Best Quality of ccna routing and switching 200 125 free question materials and free samples for Cisco certification for client, Real Success Guaranteed with Updated 200 125 cisco pdf dumps vce Materials. 100% PASS CCNA Cisco Certified Network Associate CCNA (v3.0) exam Today!
Q46. - (Topic 3)
What is the effect of using the service password-encryption command?
A. Only the enable password will be encrypted.
B. Only the enable secret password will be encrypted.
C. Only passwords configured after the command has been entered will be encrypted.
D. It will encrypt the secret password and remove the enable secret password from the configuration.
E. It will encrypt all current and future passwords.
Answer: E
Explanation:
Enable vty, console, AUX passwords are configured on the Cisco device. Use the show run command to show most passwords in clear text. If the service password-encryption is used, all the passwords are encrypted. As a result, the security of device access is improved.
Q47. - (Topic 3)
What are two enhancements that OSPFv3 supports over OSPFv2? (Choose two.)
A. It requires the use of ARP.
B. It can support multiple IPv6 subnets on a single link.
C. It supports up to 2 instances of OSPFv3 over a common link.
D. It routes over links rather than over networks.
Answer: B,D
Q48. - (Topic 4)
What occurs on a Frame Relay network when the CIR is exceeded?
A. All TCP traffic is marked discard eligible.
B. All UDP traffic is marked discard eligible and a BECN is sent.
C. All TCP traffic is marked discard eligible and a BECN is sent.
D. All traffic exceeding the CIR is marked discard eligible.
Answer: D
Explanation:
Committed information rate (CIR): The minimum guaranteed data transfer rate agreed to by the Frame Relay switch. Frames that are sent in excess of the CIR are marked as discard eligible (DE) which means they can be dropped if the congestion occurs within the Frame Relay network.
Note: In the Frame Relay frame format, there is a bit called Discard eligible (DE) bit that is used to identify frames that are first to be dropped when the CIR is exceeded.
Q49. - (Topic 3)
Which command is used to display the collection of OSPF link states?
A. show ip ospf link-state
B. show ip ospf lsa database
C. show ip ospf neighbors
D. show ip ospf database
Answer: D
Explanation:
The “show ip ospf database” command displays the link states. Here is an example: Here is the lsa database on R2.
R2#show ip ospf database
OSPF Router with ID (2.2.2.2) (Process ID 1) Router Link States (Area 0)
Link ID ADV Router Age Seq# Checksum Link count 2.2.2.2 2.2.2.2 793 0x80000003 0x004F85 2
10.4.4.4 10.4.4.4 776 0x80000004 0x005643 1
111.111.111.111 111.111.111.111 755 0x80000005 0x0059CA 2
133.133.133.133 133.133.133.133 775 0x80000005 0x00B5B1 2
Net Link States (Area 0)
Link ID ADV Router Age Seq# Checksum
10.1.1.1 111.111.111.111 794 0x80000001 0x001E8B
10.2.2.3 133.133.133.133 812 0x80000001 0x004BA9
10.4.4.1 111.111.111.111 755 0x80000001 0x007F16
10.4.4.3 133.133.133.133 775 0x80000001 0x00C31F
Q50. - (Topic 7)
What are the benefits of using Netflow? (Choose three.)
A. Network, Application & User Monitoring
B. Network Planning
C. Security Analysis
D. Accounting/Billing
Answer: A,C,D
Explanation:
NetFlow traditionally enables several key customer applications including:
+ Network Monitoring – NetFlow data enables extensive near real time network monitoring capabilities. Flow-based analysis techniques may be utilized to visualize traffic patterns
associated with individual routers and switches as well as on a network-wide basis (providing aggregate traffic or application based views) to provide proactive problem detection, efficient troubleshooting, and rapid problem resolution.
+ Application Monitoring and Profiling – NetFlow data enables network managers to gain a detailed, time-based, view of application usage over the network. This information is used to plan, understand new services, and allocate network and application resources (e.g. Web server sizing and VoIP deployment) to responsively meet customer demands.
+ User Monitoring and Profiling – NetFlow data enables network engineers to gain detailed understanding of customer/user utilization of network and application resources. This information may then be utilized to efficiently plan and allocate access, backbone and application resources as well as to detect and resolve potential security and policy violations.
