Proper study guides for Leading Cisco CCNA Cisco Certified Network Associate CCNA (v3.0) certified begins with Cisco ccna 200 125 preparation products which designed to deliver the Practical cisco ccna 200 125 questions by making you pass the ccna 200 125 syllabus test at your first time. Try the free ccna 200 125 torrent demo right now.

P.S. Practical 200-125 forum are available on Google Drive, GET MORE:

New Cisco 200-125 Exam Dumps Collection (Question 4 - Question 13)

New Questions 4

Refer to the exhibit.

What statement is true of the configuration for this network?

A. The configuration that is shown provides inadequate outside address space for translation of the number of inside addresses that are supported.

B. Because of the addressing on interface FastEthernet0/1, the Serial0/0 interface address will not support the NAT configuration as shown.

C. The number 1 referred to in the ip nat inside source command references access-list number 1.

D. ExternalRouter must be configured with static routes to networks and

Answer: C


The u201clist 1 refers to the access-list number 1.

New Questions 5

What are three factors a network administrator must consider before implementing Netflow in the network? (Choose three.)

A. CPU utilization

B. where Netflow data will be sent

C. number of devices exporting Netflow data

D. port availability

E. SNMP version

F. WAN encapsulation

Answer: A,B,C


NetFlow has a reputation for increasing CPU utilization on your network devices. Cisco's performance testing seems to indicate that newer hardware can accommodate this load pretty well, but you will still want to check it out before you turn on the feature. Some symptoms of high CPU utilization are very large jitter and increased delay. Services running on the device may also be affected.

Another thing to keep in mind is the amount of data you're going to be sending across the network. Depending on how much traffic you have and how you configure it, the traffic can be substantial. For example, you may not want to send NetFlow data from a datacenter switch to a NetFlow collector on the other side of a small WAN circuit. Also bear in mind that the flows from aggregating large numbers of devices can add up.

Reference: monitors-your-WAN

New Questions 6

Which set of commands is recommended to prevent the use of a hub in the access layer?

A. switch(config-if)#switchport mode trunk switch(config-if)#switchport port-security maximum 1

B. switch(config-if)#switchport mode trunk

switch(config-if)#switchport port-security mac-address 1

C. switch(config-if)#switchport mode access switch(config-if)#switchport port-security maximum 1

D. switch(config-if)#switchport mode access switch(config-if)#switchport port-security mac-address 1

Answer: C


This question is to examine the layer 2 security configuration.

In order to satisfy the requirements of this question, you should perform the following

configurations in the interface mode:

First, configure the interface mode as the access mode

Second, enable the port security and set the maximum number of connections to 1.

New Questions 7

Refer to the exhibit.

Which rule does the DHCP server use when there is an IP address conflict?

A. The address is removed from the pool until the conflict is resolved.

B. The address remains in the pool until the conflict is resolved.

C. Only the IP detected by Gratuitous ARP is removed from the pool.

D. Only the IP detected by Ping is removed from the pool.

E. The IP will be shown, even after the conflict is resolved.

Answer: A


An address conflict occurs when two hosts use the same IP address. During address assignment, DHCP checks for conflicts using ping and gratuitous ARP. If a conflict is detected, the address is removed from the pool. The address will not be assigned until the administrator resolves the conflict.


New Questions 8

Which two are features of IPv6? (Choose two.)

A. anycast

B. broadcast

C. multicast

D. podcast

E. allcast

Answer: A,C


IPv6 addresses are classified by the primary addressing and routing methodologies common in networking: unicast addressing, anycast addressing, and multicast addressing.

u2711 A unicast address identifies a single network interface. The Internet Protocol

delivers packets sent to a unicast address to that specific interface.

u2711 An anycast address is assigned to a group of interfaces, usually belonging to different nodes. A packet sent to an anycast address is delivered to just one of the

member interfaces, typically thenearesthost, according to the routing protocolu2019s definition of distance. Anycast addresses cannot be identified easily, they have the same format as unicast addresses, and differ only by their presence in the network at multiple points. Almost any unicast address can be employed as an anycast address.

u2711 A multicast address is also used by multiple hosts, which acquire the multicast

address destination by participating in the multicast distribution protocol among the network routers. A packet that is sent to a multicast address is delivered to all interfaces that have joined the corresponding multicast group.

Topic 10, Infrastructure Security

835.Refer to the exhibit.

The following commands are executed on interface fa0/1 of 2950Switch. 2950Switch(config-if)# switchport port-security

2950Switch(config-if)# switchport port-security mac-address sticky 2950Switch(config-if)# switchport port-security maximum 1

The Ethernet frame that is shown arrives on interface fa0/1. What two functions will occur

when this frame is received by 2950Switch? (Choose two.)

A. The MAC address table will now have an additional entry of fa0/1 FFFF.FFFF.FFFF.

B. Only host A will be allowed to transmit frames on fa0/1.

C. This frame will be discarded when it is received by 2950Switch.

D. All frames arriving on 2950Switch with a destination of 0000.00aa.aaaa will be forwarded out fa0/1.

E. Hosts B and C may forward frames out fa0/1 but frames arriving from other switches will not be forwarded out fa0/1.

F. Only frames from source 0000.00bb.bbbb, the first learned MAC address of 2950Switch, will be forwarded out fa0/1.

New Questions 9

What are the benefits of using Netflow? (Choose three.)

A. Network,Application & User Monitoring

B. Network Planning

C. Security Analysis

D. Accounting/Billing

Answer: A,C,D


NetFlow traditionally enables several key customer applications including:

+ Network Monitoring u2013 NetFlow data enables extensive near real time network monitoring capabilities. Flow-based analysis techniques may be utilized to visualize traffic patterns associated with individual routers and switches as well as on a network-wide basis (providing aggregate traffic or application based views) to provide proactive problem detection, efficient troubleshooting, and rapid problem resolution.

