It is impossible to pass Cisco 200 125 cisco exam without any help in the short term. Come to Testking soon and find the most advanced, correct and guaranteed Cisco ccna 200 120 vs 200 125 practice questions. You will get a surprising result by our Rebirth CCNA Cisco Certified Network Associate CCNA (v3.0) practice guides.
Q31. - (Topic 3)
What OSPF command, when configured, will include all interfaces into area 0?
A. network 0.0.0.0 255.255.255.255 area 0
B. network 0.0.0.0 0.0.0.0 area 0
C. network 255.255.255.255 0.0.0.0 area 0
D. network all-interfaces area 0
Answer: A
Explanation:
Example 3-1 displays OSPF with a process ID of 1 and places all interfaces configured with an IP address in area 0. The network command network 0.0.0.0 255.255.255.255 area 0 dictates that you do not care (255.255.255.255) what the IP address is, but if an IP address is enabled on any interface, place it in area 0.
Example 3-1 Configuring OSPF in a Single Area
router ospf 1
network 0.0.0.0 255.255.255.255 area 0
Reference: http://www.ciscopress.com/articles/article.asp?p=26919&seqNum=3
Q32. - (Topic 5)
Which two of these statements are true of IPv6 address representation? (Choose two.)
A. There are four types of IPv6 addresses: unicast, multicast, anycast, and broadcast.
B. A single interface may be assigned multiple IPv6 addresses of any type.
C. Every IPv6 interface contains at least one loopback address.
D. The first 64 bits represent the dynamically created interface ID.
E. Leading zeros in an IPv6 16 bit hexadecimal field are mandatory.
Answer: B,C
Explanation:
✑ A single interface may be assigned multiple addresses of any type (unicast, anycast, multicast).
✑ Every IPv6-enabled interface must contain at least one loopback and one link-local
address.
✑ Optionally, every interface can have multiple unique local and global addresses.
Reference: IPv6 Addressing at a Glance – Cisco PDF
Q33. - (Topic 3)
Users on the 172.17.22.0 network cannot reach the server located on the 172.31.5.0 network. The network administrator connected to router Coffee via the console port, issued the show ip route command, and was able to ping the server.
Based on the output of the show ip route command and the topology shown in the graphic, what is the cause of the failure?
A. The network has not fully converged.
B. IP routing is not enabled.
C. A static route is configured incorrectly.
D. The FastEthernet interface on Coffee is disabled.
E. The neighbor relationship table is not correctly updated.
F. The routing table on Coffee has not updated.
Answer: C
Explanation:
The default route or the static route was configured with incorrect next-hop ip address 172.19.22.2. The correct IP address will be 172.18.22.2 to reach server located on 172.31.5.0 network. IP route 0.0.0.0 0.0.0.0 172.18.22.2
Q34. - (Topic 7)
Scenario
Refer to the topology. Your company has decided to connect the main office with three other remote branch offices using point-to-point serial links.
You are required to troubleshoot and resolve OSPF neighbor adjacency issues between the main office and the routers located in the remote branch offices.
An OSPF neighbor adjacency is not formed between R3 in the main office and R6 in the Branch3 office. What is causing the problem?
A. There is an area ID mismatch.
B. There is a PPP authentication issue; the username is not configured on R3 and R6.
C. There is an OSPF hello and dead interval mismatch.
D. The R3 router ID is configured on R6.
Answer: D
Explanation:
Using the show running-config command we see that R6 has been incorrectly configured with the same router ID as R3 under the router OSPF process.
Q35. - (Topic 8)
Which two Cisco IOS commands, used in troubleshooting, can enable debug output to a remote location? (Choose two)
A. no logging console
B. logging host ip-address
C. terminal monitor
D. show logging | redirect flashioutput.txt
E. snmp-server enable traps syslog
Answer: B,C
Q36. - (Topic 5)
Which three statements about the features of SNMPv2 and SNMPv3 are true? (Choose three.)
