200 125

Cisco - 200-125
Exam Topic Breakdown

Exam Topic Number of Questions
Topic 1 : New Pool Exam A 149
Topic 2 : New Pool Exam B 170
Topic 3 : New Pool Exam C 120
Topic 4 : New Pool Exam D 54
Topic 5 : New Pool E (Latest) 146
Topic 6 : New Pool Exam F 136
TOTAL 775
1 of 629
Cisco - 200-125
Topic 1, New Pool Exam A

Question #:1 - (Exam Topic 1)
which two types of information are held in the mac address table ?
A. destination ip addresses
B. protocols
C. port numbers
D. mac address
E. source ip address
Answer: C D
which three options are benefits of using TACACS+ on a device ?
A. Device administration packets are encrypted in their entirety
B. it allows the user to remotely access devices from other vendors
C. it supports access level authorization for commands
D. it ensures that user activity is untraceable
E. it allows users to be authenticated against a remote server
F. it provides a secure accounting facility on the device
Answer: A C E
A router has learned three possible routes that could be used to reach a destination network One route is from
EIGRP and has a composite metric of 07104371. Another route is from OSPF with a metric of 782 The last is
from RIPv2 and has a metric of 4 Which route or routes will the router install in the routing table?
A. the EIGRP route
B. the OSPF route
C. the RIPv2 route
2 of 629
Cisco - 200-125
D. all three routes
E. the OSPF and RIPv2 routes
Answer: A
Refer to the exhibit.
Given the output from the show ip eigrp topology command, which router is the feasible
successor?
A. 10.1.0.1 (Serial0), from 10.1.0.1, Send flag is 0x0
Composite metric is (46152000/41640000), Route is Internal
Vector metric:
Minimum bandwidth is 64 Kbit
Total delay is 45000 Microseconds
Reliability is 255/255
Load is 1/255
Minimum MTU is 1500
Hop count is 2
B. 10.0.0.2 (Serial0.1), from 10.0.0.2, Send flag is 0x0
Vector Metric:
Total delay is 25000 Microseconds
3 of 629
Cisco - 200-125
Load is 1/255
Minimum MTU is 1500
Hop count is 1
C. 10.1.0.3 (Serial0), from 10.1.0.3, Send flag is 0x0
Vector metric:
Total delay is 45000 microseconds
Load is 1/255
Minimum MTU is 1500
Hop count is 2
D. 10.1.1.1 (Serial0.1), from 10.1.1.1, Send flag is 0x0
Composite metric is (46763776/46251776), Route is External
Vector metric:
Total delay is 41000 microseconds
Load is 1/255
Minimum MTU is 1500
Hop count is 2
Answer: B
which feature must you enable to distribute vlans automatically across multiple switch ?
4 of 629
Cisco - 200-125
A. configure NTP
B. Configure the native VLAN
C. Define Each vlan
D. configure VTP
Answer: D
Which technology can provide security when connection multiple sites across the internet?
A. EBGP
B. DMVPN
C. Site-to-site vpn
D. MPLS
Answer: B
Which two statements about IPv6 address 2002:ab10:beef::/48 are true?(choose two)
A. The embedded IPv4 address can be globally routed.
B. It is used for an ISATAP tunnel
C. The embedded IPv4 address is an RFC 1918 address
D. The MAC address 20:02:b0:10:be:ef is embedded into the IPv6 address
E. It is used for a 6to4 tunnel
Answer: A E
Which type of cable must you use to connect two device with mdi interfaces ?
A. rolled
B. crosseover
5 of 629
Cisco - 200-125
C. crossed
D. straight through
Answer: C
While troubleshooting a connection problem on a computer, you determined that the computer can ping a
specific web server but it cannot connect to TCP port 80 on that server. Which reason for the problem is most
likely true?
A. A VLAN number is incorrect.
B. A Route is missing
C. An ARP table entry is missing.
D. An ACL is blocking the TCP port.
Answer: D
Refer to exhibit.
Which command can you enter to verify link speed and duplex setting on the interface?
A. router#show ip protocols
B. router#show startup-config
C. router#show line
D. router#show interface gig 0/1
Answer: D
Which mode is compatible with Trunk, Access, and desirable ports?
A. Trunk Ports
6 of 629
Cisco - 200-125
B. Access Ports
C. Dynamic Auto
D. Dynamic Desirable
Answer: C
Explanation
Explanation/Reference:
The 'dynamic auto' will configure the port to accept incoming negotiation and will accept becoming either a
trunk or an access port. Dynamic Auto allows the port to negotiate DTP (Dynamic Trunking Protocol) if the
other side is set to trunk or desirable. Otherwise it will become an access port.
What is true about Cisco Discovery Protocol ?
A. it discovers the routers, switches and gateways.
B. it is network layer protocol
C. it is physical and data link layer protocol
D. it is Cisco proprietary protocol
Answer: D
which three technical services support cloud computing ?
A. network-monitored power sources
B. layer 3 network routing
C. ip localization
D. redundant connections
E. VPN connectivity
F. extended SAN services
Answer: D E F
7 of 629
Cisco - 200-125
Where does a switch maintain DHCP snooping information?
A. in the CAM table
B. in the VLAN database
C. in the DHCP binding database
D. in the MAC address table
Answer: C
Which statement about DHCP snooping is true?
A. it blocks traffic from DHCP servers on untrusted interfaces.
B. it can be configured on switches and routers.
C. it allows packets from untrusted ports if their source MAC address is found in the binding table.
D. it uses DHCPDiscover packets to identify DHCP servers.
Answer: A
Refer to the exhibit,
8 of 629
Cisco - 200-125
you determine that Computer A cannot ping Computer Which reason for the
problem is most likely true?
A. The Subnet mask for Computer A is incorrect
B. The subnet mask for computer B is incorrect
C. The default gateway address for Computer A is incorrect.
D. The default gateway address for computer B is incorrect.
Answer: A
Explanation
255.255.255.224 =/27
Which definition of default route is true?
A. A route that is manually configured.
B. A route used when a destination route is missing.
C. A route to the exact /32 destination address
D. Dynamic route learned from the server.
Answer: C
Drag the cable type on the left to the purpose for which is it best suited on the right. (Not all options are used.)
9 of 629
Cisco - 200-125
Answer:
10 of 629
Cisco - 200-125
Explanation
Switch to router : rollover
Switch to switch : crossover
PM Com port: 9 - 25 pin
which value must you configure on a device beforee EIGRP For IPV6 Can start Running ?
A. Process ID
B. Router ID
C. Public IP Address
D. Loopback interface
Answer: B
11 of 629
Cisco - 200-125
What command can you enter to configure the switch as an authoritative ntp server with site id : 15122473?
A. Switch(config)#ntp master 3
B. Switch(config)#ntp peer IP 193.168.2.2
C. Switch(config)#ntp server IP 193.168.22
D. Switch(config)#ntp source IP 193.168.2.2
Answer: A
Which utility can you use to determine whether a switch can send echo requests and replies?
A. SSH
B. traceroute
C. ping
D. Telnet
Answer: C
Which two options are benefits of dhcp snooping ?
A. it prevents dhcp reservations
B. it simplifies the process of adding DHCP Servers to the network
C. it prevents the deployment of rogue DHCP Servers
D. it prevents static reservations
E. it Tracks the location of hosts in the network
Answer: C E
Which WAN topology is most appropriate for a centrally located server farm with several satellite branches?
A. star
B. hub and spoke
12 of 629
Cisco - 200-125
C. point-to-point
D. full mesh
Answer: B
Explanation
In a Hub-and-spoke Site-to-Site Wide Area Network (WAN) network topology, one physical site act as Hub
(Example, Main Office), while other physical sites act as spokes. Spoke sites are connected to each other via
Hub site. In Huband-spoke Wide Area Network (WAN) topology, the network communication between two
spokes always travels through the hub.
Which action can change the order of entries in a named access list?
A. opening the access list in Notepad.
B. resequercing
C. removing an entry
D. adding an entry
Answer: B
Which keyword enables an HSRP router to take the active role immediately when it comes online?
A. IP address
B. Priority
C. Preempt
D. Version
Answer: C
How does NAT overloading provide one-to-many address translation?
A.
13 of 629
Cisco - 200-125
A. it uses a pool of addresses.
B. it converts IPv4 addresses to unused IPv6 addresses.
C. it assigns a unique TCP/UDP port to each session.
D. it uses virtual MAC address and virtual IP addresses.
Answer: C
Which configuration command can you apply to a router so that its local interface becomes active if all other
routers in the group fail?
A. Router(config)#standby 1 preempt
B. No additional configuration is required
C. Router(config)#standby 1 Priority 250
D. Router(config)#standby 1 track Ethernet
Answer: A
Which type of MAC address is aged automatically by the switch?
A. automatic
B. manual
C. dynamic
D. static
Answer: C
Which option describes the best way to troubleshoot and isolate a network problem?
A. Gather the facts
B. Change one variable at a time.
C.
14 of 629
Cisco - 200-125
C. Implement an action plan
D. Create an Action plan
Answer: C
When is a routing table entry identified as directly connected?
A. when the local router is in use as the network default gateway
B. when the network resides on a remote router that is physically connected to the local router
C. when an interface on the route is configure with an ip address and enabled
D. when the route is statically assigned to reach a specific network
Answer: C
In which byte of an IP packet can traffic be marked ?
A. the Tos byte
B. the Qos byte
C. the Cos byte
D. the Dscp byte
Answer: A
Reference:
http://flylib.com/books/2/686/1/html/2/images/1587051990/graphics/13fig01.gif
Which two steps must you perform on each device that is configured for ipv4 routing before you implement
OSPFv3? (chooose two)
A. configure an autonomous system number
B. configure a loopback interface
C.
15 of 629
Cisco - 200-125
C. configure a router ID
D. enable IPv6 on an interface
E. enable IPv6 unicast routing
Answer: C E
What are three advantages of vlans ?
A. They provide a method of conserving ip addresses in large networks
B. They provide a low latency internetworking alternative to routed networks
C. they utilize packet filtering to enhance network security
D. They establish broadcast domains in switched networks
E. They allow access to network services based on department not physical localtion
F. They can simplify adding moving or changing hosts on the network
Answer: D E F
Which port security violation mode allows traffic from valid mac address to pass but block traffic from invalid
mac address?
A. protect
B. shutdown
C. shutdown vlan
D. restrict
Answer: A
Which command is used to show the interface status of a router?
A. show interface status
B. show ip interface brief
16 of 629
Cisco - 200-125
C. show ip route
D. show interface
Answer: B
which two statements about data vlans on access ports are true ?
A. they can be configured as trunk ports
B. 802.1Q encapsulation must be configured on the interface
C. Exactly one vlan can be configured on the interface
D. Two or more vlans can be configured on the interface
E. They can be configured as host ports
Answer: C E
which major ipv6 address type is supported in ipv4 but rarely used ?
A. Broadcast
B. multicast
C. unicast
D. anycast
Answer: B
which two statements about vtp are true ?
A. all switches must be configured with the same VTP domain name
B. all switches must be configured with a unique vtp domain name
C. all switches must be configured to perform trunk negotiation
D.
17 of 629
Cisco - 200-125
D. all switches must use the same VTP Version
E. The VTP Server must have the highest revision number in the domain
Answer: A D
While troubleshooting a DCHP client that is behaving erratically, you discover that the client has been
assigned the same IP address as a printer that is a staticIP address. Which option is the best way to resolve the
problem?
A. Configure static route to the client.
B. Assign the client the same IP address as the router.
C. Move the client to another IP subnet
D. Move the printer to another IP subnet.
E. Reserve the printer IP address.
Answer: E
Which two statements about MPLS are true?
A. it encapsulates all traffic in an ipv4 header.
B. it provides automatic authentication.
C. it uses labels to separate and forward customer traffic.
D. it can carry multiple protocols, including ipv4 and ipv6.
E. it tags customer traffic using 802.1q.
Answer: C D
Which two options are primary responsibilities of the APIC-EM controller? (Choose two.)
A. It automates network actions between different device types.
B. It provides robust asset management.
C.
18 of 629
Cisco - 200-125
C. It tracks license usage and Cisco IOS versions.
D. It automates network actions between legacy equipment.
E. It makes network functions programmable.
Answer: A E
Explanation
http://www.cisco.com/c/en/us/products/cloud-systems-management/application-policy-infrastructure-controllerenterpris
module/index.html
Automate network configuration and setup
Deploy network devices faster
Automate device deployment and provisioning across the enterprise.
Provide a programmable network
Enable developers to create new applications that use the network to fuel business growth.
A BPDU guard is configured on an interface that has PortFast Enable. Which state does the interface enter
when it receives a BPDU?
A. Blocking.
B. Shutdown.
C. Listening.
D. errdisable.
Answer: D
When a router is unable to find a known route in the routing table, how does it handle the packet?
A. It discards the packet
B. It sends the packet over the route with the best metric
C. It sends the packet to the next hop address
19 of 629
Cisco - 200-125
D. It sends the packet to the gateway of last resort
Answer: D
If three devices are plugged into one port on a switch and two devices are plugged into a different port, how
many collision domains are on the switch?
A. 2
B. 4
C. 5
D. 6
Answer: C
Which option is the master redundancy scheme for stacked switches?
A. 1:N
B. 1:1
C. N:1
D. 1+N
Answer: A
Which address class includes network 191.168.0.1/27?
A. Class C
B. Class B
C. Class D
D. Class A
Answer: B
20 of 629
Cisco - 200-125
Which statement about EIGRP on IPv6 device is true?
A. It is configured directly on the interface
B. the configuration uses secondary ip address
C. the neighbors of each deice are directly configured
D. the configuration uses process numbers
Answer: A
Explanation
http://www.cisco.com/c/en/us/support/docs/ip/enhanced-interior-gateway-routing-protocol-eigrp/113267-eigrp-ipv6-00
which command can you enter to troubleshoot the failure of address assignment ?
A. sh ip dhcp database
B. sh ip dhcp pool
C. sh ip dhcp import
D. sh ip dhcp server statistics
Answer: B
If you configure syslog messages without specifying the logging trap level, which log messages will the router
send?
A. error conditions only
B. warning and error conditions only
C. normal but significant conditions only
D. all levels except debugging
E. informational messages only
Answer: E
21 of 629
Cisco - 200-125
which three options are fields in a basic ethernet data frame ?
A. preamble
B. time to live
C. version
D. header checksum
E. length type
F. frame check sequence
Answer: A E F
Which statement about upgrading a cisco ios device with TFTP is True ?
A. The Cisco IOS device must be on the same lan as the TFTP server
B. The operation is performed in passive mode
C. The operation is performed in an unencrypted format
D. The operation is performed in active mode
Answer: A
Which statement about IPv6 link-local addresses is true ?
A. they must be configured on all IPv6 interface
B. They must be globally unique
C. They must be manually configured
D. They are advertised globally on the network
Answer: B
22 of 629
Cisco - 200-125
DRAG DROP
Answer:
Explanation
23 of 629
Cisco - 200-125
Which type of attack can be mitigated by configuring the default native vlan to be unused ?
A. swich spoofing
B. cam table overflow
C. vlan hopping
D. MAC spoofing
Answer: C
Which command can you enter to determine the addresses that have been assigned
on a DHCP Server?
A. Show ip DHCP database.
B. Show ip DHCP pool.
C. Show ip DHCP binding.
D. Show ip DHCP server statistic.
Answer: C
Reference:
http://www.aubrett.com/InformationTechnology/RoutingandSwitching/Cisco/CiscoRouters/
DHCPBindings.aspx
“Router#show ip dhcp binding
Bindings from all pools not associated with VRF:
IP address Client-ID/ Lease expiration Type
10.16.173.0 24d9.2141.0ddd Jan 12 2013 03:42 AM Automatic”
which technology supports multiple dynamic secure connections an unsecure transport network ?
A.
24 of 629
Cisco - 200-125
A. DMVPN
B. VPN
C. Site-to-site VPN
D. client VPN
Answer: A
which functionality does split horizon provide ?
A. it Prevents routing loops in distance vector protocols
B. it Prevents switching loops in distance vector protocols
C. it Prevents switching loops in link-state protocols
D. it Prevents routing loops in link-state protocols
Answer: A
Which statement about spanning tree root bridge election is true ?
A. every root bridge must reside on the root switch
B. it is always performed automatically
C. every VLAN must use the same root bridge
D. Each VLAN must have its own root bridge
Answer: D
How does a router handle an incoming packet whose destination network is missing from the routing table?
A. it discards the packet.
B. it broadcasts the packet to each network on the router.
C. it routes the packet to the default route.
D. it broadcasts the packet to each interface on the router.
25 of 629
Cisco - 200-125
Answer: A
Which two protocols can detect native vlan mismatch errors?
A. STP
B. Cisco Discovery Protocol
C. VTP
D. DTP
E. PAgP
Answer: B C
Which RPVST+ port state is excluded from all STP operations?
A. learning
B. forwarding
C. blocking
D. disabled
Answer: D
Which Two options are features of the extended ping command?
A. it can send packets from a specified interface or ip address
B. it can resolve the destination host name
C. it can ping multiple hosts at the same time
D. it can count the number of hops to the remote host
E. it can send a specified number of packets
Answer: A E
26 of 629
Cisco - 200-125
If RTR01 as configured as shown, which three addresses will be received by other routers that are running
EIGRP on the network? (Choose three.)
A. 172.16.4.0
B. 10.0.0.0
C. 172.16.0.0
D. 192.168.2.0
E. 192.168.0.0
F. 10.4.3.0
Answer: A C D
which command can you enter in a network switch configuration so that learned mac addresses are saved in
configuration as they connect ?
A. Switch(config-if)#Switch port-security
B. Switch(config-if)#Switch port-security Mac-address sticky
C. Switch(config-if)#Switch port-security maximum 10
D. Switch(config-if)#Switch mode access
Answer: B
27 of 629
Cisco - 200-125
When you deploy multilink PPP on your network, where must you configure the group IP Address on each
device?
A. In the global configuration
B. Under serial interface
C. Under the routing protocol
D. Under the multilink interface
Answer: D
refer to the exhibit:
what is the metric for the router from R1 to 192.168.10.1 ?
A. 2
B. 90
C. 110
D. 52778
Answer: D
Which protocol is a Cisco proprietary implementation of STP?
A.
28 of 629
Cisco - 200-125
A. CST
B. RSTP
C. MSTP
D. PVST+
Answer: D
Which type of routing protocol operates by using first information from each device peers?
A. link-state protocols
B. distance-vector protocols
C. path-vector protocols
D. exterior gateway protocols
Answer: A
Which port security mode can assist with troubleshooting by keeping count of violations?
A. access.
B. protect.
C. restrict.
D. shutdown.
Answer: C
Which IPV6 function serves the same purpose as ARP entry verification on an IPv4 network?
A. interface ip address verification.
B. MAC address table verification
C. neighbor discovery verification
29 of 629
Cisco - 200-125
D. routing table entry verification
Answer: C
Which type of routing protocol operates by exchanging the entire routing information?
A. distance vector protocols
B. link state protocols
C. path vector protocols
D. exterior gateway protocols
Answer: A
Which DTP switch port mode allows the port to create a trunk link if the neighboring port is in trunk mode,
dynamic desirable mode, or desirable auto mode?
A. trunk
B. access
C. dynamic desirable
D. dynamic auto
Answer: C
Which options are requirements for configuring RIPv2 on an IPv4 network router? (Choose two.)
A. enabling RIP on the router
B. allowing unicast updates for RIP
C. enabling RIP authentication
D. connecting RIP to a WAN interface
E. enabling automatic route summarrization
Answer: A B
30 of 629
Cisco - 200-125
which NTP type designates a router without an external referee clock as an authoritative time source ?
A. Client
B. Server
C. peer
D. master
Answer: D
Which feature is configured by setting a variance that is at least two times the metric?
A. equal cost load balancing
B. unequal cost load balancing
C. Path selection
D. path count
Answer: B
Where does the configuration reside when a helper address is configured to support
DHCP ?
A. on the switch trunk interface.
B. on the router closest to the client.
C. on the router closest to the server.
D. on every router along the path.
Answer: B
How can you manually configure a switch so that it is selected as the root Switch?
A. increase the priority number
B.
31 of 629
Cisco - 200-125
B. lower the port priority number
C. lower the priority number
D. increase the port priority number
Answer: C
How does a router handle an incoming packet whose destination network is missing from the routing table?
A. it discards the packet.
B. it broadcasts the packet to each network on the router.
C. it routes the packet to the default route.
D. it broadcasts the packet to each interface on the router.
Answer: C
Which statement about spanning-tree root-bridge election is true?
A. Every root bridge must reside on the same root switch
B. it is always performed automatically.
C. Every VLAN must use the same root bridge.
D. Each VLAN must have its own root bridge.
Answer: D
Which utility can you use to identify redundant or shadow rules ?
A. The ACL trace tool in Cisco APIC-EM.
B. The ACL analysis tool in Cisco APIC-EM.
C. The Cisco APIC-EM automation scheduler.
D. The Cisco IWAN application.
Answer: B
32 of 629
Cisco - 200-125
Which type of secure MAC address must be configured manually?
A. static
B. dynamic
C. sticky
D. bia
Answer: A
How many bits represent network id in a IPv6 address?
A. 32
B. 48
C. 64
D. 128
Answer: C
Explanation
http://networkengineering.stackexchange.com/questions/30836/calculate-networking-bits-for-ipv6
64 bits for Network ID and 64 bits for Interface ID
64+64=128
Drag and drop each cable type from the left onto the type of connection for which it is best suited on the right .
33 of 629
Cisco - 200-125
Answer:
Explanation
Which two statements about firewalls are true? (Choose two.)
A. They can be used with an intrusion prevention system.
B. They can limit unauthorized user access to protect data.
C. Each wireless access point requires its own firewall.
D. They must be placed only at locations where the private network connects to the internet.
E.
34 of 629
Cisco - 200-125
E. They can prevent attacks from the internet only.
Answer: A B
Which HSRP feature was new in HSRPv2?
A. VLAN group numbers that are greater than 255
B. virtual MAC addresses
C. tracking
D. preemption
Answer: A
If R1 receives a packet destined to 172.16.1.1, to which IP address does it send the
packet ?
A. 192.168.14.4
B.
35 of 629
Cisco - 200-125
B. 192.168.12.2
C. 192.168.13.3
D. 192.168.15.5
Answer: A
which port security mode can assist with troubleshooting by keeping count of violations?
A. access.
B. protect.
C. restrict.
D. shutdown.
Answer: C
Which function does traffic shaping perform?
A. it buffers traffic without queuing it
B. it queues traffic without buffering it
C. it drops packets to control the output rate
D. it buffers and queues excess packets
Answer: D
Which command can you enter to troubleshoot the failure of address assignments?
A. show ip dhcp pool
B. show ip dhcp database
C. show ip dhcp import
D. clear ip dhcp server statistics
36 of 629
Cisco - 200-125
Answer: A
Which three options are the major components of a network virtualization architecture? (Choose three.)
A. virtual network services
B. authentication services
C. network access control
D. network resilience
E. path isolation
F. policy enforcement
Answer: A C E
Which VTP mode prevents you from making changes to vlans?
A. Server.
B. Client.
C. Transparent.
D. Off
Answer: B
Explanation
VTP Client
· VTP clients function the same way as VTP servers, but you cannot create, change, or delete VLANs on a
VTP client.
· A VTP client only stores the VLAN information for the entire domain while the switch is on.
· A switch reset deletes the VLAN information.
· You must configure VTP client mode on a switch.
To enable router on a stick on a router subinterface, which two steps must you perform ? choose two
37 of 629
Cisco - 200-125
A. configure full duplex and speed
B. configure a default to route traffic between subinterfaces
C. configure the subinterface with an ip address
D. configure encapsulation dot1q
E. configure an ip route to the vlan destination network
Answer: C D
IF R1 sends traffic to 192.168.101.45 the traffic is sent through which interface?
A. FastEthernet0/1
B. FastEthernet0/0
C. FastEthernet1/0
D. FastEthernet1/1
Answer: C
Which address block identifies all link-local address
38 of 629
Cisco - 200-125
A. fc00::/7
B. fc00::/8
C. fe80::/10
Answer: C
Which Command can you enter on a switch to display the IP address associated with connected devices?
A. Show cdp neighbors
B. Show cdp neighbors detail
C. show cdp traffic
D. show cdp interface
Answer: B
when you troubleshoot an IPv4 connectivity issue on a router, which three router configuration checks you
must perform?
A. Verify that the router interface IP address IP address is correct.
B. Verify that the DNS is configured correctly.
C. Verify that the router and the host use the same subnet mask.
D. Verify that the router firmware is up-to-date.
E. Verify that a default route is configured.
F. Verify that the route appears in the routing table
Answer: A B F
Which two statements about unique local IPv6 addresses are true?