+ Network Planning – NetFlow can be used to capture data over a long period of time producing the opportunity to track and anticipate network growth and plan upgrades to increase the number of routing devices, ports, or higher- bandwidth interfaces. NetFlow services data optimizes network planning including peering, backbone upgrade planning, and routing policy planning. NetFlow helps to minimize the total cost of network operations while maximizing network performance, capacity, and reliability. NetFlow detects unwanted WAN traffic, validates bandwidth and Quality of Service (QOS) and allows the analysis of new network applications. NetFlow will give you valuable information to reduce the cost of operating your network.
+ Security Analysis – NetFlow identifies and classifies DDOS attacks, viruses and worms in real-time. Changes in network behavior indicate anomalies that are clearly demonstrated in NetFlow data. The data is also a valuable forensic tool to understand and replay the history of security incidents.
+ Accounting/Billing – NetFlow data provides fine-grained metering (e.g. flow data includes details such as IP addresses, packet and byte counts, timestamps, type-of-service and application ports, etc.) for highly flexible and detailed resource utilization accounting. Service providers may utilize the information for billing based on time-of-day, bandwidth usage, application usage, quality of service, etc. Enterprise customers may utilize the information for departmental charge-back or cost allocation for resource utilization.
Q51. - (Topic 5)
Which three are characteristics of an IPv6 anycast address? (Choose three.)
A. one-to-many communication model
B. one-to-nearest communication model
C. any-to-many communication model
D. a unique IPv6 address for each device in the group
E. the same address for multiple devices in the group
F. delivery of packets to the group interface that is closest to the sending device
Answer: B,E,F
Explanation:
A new address type made specifically for IPv6 is called the Anycast Address. These IPv6 addresses are global addresses, these addresses can be assigned to more than one interface unlike an IPv6 unicast address. Anycast is designed to send a packet to the nearest interface that is a part of that anycast group.
The sender creates a packet and forwards the packet to the anycast address as the destination address which goes to the nearest router. The nearest router or interface is found by using the metric of a routing protocol currently running on the network. However in a LAN setting the nearest interface is found depending on the order the neighbors were learned. The anycast packet in a LAN setting forwards the packet to the neighbor it learned about first.
Q52. - (Topic 7)
What Cisco IOS feature can be enabled to pinpoint an application that is causing slow network performance?
A. SNMP
B. Netflow
C. WCCP
D. IP SLA
Answer: B
Explanation:
Netflow can be used to diagnose slow network performance, bandwidth hogs and bandwidth utilization quickly with command line interface or reporting tools.
Reference: http://www.cisco.com/c/en/us/products/collateral/ios-nx-os-software/ios- netflow/prod_white_paper0900aecd80406232.html
Q53. - (Topic 4)
What are two characteristics of Frame Relay point-to-point subinterfaces? (Choose two.)
A. They create split-horizon issues.
B. They require a unique subnet within a routing domain.
C. They emulate leased lines.
D. They are ideal for full-mesh topologies.
E. They require the use of NBMA options when using OSPF.
Answer: B,C
Explanation:
Subinterfaces are used for point to point frame relay connections, emulating virtual point to point leased lines. Each subinterface requires a unique IP address/subnet. Remember, you cannot assign multiple interfaces in a router that belong to the same IP subnet.
Topic 5, Infrastructure Services
190. - (Topic 5)
What is the alternative notation for the IPv6 address B514:82C3:0000:0000:0029:EC7A:0000:EC72?
A. B514 : 82C3 : 0029 : EC7A : EC72
B. B514 : 82C3 :: 0029 : EC7A : EC72
C. B514 : 82C3 : 0029 :: EC7A : 0000 : EC72
D. B514 : 82C3 :: 0029 : EC7A : 0 : EC72
Answer: D
Explanation:
There are two ways that an IPv6 address can be additionally compressed: compressing leading zeros and substituting a group of consecutive zeros with a single double colon (::). Both of these can be used in any number of combinations to notate the same address. It is important to note that the double colon (::) can only be used once within a single IPv6 address notation. So, the extra 0’s can only be compressed once.
Q54. - (Topic 8)
Which statement about the IP SLAs ICMP Echo operation is true?