A. SNMPv3 enhanced SNMPv2 security features.
B. SNMPv3 added the Inform protocol message to SNMP.
C. SNMPv2 added the Inform protocol message to SNMP.
D. SNMPv3 added the GetBulk protocol messages to SNMP.
E. SNMPv2 added the GetBulk protocol message to SNMP.
F. SNMPv2 added the GetNext protocol message to SNMP.
Answer: A,C,E
Explanation:
SNMPv1/v2 can neither authenticate the source of a management message nor provide encryption. Without authentication, it is possible for nonauthorized users to exercise SNMP network management functions. It is also possible for nonauthorized users to eavesdrop on management information as it passes from managed systems to the management system. Because of these deficiencies, many SNMPv1/v2 implementations are limited to simply a read-only capability, reducing their utility to that of a network monitor; no network control applications can be supported. To correct the security deficiencies of SNMPv1/v2, SNMPv3 was issued as a set of Proposed Standards in January 1998. -> A is correct.
The two additional messages are added in SNMP2 (compared to SNMPv1)
GetBulkRequest The GetBulkRequest message enables an SNMP manager to access large chunks of data. GetBulkRequest allows an agent to respond with as much information as will fit in the response PDU. Agents that cannot provide values for all variables in a list will send partial information. -> E is correct.
InformRequest The InformRequest message allows NMS stations to share trap information. (Traps are issued by SNMP agents when a device change occurs.) InformRequest messages are generally used between NMS stations, not between NMS stations and agents. -> C is correct.
Note: These two messages are carried over SNMPv3.
Q37. - (Topic 5)
What SNMP message alerts the manager to a condition on the network?
A. response
B. get
C. trap
D. capture
Answer: C
Explanation:
An agent can send unsolicited traps to the manager. Traps are messages alerting the SNMP manager to a condition on the network. Traps can mean improper user authentication, restarts, link status (up or down), MAC address tracking, closing of a TCP
connection, loss of connection to a neighbor, or other significant events.
Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2950/software/release/12-1_9_ea1/configuration/guide/scg/swsnmp.html
Q38. - (Topic 3)
Which command would you configure globally on a Cisco router that would allow you to view directly connected Cisco devices?
A. enable cdp
B. cdp enable
C. cdp run
D. run cdp
Answer: C
Explanation:
CDP is enabled on Cisco routers by default. If you prefer not to use the CDP capability, disable it with the no cdp run command. In order to reenable CDP, use the cdp run command in global configuration mode. The “cdp enable” command is an interface command, not global.
Q39. - (Topic 6)
A network administrator needs to configure port security on a switch. Which two statements are true? (Choose two.)
A. The network administrator can apply port security to dynamic access ports.
B. The network administrator can apply port security to EtherChannels.
C. When dynamic MAC address learning is enabled on an interface, the switch can learn new addresses, up to the maximum defined.
D. The sticky learning feature allows the addition of dynamically learned addresses to the running configuration.
E. The network administrator can configure static secure or sticky secure MAC addresses in the voice VLAN.
Answer: C,D
Explanation:
Follow these guidelines when configuring port security:
+ Port security can only be configured on static access ports, trunk ports, or 802.1Q tunnel ports.
+ A secure port cannot be a dynamic access port.
+ A secure port cannot be a destination port for Switched Port Analyzer (SPAN).
+ A secure port cannot belong to a Fast EtherChannel or Gigabit EtherChannel port group.
+ You cannot configure static secure or sticky secure MAC addresses on a voice VLAN.
+ When you enable port security on an interface that is also configured with a voice VLAN, you must set the maximum allowed secure addresses on the port to at least two.
+ If any type of port security is enabled on the access VLAN, dynamic port security is automatically enabled on the voice VLAN.
+ When a voice VLAN is configured on a secure port that is also configured as a sticky secure port, all addresses seen on the voice VLAN are learned as dynamic secure addresses, and all addresses seen on the access VLAN (to which the port belongs) are learned as sticky secure addresses.
+ The switch does not support port security aging of sticky secure MAC addresses.
+ The protect and restrict options cannot be simultaneously enabled on an interface.
(Reference: http://www.cisco.com/en/US/docs/switches/lan/catalyst3550/software/release/12.1_19_ea1
/configuration/guide/swtrafc.html)
Q40. - (Topic 5)
What are two benefits of using NAT? (Choose two.)