A. They are identical to IPv4 private addresses.
B.
39 of 629
Cisco - 200-125
B. They are defined by RFC 1884.
C. They use the prefix FEC0::/10
D. They use the prefix FC00::/7
E. They can be routed on the IPv6 global internet.
Answer: A D
When troubleshooting ethernet connectivity issues how can you verify that an ip address is known to a router?
A. Check Whether the ip address is in the routing table
B. Check Whether an ACL is blocking the ip address
C. Check Whether the ip address is in the CAM Table
D. Check Whether the ip address is in the ARP Table
Answer: D
Which HSRP Feature was new in HSRPv2 ?
A. Virtual MAC Address
B. Preemption
C. Tracking
D. VLAN Group Numbers that are greater than 255
Answer: D
40 of 629
Cisco - 200-125
At the end of an RSTP election process, which access layer switch port will assume the discarding role?
A. Switch3, port Gi0/2
B. Switch3, port Gi0/1
C. Swrtch4, port fa0/11
D. Switch3 , portfa0/12
E. Switch3, port fa0/1
F. Swrtch4, port fa0/2
Answer: C
Explanation
MAC of Switch3 is smaller than that of Switch4) so both ports of Switch3 will be in forwarding state. The
alternative port will surely belong to Switch4. Switch4 will need to block one of its ports to avoid a bridging
loop between the two switches. But how does Switch4 select its blocked port? Well, the answer is based on the
BPDUs it receives from Switch3. A BPDU is superior than another if it has:1. A lower Root Bridge ID2. A
lower path cost to the Root3. A lower Sending Bridge ID4. A lower Sending Port IDThese four parameters are
examined in order. In this specific case, all the BPDUs sent by Switch3 have the same Root Bridge ID, the
same path cost to the Root and the same Sending Bridge ID. The only parameter left to select the best one is
the Sending Port ID (Port ID = port priority + port index). In this case the port priorities are equal because they
use the default value, so Switch4 will compare port index values, which are unique to each port on the switch,
and because Fa0/12 is inferior to Fa0/1, Switch4 will select the port connected with Fa0/1 (of Switch3) as its
root port and block the other port -> Port fa0/11 of Switch4 will be blocked (discarding role)
41 of 629
Cisco - 200-125
Which two options are fields in an Ethernet frame ? (Choose two.)
A. destination IP address
B. source IP address
C. Type
D. frame check sequence
E. header
Answer: C D
Which three describe the reasons large OSPF networks use a hierarchical design? (Choose Three)
A. to speed up convergence
B. to reduce routing overhead
C. to lower costs by replacing routers with distribution layer switches
D. to decrease latency by increasing bandwidth
E. to confine network instability to single areas of the network
F. to reduce the complexity of router configuration
Answer: A B E
Drag each IPv6 prefix on the left to its use on the right.
42 of 629
Cisco - 200-125
Answer:
43 of 629
Cisco - 200-125
Explanation
FF02::1 = All link-local nodes on a segment
FF02::5 = all OSPFv3 routers
FF02::6 = OSPFv3 designated routers
FF02::A = all EIGRPv6 routers
FF02::D = All PIM routers
FF05::2 = all site local routers
which WAN topology provides a direct conntection from each site to all other sites on the network ?
A. single-homed
B.
44 of 629
Cisco - 200-125
B. full mesh
C. point-to-point
D. hub-and-spoke
Answer: B
which six-byte field in a basic ethernet frame must be an individual address ?
A. FCS
B. SOF
C. SA
D. DA
Answer: C
which command can you enter to re enable cisco discovery protocol on a local router after it has been
disabled ?
A. Router (config)# cdp run
B. Router (config-if)# cdp run
C. Router (config)# cdp enable
D. Router (config-if)# cdp enable
Answer: A
Exhibit:
45 of 629
Cisco - 200-125
After you apply the given configuration to R1, you determine that it is failing to advertise the 172.16.10.32/27
network which action is most likely to correct the problem ?
A. enable passive interface
B. enable manual summarization
C. enable autosummarization
D. enable RIPV2
Answer: D
Which value is used to determine the active router in an HSRP default configuration ?
A. router tracking number
B. router IP address
C. router priority
D. router loopback address
Answer: C
Drag and drop the protocols from the left onto the correct IP traffic types on the right.
46 of 629
Cisco - 200-125
Answer:
Refer to the exhibit,
47 of 629
Cisco - 200-125
which command do you enter so that R1 advertises the loopback0 interface to the BGP
peers?
A. network 172.16.1.32 mask 255.255.255.224
B. network 172.16.1.0 0.0.0.0.255
C. network 172.16.1.32 255.255.255.224
D. network 172.16.1.33 mask 255.255.255.224
E. network 172.16.1.32 mask 0.0.0.31
F. network 172.16.1.32 0.0.0.31
Answer: A
Refer to the exhibit .
48 of 629
Cisco - 200-125
if R1 sends Traffic to 192.168.10.45 the traffic is sent through which interface ?
A. FastEthernet 0/1
B. FastEthernet 0/0
C. FastEthernet 1/0
D. FastEthernet 1/1
Answer: A
Which 2 statements about extended traceroute command is true?
A. it can send packets from specified interface or ip address
B. it can use a specified TTL value.
C. it can validate the reply data.
D. it can use a specificed TOS.
E. it can repeated automatically to a specified interval.
Answer: A B
Reference:
http://www.cisco.com/c/en/us/support/docs/ip/routing-information-protocol-rip/13730-extpingtrace.
49 of 629
Cisco - 200-125
html#ext_troute
“This table lists the traceroute command field descriptions:
Source address: The interface or IP address of the router to use as a source address for the probes. The
router normally picks the IP address of the outbound interface to use.
Minimum Time to Live [1]: The TTL value for the first probes. The default is 1, but it can be set to a higher
value to suppress the display of known hops.
Maximum Time to Live [30]: The largest TTL value that can be used. The default is 30. The traceroute
command terminates when the destination is reached or when this value is reached.
Under normal operations, cisco recommends that you configure switch ports on
which vlan ?
A. on the default vlan
B. on the management vlan
C. on the native vlan
D. on any vlan except the default vlan
Answer: D
Explanation
/Reference:
http://www.cisco.com/c/en/us/support/docs/switches/catalyst-6500-series-switches/24330-185.html
which option is the correct CIDR notation for 192.168.0.0 subnet 255.255.255.252?
A. /29
B. /30
C. /31
D. /32
50 of 629
Cisco - 200-125
Answer: B
Refer to the exhibit:
after you apply the give configurations to R1 and R2 you notice that OSPFv3 fails to start
Which reason for the problem is most likely true ?
A. The area numbers on R1 and R2 are mismatched
B. The IPv6 network addresses on R1 and R2 are mismatched
C. The autonomous system numbers on R1 and R2 are mismatched
D. The router ids on R1 and R2 are mismatched
Answer: A
51 of 629
Cisco - 200-125
Which VTP mode prevents you from making changes to VLANs?
A. server
B. off
C. client
D. transparent
Answer: C
Which option is the main function of congestion management ?
A. providing long term storage of buffered data
B. queuing traffic based on priority
C. discarding excess traffic
D. classifying traffic
Answer: B
Refer to the exhibit, you determine that Computer A cannot ping Computer
Which reason for the problem is most likely true?
you determine that Computer A cannot ping Computer. Which reason for the problem is most likely true?
A. The Subnet mask for Computer A is incorrect.
52 of 629
Cisco - 200-125
B. The default gateway address for Computer A is incorrect.
C. The subnet mask for computer B is incorrect.
D. The default gateway address for computer B is incorrect.
Answer: A
Explanation
255.255.255.224 =/27
Which two options describe benefits of aggregated chassis technology (Choose 2)?
A. it reduces management overhead.
B. switches can be located anywhere regardless of their physical distance from one another.
C. it requires only one IP address per VLAN.
D. it requires only Three IP addresses per VLAN.
E. it supports HSRP VRRP and GLBP.
F. it support redundant configuration files.
Answer: A C
Which command can you use to test whether a switch supports secure connections and strong authentication?
A. Switch>ssh –v 1-I admin 10.1.1.1
B. Router#ssh –v1 –I admin 10.1.1.1
C. Router>ssh –V2 –I admin 10.1.1.1
D. Switch#ssh –I admin 10.1.1.1
Answer: C
What is the benefit of point-to-point leased line ?
A. Low cost
53 of 629
Cisco - 200-125
B. Full-mesh capability
C. Flexibillity of design
D. Simply configuration
Answer: D
Which major component of the network virtualization architecture isolates users according to policy?
A. network services virtualization
B. access control.
C. path isolation
D. policy enforcement
Answer: A
which value indicate the distance from the ntp authoritative time source?
A. Priority
B. Location
C. layer
D. Stratum
Answer: D
54 of 629
Cisco - 200-125
refer to the exhibit , on R1, which routing protocol is in use on the route to 192.168.10.1?
A. EIGRP
B. OSPF
C. RIP
D. BGP
Answer: A
After you apply the given configuration to arouter, the DHCP clients behind the device connot communicate
with hosts outside of their subnet. Which action is most likely to correct the problem?
A.
55 of 629
Cisco - 200-125
A. Configure the dns server on the same subnet as the clients
B. Activate the dhcp pool
C. Correct the subnet mask
D. configure the default gateway
Answer: D
Which configuration can be used with PAT to allow multiple inside address to be translated to a single outside
address ?
A. Dynamic Routing
B. DNS
C. Preempt
D. overload
Answer: D
What type of MAC address is aged automatically by the switch?
A. Dynamic
B. Manual
C. Automatic
D. Static
Answer: A
Reference:
http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/configuration/guide/cli/
CLIConfigurationGuide/MACAddress.htm
Which statement about recovering a password on a cisco router is true?
56 of 629
Cisco - 200-125
A. it requires physical access to the router
B. the default reset password is cisco
C. A factory reset is required if you forget the password
D. it requires a secure SSL/VPN connection
Answer: A
which two options are the best reasons to use an ipv4 private ip space ?
A. to manage routing overhead
B. to implement nat
C. to connect applications
D. to enable intra-enterprise communication
E. to conserve global address space
Answer: A E
which configuration command can u apply to a HSRP router so that its local interface
becomes active if all other routers in the group fail?
A. no additional config is required
B. standby 1 track ethernet
C. standby 1 preempt
D. standby 1 priority 250
Answer: A
Which function allows EIGRP peers to receive notice of implementing topology changes?
A.
57 of 629
Cisco - 200-125
A. successors
B. advertised changes
C. goodbye messages
D. expiration of the hold timer
Answer: C
Which two command can you enter to display the current time sources statistics on devices ? (Choose TWO)
A. Show ntp associations.
B. Show clock details.
C. Show clock.
D. Show time.
E. Show ntp status.
Answer: A E
Which three encapsulation layers in the OSI model are combined into the TCP/IP application layer? (Choose
three)
A. Session
B. transport
C. presentation
D. application
E. data-link
F. network
Answer: A C D
58 of 629
Cisco - 200-125
Which WAN topology provides a direct connection from each site to all other sites on the network?
A. single-homed
B. full mesh
C. point-to-point
D. hub-and-spoke
Answer: B
On which type of port can switches interconnect for multi-VLAN communication?
A. interface port
B. access port
C. switch port
D. trunk port
Answer: D
which command can you enter to create a NAT Pool of 6 addresses ?
A. Router(config)#ip nat pool test 175.17.12.69 175.17.12.74 prefix-length 24
B. Router(config)#ip nat pool test 175.17.12.66 175.17.12.72 prefix-length 8
C. Router(config)#ip nat pool test 175.17.12.69 175.17.12.74 prefix-length 16
D. Router(config)#ip nat pool test 175.17.12.69 175.17.12.76 prefix-length 8
Answer: B
Which header field is new in IPv6?
A. Hop Limit
B. Flow Label
C. Version
D. Traffic Class
59 of 629
Cisco - 200-125
Answer: A
Which feature facilitates the tagging of frames on a specific VLAN?
A. routing
B. hairpinning
C. switching
D. encapsulation
Answer: D
Under which circumstance is a router on a stick most appropriate?
A. When the router must route a single across multiple physical links.
B. When the router must route multiple subnets across multiple physical links.
C. When the router must route a single across single physical links.
D. When the router must route multiple subnets across single physical links.
Answer: B
Which MAC protocol sets a random timer to reattempt communication?
A. IEEE 802.1x
B. RARP
C. CSMA/CA
D. CSMA/CD
Answer: D
Which two statements about TACACS+ are true? (Choose two.)
A. It can run on a UNIX server.
B. It authenticates against the user database on the local device.
60 of 629
Cisco - 200-125
C. It is more secure than AAA authentication.
D. It is enabled on Cisco routers by default.
E. It uses a managed database.
Answer: A E
which layer of the osi model does PPP perform ?
A. Layer 2
B. Layer 3
C. Layer 5
D. Layer 1
Answer: A
After you apply the given configuration to R1, you notice that it failed to enable OSPF Which action can you
61 of 629
Cisco - 200-125
take to correct the problem?
A. Configure a loopback interface on R1
B. Enable IPv6 unicast routing on R1.
C. Configure an IPv4 address on interface FO/0.
D. Configure an autonomous system number on OSPF.
Answer: C
Which networking Technology is currently recognized as the standard for computer networking?
A. System network architecture
B. Transmission control protocol/Internet protocol
C. Open system Interconnect
D. Open network architecture
Answer: B
which address prefix does OSPFv3 use when multiple IPv6 address are configured on a
single interface ?
A. all prefix on the interface
B. the prefix that the administrator configure for OSPFv3 use
C. the lowest prefix on the interface
D. the highest prefix on the interface
Answer: A
Reference:
http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_ospf/configuration/15-sy/iro-15-sy-book/ip6-
routeospfv3.html#GUID-05F3F09C-FE3E-41D6-9845-111FB17AD030
“In IPv6, you can configure many address prefixes on an interface. In OSPFv3, all address prefixes on an
62 of 629
Cisco - 200-125
interface are included by default. You cannot select some address prefixes to be imported into OSPFv3;
either all address prefixes on an interface are imported, or no address prefixes on an interface are
imported.”
Which Type of ipv6 unicast ip address is reachable across the internet ?
A. Unique Local
B. Compatible
C. Link Local
D. Global
Answer: D
How to trouble DNS issue ( choose two) ?
A. Ping a public website IP address.
B. Ping the DNS Server.
C. Determine whether a DHCP address has been assigned.
D. Determine whether the hardware address is correct.
E. Determine whether the name servers have been configured.
Answer: B E
Reference:
https://l.facebook.com/l.php?u=http%3A%2F%2Fwww.cisco.com%2Fen%2FUS%2Fdocs%
2Finternetworking%2Ftroubleshooting%2Fguide%2Ftr1907.html%
23wp1021264&h=ATMT6hWMWKar6G3cbMd8vYoG64obKG4CIuxXlmCWtCLencP9vUG0hrC3C0azv18a
RsmIsdrKko8ew_O6UkUwYCVqgYvxTz3TFquXNKyrnrAa1arE1V4HBFjg4_E2gJSawoz2_g
Ping the destination by name
63 of 629
Cisco - 200-125
perform a DNS lookup on the destination
Refer to Exhibit.
If Computer A is sending traffic to computer B, which option is the source ip address when a packet leaves R1
on interface F0/1?
A. IP address of the R2 interface F0/1
B. Ip address of computer B
C. Ip address of R1 interface F0/1
D. Ip address of Computer A
Answer: C
which statement about snmpv2 is true ?
A. it requires password at least eight characters in length
B. it requires passwords to be encrypted
C. its privacy algorithms use md5 encryption by default
D. its authentic and privacy algorithms are enabled without default values
Answer: D
64 of 629
Cisco - 200-125
Topic 2, New Pool Exam B

Which two options will help to solve the problem of a network that is suffering a broadcast storm? (Choose
two.)
A. a Layer 3 switch
B. a hub
C. a bridge
D. an access point
E. a router
Answer: A E
After you configure a new router to connect to a host through the GigabitEthernet0/0 port of the router, you
log in to the router and observe that the new link is down. Which action corrects the problem?
A. Use a crossover cable between the host and R1.
B. Use a straight through cable between the host and R1.
C. Configure the host to use R1 as the default gateway.
D. Use a rollover cable between the host and R1.
Answer: A
A switch has 48 ports and 4 VLANs. How many collision and broadcast domains exist on the switch
(collision, broadcast)?
A. 4,48
B. 48,4
C. 48,1
D. 4,1
65 of 629
Cisco - 200-125
E. 1,48
Answer: B
RTA is configured with a basic configuration. The link between the two routers is operational and no routing
protocols are configured on either router. The line shown in the exhibit is then added to router RTA. Should
interface Fa0/0 on router RTB shut down, what effect will the shutdown have on router RTA?
A. A route to 172.16.14.0/24 will remain in the RTA routing table.
B. Because router RTB will send a poison reverse packet to router RTA, RTA will remove the route.
C. Router RTA will send an ICMP packet to attempt to verify the route.
D. A packet to host 172.16.14.225 will be dropped by router R.
Answer: A
66 of 629
Cisco - 200-125
If the resume command is entered after the sequence that is shown in the exhibit, which router prompt will be
displayed?
A. Router2#
B. Router2>
C. Router1#
D. Router1>
Answer: B
Which statements is true about Router on Stick?
A. When a router have multiple subnets on a single physical link.
B. When a router have single subnet on multiple physical links.
C when a router have multiple interface on single physical links.
C. When a router have single interface on multiple physical links
Answer: A
A workstation has just resolved a browser URL to the IP address of a server. Which protocol will the
workstation now use to determine the destination MAC address to be placed into frames directed toward the
sever?
A. ARP
B. RARP
C. DNS
D. DHCP
E. HTTP
Answer: A
67 of 629
Cisco - 200-125
Which two statements about RIPv2 are true? (Choose two )
A. It must be manually enabled after RIP is configured as the routing protocol
B. It uses multicast address 224.0.0.2 to share routing information between peers
C. its default administrative distances 120
D. It is a link-state routing protocol
E. It is an EGP routing protocol
Answer: A C
On a Cisco switch, which protocol determines if an attached VoIP phone is from Cisco or from another
vendor?
A. CDP
B. RTP
C. UDP
D. TCP
Answer: A
Which statement about unique local IPv6 addresses is true?
A. Summarization is not supported.
B. They require all prefixes to be unique.
C. Their global IDs are assigned sequentially.
D. They are routable to the public Internet.
Answer: B
68 of 629
Cisco - 200-125
Refer to the exhibit. While you troubleshoot a connectivity issue to a PC behind R1, you enter the show
access-lists command to generate this output. Which reason for the problem is most likely true?
A. Thepermit allACL entry on R1 is inactive.
B. The ACL of R1 is misconfigured.
C. Adeny allACL entry is currently active on R1.
D. Animplicitdenyis causing R1 to block network traffic.
Answer: D
How many host addresses are available on the network 192.168.1.0 subnet 255.255.255.240 ?
A. 6
B. 8
C. 14
D. 16
Answer: C
What are two advantages of dynamic routing? (Choose two)
A. It produces minimal CPU load.
B. It can load-balance traffic over multiple link without manual intervention
C. It allows the network administrator to choose the best route.
D. it can be implemented easily even in large environments.
E. it can operate without a Layer 3 device
69 of 629
Cisco - 200-125
Answer: B D
Explanation
http://www.ciscopress.com/articles/article.asp?p=2180210&seqNum=5
The command ip route 192.168.100.160 255.255.255.224 192.168.10.2 was issued on a router. No routing
protocols or other static routes are configured on the router. Which statement is true about this command?
A. The interface with IP address 192.168.10.2 is on this router.
B. The command sets a gateway of last resort for the router.
C. Packets that are destined for host 192.168.100.160 will be sent to 192.168.10.2.
D. The command creates a static route for all IP traffic with the source address 192.168.100.160.
Answer: C
Which command do you enter to enable an interface to support PPPoE on a client?
A. Dev1(config)# bba-group pppoe bba1
B. Dev1(config-if)# pppoe-client dial-pool-number1
C. Dev1(config-if)# pppoe enable group bba1
D. Dev1(config-if)# pppoe enable
Answer: D
Which option is the industry-standard protocol for etherChannel?
A. Cisco Discovery protocol
B. PAgp
C. LACP
D. DTP
70 of 629
Cisco - 200-125
Answer: B
Explanation
http://www.omnisecu.com/cisco-certified-network-associate-ccna/etherchannel-pagp-and-lacp-modes.php
At which layer of the OSI model does the protocol that provides the information that is displayed by the show
cdp neighbors command operate?
A. data link
B. application
C. network
D. transport
E. physical
Answer: A
Which configuration enables OSPF for network 192.168.1.0/24?
A. router ospfrouter-id 192.168.1.0
B. router ospf 1network 192.168.1.0 255.255.255.0 area 0
C. router ospf 1neighbor 192.168.1.0
D. router ospf 1area 0 virtual-link 192.168.1.0
Answer: B
Drag and drop the extended traceout option from the left onto the correct description on the right.
71 of 629
Cisco - 200-125
Answer:
72 of 629
Cisco - 200-125
Explanation
73 of 629
Cisco - 200-125
https://www.cisco.com/c/en/us/support/docs/ip/routing-information-protocol-rip/13730-ext-ping-trace.html
Which two actions must you take to configure a PAgP EthernetChannel between two switches, S1 and S2?
(Choose two.)
A. Configure thechannel-group 1 mode autocommand on S1.
B. Configure thechannel-group1 mode desirablecommand on S2.
C. Configure thechannel-group 1 mode activecommand on S2.
D. Configure thechannel-group 1 mode oncommand on S2.
E. Configure thechannel-group 1 mode activecommand on S1.
Answer: A B
A network associate is adding security to the configuration of the Corp1 router. The user on host C should be
able to use a web browser to access financial information from the Finance Web Server. No other hosts from
the LAN nor the Core should be able to use a web browser to access this server. Since there are multiple
resources for the corporation at this location including other resources on the Finance Web Server, all other
traffic should be allowed.
The task is to create and apply an access-list with no more than three statements that will allow ONLY host C
web access to the Finance Web Server. No other hosts will have web access to the Finance Web Server. All
other traffic is permitted.
Access to the router CLI can be gained by clicking on the appropriate host.
All passwords have been temporarily set to "cisco".
The Core connection uses an IP address of 198.18.196.65.
The computers in the Hosts LAN have been assigned addresses of 192.168.33.1 - 192.168.33.254
host A 192.168.33.1
host B 192.168.33.2
host C 192.168.33.3
host D 192.168.33.4
The servers in the Server LAN have been assigned addresses of 172.22.242.17 - 172.22.242.30.
74 of 629
Cisco - 200-125
The Finance Web Server is assigned an IP address of 172.22.242.23.
Select the console on Corp1 router
Configuring ACL
Corp1>enable
Corp1#configure terminal
comment: To permit only Host C (192.168.33.3){source addr} to access finance server address
(172.22.242.23) {destination addr} on port number 80 (web)
Corp1(config)#access-list 100 permit tcp host 192.168.33.3 host 172.22.242.23 eq 80
comment: To deny any source to access finance server address (172.22.242.23) {destination addr} on port
number 80 (web)
Corp1(config)#access-list 100 deny tcp any host 172.22.242.23 eq 80
comment: To permit ip protocol from any source to access any destination because of the implicit deny any
any statement at the end of ACL.
Corp1(config)#access-list 100 permit ip any any
75 of 629
Cisco - 200-125
Applying the ACL on the Interface
comment: Check show ip interface brief command to identify the interface type and number by checking the
IP address configured.
Corp1(config)#interface fa 0/1
If the ip address configured already is incorrect as well as the subnet mask. This should be corrected in order
ACL to work
type this commands at interface mode :
no ip address 192.x.x.x 255.x.x.x (removes incorrect configured ipaddress and subnet mask)
Configure Correct IP Address and subnet mask:
ip address 172.22.242.30 255.255.255.240 ( range of address specified going to server is given as

172.22.242.17 - 172.22.242.30 )
Comment: Place the ACL to check for packets going outside the interface towards the finance web server.
Corp1(config-if)#ip access-group 100 out
Corp1(config-if)#end
Important: To save your running config to startup before exit.
Corp1#copy running-config startup-config
Verifying the Configuration:
Step1: show ip interface brief command identifies the interface on which to apply access list.
Step2: Click on each host A, B, C, & D. Host opens a web browser page, Select address box of the web
browser and type the ip address of finance web server (172.22.242.23) to test whether it permits /deny access
to the finance web Server.
Step 3: Only Host C (192.168.33.3) has access to the server. If the other host can also access then maybe
something went wrong in your configuration. Check whether you configured correctly and in order.
