secure or sticky secure MAC addresses in the voice VLAN.

Answer: C,D

Explanation:

Follow these guidelines when configuring port security:

+ Port security can only be configured on static access ports, trunk ports, or 802.1Q tunnel ports.

+ A secure port cannot be a dynamic access port.

+ A secure port cannot be a destination port for Switched Port Analyzer (SPAN).

+ A secure port cannot belong to a Fast EtherChannel or Gigabit EtherChannel port group.

+ You cannot configure static secure or sticky secure MAC addresses on a voice VLAN.

+ When you enable port security on an interface that is also configured with a voice VLAN, you must set the maximum allowed secure addresses on the port to at least two.

+ If any type of port security is enabled on the access VLAN, dynamic port security is automatically enabled on the voice VLAN.

+ When a voice VLAN is configured on a secure port that is also configured as a sticky secure port, all addresses seen on the voice VLAN are learned as dynamic secure addresses, and all addresses seen on the access VLAN (to which the port belongs) are learned as sticky secure addresses.

+ The switch does not support port security aging of sticky secure MAC addresses.

+ The protect and restrict options cannot be simultaneously enabled on an interface.

(Reference: http://www.cisco.com/en/US/docs/switches/lan/catalyst3550/software/release/12.1_19_ea1

/configuration/guide/swtrafc.html)

Topic 11, Infrastructure Management

853.Scenario

Refer to the topology. Your company has connected the routers R1, R2, and R3 with serial

links. R2 and R3 are connected to the switches SW1 and SW2, respectively. SW1 and SW2 are also connected to the routers R4 and R5.

The EIGRP routing protocol is configured.

You are required to troubleshoot and resolve the EIGRP issues between the various routers.

Use the appropriate show commands to troubleshoot the issues.

Study the following output taken on R1: R1# Ping 10.5.5.55 source 10.1.1.1 Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.5.5.55, timeout is 2 seconds: Packet sent with a source address of 10.1.1.1

u2026u2026.

Success rate is 0 percent (0/5) Why are the pings failing?

A. The network statement is missing on R5.

B. The loopback interface is shut down on R5.

C. The network statement is missing on R1.

D. The IP address that is configured on the Lo1 interface on R5 is incorrect.

Answer: C

Explanation:

R5 does not have a route to the 10.1.1.1 network, which is the loopback0 IP address of R1. When looking at the EIGRP configuration on R1, we see that the 10.1.1.1 network

statement is missing on R1.



Q10. Refer to the exhibit.

A problem with network connectivity has been observed. It is suspected that the cable connected to switch port Fa0/9 on Switch1 is disconnected. What would be an effect of this cable being disconnected?

A. Host B would not be able to access the server in VLAN9 until the cable is reconnected.

B. Communication between VLAN3 and the other VLANs would be disabled.

C. The transfer of files from Host B to the server in VLAN9 would be significantly slower.

D. For less than a minute, Host B would not be able to access the server in VLAN9. Then normal network function would resume.

Answer: D

Explanation:

Spanning-Tree Protocol (STP) is a Layer 2 protocol that utilizes a special-purpose algorithm to discover physical loops in a network and effect a logical loop-free topology. STP creates a loop-free tree structure consisting of leaves and branches that span the

entire Layer 2 network. The actual mechanics of how bridges communicate and how the STP algorithm works will be discussed at length in the following topics. Note that the terms bridge and switch are used interchangeably when discussing STP. In addition, unless otherwise indicated, connections between switches are assumed to be trunks.




see more http://www.ubraindumps.com/200-125-dumps/

Recommend!! Get the Download 200-125 dumps in VCE and PDF From Thedumpscentre, Welcome to download: http://www.thedumpscentre.com/200-125-dumps/ (New 889 Q&As Version)