Proper study guides for Refresh Cisco CCNA Cisco Certified Network Associate CCNA (v3.0) certified begins with Cisco ccna 200 120 vs 200 125 preparation products which designed to deliver the Breathing 200 125 ccna pdf questions by making you pass the ccna 200 125 test at your first time. Try the free ccna routing and switching 200 125 pdf demo right now.
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for Cisco 200-125 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW 200-125 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/200-125-exam-dumps.html
P.S. Breathing 200-125 dumps are available on Google Drive, GET MORE: https://drive.google.com/open?id=1GYoIP8av070YUllGeTpz9IFUfla_iPR7
New Cisco 200-125 Exam Dumps Collection (Question 2 - Question 11)
Q1. When a DHCP server is configured, which two IP addresses should never be assignable to hosts? (Choose two.)
A. network or subnetwork IP address
B. broadcast address on the network
C. IP address leased to the LAN
D. IP address used by the interfaces
E. manually assigned address to the clients
F. designated IP address to the DHCP server
Answer: A,B
Explanation:
Network or subnetwork IP address (for example 11.0.0.0/8 or 13.1.0.0/16) and broadcast address (for example 23.2.1.255/24) should never be assignable to hosts. When try to assign these addresses to hosts, you will receive an error message saying that they canu2021t be assignable.
Q2. An administrator is trying to ping and telnet from SwitchC to RouterC with the results shown below.
Click the console connected to RouterC and issue the appropriate commands to answer the questions.
What would be the effect of issuing the commandip access-group 114 into the fa0/0 interface?
A. Attempts to telnet to the router would fail.
B. It would allow all traffic from the 10.4.4.0 network.
C. IP traffic would be passed through the interface but TCP and UDP traffic would not.
D. Routing protocol updates for the 10.4.4.0 network would not be accepted from the fa0/0 interface.
Answer: B
Explanation:
From the output of access-list 114: access-list 114 permit ip 10.4.4.0 0.0.0.255 any we can easily understand that this access list allows all traffic (ip) from 10.4.4.0/24 network
Q3. CORRECT TEXTCentral Florida Widgets recently installed a new router in their office. Complete the network installation by performing the initial router configurations and configuring R1PV2 routing using the router command line interface (CLI) on the RC.
Configure the router per the following requirements: Name of the router is R2
Enable. secret password is cisco
The password to access user EXEC mode using the console is cisco2 The password to allow telnet access to the router is cisco3
IPV4 addresses must be configured as follows:
Ethernet network 209.165.201.0/27 - router has fourth assignable host address in subnet Serial network is 192.0.2.176/28 - router has last assignable host address in the subnet. Interfaces should be enabled.
Router protocol is RIPV2
Attention:
In practical examinations, please note the following, the actual information will prevail.
1. Name or the router is xxx
2. Enable. secret password is xxx
3. Password In access user EXEC mode using the console is xxx
4. The password to allow telnet access to the router is xxx
5. IP information
Answer:
Router>enable
Router#config terminal
Router(config)#hostname R2
R2(config)#enable secret Cisco 1
R2(config)#line console 0
R2(config-line)#password Cisco 2
R2(config-line)#exit R2(config)#line vty 0 4
R2(config-line)#password Cisco 3
R2(config-line)#login
R2(config-line)#exit R2(config)#interface faO/0
R2(config-if)#ip address 209.165.201.4 255.255.255.224
R2(config)#interface s0/0/0
R2(config-if)#ip address 192.0.2.190 255.255.255.240
R2(config-if)#no shutdown
R2(config-if)#exit R2(config)#router rip
R2(config-router)#version 2
R2(config-router)#network 209.165.201.0
R2(config-router)#network 192.0.2.176
R2(config-router)#end
R2#copy run start
Q4. What are the benefits of using Netflow? (Choose three.)
A. Network,Application & User Monitoring
B. Network Planning
C. Security Analysis
D. Accounting/Billing
Answer: A,C,D
Explanation:
NetFlow traditionally enables several key customer applications including:
+ Network Monitoring u2013 NetFlow data enables extensive near real time network monitoring capabilities. Flow-based analysis techniques may be utilized to visualize traffic patterns associated with individual routers and switches as well as on a network-wide basis (providing aggregate traffic or application based views) to provide proactive problem detection, efficient troubleshooting, and rapid problem resolution.