Step 4: If only Host C (192.168.33.3) can access the Finance Web Server you can click on NEXT button to
successfully submit the ACL SIM.
Which NTP concept indicates the distance between a device and the reliable time source?
A. clock offset
B. stratum
C.
76 of 629
Cisco - 200-125
C. reference
D. dispersion
Answer: B
Which port-security feature allows a switch to learn MAC addresses dynamically and add them to the running
configuration?
A. security violation restrict mode
B. switch port protection
C. sticky learning
D. security violation protect mode
Answer: C
Explanation
You can configure an interface to convert the dynamic MAC addresses tosticky secure MAC addresses and to
add them to the running configuration by enabling sticky learning. To enable sticky learning, enter the
switchport port-security mac-address sticky interface configuration command. When you enter this command,
the interface converts all the dynamic secure MAC addresses, including those that were dynamically learned
before sticky learning was enabled, to sticky secure MAC addresses.
77 of 629
Cisco - 200-125
Refer to the exhibit. The network administrator is testing connectivity from the branch router to the newly
installed application server. Which reason is the most likely for the first ping having a success rate of only 60
percent?
A. The branch router LAN interface should be upgraded to FastEthernet.
B. The branch router had to resolve the application server MAC address.
C. The network is likely to be congested, with the result that packets are being intermittently dropped.
D. There is a short delay while NAT translates the server IP address.
Answer: B
How does a Layer 2 switch differ from a hub?
A. A switch tracks MAC addresses of directly-connected devices.
B.
78 of 629
Cisco - 200-125
B. A switch always induces latency into the frame transfer time.
C. A switch operates at a lower, more efficient layer of the OSI model.
D. A switchdecreases the number of collision domains.
Answer: A
Which NAT command can be applied to an interface?
A. ip nat inside
B. ip nat inside test access-list-number pool pool-name
C. ip nat inside source static 10.10.10.010.10.10.50
D. ip nat pool test 10.10.10.0 10.10.10.50 255.255.255.0
Answer: A
Drag and drop the characteristics of a cloud environment from the left onto the correct examples on the right
79 of 629
Cisco - 200-125
Answer:
80 of 629
Cisco - 200-125
Explanation
81 of 629
Cisco - 200-125
Which command do you enter to view EIGRPv6 adjacencies?
A. show ipv6 eigrp 1 interface
B. show ipv6 route eigrp
C. showipv6 eigrp neighbors
D. show running-configuration eigrp
Answer: C
Which network configuration can you use to segregate broadcast traffic for two different departments in your
organization?
A. Configure two VTP domains and configure the switches in transparent mode.
B. Enable spanning-tree load balancing.
C. Implement switch port security on designated ports.
D. Configure a separate VLAN for each department.
Answer: D
Central Florida Widgets recently installed a new router in their office. Complete the network installation by
performing the initial router configurations and configuring R1PV2 routing using the router command line
interface (CLI) on the RC.
Configure the router per the following requirements:
Name of the router is R2
Enable. secret password is cisco
The password to access user EXEC mode using the console is cisco2
The password to allow telnet access to the router is cisco3
IPV4 addresses must be configured as follows:
82 of 629
Cisco - 200-125
Ethernet network 209.165.201.0/27 - router has fourth assignable host address in subnet
Serial network is 192.0.2.176/28 - router has last assignable host address in the subnet.
Interfaces should be enabled.
Router protocol is RIPV2
Attention:
In practical examinations, please note the following, the actual information will prevail.
1. Name or the router is xxx
2. Enable. secret password is xxx
3. Password In access user EXEC mode using the console is xxx
4. The password to allow telnet access to the router is xxx
5. IP information
Router>enable
Router#config terminal
Router(config)#hostname R2
R2(config)#enable secret Cisco 1
R2(config)#line console 0
R2(config-line)#password Cisco 2
R2(config-line)#exit
R2(config)#line vty 0 4
R2(config-line)#password Cisco 3
R2(config-line)#login
R2(config-line)#exit
83 of 629
Cisco - 200-125
R2(config)#interface faO/0
R2(config-if)#ip address 209.165.201.4 255.255.255.224
R2(config)#interface s0/0/0
R2(config-if)#ip address 192.0.2.190 255.255.255.240
R2(config-if)#no shutdown
R2(config-if)#exit
R2(config)#router rip
R2(config-router)#version 2
R2(config-router)#network 209.165.201.0
R2(config-router)#network 192.0.2.176
R2(config-router)#end
R2#copy run start
Which statement about DHCP address pools is true?
A. A network must be defined before you can configure a manual binding.
B. Only one DNSserver can be identified for an individual DHCP group.
C. You can use a subnet mask of prefix length to define a network.
D. The domain name of the DHCP pool is specified in the global configuration of the router.
Answer: C
Drag and drop the BGP components from the left onto the correct descriptions on the right.
84 of 629
Cisco - 200-125
Answer:
Explanation
BGP speaker: device that is running BGP
+ Prefix = Value that is advertised with the network keyword.
eBGP Peer = neighbor that located outside of administrative domain of the local device.
BGP Peer = neighbor device that shares the same AS number as the local device.
Autonomous system number = Value that identifies an administrative domain
Which feature automatically disables Cisco Express Forwarding when it is enabled?
A. multicast
B. IP redirects
C. RIB
D. ACL logging
Answer: D
Explanation
If you enable CiscoExpress Forwarding and then create an access list that uses the logkeyword, the packets
that match the access list are not Cisco Express Forwarding switched. They are process switched. Logging
85 of 629
Cisco - 200-125
disables Cisco Express Forwarding.
Which statement about 6to4 tunneling is true?
A. One tunnel endpoint must be configured with IPv4 only.
B. Both tunnel endpoint must be configured with IPv4 only.
C. It establishes a point-to-point tunnel.
D. Both tunnel endpoints must support IPv4 and IPv6.
Answer: D
In which CLI configuration mode can you configure the hostname of a device?
A. line mode
B. interface mode
C. global mode
D. router mode
Answer: C
Which three options are types of slow VLAN connectivity? (Choose three.)
A. slow broadcast domain connectivity
B. slow routing domain connectivity
C. slow default gateway connectivity
D. slow application domain connectivity
E. slow collision domain connectivity
F. slow inter-VLAN connectivity
Answer: A D E
86 of 629
Cisco - 200-125
You are performing the initial configuration on a new Cisco device. Drag the task from the left onto the
required or optional category on the right.
Answer:
87 of 629
Cisco - 200-125
Explanation
https://www.cisco.com/c/en/us/td/docs/routers/access/1900/software/configuration/guide/Software_Configuration/appen
88 of 629
Cisco - 200-125
Which two characteristics are representatives of a link-state routing protocol? (Choose two.)
A. provides common view of entire topology
B. exchanges routing tables for it own routes with neighbors
C. calculates feasible path
D. utilizes event-triggered updates
E. utilizes frequent periodic updates
Answer: A D
Which three statements accurately describe CDP? (Choose three.)
A. CDP can discover Cisco devices that are not directly connected.
B. CDP is a network layer protocol.
C. CDP can discover directly connected neighboring Cisco devices.
D. CDP is a datalink layer protocol.
E. CDP is a Cisco proprietary protocol.
F. CDP is an IEEE standard protocol.
Answer: C D E
Which feature is enabled by this configuration?
A. static NAT translation
B.
89 of 629
Cisco - 200-125
B. a DHCP pool
C. a dynamic NAT address pool
D. PAT
Answer: C
Which three are the possible trunking modes for a switch port? (Choose three.)
A. forwarding
B. desirable
C. transparent
D. Auto
E. on
F. off
Answer: B D E
Which command displays the number of times that an individual router translated an inside address to an
outside address?
A. show ip protocol
B. show ip nat translation
C. show counters
D. show iproute
E. show ip nat statistics
Answer: B
90 of 629
Cisco - 200-125
After you configure a GRE tunnel between two networks, the tunnel comes up normally, but workstations on
each side of the tunnel cannot communicate. Which reason for the problem is most likely true?
A. The tunnel source address is incorrect.
B. The tunnel destination address is incorrect.
C. The routebetween the networks is undefined.
D. The IP MTU is incorrect.
E. The distance configuration is missing.
Answer: D
Refer to the topology and switching table shown in the graphic. Host B sends a frame to Host C. Which option
describes what the switch will do with the frame?
A. send an ICMP Host Unreachable message to Host B
B. return the frame to Host B
C. drop the frame
D. send the frame out all ports except port 0/2
E. record the destination MAC address in the switching tableand send the frame directly to Host C
F.
91 of 629
Cisco - 200-125
F. send an ARP request for Host C
Answer: D
Which feature can you use to restrict SNMP queries to a specific OID tree?
A. server group
B. a community
C. a view record
D. an access group
Answer: C
Which statement about NTP is true?
A. The default authentication key number is 1.
B. The default source address of an NTP message is the interface connected to the next-hop for the server
peer address.
C. The default stratum number is 5.
D. Each device is enabled as a server by default and propagates NTP messages to all peers on its default
LAN.
Answer: B
Drag and drop the descriptions of performing an initial device configuration from the left onto the correct
features or compnents on the right.
92 of 629
Cisco - 200-125
Answer:
93 of 629
Cisco - 200-125
Explanation
94 of 629
Cisco - 200-125
Which three statements about IPv6 address fd14:920b:f83d:4079::/64 are true? (Choose three)
A. The subnet ID is 14920bf83d.
B. The subnet ID is 4079.
C. The global ID is 14920bf83d.
D. The address is a link-local address.
E. The global ID is 4079.
F. The address is a unique local address.
Answer: B C F
Explanation
https://www.ripe.net/participate/member-support/lir-basics/ipv6_reference_card.pdf
You have configured the host computers on a campus LAN to receive their DHCP addresses from the local
router to be able to browse their corporate site. Which statement about the network environment is true?
A. It supports a DNS server for use by DHCP clients.
B. Two host computers may be assigned the same IP address.
C. The DNS server mustbe configured manually on each host.
D. The domain name must be configured locally on each host computer.
Answer: A
Which technique can you use to route IPv6 traffic over an IPv4 infrastructure?
A. NAT
B. 6to4 tunneling
C. L2TPv3
D. dual-stack
Answer: B
95 of 629
Cisco - 200-125
Refer to the exhibit. A technician has configured the FastEthernet0/1 interface on Sw11 as an access link in
VLAN 1. Based on the output from the show vlan brief command issued on Sw12, what will be the result of
making this change on Sw11?
A. Hosts will not be able to communicate between the two switches.
B. The hosts in all VLANs on the two switches will be able to communicate with each other.
C. Only the hosts in VLAN10 and VLAN 15 on the two switches will be able to communicate with each
other.
D. Only the hosts in VLAN 1 on the two switches will be able to communicate with each other.
Answer: A
96 of 629
Cisco - 200-125
Refer to the exhibit. Which option describes how SwitchA will handle the frame just received?
A. It will flood the frame out of all the ports except Fa0/3.
B. It will drop the frame.
C. It will flood the frame out all ports.
D. It will forward the frame out of portFa0/3 only.
E. It will forward the frame out of port Fa0/6 only.
Answer: E
Which two statements about access points are true? (Choose Two)
A. They can provide access within enterprises and to the public.
B. in Most cases, they are physically connected to other network devices to provide network connectivity.
97 of 629
Cisco - 200-125
C. They can proterct a network from internal and external threats.
D. Most access points provide Wi-Fi and Bluetooth connectivity.
E. They must be hardwired to a modem.
Answer: C D
In which two circumstances are private IPv4 addresses appropriate? (Choose two)
A. on internal hosts that stream data solely to external resources
B. on hosts that communicates only with other internal hosts
C. on the public-facing interface of a firewall
D. on hosts that require minimal access to external resources
E. to allow hosts inside an enterprise to communicate in both directions with hosts outside the enterprise
Answer: A B
How many bits represent the network ID in iPv6?
A. 32
B. 48
C. 64
D. 128
Answer: C
Which two statements describe the operation of the CSMA/CD access method? (Choose two.)
A. After a collision, all stations run a random backoff algorithm. When the backoff delay period has
expired, all stations have equal priority to transmit data.
B. In a CSMA/CDcollision domain, multiple stations can successfully transmit data simultaneously.
C. After a collision, the station that detected the collision has first priority to resend the lost data.
D.
98 of 629
Cisco - 200-125
D. The use of hubs to enlarge the size of collision domain is one way to improve the operation of the
CSMA/CD access method.
E. After a collision, all stations involved run an identical backoff algorithm and then synchronize with each
other prior to transmitting data.
F. In a CSMA/CD collision domain, stations must wait until media is not in use before transmitting.
Answer: A F
CCNA.com has a small network that is using EIGRP as its IGP. All routers should be running an EIGRP AS
number of 12. Router MGT is also running static routing to the ISP.
CCNA.com has recently added the ENG router. Currently, the ENG router does not have connectivity to the
ISP router. All over interconnectivity and Internet access for the existing locations of the company are working
properly.
The task is to identify the fault(s) and correct the router configuration(s) to provide full connectivity between
the routers.
All passwords on all routers are cisco.
IP addresses are listed in the chart below.
MGT
Fa0/0 – 192.168.77.33
S1/0 – 198.0.18.6
S0/0 – 192.168.27.9
S0/1 – 192.168.50.21
ENG
Fa0/0 – 192.168.77.34
Fa1/0 – 192.168.12.17
Fa0/1 – 192.168.12.1
Parts1
Fa0/0 – 192.168.12.33
99 of 629
Cisco - 200-125
Fa0/1 – 192.168.12.49
S0/0 – 192.168.27.10
Parts2
Fa0/0 – 192.168.12.65
Fa0/1 – 192.168.12.81
S0/1 – 192.168.50.22
On the MGT Router:
Config t
Router eigrp 12
Network 192.168.77.0
Which IPsec security protocol should be used when confidentiality is required?
A. MD5
B. PSK
C. AH
D. ESP
Answer: D
100 of 629
Cisco - 200-125
Which two statements about UDP are true? (Choose two)
A. It can transmit data at a rate higher than the path capacity
B. It uses a three-way handshake to ensure that traffic is transmated properly
C. It guarantees packet delivery
D. it includes protection against duplicate packets
E. it can be used for multicast and broadcast traffic
Answer: A E
Which Ethernet interface command is present when you boot a new Cisco router for the first time?
A. speed 100
B. shutdown
C. ip address 192.168.1.1 255.255.255.0
D. duplex half
Answer: B
Which statement is a Cisco best practice for switch port security?
A. Vacant switch ports must be shut down.
B. Empty ports must be enabled in VLAN 1.
C. VLAN 1 must be configured as the native VLAN.
D. Err-disabled ports must be configured to automatically re-enable.
Answer: A
Which two statements about the spanning-tree bridge ID are true? (Choose two.)
A. It is composed of a 4-bit bridge priority and a 12-bit system ID extension.
101 of 629
Cisco - 200-125
B. The bridge ID is transmitted in the IP header to elect the root bridge.
C. Thesystem ID extension is a value between 1 and 4095.
D. It is composed of an 8-bit bridge priority and a 16-bit system ID extension.
E. The bridge priority must be incremented in blocks of 4096.
Answer: A E
Which two things does a router do when it forwards a packet? (Choose two.)
A. determines the next hop on the path
B. switches the packet to the appropriate outgoing interfaces
C. computes the destination host address
D. forwards ARP requests
E. updates the destination IP address
Answer: A B
102 of 629
Cisco - 200-125
The MAC address table is shown in its entirety. The Ethernet frame that is shown arrives at the switch. What
two operations will the switch perform when it receives this frame? (Choose two.)
A. The switch will not forward a frame with this destination MAC address.
B. The frame will be forwarded out of all the ports on the switch.
C. The MAC address of ffff.ffff.ffff will be added to the MAC address table.
D. The frame will be forwarded out of all the active switch ports except for port fa0/0.
E. The MAC address of 0000.00aa.aaaa will be added to the MAC Address Table.
F. The frame will be forwarded out of fa0/0 and fa0/1 only.
Answer: D E
Which set of conditions comprises a successful ping attempt between two connected routers configured with
IP addresses on the same subnet?
A. The destination host receives an echo reply from the source host within one second and the source host
receives an echo request from the destination host.
103 of 629
Cisco - 200-125
B. The destination host receives an echo request from the source host within one second.
C. The destination host receives an echo replyfrom the source host within one second and the source host
receives an echo reply from the destination host within two seconds.
D. The destination host receives an echo request from the source host and the source host receives an echo
request from the destination host within one second.
E. The destination host receives an echo request from the source host and the source host receives an echo
reply from the destination host within two seconds.
Answer: E
Which of the port is not part of STP protocol.?
A. Listening
B. Learning
C. Forwarding
D. Discarding
Answer: D
Which information is used to install the best route to a destination in IP routing table?
A. the tunnel ID
B. the prefix length
C. the interface number
D. the autonomous system
Answer: B
Which statement describes the effect of the exec-timeout 30 command?
A. The router maintains a user session indefinitely after it is active for 30 seconds.
B. The router disconnects the user session if it is inactive for 30 minutes.
C.
104 of 629
Cisco - 200-125
C. The router maintains a user session indefinitely after it is active for 30 minutes.
D. The router disconnects a user session if it is inactive for 30 seconds.
Answer: B
Explanation
QUESTIONNO: 88
All devices attached to the network are shown. Which number of collision domains are present in this
network?
A. 9
105 of 629
Cisco - 200-125
B. 3
C. 6
D. 2
E. 15
Answer: E
Which feature can validate address requests and filter out invalid messages?
A. IP Source Guard
B. port security
C. DHCP snooping
D. dynamic ARP inspection
Answer: C
Which APIC-EM tool allows an administrator to verify ACLs throughout the network?
A. Cisco Intelligent WAN application
B. traceroute
C. Network Topology
D. Path Trace
Answer: D
Explanation
One of the most important features of the APIC-EM controller is the capability to manage policies
across the entire network. APIC-EM ACL Analysis and Path Trace provide tools to allow the
administrator to analyze and understand ACL policies and configurations. Administrators are hesitant
to change ACLs, for fear of breaking them and causing new problems. Together, ACL Analysis and
106 of 629
Cisco - 200-125
Path Trace enable the administrator to easily visualize traffic flows and discover any conflicting,
duplicate, or shadowed ACL entries.
Which keyword in a NAT configuration enables the use of one outside IP address for multiple inside hosts?
A. source
B. static
C. pool
D. overload
Answer: D
Which subnet address is for the IP address 172.19.20.23/28?
A. 172.19.20.20
B. 172.19.20.0
C. 172.19.20.32
D. 172.19.20.15
E. 172.19.20.16
Answer: E
107 of 629
Cisco - 200-125
Refer to the exhibit. How will the router handle a packet destined for 192.0.2.156?
A. The router will forward the packet via either Serial0 or Serial1.
B. The router will return the packet to its source.
C. The router will forward the packet via Serial2.
D. The router will drop the packet.
Answer: C
Which statement about the default switch configuration for remote access managements is true?
A. The system name is set to Cisco.
B. The Telnet password is set to cisco.
C. No default gateway is defined.
D. One IP address is preconfigured.
Answer: C
108 of 629
Cisco - 200-125
The following have already been configured on the router:
The basic router configuration
The appropriate interfaces have been configured for NAT inside and NAT outside.
The appropriate static routes have also been configured (since the company will be a stub network, no
routing protocol will be required)
All passwords have been temporarily set to “cisco”.
The task is to complete the NAT configuration using all IP addresses assigned by the ISP to provide Internet
access for the hosts in the Weaver LAN. Functionality can be tested by clicking on the host provided for
testing.
Configuration information:
router name – Weaver
inside global addresses – 198.18.184.105 - 198.18.184.110/29
inside local addresses - 192.168.100.17 – 192.168.100.30/28
number of inside hosts – 14
A network associate is configuring a router for the weaver company to provide internet access. The ISP has
provided the company six public IP addresses of 198.18.184.105 198.18.184.110. The company has 14 hosts
that need to access the internet simultaneously. The hosts in the company LAN have been assigned private
space addresses in the range of 192.168.100.17 – 192.168.100.30.
109 of 629
Cisco - 200-125
The company has 14 hosts that need to access the internet simultaneously but we just have 6 public IP
addresses from 198.18.184.105 to 198.18.184.110/29.
Therefore we have to use NAT overload (or PAT)
Double click on the Weaver router to open it
Router>enable
Router#configure terminal
First you should change the router's name to Weaver
Router(config)#hostname Weaver
Create a NAT pool of global addresses to be allocated with their netmask.
Weaver(config)#ip nat pool mypool 198.18.184.105 198.18.184.110 netmask
255.255.255.248
Create a standard access control list that permits the addresses that are to be translated.
Weaver(config)#access-list 1 permit 192.168.100.16 0.0.0.15
Establish dynamic source translation, specifying the access list that was defined in the prior step.
Weaver(config)#ip nat inside source list 1 pool mypool overload
This command translates all source addresses that pass access list 1, which means a source address from
192.168.100.17 to 192.168.100.30, into an address from the pool named mypool (the pool contains addresses
from 198.18.184.105 to 198.18.184.110).
Overload keyword allows to map multiple IP addresses to a single registered IP address (many-to-one) by
using different ports.
The question said that appropriate interfaces have been configured for NAT inside and NAT outside
statements.
This is how to configure the NAT inside and NAT outside, just for your understanding:
Weaver(config)#interface fa0/0
Weaver(config-if)#ip nat inside
Weaver(config-if)#exit
Weaver(config)#interface s0/0
Weaver(config-if)#ip nat outside
110 of 629
Cisco - 200-125
Weaver(config-if)#end
Finally, we should save all your work with the following command:
Weaver#copy running-config startup-config
Check your configuration by going to "Host for testing" and type:
C :\>ping 192.0.2.114
The ping should work well and you will be replied from 192.0.2.114
Which functions can be centralized by an SDN controller?
A. services-plane functions
B. control-plane functions
C. data-plane functions
D. management-plane functions
Answer: C
Which WAN technology uses labels to make decisions about data forwarding?
A. Metro Ethernet
B. Frame Relay
C. MPLS
D. ISDN
E. VSAT
Answer: C
How does a Cisco switch respond if you boot it without a valid configuration in the NVRAM?
A. it enters setup mode.
B. it uses the running –configuration
111 of 629
Cisco - 200-125
C. It prompts you to restore the startup configuration
D. it enters user EXEC mode.
Answer: B
Drag and drop the PDUs from the left onto the correct TCP/IP layers on the right.
Answer:
112 of 629
Cisco - 200-125
Explanation
http://knutsonco.tripod.com/id9.html
113 of 629
Cisco - 200-125
For which two protocols can PortFast alleviate potential host startup issues? (Choose two.)
A. DHCP
B. DNS
C. OSPF
D. RIP
E. CDP
Answer: A E
Which VLAN bridge priority value will make a switch as root for a given VLAN from the below options by
the spanning-tree vlan vlan-id root command?
A. 16384
114 of 629
Cisco - 200-125
B. 8192
C. 28672
D. 32768
Answer: B
Drag and drop each advantage of static or dynamic routing from the left onto the correct routing type on the
right.
Answer:
115 of 629
Cisco - 200-125
Explanation
How many primary IPv4 addresses can be assigned to an interface?
A. unlimited
B. 8
C. 2
D. 1
Answer: A
Explanation
CiscoIOS software supports multiple IP addresses per interface. You can specify an unlimited number of
secondary addresses.
116 of 629
Cisco - 200-125
Drag and Drop the route source codes in a routing table from the left onto the correct meanings on the right.
Answer:
117 of 629
Cisco - 200-125
Explanation
118 of 629
Cisco - 200-125
From which PPPoE server configuration does a PPPoE client get an IP address?
A. AAA authentication
B. DHCP
C. dialer interface
D. virtual-template interface
Answer: D
On which OSI layer does a VLAN operate?
A. Layer 1
B. Layer 2
119 of 629
Cisco - 200-125
C. Layer 3
D. Layer 4
Answer: B
Which task must you perform to enable an lOS device to use DNS services?
A. Configure manual bindings
B. Configure a name server
C. Configure the relay agent information option.
D. Configure a relay agent information reforwarding policy
Answer: B
Explanation
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr_dns/configuration/15-mt/dns-15-mt-book/dns-config-dns.htm
Which two statements about eBGP neighbor relationships are true? (Choose two)
A. The two devices must reside in different autonomous systems
B. Neighbors must be specifically declared in the configuration of each device
C. They can be created dynamically after the network statement is configured.
D. The two devices must reside in the same autonomous system
E. The two devices must have matching timer settings
Answer: A B
A corporation wants to add security to its network. The requirements are:
Host C should be able to use a web browser (HTTP) to access the Finance Web Server.