A. The frequency of the operation .s specified in milliseconds.
B. It is used to identify the best source interface from which to send traffic.
C. It is configured in enable mode.
D. It is used to determine the frequency of ICMP packets.
Answer: D
Explanation:
This module describes how to configure an IP Service Level Agreements (SLAs) Internet Control Message Protocol (ICMP) Echo operation to monitor end-to-end response time between a Cisco router and devices using IPv4 or IPv6. ICMP Echo is useful for
troubleshooting network connectivity issues. This module also demonstrates how the results of the ICMP Echo operation can be displayed and analyzed to determine how the network IP connections are performing.
ICMP Echo Operation
The ICMP Echo operation measures end-to-end response time between a Cisco router and any devices using IP. Response time is computed by measuring the time taken between sending an ICMP Echo request message to the destination and receiving an ICMP Echo reply.
In the figure below ping is used by the ICMP Echo operation to measure the response time between the source IP SLAs device and the destination IP device. Many customers use IP SLAs ICMP-based operations, in-house ping testing, or ping-based dedicated probes for response time measurements.
Figure 1. ICMP Echo Operation
http://www.cisco.com/c/dam/en/us/td/i/100001-200000/120001-130000/121001- 122000/121419.ps/_jcr_content/renditions/121419.jpg
The IP SLAs ICMP Echo operation conforms to the same IETF specifications for ICMP ping testing and the two methods result in the same response times.
Configuring a Basic ICMP Echo Operation on the Source Device SUMMARY STEPS
Q55. CORRECT TEXT - (Topic 4)
A corporation wants to add security to its network. The requirements are:
✑ Host B should be able to use a web browser (HTTP) to access the Finance Web Server.
✑ Other types of access from host B to the Finance Web Server should be blocked.
✑ All access from hosts in the Core or local LAN to the Finance Web Server should be blocked.
✑ All hosts in the Core and on local LAN should be able to access the Public Web Server.
You have been tasked to create and apply a numbered access list to a single outbound interface. This access list can contain no more than three statements that meet these requirements.
Access to the router CLI can be gained by clicking on the appropriate host.
✑ All passwords have been temporarily set to “cisco”.
✑ The Core connection uses an IP address of 198.18.132.65.
✑ The computers in the Hosts LAN have been assigned addresses of 192.168.201.1
– 192.168.201.254.
✑ host A 192.168.201.1
✑ host B 192.168.201.2
✑ host C 192.168.201.3
✑ host D 192.168.201.4
✑ The Finance Web Server has been assigned an address of 172.22.237.17.
✑ The Public Web Server in the Server LAN has been assigned an address of 172.22.237.18.
Answer:
Please check the below explanation for all details.
Explanation:
We should create an access-list and apply it to the interface that is connected to the Server LAN because it can filter out traffic from both S2 and Core networks. To see which interface this is, use the “show ip interface brief” command:
Macintosh HD:Users:danielkeller:Desktop:Screen Shot 2015-11-17 at 3.24.34 PM.png From this, we know that the servers are located on the fa0/1 interface, so we will place our numbered access list here in the outbound direction.
Corp1#configure terminal
Our access-list needs to allow host B – 192.168125.2 to the Finance Web Server 172.22.109.17 via HTTP (port 80), so our first line is this:
Corp1(config)#access-list 100 permit tcp host 192.168.125.2 host 172.22.109.17 eq 80
Then, our next two instructions are these:
✑ Other types of access from host B to the Finance Web Server should be blocked.
✑ All access from hosts in the Core or local LAN to the Finance Web Server should be blocked.
This can be accomplished with one command (which we need to do as our ACL needs to be no more than 3 lines long), blocking all other access to the finance web server: Corp1(config)#access-list 100 deny ip any host 172.22.109.17
Our last instruction is to allow all hosts in the Core and on the local LAN access to the Public Web Server (172.22.109.18)
Corp1(config)#access-list 100 permit ip host 172.22.109.18 any Finally, apply this access-list to Fa0/1 interface (outbound direction) Corp1(config)#interface fa0/1
Corp1(config-if)#ip access-group 100 out
Notice: We have to apply the access-list to Fa0/1 interface (not Fa0/0 interface) so that the access-list can filter traffic coming from both the LAN and the Core networks.
To verify, just click on host B to open its web browser. In the address box type
http://172.22.109.17 to check if you are allowed to access Finance Web Server or not. If
your configuration is correct then you can access it.