+ Application Monitoring and Profiling u2013 NetFlow data enables network managers to gain a detailed, time-based, view of application usage over the network. This information is used to plan, understand new services, and allocate network and application resources (e.g. Web server sizing and VoIP deployment) to responsively meet customer demands.
+ User Monitoring and Profiling u2013 NetFlow data enables network engineers to gain detailed understanding of customer/user utilization of network and application resources. This information may then be utilized to efficiently plan and allocate access, backbone and
application resources as well as to detect and resolve potential security and policy violations.
+ Network Planning u2013 NetFlow can be used to capture data over a long period of time producing the opportunity to track and anticipate network growth and plan upgrades to increase the number of routing devices, ports, or higher- bandwidth interfaces. NetFlow services data optimizes network planning including peering, backbone upgrade planning, and routing policy planning. NetFlow helps to minimize the total cost of network operations while maximizing network performance, capacity, and reliability. NetFlow detects unwanted WAN traffic, validates bandwidth and Quality of Service (QOS) and allows the analysis of new network applications. NetFlow will give you valuable information to reduce the cost of operating your network.
+ Security Analysis u2013 NetFlow identifies and classifies DDOS attacks, viruses and worms in real-time. Changes in network behavior indicate anomalies that are clearly demonstrated in NetFlow data. The data is also a valuable forensic tool to understand and replay the history of security incidents.
+ Accounting/Billing u2013 NetFlow data provides fine-grained metering (e.g. flow data includes details such as IP addresses, packet and byte counts, timestamps, type-of-service and application ports, etc.) for highly flexible and detailed resource utilization accounting. Service providers may utilize the information for billing based on time-of-day, bandwidth usage, application usage, quality of service, etc. Enterprise customers may utilize the information for departmental charge-back or cost allocation for resource utilization.
Q5. Refer to the exhibit.
Which rule does the DHCP server use when there is an IP address conflict?
A. The address is removed from the pool until the conflict is resolved.
B. The address remains in the pool until the conflict is resolved.
C. Only the IP detected by Gratuitous ARP is removed from the pool.
D. Only the IP detected by Ping is removed from the pool.
E. The IP will be shown, even after the conflict is resolved.
Answer: A
Explanation:
An address conflict occurs when two hosts use the same IP address. During address assignment, DHCP checks for conflicts using ping and gratuitous ARP. If a conflict is detected, the address is removed from the pool. The address will not be assigned until the administrator resolves the conflict.
(Reference: http://www.cisco.com/en/US/docs/ios/12_1/iproute/configuration/guide/1cddhcp.html)
Q6. Which two commands correctly verify whether port security has been configured on port FastEthernet 0/12 on a switch? (Choose two.)
A. SW1#show port-secure interface FastEthernet 0/12
B. SW1#show switchport port-secure interface FastEthernet 0/12
C. SW1#show running-config
D. SW1#show port-security interface FastEthernet 0/12
E. SW1#show switchport port-security interface FastEthernet 0/12
Answer: C,D
Explanation:
We can verify whether port security has been configured by using the u201cshow running- configu201d or u201cshow port-security interfaceu201d for more detail. An example of the output of u201cshow port-security interfaceu201d command is shown below:
Q7. A network administrator needs to configure port security on a switch. Which two statements are true? (Choose two.)
A. The network administrator can apply port security to dynamic access ports.
B. The network administrator can apply port security to EtherChannels.
C. When dynamic MAC address learning is enabled on an interface, the switch can learn new addresses, up to the maximum defined.
D. The sticky learning feature allows the addition of dynamically learned addresses to the running configuration.
E. The network administrator can configure static secure or sticky secure MAC addresses in the voice VLAN.
Answer: C,D
Explanation:
Follow these guidelines when configuring port security:
+ Port security can only be configured on static access ports, trunk ports, or 802.1Q tunnel ports.
+ A secure port cannot be a dynamic access port.
+ A secure port cannot be a destination port for Switched Port Analyzer (SPAN).
+ A secure port cannot belong to a Fast EtherChannel or Gigabit EtherChannel port group.