Other types of access from host C to the Finance Web Server should be blocked.
All access from hosts in the Core or local LAN to the Finance Web Server should be blocked.
120 of 629
Cisco - 200-125
All hosts in the Core and on local LAN should be able to access the Public Web Server.
You have been tasked to create and apply a numbered access list to a single outbound interface. This access
list can contain no more than three statements that meet these requirements.
All passwords have been temporarily set to “cisco”.
The Core connection uses an IP address of 198.18.209.65.
The computers in the Hosts LAN have been assigned addresses of 192.168.78.1 – 192.168.78.254.
host A 192.168.78.1
host B 192.168.78.2
host C 192.168.78.3
host D 192.168.78.4
The Finance Web Server has been assigned an address of 172.22.146.17.
The Public Web Server in the Server LAN has been assigned an address of 172.22.146.18.
121 of 629
Cisco - 200-125
122 of 629
Cisco - 200-125
123 of 629
Cisco - 200-125
124 of 629
Cisco - 200-125
Please see below explanation part for details answer steps:
Explanation
We should create an access-list and apply it to the interface that is connected to the Server LAN because it can
filter out traffic from both S2 and Core networks. To see which interface this is, use the “show ip int brief”
command:
From this, we know that the servers are located on the fa0/1 interface, so we will place our numbered access
list here in the outbound direction.
Corp1#configure terminal
Our access-list needs to allow host C – 192.168125.3 to the Finance Web Server 172.22.109.17 via HTTP
(port 80), so our first line is this:
Corp1(config)#access-list 100 permit tcp host 192.168.125.3 host 172.22.109.17 eq 80
Then, our next two instructions are these:
Other types of access from host C to the Finance Web Server should be blocked.
All access from hosts in the Core or local LAN to the Finance Web Server should be blocked.
This can be accomplished with one command (which we need to do as our ACL needs to be no more than 3
125 of 629
Cisco - 200-125
lines long), blocking all other access to the finance web server:
Corp1(config)#access-list 100 deny ip any host 172.22.109.17
Our last instruction is to allow all hosts in the Core and on the local LAN access to the Public Web Server
(172.22.109.18)
Corp1(config)#access-list 100 permit ip host 172.22.109.18 any
Finally, apply this access-list to Fa0/1 interface (outbound direction)
Corp1(config)#interface fa0/1
Notice: We have to apply the access-list to Fa0/1 interface (not Fa0/0 interface) so that the access-list can filter
traffic coming from both the LAN and the Core networks.
To verify, just click on host C to open its web browser. In the address box type http://172.22.109.17 to check
if you are allowed to access Finance Web Server or not. If your configuration is correct then you can access it.
Click on other hosts (A, B and D) and check to make sure you can’t access Finance Web Server from these
hosts. Then, repeat to make sure they can reach the public server at 172.22.109.18. Finally, save the
configuration
Corp1#copy running-config startup-config
Routers R1 and R2 are on the same network segment, and both routers use interface GigabitEthernet0/0. If R1
loses communication to R2, which two items should you check as you begin troubleshooting? (Choose two.)
A. Verify that R2 is using 802.1q encapsulation.
B. Verify that the GigabitEthernet0/0 interfaces on R1 and R2 are configured with the same subnetmask.
C. Verify that the R1 GigabitEthernet0/0 interface is up and the line protocol is down.
D. Verify that R1 and R2 both are using HDLC encapsulation.
E. Verify that the R1 GigabitEthernet0/0 interface is up and the line protocol is up.
Answer: B E
126 of 629
Cisco - 200-125
An administrator is working with the 192.168.4.0 netwrok, which has been subnetted with a /26 mask. Which
two addresses can be assigned to hosts within the same subnet? (Choose two.)
A. 192.168.4.67
B. 192.168.4.61
C. 192.168.4.128
D. 192.168.4.132
E. 192.168.4.125
F. 192.168.4.63
Answer: A E
Which IPv6 routing protocol uses multicast group FF02::9 to send updates?
A. static
B. RIPng
C. OSPFv3
D. IS-IS for IPv6
Answer: B
127 of 629
Cisco - 200-125
You are configuring the router to provide Static NAT for the web server. Drag and drop the configuration
commands from left onto the letters that correspond to its position in the configuration on the right.
Answer:
128 of 629
Cisco - 200-125
Explanation
129 of 629
Cisco - 200-125
The exhibit is showing the topology and the MAC address table. Host A sends a data frame to host D. Which
option describes what the switch will do when it receives the frame from host A?
A. The switch will flood the frame out of all ports except for port Fa0/3.
B. The switch will add the destination address of the frame to the MAC address table and forward theframe
to host D.
C. The switch will add the source address and port tothe MAC address table and forward the frame to host
D.
D. The switch will discard the frame and send an error message back to host A.
Answer: C
Which three statements are typical characteristics of VLAN arrangements? (Choose three.)
A. VLANscannot span multiple switches.
B. VLANs typically decrease the number of collision domains.
C. Connectivity between VLANs requires a Layer 3 device.
D. Each VLAN uses a separate address space.
E. A new switch has no VLANs configured.
F. A switch maintainsa separate bridging table for each VLAN.
Answer: C D F
Which three statements about DWDM are true? (Choose three)
A. It allows a single strand of fiber to support bidirectional communications
130 of 629
Cisco - 200-125
B. It is used for long-distance and submarine cable systems
C. It can multiplex up to 256 channels on a single fiber
D. It supports both the SDH and SONET standards
E. Each channel can carry up to a 1-Gbps signal
F. It supports simplex communications over multiple strands of fiber
Answer: C D E
Explanation
ref: https://www.cisco.com/en/US/products/hw/optical/ps2011/products_data_sheet09186a008012a900.html
Router R1 has a static router that is configured to a destination network. A directly connected inference is
configured with an ip address in the same destination network . which statement about R1 is true ?
A. R1 refuses to advertise the dynamic route to other neighbors
B. R1 sends a withdrawal signal to the neighboring router
C. R1 disables the routing protocol
D. R1 prefers the directly connected interface
Answer: D
Which two statements about fiber cable are true? (Choose two)
A. Single-mode fiber supports SC and LC connectors only.
B. Multimode cable supports speeds between 100 Mbps and 9.92 Gbps.
C. Single-mode cable is most appropriate for installations longer than 10 km.
D. Fiber cable is relatively inexpensive and supports a higher data rate than coaxial cable.
E. Mulitimode cable supports speeds between 100 Mbps and 100 Gpbs.
Answer: C D
131 of 629
Cisco - 200-125
In which circumstance is static routing most useful?
A. on a stub network
B. on a network with frequent routingchanges
C. on a network that experiences frequent link failures
D. on a large network that must share routes quickly between routers
Answer: A
Which two pieces of information can be shared with LLDP TLVs? (Choose two)
A. device management address
B. device type
C. spanning-tree topology
D. routing configuration
E. access-list configuration
Answer: A B
Explanation
TLV advertises a single type of information such as its device ID, type or management addresses.
Which purpose of the network command in OSPF configuration mode is true?
A. It defines a wildcard mask to identify the sizeof the network.
B. It defines the area ID.
C. It defines the network by its classful entry.
D. It defines which networks are used for virtual links.
Answer: A
132 of 629
Cisco - 200-125
Which type does a port become when it receives the best BPDU on a bridge?
A. the backup port
B. the root port
C. thedesignated port
D. the alternate port
Answer: B
Drag and drop the steps to configure a basic GRE tunnel from the left into the correct sequence on the right
(Not all options are used)
Answer:
133 of 629
Cisco - 200-125
Explanation
Create a logical tunnel interface
Specify the carrier protocol
Specify the passenger protocol
Specify the source and destination address for the tunnel endpoints.
In which two ways can you prevent recursive routing in a tunneled environment? (Choose two)
A. Configure routes through the tunnel with a lower metric than other routes.
B. Configure route filtering to prevent the tunnel endpoints from learning each other through the tunnel.
C. Enable QoS on the link.
D. Configure routes through the tunnel with a higher metric than other routes.
E. configure GRE keepalives on the tunnel interface.
Answer: B D
134 of 629
Cisco - 200-125
Which option must occur before a workstation can exchange HTTP packets with a web server?
A. An ICMP connection must be established between the workstation and the web server.
B. A UDP connection must be established between the workstation and its default gateway.
C. A TCP connection must be established between the workstation and its default gateway.
D. A UDP connection must be established between the workstation and the web server.
E. An ICMP connection must be established between the workstation and its default gateway.
F. A TCP connection must be established between the workstation and the web server.
Answer: F
You work as a network engineer for SASCOM Network Ltd company. On router HQ, a provider link has been
enabled and you must configure an IPv6 default route on HQ and make sure that this route is advertised in
IPv6 OSPF process. Also, you must troubleshoot another issue. The router HQ is not forming an IPv6 OSPF
neighbor relationship with router BR.
Topology Details
Two routers HQ and BR are connected via serial links.
Router HQ has interface Ethernet0/1 connected to the provider cloud and interface Ethernet 0/0 connected to
RA1
Router BR has interface Ethernet 0/0 connected to another router RA2.
IPv6 Routing Details
Ail routers are running IPv6 OSPF routing with process ID number 100 Refer to the topology diagram for
information about the OSPF areas The Loopback 0 IPv4 address is the OSPF router ID on each router
Configuration requirements
• Configure IPv6 default route on router HQ with default gateway as 2001:DB8:B:B1B2::1.
• Verify by pinging provider test IPv6 address 2001 :DB8:0:1111:1 after configuring default route on HQ.
• Make sure that the default route is advertised in IPv6 OSPF on router HQ This default route should be
advertised only when HQ has a default route in its routing table.
135 of 629
Cisco - 200-125
• Router HQ is not forming IPv6 OSPF neighbor with BR. You must troubleshoot and resolve this issue
Special Note: To gain the maximum number of points, you must complete the necessary configurations and fix
IPv6 OSPF neighbor issue with router BR IPv6 OSPFv3 must be configured without using address families.
Do not change the IPv6 OSPF process ID.
See the full configuration and steps below.
Explanation
1-configure default route on router HQ : ipv6 unicast-routing
ipv6 route ::/0 2001:DB8:B:B1B2::1
2-advertise this route under ospfv3
Ipv6 router ospf 100
Default-information originate
3-fix adjacency problem if a area mismatches
136 of 629
Cisco - 200-125
We need to enter in s1/0
Ipv6 ospf 100 area 0
Which command do use we to see SNMP version
A. show snmp pending
B. show snmp engineID
C. snmp-server something
Answer: A
Explanation
ref:
https://www.cisco.com/c/en/us/td/docs/ios/12_2/configfun/command/reference/ffun_r/frf014.html#wp1053304
Which statement describes the effect of the overload keyword in the ip nat inside source list 90 interface
ethernet 0/0 overload command?
A. Addresses that match access listinsideare translated to the IP address of the Ethernet 0/0 interface.
B. Hosts that match access listinsideare translated to an address in the Ethernet 0/0 network.
C. Hosts on the Ethernet 0/0 LAN are translated to the address pool in access list90.
D. Addressesthat match access list90are translated through PAT to the IP address of the Ethernet 0/0
interface.
Answer: D
On a live network, which two commands will verify the operational status of router interfaces? (Choose two.)
A. Router# show ip interface brief
B. Router# debug interface
C. Router# show ip protocols
137 of 629
Cisco - 200-125
D. Router# show interfaces
E. Router# show start
Answer: A D
For which two reasons was RFC 1918 address space define (Choose two)
A. to preserve public IPv4 address space
B. to reduce the occurrence of overlapping IP addresses
C. to preserve public IPv6 address space
D. reduce the size of ISP routing tables
E. to support the NAT protocol
Answer: A E
What is the default encapsulation type for Cisco WAN serial interfaces?
A. Frame Relay
B. HDLC
C. PPP
D. SDLC
Answer: B
Which functionality does an SVI provide?
A. OSI Layer 2 connectivity to switches
B. remote switch administration
C. traffic routing for VLANs
D. OSI Layer 3 connectivity to switches
138 of 629
Cisco - 200-125
Answer: C
Which protocol verifies connectivity between two switches that are configured with IP addresses in the same
network?
A. ICMP
B. STP
C. VTP
D. HSRP
Answer: A
Under which two circumstances is network traffic most likely to use an Exterior Gateway Routing Protocol?
(Choose two)
A. When an employee connects to an employer branch office in a different city.
B. When network traffic is routing to a different building on a corporate campus.
C. When an employee is browsing the public internet.
D. When an employee checks email while working onsite at the data center.
E. When a user browsing the web site of a business partner.
Answer: A D
A network associate is adding security to the configuration of the Corp1 router. The user on host C should be
able to use a web browser to access financial information from the Finance Web Server. No other hosts from
the LAN nor the Core should be able to use a web browser to access this server. Since there are multiple
resources for the corporation at this location including other resources on the Finance Web Server, all other
traffic should be allowed.
The task is to create and apply an access-list with no more than three statements that will allow ONLY host C
web access to the Finance Web Server. No other hosts will have web access to the Finance Web Server. All
other traffic is permitted.
139 of 629
Cisco - 200-125
All passwords have been temporarily set to "cisco".
The Core connection uses an IP address of 198.18.247.65
The computers in the Hosts LAN have been assigned addresses of 192.168.240.1 - 192.168.240.254
host A 192.168.240.1
host B 192.168.240.2
host C 192.168.240.3
Corp1#conf t
Corp1(config)# access-list 128 permit tcp host 192.168.240.1 host 172.22.141.26 eq www
Corp1(config)# access-list 128 deny tcp any host 172.22.141.26 eq www
Corp1(config)# access-list 128 permit ip any any
Corp1(config)#int fa0/1
Corp1#copy run startup-config
An administrator has connected devices to a switch and, for security reasons, wants the dynamically learned
MAC addresses from the address table added to the running configuration. Which action must be taken to
accomplish this?
140 of 629
Cisco - 200-125
A. Use theno switchport port-securitycommand to allow MAC addresses to be added to the configuration.
B. Enable port security and use the keywordsticky.
C. Set the switchport mode to trunk and save the running configuration.
D. Use theswitchport protectedcommand to have the MAC addresses added to the configuration.
Answer: B
Which three commands are required to enable NTP authentication on a Cisco router? (Choose three)
A. ntp peer
B. ntp max-associations
C. ntp authenticate
D. ntp trusted-key
E. ntp authentication-key
F. ntp refclock
Answer: C D E
Explanation
http://blog.ine.com/2007/12/28/how-does-ntp-authentication-work/
What is the subnet address of 192.168.1.42 255.255.255.248?
A. 192.168.1.16/28
B. 192.168.1.32/27
C. 192.168.1.40/29
D. 192.168.1.8/29
E. 192.168.1.48/29
Answer: C
141 of 629
Cisco - 200-125
Which value can you modify to configure a specific interface as the preferred forwarding interface?
A. the VLAN priority
B. the hello time
C. the port priority
D. the interface number
Answer: C
Which Cisco SDN controller supports existing enterprise network devices?
A. APIC-EM
B. OpenFlow
C. Open SDN
D. ACI
Answer: C
Which three checks must you perform when troubleshooting EIGRPv6 adjacencies? (Choose three.)
A. Verify that IPv6 enabled.
B. Verify that thenetworkcommand has been configured.
C. Verify that auto summary is enabled.
D. Verify that the interface is up.
E. Verify that an IPv4 address has been configured.
F. Verify that the router ID has been configured.
Answer: A D F
142 of 629
Cisco - 200-125
Drag and Drop the descriptions of IP protocol transmissions from the left onto the correct IP traffic types on
the right.
Answer:
143 of 629
Cisco - 200-125
Explanation
144 of 629
Cisco - 200-125
A TFTP server has recently been instated in the Atlanta office. The network administrator is located in the NY
145 of 629
Cisco - 200-125
office and has made a console connection to the NY router. After establishing the connection they are unable
to backup the configuration file and iOS of the NY router to the TFTP server. What is the cause of this
problem?
A. The TFTP server has an incorrect subnet mask.
B. The TFTP server has an incorrect IP address.
C. The network administrator computer has an incorrect IP address.
D. The NY router has an incorrect subnet mask.
Answer: A
Which two statements are true regarding ICMP packets? (Choose two.)
A. They are encapsulated within IP datagrams.
B. They guarantee datagram delivery.
C. TRACERT uses ICMP packets.
D. They acknowledge receipt of TCP segments.
E. They are encapsulated within UDP datagrams.
Answer: A C
The two routers have had their startup configurations cleared and have been restarted. At a minimum, which
option below must the administrator do to enable CDP to exchange information between R1 and R2?
146 of 629
Cisco - 200-125
A. Configure the router with thecdp enablecommand.
B. Configure IP addressing andno shutdowncommands on both the R1 and R2 fa0/1 interfaces.
C. Configure IP addressing andno shutdowncommands on either of the R1 or R2 fa0/1 interfaces.
D. Enterno shutdowncommands on the R1 and R2 fa0/1 interfaces.
Answer: D
Which command can you enter to assign an interface to the default VLAN?
A. Switch(config-if)# switchport access vlan 1
B. Switch(config-if)# switchport trunk native vlan 1
C. Switch(config-if)# vlan 1
D. Switch(config)# int vlan 1
Answer: A
Which command can you enter in a network switch configuration so that learned mac addresses are saved in
configuration as they connect ?
A. Switch(confg-if)#Switch port-security
B. Switch(confg-if)#Switch port-security Mac-address sticky
C. Switch(confg-if)#Switch port-security maximum 10
D. Switch(confg-if)#Switch mode access
Answer: B
Which statement about using MPLS for WAN connectivity is true?
A. it cannot be deployed using a single carrier.
B. It can be deployed in redundant and nonredundant topologies.
147 of 629
Cisco - 200-125
C. It can be deployed using LAN aggregation.
D. It must be deployed in a redundant topology.
Answer: A
Which two statements about EIGRP on IPv6 networks are true? (Choose two)
A. it is globally configured
B. it is configured on the interface
C. it supports a shutdown feature
D. it is configured using a network statement
E. it is a vendor agnostic.
Answer: B C
Explanation
https://www.cisco.com/c/en/us/support/docs/ip/enhanced-interior-gateway-routing-protocol-eigrp/113267-eigrp-ipv6-00
Which two VLANs are reserved for system use only? (Choose two.)
A. 2
B. 4095
C. 1001
D. 4096
E. 1
F. 0
Answer: B F
Explanation
148 of 629
Cisco - 200-125
Drag and drop the network programmability features from the left onto the correct description on the right.
149 of 629
Cisco - 200-125
Answer:
Explanation
150 of 629
Cisco - 200-125
What are types of IPv6 static routes? (Choose Three )
A. Recursive Static routes
B. Directly connected static routes
C. Fully specified static routes
D. Dynamically specified static routes
E. injected static routes
F. Redistributed static routes
Answer: A B C
Static Routes
Directly Attached Static Routes
Recursive Static Routes
Fully Specified Static Routes
Floating Static Routes
151 of 629
Cisco - 200-125
Drag and drop the MAC address types from the left onto the correct descriptions on the right?
Answer:
Explanation
152 of 629
Cisco - 200-125
153 of 629
Cisco - 200-125
An administrator cannot connect from R1 to R2. To troubleshoot this problem, the administrator has entered
the command shown in the exhibit. Based on the output shown, what could be the problem?
A. The serial interface is configured for the wrong frame size.
B. The serial interface does not have a cable attached.
C. The serial interface has the wrong type of cable attached.
D. The serialinterface has a full buffer.
E. The serial interface is configured for half duplex.
Answer: C
Which statement about VLAN configuration is true?
A. The switch must be in config-vlan mode before you configure an extended VLAN.
B. Dynamic inter-VLAN routing is supported on VLAN 2 through VLAN 4064.
C. A switch in VTP transparent mode saves the VLAN database to the running configuration only.
D. The switch must be in VTP server or transparent mode before you configure a VLAN.
Answer: D
154 of 629
Cisco - 200-125
A network has been planned as shown. Which three statements accurately describe the areas and devices in the
network plan? (Choose three.)
A. Area 2 contains a Layer 2 device.
B. Network DeviceB is a hub.
C. Network Device A is a hub.
D. Network Device A is a switch.
E. Area 1 contains a Layer 2 device.
F. Network Device B is a switch.
Answer: B D E
Which command can you enter to block HTTPS traffic from the whole class A private network range to a
host?
A. R1(config)#access-list 105 deny tcp 10.1.0.0 0.0.255.255 40.0.0.2 0.0.0.0 eq 443
B. R1(config)#access-list 105 deny tcp 10.1.0.0 0.0.255.255 40.0.0.2 0.0.0.0 eq 53
C. R1(config)#access-list 105 deny tcp 10.0.0.0 0.255.255.255 40.0.0.2 0.0.0.0 eq 53
D. R1(config)#access-list 105 deny tcp 10.0.0.0 0.255.255.255 40.0.0.2 0.0.0.0 eq 443
155 of 629
Cisco - 200-125
Answer: D
Which two functions can be performed by a local DNS server? (Choose two)
A. transferring spirt horizon traffic between zones
B. Forwarding name resolution requests to an external DNS server
C. assigning IP addresses to local clients
D. resolving names locally
E. copying updatedIOS images to Cisco switches
Answer: B D
Which command can you enter on a switch to determine the current SNMP security model ?
A. Show snmp pending
B. show snmp group
C. snmp server contact
D. show snmp engineID
Answer: B
Explanation
show snmp group
To display the names of groups on the router and the security model, the status of the different views, and the
storage type of each group, use the show snmp group EXEC command.
show snmp group
https://www.cisco.com/c/en/us/td/docs/ios/12_2/configfun/command/reference/ffun_r/frf014.html
***ip dhcp pool my pool******
156 of 629
Cisco - 200-125
***network 192.168.10.0/27***
***domain name cisco.com***
****name server some ip***
Dhcp client in the back can not communicate with hosts in the outside of their subnet ?
A. need to activate dhcp pool
B. need to configure default gateway
C. other option
D. other option
Answer: B
Which two of these functions do routers perform on packets? (Choose two.)
A. update the Layer 3 headers of outbound packets so that the packets are properly directed to valid next
hops
B. update the Layer 2 headers of outbound packets with the MAC addresses of the next hops
C. examine the Layer 3 headers of inbound packets and use that information to determine the complete
paths along which the packets will be routed to their ultimate destinations
D. examine the Layer 3 headers of inbound packets and use that information to determine the next hops for
the packets
E. examine the Layer 2 headers of inbound packets and use that information to determine the next hops for
the packets
F. update the Layer 3 headers of outbound packets so that the packets are properly directed to their ultimate
destinations
Answer: B D
157 of 629
Cisco - 200-125
Refer to the exhibit. The enterprise has decided to use the network address 172.16.0.0. The network
administrator needs to design a classful addressing scheme to accommodate the three subnets, with 30, 40, and
50 hosts, as shown. Which subnet mask would accommodate this network?
A. 255.255.255.224
B. 255.255.255.240
C. 255.255.255.252
D. 255.255.255.248
E. 255.255.255.192
Answer: E
158 of 629
Cisco - 200-125
Which command is simplest to configure routing between the regional office network 10.89.0.0/20 and the
corporate network?
A. router2(config)#ip route 0.0.0.0 0.0.0.0 10.89.16.1
B. router2(config)#ip route 10.89.3.0 255.255.0.0 10.89.16.2
C. router1(config)#ip route 10.89.0.0 255.255.240.0 10.89.16.1
D. router1(config)#ip route 10.89.0.0 255.255.240.0 10.89.16.2
Answer: A
Which three statements are true about the operation of a full-duplex Ethernet network? (Choose three.)
A. The host network card and the switch port must be capable of operating in full-duplex mode.
B. Ethernet hub ports are preconfigured for full-duplex mode.
C. A dedicated switch port is required for each full-duplex node.
D. There are no collisions in full-duplex mode.
159 of 629
Cisco - 200-125
E. In a full-duplex environment, the host network card must check for the availability of the network media
before transmitting.
Answer: A C D
Which two statements about switch stacking are true? (Choose two)
A. The stack is powered by a single power cable
B. The switches are connected in a daisy-chain fashion
C. The first and last switch in the stack must be connected to one another
D. The switches are connected by crossover cables
E. The switches must be fully meshed
Answer: A B
Which protocol does ipv6 use to discover other ipv6 nodes on the same segment?
A. CLNS
B. TCPv6
C. NHRP
D. NDP
E. ARP
Answer: D
Explanation
ref : https://tools.ietf.org/html/rfc4861
Which command must you enter to enable OSPFv2 in an IPv4 network ?
A. ip ospf hello-interval seconds
160 of 629
Cisco - 200-125
B. router ospfv2 process-id
C. router ospf value
D. router ospf process-id
Answer: D
If two OSPF neighbors have formed complete adjacency and are exchanging link-state advertisements, which
state have they reached?