+ Application Monitoring and Profiling u2013 NetFlow data enables network managers to gain a detailed, time-based, view of application usage over the network. This information is used to plan, understand new services, and allocate network and application resources (e.g. Web server sizing and VoIP deployment) to responsively meet customer demands.

+ User Monitoring and Profiling u2013 NetFlow data enables network engineers to gain detailed understanding of customer/user utilization of network and application resources. This information may then be utilized to efficiently plan and allocate access, backbone and

application resources as well as to detect and resolve potential security and policy violations.

+ Network Planning u2013 NetFlow can be used to capture data over a long period of time producing the opportunity to track and anticipate network growth and plan upgrades to increase the number of routing devices, ports, or higher- bandwidth interfaces. NetFlow services data optimizes network planning including peering, backbone upgrade planning, and routing policy planning. NetFlow helps to minimize the total cost of network operations while maximizing network performance, capacity, and reliability. NetFlow detects unwanted WAN traffic, validates bandwidth and Quality of Service (QOS) and allows the analysis of new network applications. NetFlow will give you valuable information to reduce the cost of operating your network.

+ Security Analysis u2013 NetFlow identifies and classifies DDOS attacks, viruses and worms in real-time. Changes in network behavior indicate anomalies that are clearly demonstrated in NetFlow data. The data is also a valuable forensic tool to understand and replay the history of security incidents.

+ Accounting/Billing u2013 NetFlow data provides fine-grained metering (e.g. flow data includes details such as IP addresses, packet and byte counts, timestamps, type-of-service and application ports, etc.) for highly flexible and detailed resource utilization accounting. Service providers may utilize the information for billing based on time-of-day, bandwidth usage, application usage, quality of service, etc. Enterprise customers may utilize the information for departmental charge-back or cost allocation for resource utilization.

New Questions 10

Which IPv6 address is valid?

A. 2001:0db8:0000:130F:0000:0000:08GC:140B

B. 2001:0db8:0:130H::87C:140B

C. 2031::130F::9C0:876A:130B

D. 2031:0:130F::9C0:876A:130B

Answer: D


An IPv6 address is represented as eight groups of four hexadecimal digits, each group representing 16 bits (two octets). The groups are separated by colons (:). An example of an IPv6 address is 2001:0db8:85a3:0000:0000:8a2e:0370:7334. The leading 0u2019s in a group can be collapsed using ::, but this can only be done once in an IP address.

New Questions 11

Refer to exhibit.

A network administrator cannot establish a Telnet session with the indicated router. What is the cause of this failure?

A. A Level 5 password is not set.

B. An ACL is blocking Telnet access.

C. The vty password is missing.

D. The console password is missing.

Answer: C


The login keyword has been set, but not password. This will result in the u201cpassword

required, but none setu201d message to users trying to telnet to this router.

New Questions 12

What is the default Syslog facility level?

A. local4

B. local5

C. local6

D. local7

Answer: D


By default, Cisco IOS devices, CatOS switches, and VPN 3000 Concentrators use facility local7 while Cisco PIX Firewalls use local4 to send syslog messages. Moreover, most Cisco devices provide options to change the facility level from their default value.


New Questions 13

CORRECT TEXTThe following have already been configured on the router:

u2711 The basic router configuration

u2711 The appropriate interfaces have been configured for NAT inside and NAT outside.

u2711 The appropriate static routes have also been configured (since the company will be a stub network, no routing protocol will be required)

u2711 All passwords have been temporarily set to u201cciscou201d.

The task is to complete the NAT configuration using all IP addresses assigned by the ISP to provide Internet access for the hosts in the Weaver LAN. Functionality can be tested by clicking on the host provided for testing.

Configuration information: router name u2013 Weaver

inside global addresses u2013 - inside local addresses - u2013

number of inside hosts u2013 14

A network associate is configuring a router for the weaver company to provide internet access. The ISP has provided the company six public IP addresses of The company has 14 hosts that need to access the internet simultaneously. The hosts in the company LAN have been assigned private space addresses in the range of u2013


The company has 14 hosts that need to access the internet simultaneously but we just have 6 public IP addresses from to Therefore we have to use NAT overload (or PAT)

Double click on the Weaver router to open it

Router>enable Router#configure terminal

First you should change the router's name to Weaver

Router(config)#hostname Weaver

Create a NAT pool of global addresses to be allocated with their netmask. Weaver(config)#ip nat pool mypool netmask

Create a standard access control list that permits the addresses that are to betranslated.

Weaver(config)#access-list 1 permit

Establish dynamic source translation, specifying the access list that was definedin the prior step.

Weaver(config)#ip nat inside source list 1 pool mypool overload

This command translates all source addresses that pass access list 1, which means a source address from to, into an address from the pool

named mypool (the pool contains addresses from198.18.184.105 to Overloadkeyword allows to map multiple IP addresses to a single registered IPaddress (many-to-one) by using different ports.

The question said that appropriate interfaces have been configured for NAT inside and NAT outside statements.

This is how to configure the NAT inside and NAT outside, just for yourunderstanding:

Weaver(config)#interface fa0/0 Weaver(config-if)#ip nat inside Weaver(config-if)#exit Weaver(config)#interface s0/0 Weaver(config-if)#ip nat outside Weaver(config-if)#end

Finally, we should save all your work with the following command:

Weaver#copy running-config startup-config

Check your configuration by going to "Host for testing" and type:

C :\\>ping

The ping should work well and you will be replied from

Recommend!! Get the Practical 200-125 dumps in VCE and PDF From Certleader, Welcome to download: (New 890 Q&As Version)