+ You cannot configure static secure or sticky secure MAC addresses on a voice VLAN.
+ When you enable port security on an interface that is also configured with a voice VLAN, you must set the maximum allowed secure addresses on the port to at least two.
+ If any type of port security is enabled on the access VLAN, dynamic port security is automatically enabled on the voice VLAN.
+ When a voice VLAN is configured on a secure port that is also configured as a sticky secure port, all addresses seen on the voice VLAN are learned as dynamic secure addresses, and all addresses seen on the access VLAN (to which the port belongs) are learned as sticky secure addresses.
+ The switch does not support port security aging of sticky secure MAC addresses.
+ The protect and restrict options cannot be simultaneously enabled on an interface.
(Reference: http://www.cisco.com/en/US/docs/switches/lan/catalyst3550/software/release/12.1_19_ea1
/configuration/guide/swtrafc.html)
Topic 11, Infrastructure Management
853.Scenario
Refer to the topology. Your company has connected the routers R1, R2, and R3 with serial
links. R2 and R3 are connected to the switches SW1 and SW2, respectively. SW1 and SW2 are also connected to the routers R4 and R5.
The EIGRP routing protocol is configured.
You are required to troubleshoot and resolve the EIGRP issues between the various routers.
Use the appropriate show commands to troubleshoot the issues.
Study the following output taken on R1: R1# Ping 10.5.5.55 source 10.1.1.1 Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.5.5.55, timeout is 2 seconds: Packet sent with a source address of 10.1.1.1
u2026u2026.
Success rate is 0 percent (0/5) Why are the pings failing?
A. The network statement is missing on R5.
B. The loopback interface is shut down on R5.
C. The network statement is missing on R1.
D. The IP address that is configured on the Lo1 interface on R5 is incorrect.
Q8. You are working in a data center environment and are assigned the address range 10.188.31.0/23. You are asked to develop an IP addressing plan to allow the maximum number of subnets with as many as 30 hosts each. Which IP address range meets these requirements?
A. 10.188.31.0/26
B. 10.188.31.0/25
C. 10.188.31.0/28
D. 10.188.31.0/27
E. 10.188.31.0/29
Answer: D
Explanation:
Each subnet has 30 hosts < 32 = 25 so we need a subnet mask which has at least 5 bit 0s
-> /27. Also the question requires the maximum number of subnets (which minimum the number of hosts-per-subnet) so /27 is the best choice.
Q9. CORRECT TEXTA network associate is adding security to the configuration of the Corp1 router. The user on host C should be able to use a web browser to access financial information from the Finance Web Server. No other hosts from the LAN nor the Core should be able to use a web browser to access this server. Since there are multiple resources for the corporation at this location including other resources on the Finance Web Server, all other traffic should be allowed.
The task is to create and apply an access-list with no more than three statements that will allow ONLY host C web access to the Finance Web Server. No other hosts will have web access to the Finance Web Server. All other traffic is permitted.
Access to the router CLI can be gained by clicking on the appropriate host.
All passwords have been temporarily set to "cisco".
The Core connection uses an IP address of 198.18.247.65
The computers in the Hosts LAN have been assigned addresses of 192.168.240.1 - 192.168.240.254
u2711 host A 192.168.240.1
u2711 host B 192.168.240.2
u2711 host C 192.168.240.3
Answer:
Corp1#conf t
Corp1(config)# access-list 128 permit tcp host 192.168.240.1 host 172.22.141.26 eq www
Corp1(config)# access-list 128 deny tcp any host 172.22.141.26 eq www
Corp1(config)# access-list 128 permit ip any any
Corp1(config)#int fa0/1
Corp1(config-if)#ip access-group 128 out
Corp1(config-if)#end
Corp1#copy run startup-config
Q10. When you are troubleshooting an ACL issue on a router, which command would you use to verify which interfaces are affected by the ACL?
A. show ip access-lists
B. show access-lists
C. show interface
D. show ip interface
E. list ip interface
Answer: D
Explanation:
Incorrect:
show ip access-lists does not show interfaces affected by an ACL.
Recommend!! Get the Breathing 200-125 dumps in VCE and PDF From Certifytools, Welcome to download: https://www.certifytools.com/200-125-exam.html (New 890 Q&As Version)