A. Exstart
B. 2-Way
C. FULL
D. Exchange
Answer: C
Explanation
https://www.google.com/search?q=state+ospf&source=lnms&tbm=isch&sa=X&ved=0ahUKEwjg7ebXjtLVAhXJAsAK
Which tunneling mechanism embeds an IPv4 address within an IPv6 address?
A. Teredo
B. 6to4
C. 4to6
D. GRE
E. ISATAP
Answer: B
Explanation
ref :https://tools.ietf.org/html/rfc6052#section-2
161 of 629
Cisco - 200-125
Which table displays the MAC addresses that are learned on a switch?
A. FIB
B. ARP
C. TCAM
D. CAM
Answer: D
Which benefit of implementing a dual-homed WAN connection instead of a single homed connection is true?
A. Only dual-homed connections support recursive routing
B. Only dual-homed connections support split horizon with EIGRP
C. Only dual-homed connections enable an individual router to tolerate the loss of a network link
D. Only dual-homed connections support OSPF in conjunction with BGP
Answer: C
Drag and drop the descriptions of logging from the left onto the correct logging features or compenents on the
right.
162 of 629
Cisco - 200-125
Answer:
163 of 629
Cisco - 200-125
Explanation
Accespt incoming cnc over vty lines-----------------------terminal
Display logging inf during a terminal session----------terminal monitor
Provides loval access to a device------------------------console
Stores log msg externally --------------------------------syslog server logging
Stores log msg in RAM------------------------------------buffered logging
164 of 629
Cisco - 200-125
Refer to the exhibit. Which switch in this configuration becomes the root bridge?
A. SW1
B. SW2
C. SW3
D. SW4
Answer: C
If CDP is enabled on all devices and interfaces, which devices will appear in the output of a show cdp
neighbors command issued from R2?
A. R1, S1, S2, R3 and S3
B. R2 and R3
165 of 629
Cisco - 200-125
C. R3 and S2
D. R1 and R3
E. R1, S1, S2, and R3
Answer: C
Which sequence begins a unique local IPv6 address in binary notation?
A. 1111110
B. 1111111
C. 00000000
D. 1111100
Answer: A
Which NAT term is defined as a group of addresses available for NAT use?
A. NAT pool
B. dynamic NAT
C. static NAT
D. one-way NAT
Answer: A
Which two IP SLA operations can you use to measure the end-to-end response time for all IP traffic between a
Cisco router and an end device?
A. ICMP path echo
B. UDP echo
C.
166 of 629
Cisco - 200-125
C. ICMP path jitter
D. UDP jitter
E. TCP connect
F. ICMP echo
Answer: A F
Drag and drop the route source codes in a routing table from the left onto the correct meanings on the right.
Answer:
167 of 629
Cisco - 200-125
Explanation
168 of 629
Cisco - 200-125
Refer to the exhibit. Which command would you use to configure a static route on Router1 to network
192.168.202.0/24 with a nondefault administrative distance?
A. router1(config)#ip route 192.168.202.0 255.255.255.0 192.168.201.2 1
B. router1(config)#ip route 192.168.202.0 255.255.255.0 192.168.201.2 5
C. router1(config)#ip route 1 192.168.201.1 255.255.255.0 192.168.201.2
D. router1(config)#ip route 5 192.168.202.0 255.255.255.0 192.168.201.2
Answer: A
If a host experiences intermittent issues that relate to congestion within a network while remaining connected,
which option could cause congestion on this LAN?
A. multicasting
B. network segmentation
C. broadcast storms
D.
169 of 629
Cisco - 200-125
D. half-duplex operation
Answer: C
Drag and drop the DNS lookup components from the left onto the correct functions on the right.
Answer:
170 of 629
Cisco - 200-125
Explanation
171 of 629
Cisco - 200-125
After you configure a default route to the Internet on a router, the route is missing from the routing table.
Which option describes a possible reason for the problem?
A. The next-hop address is unreachable.
B. The default route was configured on a passive interface.
C. Dynamic routing is disabled.
D. Cisco Discovery Protocol is disabled on the interface used to reach the next hop.
Answer: A
Which command can you enter to configure an IPv6 floating static route?
A. router(config)#ipv6 route FE80:0202::/32 serial 0/1 1
B. router (config)#ipv6 route ::/0 serial 0/1
C. router(config)#ipv6 route static resolve default
D. router(config)#ipv6 route FE80.0202::/32 serial 0/1 201
Answer: D
What is the most efficient subnet mask for a point to point ipv6 connection?
A. /127
B. /128
C. /64
D. /48
E. /32
Answer: B
Explanation
ref : https://tools.ietf.org/html/rfc6164
172 of 629
Cisco - 200-125
Which three features are represented by the letter A in AAA authentication? (Choose three.)
A. authorization
B. accountability
C. authority
D. authentication
E. accounting
F. accessibility
Answer: A D E
Which VLAN bridge priority value is assigned by the set spantree root command?
A. 8192
B. 16384
C. 28672
D. 32768
Answer: A
Which command can you enter to configure an IPv6 static route?
A. router(config)#ipv6 route FE80:0202::/32 serial 0/1 1
B. router(config)#ipv6 route FE80:0202::/32 serial 0/1 201
C. router(config)#ipv6 route ::/0 serial 0/1
D. router(config)#ipv6 route static resolve default
Answer: B
173 of 629
Cisco - 200-125
Which statement describes the effect of the copy run start command on a router in enable mode?
A. The running configuration of the router is savedto NVRAM and used during the boot process.
B. The router reboots and loads the last saved running configuration.
C. A copy of the running configuration of the router is sent by FTP to a designated server.
D. A new running configuration is loaded from flashmemory to the router.
Answer: A
Which adverse situation can occur if an Ethernet cable is too long?
A. late collisions
B. giants
C. interface resets
D. runts
Answer: A
Why would a network administrator configure port security on a switch?
A. to limit the number of Layer 2 broadcasts on a particular switch port
B. to prevent unauthorized Telnet access to a switch port
C. to prevent unauthorized hosts from accessing the LAN
D. block unauthorized access to the switch management interfaces
Answer: C
174 of 629
Cisco - 200-125
Topic 3, New Pool Exam C

Scenario
Refer to the topology. Your company has decided to connect the main office with three other remote branch
offices using point-to-point serial links.
You are required to troubleshoot and resolve OSPF neighbor adjacency issues between the main office and the
routers located in the remote branch offices.
175 of 629
Cisco - 200-125
176 of 629
Cisco - 200-125
177 of 629
Cisco - 200-125
178 of 629
Cisco - 200-125
An OSPF neighbor adjacency is not formed between R3 in the main office and R6 in the Branch3 office. What
is causing the problem?
A. There is an area ID mismatch.
B. There is a PPP authentication issue; the username is not configured on R3 and R6.
C. There is an OSPF hello and dead interval mismatch.
D. The R3 router ID is configured on R6.
Answer: D
Explanation
Using the show running-config command we see that R6 has been incorrectly configured with the same router
ID as R3 under the router OSPF process.
179 of 629
Cisco - 200-125
Which two statements about IPv6 and routing protocols are true? (Choose two.)
A. Link-local addresses are used to form routing adjacencies.
B. OSPFv3 was developed to support IPv6 routing.
180 of 629
Cisco - 200-125
C. EIGRP, OSPF, and BGP are the only routing protocols that support IPv6.
D. Loopback addresses are used to form routing adjacencies.
E. EIGRPv3 was developed to support IPv6 routing.
Answer: A B
Where does routing occur within the DoD TCP/IP reference model?
A. application
B. internet
C. network
D. transport
Answer: B
Explanation
The picture below shows the comparison between TCP/IP model & OSI model. Notice that the Internet Layer
of TCP/IP is equivalent to the Network Layer which is responsible for routing decision.
Scenario:
181 of 629
Cisco - 200-125
You work for a company that provides managed network services, and of your real estate clients running a
small office is experiencing network issues, Troubleshoot the network issues.
Router R1 connects the main office to internet, and routers R2 and R3 are internal routers
NAT is enabled on Router R1.
The routing protocol that is enable between routers R1, R2, and R3 is RIPv2.
R1 sends default route into RIPv2 for internal routers to forward internet traffic to R1.
Server1 and Server2 are placed in VLAN 100 and 200 respectively, and dare still running router on stick
configuration with router R2.
You have console access on R1, R2, R3, and L2SW1 devices. Use only show commands to troubleshoot the
issues.
182 of 629
Cisco - 200-125
183 of 629
Cisco - 200-125
184 of 629
Cisco - 200-125
185 of 629
Cisco - 200-125
186 of 629
Cisco - 200-125
187 of 629
Cisco - 200-125
188 of 629
Cisco - 200-125
189 of 629
Cisco - 200-125
190 of 629
Cisco - 200-125
191 of 629
Cisco - 200-125
192 of 629
Cisco - 200-125
193 of 629
Cisco - 200-125
194 of 629
Cisco - 200-125
195 of 629
Cisco - 200-125
196 of 629
Cisco - 200-125
197 of 629
Cisco - 200-125
198 of 629
Cisco - 200-125
199 of 629
Cisco - 200-125
200 of 629
Cisco - 200-125
201 of 629
Cisco - 200-125
202 of 629
Cisco - 200-125
203 of 629
Cisco - 200-125
204 of 629
Cisco - 200-125
205 of 629
Cisco - 200-125
206 of 629
Cisco - 200-125
Server1 and Server2 are unable to communicate with the rest of the network. Your initial check with system
administrators shows that IP address settings are correctly configured on the server side. What could be an
issue?
A. The VLAN encapsulation is misconfigured on the router subinterfaces.
B. The IP address is misconfigured on the primary router interface.
C. The Router is missing subinterface configuration.
207 of 629
Cisco - 200-125
D. The Trunk is not configured on the L2SW1 switch.
Answer: A
Explanation
Which three statements accurately describe Layer 2 Ethernet switches? (Choose three.)
A. Spanning Tree Protocol allows switches to automatically share VLAN information.
B. Establishing VLANs increases the number of broadcast domains.
C. Switches that are configured with VLANs make forwarding decisions based on both Layer 2 and Layer
3 address information.
D. Microsegmentation decreases the number of collisions on the network.
E. In a properly functioning network with redundant switched paths, each switched segment will contain
one root bridge with all its ports in the forwarding state. All other switches in that broadcast domain will
have only one root port.
F. If a switch receives a frame for an unknown destination, it uses ARP to resolve the address.
Answer: B D E
Explanation
Microsegmentation is a network design (functionality) where each workstation or device on a network gets its
own dedicated segment (collision domain) to the switch. Each network device gets the full bandwidth of the
segment and does not have to share the segment with other devices. Microsegmentation reduces and can even
eliminate collisions because each segment is its own collision domain ->.
Note: Microsegmentation decreases the number of collisions but it increases the number of collision domains.
208 of 629
Cisco - 200-125
Which two statements about EUI-64 addressing are true? (Choose two)
A. A 64-bit interface identifier is derived from the interface MAC address
B. A 96-bit interface identifier is derived from the interface MAC address.
C. A locally administered address has the universal/local bit set to 0.
D. The address includes the hex digits FFFE after the first 24 bits of the interface MAC address
E. The address includes the hex digits FFFE after the last 24 bits of the interface MAC address
Answer: C D
What value is primarily used to determine which port becomes the root port on each nonroot switch in a
spanning-tree topology?
A. path cost
B. lowest port MAC address
C. VTP revision number
D. highest port priority number
E. port priority number and MAC address
Answer: A
Explanation
The path cost to the root bridge is the most important value to determine which port will become the root port
on each non-root switch. In particular, the port with lowest cost to the root bridge will become root port (on
non-root switch).
Scenario
209 of 629
Cisco - 200-125
210 of 629
Cisco - 200-125
211 of 629
Cisco - 200-125
212 of 629
Cisco - 200-125
B. There is a PPP authentication issue; a password mismatch.
213 of 629
Cisco - 200-125
D. There is a missing network command in the OSPF process on R5.
Answer: C
Explanation
The “show ip ospf interface command on R3 and R5 shows that the hello and dead intervals do not match.
They are 50 and 200 on R3 and 10 and 40 on R5.
Which two are features of IPv6? (Choose two.)
A. anycast
B. broadcast
C. multicast
D. podcast
E. allcast
Answer: A C
Explanation
IPv6 addresses are classified by the primary addressing and routing methodologies common in networking:
unicast addressing, anycast addressing, and multicast addressing.
A unicast address identifies a single network interface. The Internet Protocol delivers packets sent to a
unicast address to that specific interface.
214 of 629
Cisco - 200-125
An anycast address is assigned to a group of interfaces, usually belonging to different nodes. A packet
sent to an anycast address is delivered to just one of the member interfaces, typically the nearest host,
according to the routing protocol’s definition of distance. Anycast addresses cannot be identified easily,
they have the same format as unicast addresses, and differ only by their presence in the network at
multiple points. Almost any unicast address can be employed as an anycast address.
A multicast address is also used by multiple hosts, which acquire the multicast address destination by
participating in the multicast distribution protocol among the network routers. A packet that is sent to a
multicast address is delivered to all interfaces that have joined the corresponding multicast group.
Which two statements about stateful firewalls in an enterprise network are true? (Choose two )
A. They can fitter HTTP and HTTPS traffic in the inbound direction only.
B. They can use information about previous packets to make decisions about future packets.
C. They are most effective when placed in front of the router connected to the Internet.
D. They are more susceptible to DoS attacks than stateless firewalls.
E. They can track the number of active TCP connections.
Answer: C E
Scenario:
issues.
215 of 629
Cisco - 200-125
216 of 629
Cisco - 200-125
217 of 629
Cisco - 200-125
218 of 629
Cisco - 200-125
219 of 629
Cisco - 200-125
220 of 629
Cisco - 200-125
221 of 629
Cisco - 200-125
222 of 629
Cisco - 200-125
223 of 629
Cisco - 200-125
224 of 629
Cisco - 200-125
225 of 629
Cisco - 200-125
226 of 629
Cisco - 200-125
227 of 629
Cisco - 200-125
228 of 629
Cisco - 200-125
229 of 629
Cisco - 200-125
230 of 629
Cisco - 200-125
231 of 629
Cisco - 200-125
232 of 629
Cisco - 200-125
233 of 629
Cisco - 200-125
234 of 629
Cisco - 200-125
235 of 629
Cisco - 200-125
236 of 629
Cisco - 200-125
237 of 629
Cisco - 200-125
238 of 629
Cisco - 200-125
239 of 629
Cisco - 200-125
240 of 629
Cisco - 200-125
241 of 629
Cisco - 200-125
Examine R2 configuration, the traffic that is destined to R3 LAN network sourced from Router R2 is
forwarded to R1 instead R3. What could be an issue?
A. RIPv2 routing updates are suppressed between R2 and R3 using passive interface feature.
B. RIPv2 enabled on R3, but R3 LAN network that is not advertised into RIPv2 domain.
C. No issue that is identified; this behavior is normal since default route propagated into RIPv2 domain by
Router R1.
D. RIPv2 not enabled on R3.
Answer: D
Explanation
As per R3
242 of 629
Cisco - 200-125
243 of 629
Cisco - 200-125
Which two statements are true of the interfaces on Switch1? (Choose two.)
A. Multiple devices are connected directly to FastEthernet0/1.
B. A hub is connected directly to FastEthernet0/5.
C. FastEthernet0/1 is connected to a host with multiple network interface cards.
D. FastEthernet0/5 has statically assigned MAC addresses.
E. FastEthernet0/1 is configured as a trunk link.
F. Interface FastEthernet0/2 has been disabled.
Answer: B E
Explanation
Carefully observe the information given after command show. Fa0/1 is connected to Switch2, seven MAC
addresses correspond to Fa0/1, and these MAC are in different VLAN. From this we know that Fa0/1 is the
trunk interface.
From the information given by show cdp neighbors we find that there is no Fa0/5 in CDP neighbor. However,
244 of 629
Cisco - 200-125
F0/5 corresponds to two MAC addresses in the same VLAN. Thus we know that Fa0/5 is connected to a Hub.
Based on the output shown, there are multiple MAC addresses from different VLANs attached to the
FastEthernet 0/1 interface. Only trunks are able to pass information from devices in multiple VLANs.
Which two features can you enable on a switch to capture and analyze frames that transit an interface ?
(choose two)
A. IP SLA
B. SPAN
C. NetFlow
D. SNMP
E. RSPAN
Answer: C D
Scenario:
You are a junior network engineer for a financial company, and the main office network is experiencing
network issues. Troubleshoot the network issues.
Router R1 connects the main office to the internet, and routers R2 and R3 are internal routers.
NAT is enabled on router R1.
The routing protocol that is enabled between routers R1, R2 and R3 is RIPv2.
R1 sends the default route into RIPv2 for the internal routers to forward internet traffic to R1.
You have console access on R1, R2 and R3 devices. Use only show commands to troubleshoot the issues.
245 of 629
Cisco - 200-125
246 of 629
Cisco - 200-125
247 of 629
Cisco - 200-125
248 of 629
Cisco - 200-125
249 of 629
Cisco - 200-125
250 of 629
Cisco - 200-125
251 of 629
Cisco - 200-125
252 of 629
Cisco - 200-125
Users complain that they are unable to reach internet sites. You are troubleshooting internet connectivity
problem at main office. Which statement correctly identifies the problem on Router R1?
A. Interesting traffic for NAT ACL is incorrectly configured.
B. NAT configurations on the interfaces are incorrectly configured
C. NAT translation statement incorrectly configured.
D. Only static NAT translation configured for the server, missing Dynamic NAT or Dynamic NAT
overloading for internal networks.
Answer: B
Explanation
253 of 629
Cisco - 200-125
Which two Qos tools can provide congestion management?
A. CAR
B. CBWFQ
C. FRTS
D. PBR
E. PQ
Answer: B E
Which two benefits of implementing a full mesh wan topology are true? (Choose two
A. redundancy
B. reduced jitter
254 of 629
Cisco - 200-125
C. increased latency
D. improved scalability
E. reliability
Answer: A E
Which command can you enter to display the operational status of the network ports on a router?
A. show interface status
B. show ip interface brief
C. show running-config interface fastethernet 0/1
D. show interface switchport
Answer: B
255 of 629
Cisco - 200-125
256 of 629
Cisco - 200-125
257 of 629
Cisco - 200-125
Why did Branch1 router lose WAN connectivity with R1 router?
A. The IP address is misconfigured on PPP multilink interface on the Branch1 router.
B. The PPP multilink group is misconfigured on the £ranch1 serial interfaces.
C. The PPP multilink group is misconfigured on the R1 serial interfaces.
D. The Branch1 serial interfaces are placed in a shutdown condition.
Answer: A
258 of 629
Cisco - 200-125
Explanation
This question clearly stated there is a WAN connectivity issue between R1 and Branch1 so we should check
both of them with the “show ip interface brief” command. On R1:
On Branch1:
We can see that although the Multilink1 interfaces are in “up/up” state but they are not in the same subnet.
According to the IP address scheme shown on the topology we can deduce the Multilink interface on Branch1
has been misconfigured, it should be 192.168.14.2 instead.
Which three statements about the features of SNMPv2 and SNMPv3 are true? (Choose three.)
A. SNMPv3 enhanced SNMPv2 security features.
B. SNMPv3 added the Inform protocol message to SNMP.
C. SNMPv2 added the Inform protocol message to SNMP.
D.
259 of 629
Cisco - 200-125
D. SNMPv3 added the GetBulk protocol messages to SNMP.
E. SNMPv2 added the GetBulk protocol message to SNMP.
F. SNMPv2 added the GetNext protocol message to SNMP.
Answer: A C E
Explanation
SNMPv1/v2 can neither authenticate the source of a management message nor provide encryption. Without
authentication, it is possible for nonauthorized users to exercise SNMP network management functions. It is
also possible for nonauthorized users to eavesdrop on management information as it passes from managed
systems to the management system. Because of these deficiencies, many SNMPv1/v2 implementations are
limited to simply a read-only capability, reducing their utility to that of a network monitor; no network control
applications can be supported. To correct the security deficiencies of SNMPv1/v2, SNMPv3 was issued as a
set of Proposed Standards in January 1998. -> A is correct.
The two additional messages are added in SNMP2 (compared to SNMPv1)
GetBulkRequest The GetBulkRequest message enables an SNMP manager to access large chunks of data.
GetBulkRequest allows an agent to respond with as much information as will fit in the response PDU. Agents
that cannot provide values for all variables in a list will send partial information. -> E is correct.
InformRequest The InformRequest message allows NMS stations to share trap information. (Traps are issued
by SNMP agents when a device change occurs.) InformRequest messages are generally used between NMS
stations, not between NMS stations and agents. -> C is correct.
Note: These two messages are carried over SNMPv3.
Which of the following is a security best practice?
A. Use multifactor VPN authentication.
B. Use only commercially licensed software
C. Use only WiFi instead of Ethernet cabling
D. use only solid state hard drives in servers.
Answer: A
Drag the security features on the left to the specific security risks they help protect against on the right. (Not
all options are used.)
260 of 629
Cisco - 200-125
Answer:
Explanation
261 of 629
Cisco - 200-125
Scenario:
262 of 629
Cisco - 200-125
263 of 629
Cisco - 200-125
264 of 629
Cisco - 200-125
265 of 629
Cisco - 200-125
266 of 629
Cisco - 200-125
267 of 629
Cisco - 200-125
268 of 629
Cisco - 200-125
Why applications that are installed on PC's in R2 LAN network 10.100.20.0/24 are unable to communicate
with server1?
A. A standard ACL statement that is configured on R1 is blocking the traffic sourced from Server1
network.
B. A standard ACL statement that is configured on R2 is blocking the traffic sourced from Setver1
network.
269 of 629
Cisco - 200-125
C. A standard ACL statement that is configured on R2 is blocking the traffic sourced from R2 LAN
network.
D. A standard ACL statement that is configured on R1 is blocking the traffic sourced from R2 LAM
network
Answer: B
Explanation
Check the below now:
An administrator is trying to ping and telnet from SwitchC to RouterC with the results shown below.
270 of 629
Cisco - 200-125
Click the console connected to RouterC and issue the appropriate commands to answer the questions.
271 of 629
Cisco - 200-125
272 of 629
Cisco - 200-125
273 of 629
Cisco - 200-125
274 of 629
Cisco - 200-125
What would be the effect of issuing the command ip access-group 115 in on the s0/0/1 interface?
A. No host could connect to RouterC through s0/0/1.
B. Telent and ping would work but routing updates would fail.
C. FTP, FTP-DATA, echo, and www would work but telent would fail.
D. Only traffic from the 10.4.4.0 network would pass through the interface.
Answer: D
Explanation
275 of 629
Cisco - 200-125
From the output of access-list 114: access-list 114 permit ip 10.4.4.0 0.0.0.255 any we can easily understand
that this access list allows all traffic (ip) from 10.4.4.0/24 network
Scenario:
issues.
276 of 629
Cisco - 200-125
277 of 629
Cisco - 200-125
278 of 629
Cisco - 200-125
279 of 629
Cisco - 200-125
280 of 629
Cisco - 200-125
281 of 629
Cisco - 200-125
282 of 629
Cisco - 200-125
283 of 629
Cisco - 200-125
284 of 629
Cisco - 200-125
285 of 629
Cisco - 200-125
286 of 629
Cisco - 200-125
287 of 629
Cisco - 200-125
288 of 629
Cisco - 200-125
289 of 629
Cisco - 200-125
290 of 629
Cisco - 200-125
291 of 629
Cisco - 200-125
292 of 629
Cisco - 200-125
293 of 629
Cisco - 200-125
294 of 629
Cisco - 200-125
295 of 629
Cisco - 200-125
296 of 629
Cisco - 200-125
297 of 629
Cisco - 200-125
298 of 629
Cisco - 200-125
299 of 629
Cisco - 200-125
300 of 629
Cisco - 200-125
301 of 629
Cisco - 200-125
Users in the main office complain that they are unable to reach internet sites.
You observe that internet traffic that is destined towards ISP router is not forwarded correctly on Router R1.
What could be an issue?
Ping to Internet server shows the following results from R1:
R1#ping 209.165.200.225
302 of 629
Cisco - 200-125
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 209.165.200.225. timeout is 2 seconds:
Success rate is 0 percent (0/5)
A. The next hop router address for the default route is incorrectly configured.
B. Default route pointing to ISP router is configured with AD of 255.
C. Default route pointing to ISP router is not configured on Router R1
D. Router R1 configured as DHCP client is not receiving default route via DHCP from ISP router.
Answer: C
Explanation
(Default Static Route will fix the problem to connect to ISP router)
303 of 629
Cisco - 200-125
Scenario
Refer to the topology. Your company has connected the routers R1, R2, and R3 with serial links. R2 and R3
are connected to the switches SW1 and SW2, respectively. SW1 and SW2 are also connected to the routers R4
and R5.