A. NAT facilitates end-to-end communication when IPsec is enabled.
B. NAT eliminates the need to re-address all hosts that require external access.
C. NAT conserves addresses through host MAC-level multiplexing.
D. Dynamic NAT facilitates connections from the outside of the network.
E. NAT accelerates the routing process because no modifications are made on the packets.
F. NAT protects network security because private networks are not advertised.
Answer: B,F
Explanation:
By not revealing the internal IP addresses, NAT adds some security to the inside network -
> F is correct.
NAT has to modify the source IP addresses in the packets -> E is not correct.
Connection from the outside of the network through a “NAT” network is more difficult than a more network because IP addresses of inside hosts are hidden -> C is not correct.
In order for IPsec to work with NAT we need to allow additional protocols, including Internet Key Exchange (IKE), Encapsulating Security Payload (ESP) and Authentication Header (AH) -> more complex -> A is not correct.
By allocating specific public IP addresses to inside hosts, NAT eliminates the need to re- address the inside hosts -> B is correct.
NAT does conserve addresses but not through host MAC-level multiplexing. It conserves addresses by allowing many private IP addresses to use the same public IP address to go to the Internet -> C is not correct.
Q41. - (Topic 4)
Which command allows you to verify the encapsulation type (CISCO or IETF) for a Frame Relay link?
A. show frame-relay lmi
B. show frame-relay map
C. show frame-relay pvc
D. show interfaces serial
Answer: B
Explanation:
When connecting Cisco devices with non-Cisco devices, you must use IETF4 encapsulation on both devices. Check the encapsulation type on the Cisco device with the show frame-relay map exec command.
Q42. - (Topic 3)
Refer to the exhibit.
Given the output for this command, if the router ID has not been manually set, what router ID will OSPF use for this router?
A. 10.1.1.2
B. 10.154.154.1
C. 172.16.5.1
D. 192.168.5.3
Answer: C
Explanation:
The highest IP address of all loopback interfaces will be chosen -> Loopback 0 will be chosen as the router ID.
Q43. - (Topic 5)
Which statement describes the process of dynamically assigning IP addresses by the DHCP server?
A. Addresses are allocated after a negotiation between the server and the host to determine the length of the agreement.
B. Addresses are permanently assigned so that the hosts uses the same address at all times.
C. Addresses are assigned for a fixed period of time, at the end of the period, a new request for an address must be made.
D. Addresses are leased to hosts, which periodically contact the DHCP server to renew the lease.
Answer: D
Explanation:
The DHCP lifecycle consists of the following:
✑ Allocation: A client begins with no active lease, and hence, no DHCP-assigned address. It acquires a lease through a process of allocation.
✑ Reallocation: If a client already has an address from an existing lease, then when it reboots or starts up after being shut down, it will contact the DHCP server that granted it the lease to confirm the lease and acquire operating parameters. This is sometimes called reallocation; it is similar to the full allocation process but shorter.
✑ Normal Operation: Once a lease is active, the client functions normally, using its assigned IP address and other parameters during the “main part” of the lease. The client is said to be bound to the lease and the address.
✑ Renewal: After a certain portion of the lease time has expired, the client will attempt to contact the server that initially granted the lease, to renew the lease so it can keep using its IP address.
✑ Rebinding. If renewal with the original leasing server fails (because, for example, the server has been taken offline), then the client will try to rebind to any active DHCP server, trying to extend its current lease with any server that will allow it to do so.
✑ Release: The client may decide at any time that it no longer wishes to use the IP address it was assigned, and may terminate the lease, releasing the IP address.
Q44. - (Topic 8)
Which IPv6 header field is equivalent to the TTL?
A. Hop Limit
B. Flow Label
C. TTD
D. Hop Count
E. Scan Timer
Answer: A
Q45. - (Topic 4)
Which command is used to enable CHAP authentication, with PAP as the fallback method, on a serial interface?
A. Router(config-if)# ppp authentication chap fallback ppp
B. Router(config-if)# ppp authentication chap pap
C. Router(config-if)# authentication ppp chap fallback ppp
D. Router(config-if)# authentication ppp chap pap
Answer: B
Explanation:
This command tells the router first to use CHAP and then go to PAP if CHAP isn't available.