Click on other hosts (A, C and D) and check to make sure you can’t access Finance Web Server from these hosts. Then, repeat to make sure they can reach the public server at 172.22.109.18. Finally, save the configuration
Corp1(config-if)#end
Corp1#copy running-config startup-config
Q56. - (Topic 8)
Why is the Branch2 network 10.1 0.20.0/24 unable to communicate with the Server farm1 network 10.1 0.10.0/24 over the GRE tunnel?
A. The GRE tunnel destination is not configured on the R2 router.
B. The GRE tunnel destination is not configured on the Branch2 router.
C. The static route points to the tunnel0 interface that is misconfigured on the Branch2 router.
D. The static route points to the tunnel0 interface that is misconfigured on the R2 router.
Answer: C
Q57. - (Topic 5)
Refer to the exhibit.
A network administrator is adding two new hosts to SwitchA. Which three values could be used for the configuration of these hosts? (Choose three.)
A. host A IP address: 192.168.1.79
B. host A IP address: 192.168.1.64
C. host A default gateway: 192.168.1.78
D. host B IP address: 192.168.1.128
E. host B default gateway: 192.168.1.129
F. host B IP address: 192.168.1.190
Answer: A,C,F
Explanation:
It’s a “router-on-a-stick” configuration. Which means each host in the VLAN must corresponds with the VLAN configured on the sub-interfaces.
VLAN 10 is configured on fa0/0.10 and VLAN 20 on fa0/0.20. So each hosts in VLAN 10 must use fa0/0.10 IP address as their default gateway, each hosts must also be in the same subnet as fa0/0.10 IP – same with hosts in VLAN 20.
So find out the usable IP addresses on each sub-interfaces – for 192.168.1.78 /27: 192.168.1.65 – .94 and for 192.168.1.130 /26: 192.168.1.128 – .190.
Host A (using port 6 – VLAN 10) must use IP 192.168.1.79, default gateway 192.168.1.78. Host B (using port 9 – VLAN 20) must use IP 192.168.1.190, default gateway
192.168.1.130.
Q58. - (Topic 8)
Scenario:
You are a junior network engineer for a financial company, and the main office network is experiencing network issues. Troubleshoot the network issues.
Router R1 connects the main office to the internet, and routers R2 and R3 are internal routers.
NAT is enabled on router R1.
The routing protocol that is enabled between routers R1, R2 and R3 is RIPv2.
R1 sends the default route into RIPv2 for the internal routers to forward internet traffic to R1.
You have console access on R1, R2 and R3 devices. Use only show commands to troubleshoot the issues.
Examine the DHCP configuration between R2 and R3; R2 is configured as the DHCP server and R3 as the client. What is the reason R3 is not receiving the IP address via DHCP?
A. On R2. The network statement In the DHCP pool configuration is incorrectly configured.
B. On R3. DHCP is not enabled on the interface that is connected to R2.
C. On R2, the interface that is connected to R3 is in shutdown condition.
D. On R3, the interface that is connected to R2 is in shutdown condition.
Answer: B
Explanation:
Please check the below:
Q59. - (Topic 5)
Refer to the exhibit.
Which subnet mask will place all hosts on Network B in the same subnet with the least amount of wasted addresses?
A. 255.255.255.0
B. 255.255.254.0
C. 255.255.252.0
D. 255.255.248.0
Answer: B
Explanation:
310 hosts < 512 = 29 -> We need a subnet mask of 9 bits 0 -> 1111 1111.1111 1111.1111
1110.0000 0000 -> 255.255.254.0
Q60. - (Topic 5)
A network administrator enters the following command on a router: logging trap 3. What are three message types that will be sent to the Syslog server? (Choose three.)
A. informational
B. emergency
C. warning
D. critical
E. debug
F. error
Answer: B,D,F
Explanation:
The Message Logging is divided into 8 levels as listed below:
Level Keyword Description 0
emergencies System is unusable 1
alerts
Immediate action is needed 2
critical
Critical conditions exist 3
errors
Error conditions exist 4
warnings
Warning conditions exist 5
notification
Normal, but significant, conditions exist 6
informational Informational messages 7
debugging Debugging messages
If you specify a level with the “logging trap level” command, that level and all the higher levels will be logged. For example, by using the “logging trap 3 command, all the logging of emergencies, alerts, critical, and errors, will be logged.