The EIGRP routing protocol is configured.
You are required to troubleshoot and resolve the EIGRP issues between the various routers.
Use the appropriate show commands to troubleshoot the issues.
304 of 629
Cisco - 200-125
305 of 629
Cisco - 200-125
306 of 629
Cisco - 200-125
307 of 629
Cisco - 200-125
308 of 629
Cisco - 200-125
Router R6 does not form an EIGRP neighbor relationship correctly with router R1. What is the cause for this
misconfiguration?
A. The K values mismatch.
B. The AS does not match.
C. The network command is missing.
D. The passive interface command is enabled.
Answer: C
Explanation
The link from R1 to R6 is shown below:
309 of 629
Cisco - 200-125
As you can see, they are both using e0/0. The IP addresses are in the 192.168.16.0 network:
310 of 629
Cisco - 200-125
But when we look at the EIGRP configuration, the “network 192.168.16.0” command is missing on R6.
A user is unable to connect to the Internet. Based on the layered approach to troubleshooting and beginning
311 of 629
Cisco - 200-125
with the lowest layer, drag each procedure on the left to its proper category on the right.
Answer:
Explanation
The question asks us to “begin with the lowest layer” so we have to begin with Layer 1: verify physical
connection; in this case an Ethernet cable connection. For your information, “verify Ethernet cable
connection” means that we check if the type of connection (crossover, straight-through, rollover…) is correct,
the RJ45 headers are plugged in, the signal on the cable is acceptable…
Next we “verify NIC operation”. We do this by simply making a ping to the loopback interface 127.0.0.1. If it
works then the NIC card (layer 1, 2) and TCP/IP stack (layer 3) are working properly.
Verify IP configuration belongs to layer 3. For example, checking if the IP can be assignable for host, the PC’s
IP is in the same network with the gateway…
312 of 629
Cisco - 200-125
Verifying the URL by typing in your browser some popular websites like google.com, microsoft.com to assure
that the far end server is not down (it sometimes make we think we can’t access to the Internet). We are using
a URL so this step belongs to layer 7 of the OSI model.
Which two address are defined as private ip addresses ? (Choose two.)
A. 192.169.32.10
B. 10.172.76.200
C. 172.15.2.250
D. 12.17.1.20
E. 172.31.255.100
Answer: B E
313 of 629
Cisco - 200-125
314 of 629
Cisco - 200-125
315 of 629
Cisco - 200-125
Why has the Branch3 router lost connectivity with R1?
Use only show commands to troubleshoot because usage of the debug command is restricted on the Branch3
and R1 routers.
A. A PPP chap hostname mismatch is noticed between Branch3 and R1.
B. A PPP chap password mismatch is noticed between Branch3 and R1.
C. PPP encapsulation is not configured on Branch3.
D.
316 of 629
Cisco - 200-125
D. The PPP chap hostname and PPP chap password commands are missing on the Branch3 router.
Answer: A
Explanation
First we should check Branch3 (and R1) with the “show ip interface brief” command to find any Layer1/Layer
2 issue.
We see the interfaces connecting between them are in “up/down” states which indicates an Layer 2 issue so we
should check the configuration of these interfaces carefully with the “show running-config” command and pay
attention to these interfaces.
and on Branch3:
We learn from above config is R1 is using CHAP to authenticate Branch3 router (via the “ppp authentication
chap” command on R1). Branch3 router is sending CHAP hostname “Branch_3” and CHAP password
“Branch3_Secret!” to R1 to be authenticated. Therefore we should check if R1 has already been configured
317 of 629
Cisco - 200-125
with such username and password or not with the “show running-config” command on R1:
R1_show_run_username.jpg
On R1 we see the configured username is “Branch3”, not “Branch_3” so the usernames here are mismatched
and this is the problem -> Answer A is correct.
Drag and drop the QoS features from the left onto the correct descriptions on the right
Answer:
318 of 629
Cisco - 200-125
Explanation
Best effort = service level that provides basic connectivity without differentiation
CAR = Polices traffic based on its bandwidth allocation
Hard Qos = service level that provides reserved network resources
NBAR = identification tool ideal for handling web application
PBR = uses route maps to match traffic criteria
Soft Qos = service level that provides preferred handling
http://docwiki.cisco.com/wiki/Quality_of_Service_Networking#CAR:_Setting_IP_Precedence
319 of 629
Cisco - 200-125
You have discovered that computers on the 192 168 10 0/24 network can ping their default gateway, but they
cannot connect to any resources on a remote network Which reason for the problem is most likely true?
A. The 192.168.12 0/24 network is missing from OSPF
B. The OSPF process ID is incorrect
C. The OSPF area number is incorrect.
D. An ARP table entry is missing for 192.168.10.0.
E. A VLAN number is incorrect for 192.168.10.0.
Answer: A
What feature you should use to analyse and monitor your traffic for troubleshooting?
A. RSPAN
B. SPAN
C. Netflow
D. SNMP
Answer: C
320 of 629
Cisco - 200-125
What are three features of the IPv6 protocol?
(Choose three.)
A. optional IPsec
B. autoconfiguration
C. no broadcasts
D. complicated header
E. plug-and-play
F. checksums
Answer: B C E
Explanation
An important feature of IPv6 is that it allows plug and play option to the network devices by allowing them to
configure themselves independently. It is possible to plug a node into an IPv6 network without requiring any
human intervention. This feature was critical to allow network connectivity to an increasing number of mobile
devices. This is accomplished by autoconfiguration.
IPv6 does not implement traditional IP broadcast, i.e. the transmission of a packet to all hosts on the attached
link using a special broadcast address, and therefore does not define broadcast addresses. In IPv6, the same
result can be achieved by sending a packet to the link-local all nodes multicast group at address ff02::1, which
is analogous to IPv4 multicast to address 224.0.0.1.
A network administrator enters the following command on a router: logging trap 3. What are three message
types that will be sent to the Syslog server? (Choose three.)
A. informational
B. emergency
C. warning
D. critical
E. debug
F. error
Answer: B D F
321 of 629
Cisco - 200-125
Explanation
The Message Logging is divided into 8 levels as listed below:
Level
Keyword
Description
emergencies
System is unusable
alerts
Immediate action is needed
critical
Critical conditions exist
errors
Error conditions exist
warnings
Warning conditions exist
notification
Normal, but significant, conditions exist
informational
Informational messages
322 of 629
Cisco - 200-125
debugging
Debugging messages
If you specify a level with the “logging trap level” command, that level and all the higher levels will be
logged. For example, by using the “logging trap 3 command, all the logging of emergencies, alerts, critical,
and errors, will be logged.
Which two statements about ipv6 any cast addresses are true ?
A. They receive packets on the closest interface that is dissolved by the routing protocol
B. They are used in conjunction with source specific multicast for ipv6
C. They are allocated from the ipv6 broadcast address space
D. They are allocated from the ipv6 unicast address space
E. They use the prefix fC00: /8
Answer: A D
Drag and drop the benefits of a cisco wireless Lan controller from the left onto the correct examples on the
right
323 of 629
Cisco - 200-125
Answer:
Explanation
324 of 629
Cisco - 200-125
You are implementing ElGRP between the main office and branch offices. In Phase 1 you must implement and
verify EIGRP configurations as mentioned in the topology in Phase 2. your colleague is expected to do NAT
and ISP configurations
Identity the issues that you are encountering during Phase 1 EIGRP implementation.
• Router R1 connects the main office to the Internet and routers R2 and R3 are internal routers
• Routers Branch 1 and Branch2 connect to router R2 in the main office.
• Users from the Branch1 LAN network 10 20 40 0724 are expected to perform testing of the application that
is hosted on the servers in Server farm1, before servers are available for production
- The GRE tunnel is configured between R3 and Branch1, and traffic between server farm1 and Branch1 LAN
network 10 20 40 0/24 is routed through the GRE tunnel using static routes
• The link between Branch1 and Branch2 is used as a secondary path in the event of failure of the primary path
to mam office
You have console access on R1. R2. R3. Branch1, and Branch2 devices Use only show commands to
troubleshoot the issues
Topology:
325 of 629
Cisco - 200-125
326 of 629
Cisco - 200-125
You are verifying the EIGRP configurations in the topology. Which statement is true?
A. Branch2 LAN network 172.16.11.0/24 is not advertised into the EIGRP network.
B. Branch2 LAN network 172 16.10 0/24 is not advertised into the EIGRP network
C. R3 server farm2 network 10.20.30.0/24 is not advertised into the EIGRP network.
D. Branch1 LAN network 172.16.12.0/24 is not advertised into the EIGRP network
Answer: B
What is a valid HSRP virtual MAC address?
A. 0000.5E00.01A3
B. 0007.B400.AE01
327 of 629
Cisco - 200-125
C. 0000.0C07.AC15
D. 0007.5E00.B301
Answer: C
Explanation
With HSRP, two or more devices support a virtual router with a fictitious MAC address and unique IP address.
There are two version of HSRP.
+ With HSRP version 1, the virtual router’s MAC address is 0000.0c07.ACxx , in which xx is the HSRP
group.
+ With HSRP version 2, the virtual MAC address if 0000.0C9F.Fxxx, in which xxx is the HSRP group.
Note: Another case is HSRP for IPv6, in which the MAC address range from 0005.73A0.0000 through
0005.73A0.0FFF.
Scenario:
issues.
328 of 629
Cisco - 200-125
329 of 629
Cisco - 200-125
330 of 629
Cisco - 200-125
331 of 629
Cisco - 200-125
332 of 629
Cisco - 200-125
333 of 629
Cisco - 200-125
334 of 629
Cisco - 200-125
335 of 629
Cisco - 200-125
336 of 629
Cisco - 200-125
337 of 629
Cisco - 200-125
338 of 629
Cisco - 200-125
339 of 629
Cisco - 200-125
340 of 629
Cisco - 200-125
341 of 629
Cisco - 200-125
342 of 629
Cisco - 200-125
343 of 629
Cisco - 200-125
344 of 629
Cisco - 200-125
345 of 629
Cisco - 200-125
346 of 629
Cisco - 200-125
347 of 629
Cisco - 200-125
348 of 629
Cisco - 200-125
349 of 629
Cisco - 200-125
350 of 629
Cisco - 200-125
351 of 629
Cisco - 200-125
352 of 629
Cisco - 200-125
353 of 629
Cisco - 200-125
Pending
Suggest your Answer for this question.
Which definition of a host route is true?
A. a route to the exact /32 destination address
354 of 629
Cisco - 200-125
B. a route used when a route to the destination network is missing
C. a dynamic route learned from a server
D. a route that is manually configured
Answer: A
Drag and Drop the PPPoE message types from the left into the sequence in which PPPoE messages are sent on
the right.
Answer:
355 of 629
Cisco - 200-125
Explanation
PADI
PADO
PADR
PADS
to mam office
Topology:
356 of 629
Cisco - 200-125
357 of 629
Cisco - 200-125
Examine the R1 routing table. None of the internal routes other than locally connected appear in the routing
table. Which cause of the issue is true?
A. EIGRP neighbor relationship was not formed due to AS mismatch between routers R1 and R2.
B. EIGRP neighbor relationship was not formed due to K values mismatch between routers R1 and R2.
C. EIGRP packets were blocked by the inbound ACL on R1.
D. IP address was misconfigured between the R1 and R2 interfaces.
Answer: C
Scenario:
358 of 629
Cisco - 200-125
359 of 629
Cisco - 200-125
360 of 629
Cisco - 200-125
361 of 629
Cisco - 200-125
R1 does not form an OSPF neighbor adjacency with R2. Which option would fix the issue?
A. R1 ethernet0/1 is shutdown. Configure no shutdown command.
B. R1 ethernet0/1 configured with a non-default OSPF hello interval of 25; configure no ip ospf
hello-interval 25.
362 of 629
Cisco - 200-125
C. R2 ethernet0/1 and R3 ethernet0/0 are configured with a non-default OSPF hello interval of 25;
configure no ip ospf hello-interval 25.
D. Enable OSPF for R1 ethernet0/1; configure ip ospf 1 area 0 command under ethernet0/1.
Answer: B
Explanation
Looking at the configuration of R1, we see that R1 is configured with a hello interval of 25 on interface
Ethernet 0/1 while R2 is left with the default of 10 (not configured).
363 of 629
Cisco - 200-125
Drag and drop the DNS lookup commands from the left onto the correct effects on the right
364 of 629
Cisco - 200-125
Answer:
Explanation
365 of 629
Cisco - 200-125
to mam office
Topology:
366 of 629
Cisco - 200-125
367 of 629
Cisco - 200-125
The traffic from Branch2 to the main office is using the secondary path instead of the primary path connected
to R2. Which cause of the issue is true?
A. The network 192.163.11,0/30 was not advertised into EIGRP on Branch2.
B. The IP address was misconfigured between the Branch2 and R2 interfaces.
C. EIGRP packets were blocked by the inbound ACL on Branch2.
D. The primary path has more link delay configured then secondary path which causes EIGRP to choose
the secondary path.
Answer: B
For which two reasons might you choose chassis aggregation instead of stacking switches? (Choose two)
A. to avoid the use of a centralized configuration manager
368 of 629
Cisco - 200-125
B. to increase the maximum port count
C. to increase the number of devices in use
D. to allow hot-swapping modules
E. to avoid relying solely on Ethernet interfaces
Answer: B C
Which two statements about EUI-64 addressing are true? (Choose two)
A. A 64-bit interface identifier is derived from the interface MAC address
B. A 96-bit interface identifier is derived from the interface MAC address.
C. A locally administered address has the universal/local bit set to 0.
D. The address includes the hex digits FFFE after the first 24 bits of the interface MAC address
E. The address includes the hex digits FFFE after the last 24 bits of the interface MAC address
Answer: A D
Which option is the benefit of implementing an intelligent DNS for a cloud computing solution?
A. It reduces the need for a backup data center.
B. It can redirect user requests to locations that are using fewer network resources.
C. It enables the ISP to maintain DNS records automatically.
D. It eliminates the need for a GSS.
Answer: B
Drag and drop the values in a routing table from the left onto the correct meanings on the right .
369 of 629
Cisco - 200-125
Answer:
Explanation
370 of 629
Cisco - 200-125
Which two characteristics of an ICMP echo based IP SLA are true? (Choose two)
A. it requires a remote device to log and maintain collected data
B. it can use RSPAN to report network statistics to a designated remote port
C. it aggregates traffic statistics for reporting on a configurable basis
D. it generates continuous traffic to monitor network performance
E. it measures traffic to determine the reliability of a connection from a cisco router to a designated end
device.
Answer: A E
Which interface counter can you use to diagnose a duplex mismatch problem?
A. no earner
B. late collisions
C. giants
D. CRC errors
E.
371 of 629
Cisco - 200-125
E. deferred
F. runts
Answer: B
Scenario
and R5.
372 of 629
Cisco - 200-125
373 of 629
Cisco - 200-125
374 of 629
Cisco - 200-125
375 of 629
Cisco - 200-125
Which path does traffic take from R1 to R5?
A. The traffic goes through R2.
B. The traffic goes through R3.
C.
376 of 629
Cisco - 200-125
C. The traffic is equally load-balanced over R2 and R3.
D. The traffic is unequally load-balanced over R2 and R3.
Answer: A
Explanation
Using the “show ip int brief command” on R5 we can see the IP addresses assigned to this router. Then, using
the “show ip route” command on R1 we can see that to reach 10.5.5.5 and 10.5.5.55 the preferred path is via
Serial 1/3, which we see from the diagram is the link to R2.
Which two criteria must be met to support the ICMP echo IP SLA? (Choose two.)
A. The source and destination devices must be Cisco devices.
B. The source device must be a Cisco device, but the destination device can be from any vendor.
C. The source device must be runing Layer 2 services.
D. A default gateway must be configured for the source and destination devices.
E. The destination device must supporWhich command should you enter to configure a device as an NTP
server?t the echo protocol.
Answer: A E
377 of 629
Cisco - 200-125
to mam office
Topology:
378 of 629
Cisco - 200-125
379 of 629
Cisco - 200-125
The GRE tunnel between R3 and Branch1 is down. Which cause of the issue is true?
A. The tunnel source loopback0 interface is not advertised into EIGRP in Branch1.
B. The tunnel source loopback0 interface is not advertised into EIGRP in R3.
C. The EIGRP neighbor relationship was not formed due to EIGRP packets blocked by the inbound ACL
on R3.
D. The EIGRP neighbor relationship was not formed due the IP address being misconfigured between the
R2 and R3 interfaces.
Answer: B
What SNMP message alerts the manager to a condition on the network?
A. response
B.
380 of 629
Cisco - 200-125
B. get
C. trap
D. capture
Answer: C
Explanation
An agent can send unsolicited traps to the manager. Traps are messages alerting the SNMP manager to a
condition on the network. Traps can mean improper user authentication, restarts, link status (up or down),
MAC address tracking, closing of a TCP connection, loss of connection to a neighbor, or other significant
events.
Reference:
http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2950/software/release/12-1_9_ea1/configuration/guide/scg/s
Which two statements about stacking Cisco switches are true? (Choose two )
A. Each switch manages its own MAC address table.
B. It enables the administrator to manage multiple switches from a single management interface.
C. When a new master switch is elected, it queries the previous master for its running configuration
D. The administrator can create only one stack of switches in a network which is under the same
administrative domain
E. The administrator can add additional switches to the stack as demand increases
ON
Answer: B C
What is the first step in the NAT configuration process?
A. Define inside and outside interfaces.
B. Define public and private IP addresses.
C. Define IP address pools.
D. Define global and local interfaces.
381 of 629
Cisco - 200-125
Answer: A
Which three statements about IPv6 prefixes are true? (Choose three.)
A. FF00:/8 is used for IPv6 multicast.
B. FE80::/10 is used for link-local unicast.
C. FC00::/7 is used in private networks.
D. 2001::1/127 is used for loopback addresses.
E. FE80::/8 is used for link-local unicast.
F. FEC0::/10 is used for IPv6 broadcast.
Answer: A B C
What is the correct statement below after examining the R1 routing table?
A. Traffic that is destined to 10.10.10.0/24 from R1 LAN network uses static route instead RIPv2 Because
the static route AD that is configured is less than the AD of RIPv2
B. Traffic that is destined to 10.10.10.0/24 from R1 LAN network uses RIPv2 instead static route Because
the static route AD that is configured is higher than the AD of RIPv2
C. Traffic that is destined to 10.10.10.0/24 from R1 LAN network uses static route instead RIPv2 But the
traffic is forwarded to the ISP instead of the internal network.
D. Traffic that is destined to 10.10.10.0/24 from R1 LAN network uses RIPv2 instead static route Because
the static route AD that is configured is 255
Answer: B
Explanation
Configuration are below for the answer.
382 of 629
Cisco - 200-125
In which two formats can the IPv6 address fd15:0db8:0000:0000:0700:0003:400F:572B be written? (Choose
two.)
A. fd15:0db8:0000:0000:700:3:400F:527B
B. fd15::db8::700:3:400F:527B
C. fd15:db8:0::700:3:4F:527B
D. fd15:0db8::7:3:4F:527B
E. fd15:db8::700:3:400F:572B
Answer: A E
Which Layer 2 protocol encapsulation type supports synchronous and asynchronous circuits and has built-in
security mechanisms?
A. HDLC
B. PPP
C. X.25
D. Frame Relay
Answer: B
Explanation
PPP: Provides router-to-router and host-to-network connections over synchronous and asynchronous circuits.
PPP was designed to work with several network layer protocols, including IP. PPP also has built-in security
mechanisms, such as Password Authentication Protocol (PAP) and Challenge Handshake Authentication
Protocol (CHAP).
In an Ethernet network, under what two scenarios can devices transmit? (Choose two.)
383 of 629
Cisco - 200-125
A. when they receive a special token
B. when there is a carrier
C. when they detect no other devices are sending
D. when the medium is idle
E. when the server grants access
Answer: C D
Explanation
Ethernet network is a shared environment so all devices have the right to access to the medium. If more than
one device transmits simultaneously, the signals collide and cannot reach the destination.
If a device detects another device is sending, it will wait for a specified amount of time before attempting to
transmit.
When there is no traffic detected, a device will transmit its message. While this transmission is occurring, the
device continues to listen for traffic or collisions on the LAN. After the message is sent, the device returns to
its default listening mode.
384 of 629
Cisco - 200-125
385 of 629
Cisco - 200-125
386 of 629
Cisco - 200-125
Which statement about the router configurations is correct?
A. PPP PAP is authentication configured between Branch2 and R1.
B. Tunnel keepalives are not configured for the tunnel0 interface on Branch2 and R2.
C. The Branch2 LAN network 192.168.11 0/24 is not advertised into the EIGRP network.
D. The Branch3 LAW network 192.168.10.0/24 is not advertised into the EIGRP network.
E. PPP CHAP is authentication configured between Branch1 and R1.
387 of 629
Cisco - 200-125
Answer: D
Explanation
When we check Branch3 router we notice that “network 192.168.10.0” command is missing under “router
eigrp 100”
After you configure the ip dns spoofing command globally on a device, under which two conditions is DNS
spoofing enabled on the device? (Choose two)
A. The ip dns spoofing command is disabled on the local interface
B. The ip host command is disabled
C. All configured IP name server addresses are removed
D. The DNS server queue limit is disabled
E. The no ip domain lookup command is configured
Answer: B D
Explanation
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr_dns/configuration/15-mt/dns-15-mt-book/dns-config-dns.htm
Drag and drop the CSMA components from the left onto the correct descriptions on the right
388 of 629
Cisco - 200-125
Answer:
Explanation
Access mode used for Ethernet networks = 1-Persistent
389 of 629
Cisco - 200-125
Access mode used for Wi-fi networks = P-Persistent
Access mode used in the controller area network = O-persistent
Rules that define the system response when a collision occurs on an Ethernet network = CSMA/CD
Rules that define the system response when a collision occurs on a Wi-Fi network = CSMA/CA
In which STP state does MAC address learning take place on a PortFast-enabled port?
A. learning
B. listening
C. discarding
D. forwarding
Answer: D
Explanation
http://www.omnisecu.com/cisco-certified-network-associate-ccna/spanning-tree-port-states.php
390 of 629
Cisco - 200-125
391 of 629
Cisco - 200-125
392 of 629
Cisco - 200-125
Why is the Branch2 network 10.1 0.20.0/24 unable to communicate with the Server farm1 network 10.1
0.10.0/24 over the GRE tunnel?
A. The GRE tunnel destination is not configured on the R2 router.
B. The GRE tunnel destination is not configured on the Branch2 router.
C. The static route points to the tunnel0 interface that is misconfigured on the Branch2 router.
D. The static route points to the tunnel0 interface that is misconfigured on the R2 router.
393 of 629
Cisco - 200-125
Answer: C
Explanation
The Branch2 network is communicating to the Server farm, which is connected to R2, via GRE Tunnel so we
should check the GRE tunnel first to see if it is in “up/up” state with the “show ip interface brief” command on
the two routers.
On Branch2:
On R2:
We see interfaces Tunnel0 at two ends are “up/up” which are good so we should check for the routing part on
two routers with the “show running-config” command and pay attention to the static routing of each router. On
Branch2 we see:
R2_show_run_static.jpg
The destination IP address for this static route is not correct. It should be 192.168.24.1 (Tunnel0’s IP address
of R2), not 192.168.24.10 -> Answer C is correct.
Note: You can use the “show ip route” command to check the routing configuration on each router but if the
destination is not reachable (for example: we configure “ip route 10.10.10.0 255.255.255.0 192.168.24.10” on
Branch2, but if 192.168.24.10 is unknown then Branch2 router will not display this routing entry in its routing
table.
394 of 629
Cisco - 200-125
Scenario:
395 of 629
Cisco - 200-125
396 of 629
Cisco - 200-125
397 of 629
Cisco - 200-125
B. There is a Layer 2 issue; an encapsulation mismatch on serial links.
398 of 629
Cisco - 200-125
D. The R3 router ID is configured on R4.
Answer: A
Explanation
A show running-config command on R3 and R4 shows that R4 is incorrectly configured for area 2:
Which two states are the port states when RSTP has converged? (Choose two.)
A. discarding
B. listening
C. learning
D. forwarding
E. disabled
Answer: A D
Explanation
There are only three port states left in RSTP that correspond to the three possible operational states. The
802.1D disabled, blocking, and listening states are merged into a unique 802.1w discarding state.
399 of 629
Cisco - 200-125
STP (802.1D) Port State
RSTP (802.1w) Port State
Is Port Included in Active Topology?
Is Port Learning MAC Addresses?
Disabled
Discarding
No
No
Blocking
Discarding
No
No
Listening
Discarding
Yes
No
Learning
Learning
Yes
Yes
Forwarding
Forwarding
Yes
Yes
Reference:
http://www.cisco.com/en/US/tech/tk389/tk621/technologies_white_paper09186a0080094cfa.shtml#states
400 of 629
Cisco - 200-125
What is the danger of the permit any entry in a NAT access list?
A. It can lead to overloaded resources on the router.
B. It can cause too many addresses to be assigned to the same interface.
C. It can disable the overload command.
D. It prevents the correct translation of IP addresses on the inside network.
Answer: A
Scenario
and R5.
401 of 629
Cisco - 200-125
402 of 629
Cisco - 200-125
403 of 629
Cisco - 200-125
404 of 629
Cisco - 200-125
405 of 629
Cisco - 200-125
The loopback interfaces on R4 with the IP addresses of 10.4.4.4/32, 10.4.4.5/32, and 10.4.4.6/32 are not
appearing in the routing table of R5. Why are the interfaces missing?
A. The interfaces are shutdown, so they are not being advertised.
B. R4 has been incorrectly configured to be in another AS, so it does not peer with R5.
C. Automatic summarization is enabled, so only the 10.0.0.0 network is displayed.
D. The loopback addresses haven't been advertised, and the network command is missing on R4.
Answer: B
Explanation
For an EIGRP neighbor to form, the following must match:
- Neighbors must be in the same subnet
- K values
- AS numbers
- Authentication method and key strings
Here, we see that R4 is configured for EIGRP AS 2, when it should be AS 1.
406 of 629
Cisco - 200-125
407 of 629
Cisco - 200-125
Which three statements about HSRP operation are true? (Choose three.)
A. The virtual IP address and virtual MA+K44C address are active on the HSRP Master router.
B. The HSRP default timers are a 3 second hello interval and a 10 second dead interval.
C. HSRP supports only clear-text authentication.
D. The HSRP virtual IP address must be on a different subnet than the routers' interfaces on the same LAN.
E. The HSRP virtual IP address must be the same as one of the router's interface addresses on the LAN.
F. HSRP supports up to 255 groups per interface, enabling an administrative form of load balancing.
Answer: A B F
Based on the output below from SwitchB, Which Statement is True?
A. VLAN 40 is running the per VLAN Spanning Tree Protocol
B.
408 of 629
Cisco - 200-125
B. The Fa0/11 role confirms that SwitchB is the root bridge for VLAN 40
C. SwitchB is not the root bridge, because not all of the interface roles are designated
D. The MAC Address of the root bridge is 0017:596d.1580
Answer: C
Which two statements are true for multicast MAC address directions?
A. 01:00:5E:xx:xx:xx
B. one to one
C. 01 00 xx xxxxxxx
D. 02 xx xxxxxxx
E. one to many
Answer: A E
Explanation
Explanation
The Internet authorities have reserved the multicast address range of 01:00:5E:00:00:00 to 01:00:5E:7F:FF:FF
for Ethernet and Fiber Distributed Data Interface (FDDI) media access control (MAC) addresses.
Drag and drop the IPv6 IP addresses from the left onto the correct IPv6 address types on the right
409 of 629
Cisco - 200-125
Answer:
Explanation
FF01::1 = multicast
= unspecified
2020:10DB:0:0:85AB:800:52:7348 = Modified EUI-64
DB:FC:93:FF:FE:DB:05:0A = unicast
410 of 629
Cisco - 200-125
Drag and drop the BGP terms from the left onto the correct descriptions on the right
Answer:
411 of 629
Cisco - 200-125
Explanation
external BGP = peers are in different autonomous systems (AS)
internal BGP = peers are in the same autonomous systems
Autonomous System = separate network operating within one administrative domain
Private autonomous system (AS)= numbers which range from 64512 to 65535
Public AS = between 1 and 64511
Prefix = block of ip addresses
Drag and Drop the CSMA Components from the left onto the correct description on the right
412 of 629
Cisco - 200-125
Answer:
Explanation
413 of 629
Cisco - 200-125
Which option describes a benefit of a point-to-point leased line?
A. full-mesh capability
B. flexibility of design
C. low cost
D. simplicity of configuration
Answer: D
Which of the following correctly describe steps in the OSI data encapsulation process? (Choose two)
A. The transport layer divides a data stream into segments and may add reliability and flow control
information.
B. The data link layer adds physical source and destination addresses and an FCS to the segment.
C. Packets are created when the network layer encapsulates a frame with source and destination host
addresses and protocol-related control information.
D. Packets are created when the network layer adds Layer 3 addresses and control information to a
segment.
E.
414 of 629
Cisco - 200-125
E. The presentation layer translates bits into voltages for transmission across the physical link.
Answer: A D
Explanation
Explanation
The transport layer segments data into smaller pieces for transport. Each segment is assigned a sequence
number, so that the receiving device can reassemble the data on arrival.
The transport layer also use flow control to maximize the transfer rate while minimizing the requirements to
retransmit. For example, in TCP, basic flow control is implemented by acknowledgment by the receiver of the
receipt of data; the sender waits for this acknowledgment before sending the next part.
A national retail chain needs to design an IP addressing scheme to support a nationwide network. The
company needs a minimum of 300 sub-networks and a maximum of 50 host addresses per subnet. Working
with only one Class B address, which of the following subnet masks will support an appropriate addressing
scheme? (Choose two.)
A. 255.255.255.0
B. 255.255.255.128
C. 255.255.252.0
D. 255.255.255.224
E. 255.255.255.192
F. 255.255.248.0
Answer: B E
Explanation
Subnetting is used to break the network into smaller more efficient subnets to prevent excessive rates of
Ethernet packet collision in a large network. Such subnets can be arranged hierarchically, with the
organization's network address space (see also Autonomous System) partitioned into a tree-like structure.
Routers are used to manage traffic and constitute borders between subnets.
A routing prefix is the sequence of leading bits of an IP address that precede the portion of the address used as
host identifier. In IPv4 networks, the routing prefix is often expressed as a "subnet mask", which is a bit mask
covering the number of bits used in the prefix. An IPv4 subnet mask is frequently expressed in quad-dotted
decimal representation, e.g., 255.255.255.0 is the subnet mask for the 192.168.1.0 network with a 24-bit
routing prefix (192.168.1.0/24).
415 of 629
Cisco - 200-125
Which two benefits can you get by stacking cisco switches?(choose Two)
A. The stack enables any active member to take over as the master switch if the existing master fails.
B. Each switch in the stack can use a different IOS image
C. You can add or remove switches without taking the stack down
D. you can license the entire stack with a single master license
E. each switch in the stack handles the mac table independently from the others
Answer: A C
Scenario:
416 of 629
Cisco - 200-125
417 of 629
Cisco - 200-125
418 of 629
Cisco - 200-125
419 of 629
Cisco - 200-125
420 of 629
Cisco - 200-125
421 of 629
Cisco - 200-125
422 of 629
Cisco - 200-125
423 of 629
Cisco - 200-125
R1 router clock is synchronized with ISP router R2 is supposed to receive NTP updates from R1. But you
observe that R2 clock is not synchronized with R1. What is the reason R2 is not receiving NTP updates from
R1?
A. The IP address that is used in the NTP configuration on R2 router is incorrect.
B. The NTP server command not configured on R2 router.
C. R2 router Ethernet interface that is connected to R1 is placed in shutdown condition.
D. R1 router Ethernet interface that is connected to R2 is placed in shutdown condition.
Answer: A
Explanation
Check the below configuration for this
424 of 629
Cisco - 200-125
Drag and drop the IEEE standard Cable names from the left onto the correct cable types on the right?
425 of 629
Cisco - 200-125
Answer:
Explanation
426 of 629
Cisco - 200-125
Refer to the diagram.
All hosts have connectivity with one another. Which statements describe the addressing scheme that is in use
in the network? (Choose three.)
A. The subnet mask in use is 255.255.255.192.
B. The subnet mask in use is 255.255.255.128.
C.
427 of 629
Cisco - 200-125
C. The IP address 172.16.1.25 can be assigned to hosts in VLAN1
D. The IP address 172.16.1.205 can be assigned to hosts in VLAN1
E. The LAN interface of the router is configured with one IP address.
F. The LAN interface of the router is configured with multiple IP addresses.
Answer: B C F
Explanation
The subnet mask in use is 255.255.255.128: This is subnet mask will support up to 126 hosts, which is needed.
The IP address 172.16.1.25 can be assigned to hosts in VLAN1: The usable host range in this subnet is
172.16.1.1-172.16.1.126
The LAN interface of the router is configured with multiple IP addresses: The router will need 2 subinterfaces
for the single physical interface, one with an IP address that belongs in each VLAN.
Drag and drop the switching concepts from the left onto the correct descriptions on the right.
428 of 629
Cisco - 200-125
Answer:
Explanation
429 of 629
Cisco - 200-125
Which two statements about Cisco Discovery Protocol are true? (Choose two )
A. It is used to initiate a VTP server and client relationship.
B. It uses SNMP to share device information to an external server
C. It uses TLVs to share device information.
D. It runs on the data link layer only
E. It runs on the network layer and the data link layer.
Answer: C D
430 of 629
Cisco - 200-125
Given the output shown from this Cisco Catalyst 2950, what is the reason that interface FastEthernet 0/10 is
not the root port for VLAN 2?
A. This switch has more than one interface connected to the root network segment in VLAN 2.
B. This switch is running RSTP while the elected designated switch is running 802.1d Spanning Tree.
C. This switch interface has a higher path cost to the root bridge than another in the topology.
D. This switch has a lower bridge ID for VLAN 2 than the elected designated switch.
Answer: C
Explanation
Since the port is in the blocked status, we must assume that there is a shorter path to the root bridge elsewhere.
Drag and Drop the protocols from the left onto the correct IP traffic types on the right.
431 of 629
Cisco - 200-125
Answer:
Explanation
TCP
432 of 629
Cisco - 200-125
HTTP
SMTP
Telnet
UDP
DHCP
SNMP
VOIP
Which three circumstances can cause a GRE tunnel to be in an up/down state? (Choose three.)
A. The tunnel interface IP address is misconfigured.
B. The tunnel source interface is down.
C. A valid route to the destination address is missing from the routing table.
D. The tunnel address is routed through the tunnel itself.
E. The ISP is blocking the traffic.
F. An ACL is blocking the outbound traffic.
Answer: B C D
433 of 629
Cisco - 200-125
434 of 629
Cisco - 200-125
435 of 629
Cisco - 200-125
436 of 629
Cisco - 200-125
What would be the effect of issuing the command ip access-group 115 in on the s0/0/1 interface?
A. No host could connect to RouterC through s0/0/1.
B. Telnet and ping would work but routing updates would fail.
C. FTP, FTP-DATA, echo, and www would work but telnet would fail.
D. Only traffic from the 10.4.4.0 network would pass through the interface.
Answer: A
Explanation
437 of 629
Cisco - 200-125
First let’s see what was configured on interface S0/0/1:
Drag and drop the networking features or functions from the left onto the planes on which they operate
on the right .
Answer:
438 of 629
Cisco - 200-125
Explanation
439 of 629
Cisco - 200-125
Which two features can you enable on a switch to capture and analyze frames that transit an interface?
(Choose two)
A. SNMP
B. SPAN
C. NetFlow
D. RSPAN
E. IP SLA
Answer: B C
440 of 629
Cisco - 200-125
441 of 629
Cisco - 200-125
442 of 629
Cisco - 200-125
443 of 629
Cisco - 200-125
Which will fix the issue and allow ONLY ping to work while keeping telnet disabled?
A. Correctly assign an IP address to interface fa0/1.
B. Change the ip access-group command on fa0/0 from “in” to “out”.
C. Remove access-group 106 in from interface fa0/0 and add access-group 115 in.
D. Remove access-group 102 out from interface s0/0/0 and add access-group 114 in
E. Remove access-group 106 in from interface fa0/0 and add access-group 104 in.
Answer: E
444 of 629
Cisco - 200-125
Explanation
Let’s have a look at the access list 104:
The question does not ask about ftp traffic so we don’t care about the two first lines. The 3rd line denies all
telnet traffic and the 4th line allows icmp traffic to be sent (ping). Remember that the access list 104 is applied
on the inbound direction so the 5th line “access-list 104 deny icmp any any echo-reply” will not affect our
icmp traffic because the “echo-reply” message will be sent over the outbound direction.
If you change the weight and distance parameters on a device with an established bgp neighbor, which
additional task must you perform to allow two devices to continue exchanging routes ?
A. Change the weight and distance settings on the other device to match
B. reset the gateway interface
C. reset the BGP connections on the device
D. Clear the IP routers on the device
Answer: C
A new subnet with 60 hosts has been added to the network. Which subnet address should this network use to
provide enough usable addresses while wasting the fewest addresses?
A. 192.168.1.56/26
B.
445 of 629
Cisco - 200-125
B. 192.168.1.56/27
C. 192.168.1.64/26
D. 192.168.1.64/27
Answer: C
Explanation
A subnet with 60 host is 2*2*2*2*2*2 = 64 -2 == 62
6 bits needed for hosts part. Therefore subnet bits are 2 bits (8-6) in fourth octet.
8bits+ 8bits+ 8bits + 2bits = /26
/26 bits subnet is 24bits + 11000000 = 24bits + 192
256 – 192 = 64
0 -63
64 – 127
Which two statements about late collisions are true? (Choose two.)
A. They may indicate a duplex mismatch.
B. By definition, they occur after the 512th bit of the frame has been transmitted.
C. They indicate received frames that did not pass the FCS match.
D. They are frames that exceed 1518 bytes.
E. They occur when CRC errors and interference occur on the cable.
Answer: A B
Which two statements about Ethernet standards are true? (Choose two)
A. Ethernet is defined by IEEE standard 802.2.
B. Ethernet is defined by IEEE standard 802.3.
C.
446 of 629
Cisco - 200-125
C. Ethernet 10BASE-T does not support full-duplex.
D. When an Ethernet network uses CSMA/CD, it terminates transmission as soon as a collision occurs.
E. When an Ethernet network uses CSMA/CA. it terminates transmission as soon as a collision occurs.
Answer: B D
Which command would you configure globally on a Cisco router that would allow you to view directly
connected Cisco devices?
A. enable cdp
B. cdp enable
C. cdp run
D. run cdp
Answer: C
Explanation
CDP is enabled on Cisco routers by default. If you prefer not to use the CDP capability, disable it with the no
cdp run command. In order to reenable CDP, use the cdp run command in global configuration mode. The
“cdp enable” command is an interface command, not global.
A network technician is asked to design a small network with redundancy. The exhibit represents this design,
with all hosts configured in the same VLAN. What conclusions can be made about this design?
447 of 629
Cisco - 200-125
A. This design will function as intended.
B. Spanning-tree will need to be used.
C. The router will not accept the addressing scheme.
D. The connection between switches should be a trunk.
E. The router interfaces must be encapsulated with the 802.1Q protocol.
Answer: C
Explanation
Each interface on a router must be in a different network. If two interfaces are in the same network, the router
will not accept it and show error when the administrator assigns it.
When troubleshooting client DNS issues, which two tasks must you perform? (Choose two.)
A. Ping a public website IP address.
B. Determine whether a DHCP address has been assigned.
C. Determine whether the hardware address is correct.
D. Ping the DNS server.
E. Determine whether the name servers have been configured.
Answer: C D
448 of 629
Cisco - 200-125
What is the metric for the route from R1 to 192.168.10.1?
A. 2
B. 90
C. 110
D. 52778
Answer: D
Which two statements about LLDP are True? (Choose Two)
A. it enables systems to learn about one another over the data-link layer
B. it uses mandatory TLVs to discover the neighboring devices
C. it is implemented in accordance with the 802.11a specification
D. if functions at layer 2 and layer 3
E. it is a cisco-proprietary technology
449 of 629
Cisco - 200-125
Answer: A C
Which configuration register value can you set on a cisco device so that it ignores the NVRAM when it boots
?
A. 0x2120
B. 0x2124
C. 0x2102
D. 0x2142
Answer: D
Drag and drop the STP features from the left onto the correct descriptions on the right
Answer:
450 of 629
Cisco - 200-125
Explanation
Disables the switch port when it receives a BPDU = BPDU Filter
Drops all BPDUs received on the switch port = PortFast
Enable quick convergence when a direct link to a non-end device fails. = UplinkFast
Forces the switch to transition directly from the blocking state to the forwarding state = BPDU guard
Prevents the port from becoming a blocked port = root guard
Scenario:
451 of 629
Cisco - 200-125
452 of 629
Cisco - 200-125
453 of 629
Cisco - 200-125
454 of 629
Cisco - 200-125
455 of 629
Cisco - 200-125
456 of 629
Cisco - 200-125
457 of 629
Cisco - 200-125
458 of 629
Cisco - 200-125
Examine the DHCP configuration between R2 and R3; R2 is configured as the DHCP server and R3 as the
client. What is the reason R3 is not receiving the IP address via DHCP?
A. On R2. The network statement In the DHCP pool configuration is incorrectly configured.
B. On R3. DHCP is not enabled on the interface that is connected to R2.
C. On R2, the interface that is connected to R3 is in shutdown condition.
459 of 629
Cisco - 200-125
D. On R3, the interface that is connected to R2 is in shutdown condition.
Answer: B
Explanation
Please check the below:
Which three statements about Syslog utilization are true? (Choose three.)
A. Utilizing Syslog improves network performance.
B. The Syslog server automatically notifies the network administrator of network problems.
C. A Syslog server provides the storage space necessary to store log files without using router disk space.
D. There are more Syslog messages available within Cisco IOS than there are comparable SNMP trap
messages.
E. Enabling Syslog on a router automatically enables NTP for accurate time stamping.
F. A Syslog server helps in aggregation of logs and alerts.
Answer: C D F
Explanation
The Syslog sender sends a small (less than 1KB) text message to the Syslog receiver. The Syslog receiver is
460 of 629
Cisco - 200-125
commonly called "syslogd," "Syslog daemon," or "Syslog server." Syslog messages can be sent via UDP (port
514) and/or TCP (typically, port 5000). While there are some exceptions, such as SSL wrappers, this data is
typically sent in clear text over the network. A Syslog server provides the storage space necessary to store log
files without using router disk space.
In general, there are significantly more Syslog messages available within IOS as compared to SNMP Trap
messages. For example, a Cisco Catalyst 6500 switch running Cisco IOS Software Release 12.2(18)SXF
contains about 90 SNMP trap notification messages, but has more than 6000 Syslog event messages.
System logging is a method of collecting messages from devices to a server running a syslog daemon. Logging
to a central syslog server helps in aggregation of logs and alerts. Cisco devices can send their log messages to
a UNIX-style syslog service. A syslog service accepts messages and stores them in files, or prints them
according to a simple configuration file.
Reference: http://www.cisco.com/c/en/us/products/collat
eral/services/high-availability/white_paper_c11-557812.html
Scenario
and R5.
461 of 629
Cisco - 200-125
462 of 629
Cisco - 200-125
463 of 629
Cisco - 200-125
464 of 629
Cisco - 200-125
465 of 629
Cisco - 200-125
Study the following output taken on R1:
R1# Ping 10.5.5.55 source 10.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.5.5.55, timeout is 2 seconds:
Packet sent with a source address of 10.1.1.1
…….
Success rate is 0 percent (0/5)
Why are the pings failing?
A. The network statement is missing on R5.
B. The loopback interface is shut down on R5.
C. The network statement is missing on R1.
D. The IP address that is configured on the Lo1 interface on R5 is incorrect.
Answer: C
Explanation
466 of 629
Cisco - 200-125
R5 does not have a route to the 10.1.1.1 network, which is the loopback0 IP address of R1. When looking at
the EIGRP configuration on R1, we see that the 10.1.1.1 network statement is missing on R1.
467 of 629
Cisco - 200-125
Which type of device can be replaced by the use of sub interfaces for VLAN routing?
A. Layer 2 bridge
B. Layer 2 switch
C. Layer 3 switch
D. router
Answer: C
Scenario:
You work as Junior Network Engineer for RADO Network Ltd company. Your colleague has set up a Layer 2
network for testing purpose in one of your client locations. You must verify the configuration and fix if any
issues identified as per customer requirements.
Topology Details
- Three switches (SVV1. SW2, and SW3) are connected using Ethernet link as shown in the topology diagram.
- Server1 and PC1 are connected to SW1 and are assigned to VLAN 500 and VLAN 600 respectively.
- Server2 and PC2 are connected to SW2 and are assigned to VLAN 500 and VLAN 600 respectively.
- PC3 is connected to SW3 and assigned to VLAN 600.
Customer requirements
- Verify if switch ports are assigned in correct VLANs as per topology diagram Identify
and fix any misconfigurations found in three switches.
- Verify if trunk links are operational between switches and the IEEE 802.1 q trunk encapsulation method is
used Identrfy and fix if any misconfigurations are found in the trunk configuration
- You must make sure the ports connected between switches are set as trunk ports.
Special Note: To gain the maximum number you must make sure that VLANs are assigned to switch ports as
per customer requirements and make sure the trunk links are operational between switches Do not change
VLAN names and VLAN number that are already configured in the switches
468 of 629
Cisco - 200-125
See the explanation below:
Explanation
Switch 1 port E0/1 WAS CONNECTED TO A COMPUTER WITH A STRAIGHT THROUGH CABLE
AND AS WELL AS ROLLOVER CABLE (FOR CONFIGURATION OF SWITCH PORTS ON THIS
SWITCH) WHICH WAS SHOWN IN VLAN 600 IN THE DIAGRAM BUT ACTUALLY THAT PC WAS
NOT IN VLAN 600 AFTER CHECKING THE VLAN CONFIGURATION USING SHOW VLAN
COMMAND. INSTEAD THIS PORT WAS CONFIGURED IN VLAN 1. SO WE NEEDED TO PUT THAT
PC IN VAN 600 USING FOLLOWING COMMANDS-SW1(CONFIG)# INTERFACE
E0/0SW1(CONFIG-IF)#SWITCHPORT MODE ACCESSSW1(CONFIG-IF)#SWITCHPORT ACCESS
VLAN 600
NOW THE E0/0-PORT OF THIS SWITCH-SW1 WAS RECEIVING NATIVE VLAN MISMATCH FROM
469 of 629
Cisco - 200-125
SW3 SWITCH-PORT E0/1. ALSO E0/0 OF SW1 AND E0/1 OF SW3 WERE NOT IN TRUNKING MODE.
AND THE QUESTION WAS ASKED TO MAKE SURE THAT CONNECTION BETWEEN BOTH
SWITCHES SHOULD BE IN TRUNKING MODE WITH 802.1Q ENCAPSULATION ENABLEDSO USED
THE BELOW COMMANDS-SW1(CONFIG)#INT E0/0SW1(CONFIG-IF)#SWITCHPORT TRUNK
ENCAPSULATION DOT1QSW1(CONFIG-IF)# SWITCHPORT MODE TRUNK.
ON OTHER SWITCH WHICH IS SWITCH3
SW3(CONFIG)#INT E0/0SW3(CONFIG-IF)#SWITCHPORT TRUNK ENCAPSULATION

DOT1QSW3(CONFIG-IF)# SWITCHPORT MODE TRUNK.SW3(CONFIG-IF)# SWITCHPORT TRUNK
NATIVE VLAN 1
ALSO PORT E0/2 OF SW3 WAS CONNECTED TO SERVER AND IN VLAN 600 AND PORT E0/3 WAS
ASSIGNED TO VLAN 500 AND TO A COMPUTER AGAIN IN VLAN 500 ITSELF. SO THAT
COMPUTER HAD A CONSOLE CABLE CONNECTED TO SW3 AS WELL IN ORDER TO CONFIGURE
SW3 PORTS AS TRUNK PORTS AND SWITCHPORTS USING THE ABOVE STEPS FOR SW1 WHICH
WAS MENTIONED ABOVE.
SIMILARLY SW2 PORT E0/1 PORT WAS CONNECTED TO E0/4 PORT OF SW3 SO AGAIN TRUNK
LINK CONFIGURATIONS BETWEEN E0/1 AND E0/4 PORTS BETWEEN TWO SWITCHES NEED TO
EB DONE HERE. BUT YOU NEDD NOT TO AGAIN RUN THAT NATIVE VLAN COMMAND
CHANGE ON SW3 OR SW2 SINCE ON SW3 WE AKREADY CHANGED IN ABOVE STEP AND IN
SW2 ITS FINE IN VLAN 1 ONLY.
A COMPUTER WAS CONNECTED TO PORT E0/2 OF SW2 AND WAS IN VLAN 600 AND E0/3 WAS
CONNECTED TIO SERVER WHCH WAS IN VLAN 600 AGAIN. ALSO AGAIN THIS TIME THE
COMPUTER WAS CONNECTED TO THE SWITCH USING A CONSOLE CABLE ASWELL TO GIVE
YOU CONSOLE ACCESS TO CONFIGURE AND VERIFY THE CONFIGURATIONS ON SW2. SO JUST
VERIFY THE ACCESS PORTS ARE CORRECTLY ASSIGNED AND TRUNK PORTS AS WELL USING
BELOW COMMANDS.
Which type of address is the public IP address of a NAT device?
A. outside global
B. outside local
C. inside global
D. inside local
E. outside public
F. inside public
Answer: C
470 of 629
Cisco - 200-125
What parameter can be different on ports within an EtherChannel?
A. speed
B. DTP negotiation settings
C. trunk encapsulation
D. duplex
Answer: B
Explanation
For an etherchannel to come up, the speed, duplex and the trunk encapsulation must be the same on each end.
Which two are advantages of static routing when compared to dynamic routing? (Choose two.)
A. Configuration complexity decreases as network size increases.
B. Security increases because only the network administrator may change the routing table.
C. Route summarization is computed automatically by the router.
D. Routing tables adapt automatically to topology changes.
E. An efficient algorithm is used to build routing tables, using automatic updates.
F. Routing updates are automatically sent to neighbors.
G. Routing traffic load is reduced when used in stub network links.
Answer: B G
Explanation
Since static routing is a manual process, it can be argued that it is more secure (and more prone to human
errors) since the network administrator will need to make changes to the routing table directly. Also, in stub
networks where there is only a single uplink connection, the load is reduced as stub routers just need a single
static default route, instead of many routes that all have the same next hop IP address.
What SNMP message alerts the manager to a condition on the network?
A.
471 of 629
Cisco - 200-125
A. response
B. get
C. trap
D. capture
Answer: C
Explanation
An agent can send unsolicited traps to the manager. Traps are messages alerting the SNMP manager to a
condition on the network. Traps can mean improper user authentication, restarts, link status (up or down),
MAC address tracking, closing of a TCP connection, loss of connection to a neighbor, or other significant
events.
Reference:
http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2950/software/release/12-1_9_ea1/configuration/guide/scg/s
Which command can you enter to verify that a router is synced with a configured time source ?
A. Show ntp associations
B. show ntp authenticate
C. ntp server time
D. ntp authenticate
E. ntp associations
Answer: A
Drag and drop the DHCP client states from the left into the standard order in which the Client passes through
them on the right.
472 of 629
Cisco - 200-125
Answer:
473 of 629
Cisco - 200-125
Explanation
Initializing
Selecting
Requesting
Bound
Renewing
Rebinding
https://www.cisco.com/c/en/us/support/docs/ip/dynamic-address-allocation-resolution/27470-100.html
Which three are valid modes for a switch port used as a VLAN trunk? (Choose three.)
A. transparent
B. auto
C. on
D. desirable
E. blocking
F. forwarding
Answer: B C D
Explanation
These are the different types of trunk modes:
ON: This mode puts the port into permanent trunk mode and negotiates to convert the link into a trunk
link. The port becomes a trunk port even if the adjacent port does not agree to the change.
OFF: This mode puts the port into permanent non-trunk mode and negotiates to convert the link into a
non-trunk link. The port becomes a non-trunk port even if the adjacent port does not agree to the change.
Desirable: This mode causes the port to actively attempt to convert the link into a trunk link. The port
becomes a trunk port if the adjacent port is set to on, desirable, or auto mode.
Auto: This mode enables the port to convert the link into a trunk link. The port becomes a trunk port if
the adjacent port is set to on or desirable mode. This is the default mode for Fast and Gigabit Ethernet
474 of 629
Cisco - 200-125
ports.
Nonegotiate: This mode puts the port into permanent trunk mode, but does not allow the port to generate
Dynamic Trunking Protocol (DTP) frames. The adjacent port must be configured manually as a trunk
port to establish a trunk link.
Which three are benefits of VLANs? (Choose three.)
A. They increase the size of collision domains.
B. They allow logical grouping of users by function.
C. They can enhance network security.
D. They increase the size of broadcast domains while decreasing the number of collision domains.
E. They increase the number of broadcast domains while decreasing the size of the broadcast domains.
F. They simplify switch administration.
Answer: B C E
Explanation
Explanation
When using VLAN the number and size of collision domains remain the same ->
VLANs allow to group users by function, not by location or geography -> .
VLANs help minimize the incorrect configuration of VLANs so it enhances the security of the network -> .
VLAN increases the size of broadcast domains but does not decrease the number of collision domains ->
VLANs increase the number of broadcast domains while decreasing the size of the broadcast domains which
increase the utilization of the links. It is also a big advantage of VLAN -> .
VLANs are useful but they are more complex and need more administration ->
What are three characteristics of the TCP protocol? (Choose three.)
A. It uses a single SYN-ACK message to establish a connection.
B. The connection is established before data is transmitted.
C.
475 of 629
Cisco - 200-125
C. It ensures that all data is transmitted and received by the remote device.
D. It supports significantly higher transmission speeds than UDP.
E. It requires applications to determine when data packets must be retransmitted.
F. It uses separate SYN and ACK messages to establish a connection.
Answer: B C F
Which logging command can enable administrators to correlate syslog messages with millisecond precision?
A. no logging console
B. logging buffered 4
C. no logging monitor
D. service timestamps log datetime msec
E. logging host 10.2.0.21
Answer: D
Which step in the router boot process searches for an IOS image to load into the router?
A. bootstrap
B. POST
C. mini-IOS
D. ROMMON mode
Answer: A
Which two statements about configuring an EtherChannel on a Cisco switch are true? (Choose two.)
A. The interfaces configured in the EtherChannel must be on the same physical switch.
B.
476 of 629
Cisco - 200-125
B. The interfaces configured in the EtherChannel must operate at the same speed and duplex mode
C. An EtherChannel can operate in Layer 2 mode only.
D. The interfaces configured in the EtherChannel must be part of the same VLAN or trunk.
E. The interfaces configured in the EtherChannel must have the same STP port path cost
Answer: B D
477 of 629
Cisco - 200-125
Topic 4, New Pool Exam D
Which two commands should you enter to prevent a Cisco device from sharing information with upstream
devices? (Choose two)
A. R1(config)#no cdp enable
B. R1(config-if)#no cdp run
C. R1(config-if)#no cdp enable
D. R1(config)#no cdp run
E. R1(config)#no cdp advertise-v2
Answer: A E
Which two statements about static routing are true? (Choose two )
A. It provides only limited security unless the administrator performs additional configuration
B. Its default administrative distance is lower than EIGRP.
C. It allows packets to transit a different path if the topology changes
D. It allows the administrator to determine the entire path of a packet
E. Its initial implementation is more complex than OSPF.
Answer: B D
Which command should you enter to configure a DHCP client?
A. ip dhcp client
B. ip helper-address
C. ip address dhcp
478 of 629
Cisco - 200-125
D. ip dhcp pool
Answer: B
Which IP address can send traffic to all hosts on network 10.101.0.0/16?
A. 10.101.0.1
B. 10.101.254.254
C. 10.101.255.255
D. 224.0.0.1
Answer: A
Which IEEE mechanism is responsible for the authentication of devices when they attempt to connect to a
local network?
A. 802.1x
B. 802.3x
C. 802.11
D. 802.2x
Answer: A
Which symptom most commonly indicates that two connecting interfaces are configured with a duplex
mismatch?
A. interface with an up/down status
B. collisions on the interface
C. an interface with a down/down status
D. the spanning-tree process shutting down
Answer: B
479 of 629
Cisco - 200-125
Which two values must you specify to define a static route? (Choose two)
A. next-hop address or exit interface
B. incoming interface
C. source network and mask
D. administrative distance of the route
E. destination network and mask
Answer: A D
Which of these statements correctly describes the state of the switch once the boot process has been
completed?
A. More VLANs will need to be created for this switch.
B. As FastEthernet0/12 will be the last to come up, it will be blocked by STP.
C. The switch will need a different IOS code in order to support VLANs and STP.
D.
480 of 629
Cisco - 200-125
D. Remote access management of this switch will not be possible without configuration change.
Answer: D
Match the terms on the left with the appropriate OSI layer on the right. (Not all options are used)
Answer:
481 of 629
Cisco - 200-125
Explanation
Which command can you enter to display duplicate IP addresses that the DHCP server assigns?
A. show ip dhcp database 10.0.2.12
B.
482 of 629
Cisco - 200-125
B. show ip dhcp server statistics
C. show ip dhcp conflict 10.0.2.12
D. show ip dhcp binding 10.0.2.12
Answer: D
Refer to the exhibit. PC_1 is sending packets to the FTP server. Consider the packets as they leave RouterA
interface Fa0/0 towards RouterB. Drag the correct frame and packet address to their place in the table.
Answer:
483 of 629
Cisco - 200-125
Explanation
484 of 629
Cisco - 200-125
Which two statements describe the network shown in the graphic? (Choose two)
A. There are two broadcast domains in the network.
B. There are four broadcast domains in the network.
C. There are seven collision domains in the network.
D. There are six broadcast domains in the network.
E. There are five collision domains in the network.
F. There are four collision domains in the network.
Answer: A C
Which command should you enter on an interface in a vendor-neutral EtherChannel so that it will be selected
first to transmit packets?
A. lacp system-priority 1024
B. pagp port-priority 1024
C. lacp port-priority 1024
D. pagp system-priority 1024
485 of 629
Cisco - 200-125
Answer: A
The network administrator normally establishes a Telnet session with the switch from host A. However, host
A is unavailable. The administrator's attempt to telnet to the switch from host B fails, but pings to the other
two hosts are successful. What is the issue?
A. Host B and the switch need to be in the same subnet.
B. The switch interface connected to the router is down.
C. Host B needs to be assigned an IP address in VLAN 1.
D. The switch needs an appropriate default gateway assigned.
E. The switch interfaces need the appropriate IP addresses assigned.
Answer: D
Explanation
Ping was successful form host B to other hosts because of intervlan routing configured on router. But to
manage switch via telnet the VLAN32 on the switch needs to be configured interface vlan32 along with ip
address and its appropriate default-gateway address.
Since VLAN1 interface is already configure on switch Host A was able to telnet switch.
486 of 629
Cisco - 200-125
Which command should you use to display detailed information about EBGP peers?
A. show ip bgp
B. show ip bgp neighbors
C. show ip bgp summary
D. show ip bgp paths
Answer: D
You apply a new inbound access list to routers, blocking UDP packets to the HSRP group. Which two effects
does this action have on HSRP group process? (Choose two )
A. HSRP redundancy works as expected.
B. HSRP redundancy fails
C. The active router immediately becomes the standby router
D. Both the active and standby routers become active
E. The routers in the group generate duplicate IP address warnings
Answer: B D
For what two purposes does the Ethernet protocol use physical addresses? (Choose two)
A. to establish a priority system to determine which device gets to transmit first
B. to allow communication between different devices on the same network
C. to allow communication with devices on a different network
D. to uniquely identify devices at Layer 2
E. to allow detection of a remote device when its physical address is unknown
F. to differentiate a Layer 2 frame from a Layer 3 packet
Answer: B D
487 of 629
Cisco - 200-125
When an interface is configured with PortFast BPDU guard, how does interface respond when it receives a
BPDU?
A. It goes into an errdisable state.
B. It goes into a down/down state.
C. It becomes the root bridge for the configured VLAN.
D. It continues operating normally.
Answer: A
Which two features can mitigate spanning tree issues that are caused by broken fiber cables on interswitch
links? (Choose Two)
A. root guard
B. DTP
C. UDLD
D. BPDU guard
E. loop guard
Answer: D E
Which two tasks should you perform to begin troubleshooting a network problem? (Choose two)
A. Gather all the facts.
B. Monitor and verify the resolution
C. Define the problem as a set of symptoms and causes
D. Analyze the results.
E. Implement an action plan
488 of 629
Cisco - 200-125
Answer: A E
Which command should you enter to verify the priority of a router in an HSRP group?
A. show sessions
B. show interfaces
C. show hsrp
D. show standby
Answer: D
Which two commands can you use to configure a PAgP EtherChannel? (Choose two )
A. channel-group 10 mode desirable
B. channel-group 10 mode on
C. channel-group 10 mode active
D. channel-group 10 mode auto
E. channel-group 10 mode passive
Answer: A D
Which two pieces of information about a Cisco device can Cisco Discovery Protocol communicate? (Choose
two.)
A. the native VLAN
B. the VTP domain
C. the spanning tree protocol
D. the spanning-tree priority
E. the trunking protocol
Answer: B E
489 of 629
Cisco - 200-125
Refer to the Exhibit.
Which two facts about the routing table are true? (Choose two)
A. Nine different networks are within the 10.0.0.0/8 range.
B. The router uses interface GigabitEthernet0/0 to reach host address 10.111.35.106
C. Three different networks are within the 10.0.0.0/8 range.
D. The router uses interface Serial0/0/0/0 to reach network 192.168.1.0/24
E. The router uses interface Serial 0/0/0 to reach host address 10.43.76.123
Answer: A D
Which three options are switch port configuration, that can always avoid duplex mismatch errors between two
switches? (Choose three)
A. Set one side of the connection to full duplex and the other side to half duplex.
B.
490 of 629
Cisco - 200-125
B. Set both Sides of the connection to half duplex.
C. Set one side of the connection to auto-negotiate and the other side to hall duplex
D. Set both sides of the connection to full duplex
E. Set one side of the connection to auto-negotiate and the other side to full duplex.
F. Set both sides of the connection to auto-negotiate.
Answer: B D F
While troubleshooting a GRE tunnel interface issue, show interface command output displays tunnel status up,
but line protocol is down. Which reason for this problem is the most likely?
A. The route to the tunnel destination address is through the tunnel itself.
B. The tunnel was just reset.
C. The interface has been administratively shut down.
D. The next hop server is misconfigured.
Answer: A
Which two values can identify a switch stack on the network? (Choose two )
A. the bridge ID
B. the spanning tree priority
C. the switch BIA
D. the switch priority
E. the management IP address of the device
Answer: A D
Which two of these statements regarding mode allows traffic? (Choose two)
491 of 629
Cisco - 200-125
A. 802.1Q trunks require full-duplex, point-to-point connectivity.
B. 802.1Q trunking ports can also be secure ports.
C. 802.1Q native VLAN frames are always untagged and cannot be tagged.
D. 802.1Q trunks should have native VLANs that are the same at both ends.
E. 802.1Q native VLAN frames are untagged by default.
Answer: D E
Which two conditions can StackWise use to determine the master of the stack? (Choose two )
A. the lowest member priority
B. the lowest system MAC address
C. the greatest number of configured VLANs
D. the highest system MAC address
E. the highest member priority
Answer: B E
How does a Cisco IP phone handle untagged traffic that it receives from an attached PC?
A. It drops the traffic.
B. It allows the traffic to pass through unchanged.
C. It tags the traffic with the default VLAN
D. It tags the traffic with the native VLAN.
Answer: B
Explanation
Untagged data traffic from the device attached to the Cisco IP phone passes through the Cisco IP phone
unchanged, regardless of the trust state of the access port on the Cisco IP phone.
492 of 629
Cisco - 200-125
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SY/configuration/guide/sy_swcg/voip.pdf
Refer to the exhibit. Complete this network diagram by dragging the correct device name or description to the
correct location. Not all the names or descriptions will be used.
Answer:
493 of 629
Cisco - 200-125
Explanation
494 of 629
Cisco - 200-125
Which NAT function can map multiple inside addresses to a single outside address?
A. PAT
B. SFTP
C. RARP
D. TFTP
E. ARP
Answer: A
What is one benefit of PVST+?
A. PVST + reduces the CPU cycles for all the switches in the network.
B. PVST + automatically selects the root bridge location, to provide optimized bandwidth usage.
C. PVST + supports Layer 3 load balancing without loops.
D. PVST + allows the root switch location to be optimized per VLAN.
Answer: D
Which two benefits of implementing a full-mesh WAN topology are true? (Choose two)
A. increased latency
B. redundancy
C. reduced jitter
D. improved scalability
E. reliability
Answer: B E
495 of 629
Cisco - 200-125
Which chassis-aggregation technology combines two physical switches into one virtual switch?
A. LACP
B. VRRP
C. VSS
D. StackWise
Answer: C
Which type of access list compares source and destination IP addresses?
A. extended
B. standard
C. IP named
D. reflexive
Answer: A
Explanation
Extended ACLs compare the source and destination addresses of the IP packets to the addresses configured in
the ACL in order to control traffic. You can also make extended ACLs more granular and configured to filter
traffic by criteria such as: Protocol Port numbers Differentiated services code point (DSCP) value
Precedence value State of the synchronize sequence number (SYN) bit
496 of 629
Cisco - 200-125
The two connected ports on the switch are not turning orange or green. Which steps would be the most
effective to troubleshoot this physical layer problem?
A. Ensure the switch has power.
B. Reseat all cables.
C. Ensure cable A is plugged into a trunk port.
D. Ensure that the Ethernet encapsulations match on the interconnected router and switch ports.
E. Reboot all of the devices.
F. Ensure that cables A and are straight-through cables.
Answer: A B F
Which feature or method can you use to isolate physical layer problems on a serial link?
A. autonegotiation
B. UDLD
C. protocol analyzer
D. loopback tests
Answer: A
497 of 629
Cisco - 200-125
Which task do you need to perform first when you configure IP SLA to troubleshoot a network connectivity
issue?
A. Verify the ICMP echo operation
B. Specify the test frequency
C. Enable the ICMP echo operation.
D. Schedule the ICMP echo operation.
Answer: C
Which two descriptions of TACACS+ are true? (Choose two)
A. It can authorize specific router commands.
B. It encrypts only the password.
C. It separates authentication, authorization, and accounting functions
D. It combines authentication and authorization.
E. It uses UDP as its transport protocol
Answer: A C
Explanation
https://www.cisco.com/c/en/us/support/docs/security-vpn/remote-authentication-dial-user-service-radius/13838-10.html
Refer to the exhibit. PC_1 is exchanging packets with the FTP server. Consider the packets as they leave
RouterB interface Fa0/1 towards RouterA. Drag the correct frame and packet addresses to their place in the
table.
498 of 629
Cisco - 200-125
Answer:
499 of 629
Cisco - 200-125
Explanation
Source Mac AddressDestination Mac AddressSource IP addressDestination MAC address
MAC 0000.0c89.3333MAC 0000.0c89.9999 IP 172.16.34.250IP 172.16.21.7
A switch is configured with all ports assigned to VLAN 2 with full duplex FastEthernet to segment existing
departmental traffic. What is the effect of adding switch ports to a new VLAN on the switch?
A. More collision domains will be created.
B. IP address utilization will be more efficient.
C. More bandwidth will be required than was needed previously.
D.
500 of 629
Cisco - 200-125
D. An additional broadcast domain will be created.
Answer: D
Explanation
Each VLAN creates its own broadcast domain. Since this is a full duplex switch, each port is a separate
collision domain.
Which command should you enter to configure a single port to bypass the spanning-tree Forward and Delay
timers?
A. spanning-tree portfast
B. spanning-tree portfast default
C. spanning-tree portfast bpdufilter default
D. spanning-tree portfast bpduguard default
Answer: B
Which technology provides chassis redundancy in a VSS environment?
A. OBFD
B. Stack Wise
C. VRRP
D. multichassis EtherChannels
Answer: D
Which two operational modes are supported on the members of a StackWise switch stack? (Choose two)
A. power-sharing
B. passive
C. redundant
D.
501 of 629
Cisco - 200-125
D. standby
E. active
Answer: B E
What happens when you add a switch running an earlier IOS version to a StackWise configuration running a
later version?
A. The switch software upgrades the IOS version on the switch to match the version on the stack
B. The switch keeps its version of IOS and runs normally as part of the stack
C. The switch software downgrades the IOS version on the stack to match the version on the switch
D. The stack ignores the switch until you update the IOS version on the switch
Answer: A
Which IPv6 address is the all-router multicast group?
A. FF02::1
B. FF02::2
C. FF02::3
D. FF02::4
Answer: B
Explanation
Well-known IPv6 multicast addresses:
Address
Description
ff02::1
All nodes on the local network segment
ff02::2
502 of 629
Cisco - 200-125
All routers on the local network segment
In which three ways is an IPv6 header simpler than an IPv4 header? (Choose three.)
A. Unlike IPv4 headers, IPv6 headers have a fixed length.
B. IPv6 uses an extension header instead of the IPv4 Fragmentation field.
C. IPv6 headers eliminate the IPv4 Checksum field.
D. IPv6 headers use the Fragment Offset field in place of the IPv4 Fragmentation field.
E. IPv6 headers use a smaller Option field size than IPv4 headers.
F. IPv6 headers use a 4-bit TTL field, and IPv4 headers use an 8-bit TTL field.
Answer: A B C
Given the output shown from this Cisco switch, what is the reason that interface FastEthernet 0/10 is not the
root port for VLAN 2?
A. This switch has more than one interface connected to the root network segment in VLAN 2.
B. This switch is running RSTP while the elected designated switch is running 802.1d Spanning Tree.
C. This switch interface has a higher path cost to the root bridge than another in the topology.
D. This switch has a lower bridge ID for VLAN 2 than the elected designated switch.
Answer: C
Explanation
503 of 629
Cisco - 200-125
Since the port is in the blocked status, we must assume that there is a shorter path to the root bridge elsewhere.
Which command should you enter to configure an LLDP delay time of 5 seconds?
A. lldp reinit 5000
B. lldp reinit 5
C. lldp holdtime 5
D. lldp timer 5000
Answer: B
What is the simplest IP SLA operation that can measure end-to-end response time between devices?
A. ICMP path jitter
B. ICMP path echo
C. ICMP echo
D. ICMP Jitter
Answer: C
Which component of the Cisco SDN solution serves as the centralized management system?
A. Cisco OpenDaylight
B. Cisco ACI
C. Cisco APIC
D. Cisco IWAN
Answer: C
During which phase of PPPoE is PPP authentication performed?
504 of 629
Cisco - 200-125
A. the PPP Session phase
B. Phase 2
C. the Active Discovery phase
D. the Authentication phase
E. Phase 1
Answer: A
Which command is needed to send RIPv2 updates as broadcast when configured for RIPv2?
A. ip rip v2-broadcast
B. ip rip receive version 1
C. ip rip receive version 2
D. version 2
Answer: A
505 of 629
Cisco - 200-125
Topic 5, New Pool E (Latest)

What would be the effect of issuing the command Ip access-group 114 in to the fa0/0 inteface?
A. Attempts to telnet to the router would fail.
B. It would allow all traffic from the 10.4.4.0 network.
C. IP traffic would be passed through the interface but TCP and UDP traffic would not.
D. Routing protocol updates for the 10.4.4.0 network would not be accepted from we fa0/0 interface.
Answer: B
Explanation
From the output of access-list 114: access-list 114 permit ip 10.4.4.0 0.0.0.255 any we can easily understand
that this access list allows all traffic (ip) from 10.4.4.0/24 network
Which effect of the copy tftp:flash: command is true?
A. It copies the startup configuration from a remote server to the local device.
B. It copies the system image from the local device to a remote server.
C. It copies the running configuration from the local device to a remote server.
D. It copies the system image from a remote server to the local device.
Answer: D
Which command can you enter on a switch to display the IP addresses associated with connected devices?
A. show cdp interface
B. show cdp neighbors detail
C. show cdp neighbors
D. show cdp traffic
506 of 629
Cisco - 200-125
Answer: B
Which two statements about the tunnel mode ipv6ip command are true? (Choose two.)
A. It specifies that the tunnel is a Teredo tunnel.
B. It specifies IPv6 as the encapsulation protocol.
C. It enables the transmission of IPv6 packets within the configured tunnel.
D. It specifies IPv4 as the encapsulation protocol.
E. It specifies IPv6 as the transport protocol.
Answer: C D
When is the most appropriate time to escalate an issue that you are troubleshooting?
A. When you lack the proper resources to resolve the issue.
B. when you have gathered all available information about the issue.
C. When you have been unable to resolve the issue after 30 min
D. when a more urgent issue that requires your intervention is detected.
Answer: C
Which configuration gracefully brings down the line protocol status of a GRE tunnel interface if the tunnel
destination becomes unreachable?
A. Configure tunnel interface keepalives.
B. Configure a static route for the tunnel
C. Replace the tunnel with a loopback interface
D. Configure an IGP such as OSPF on the tunnel
Answer: C
507 of 629
Cisco - 200-125
Which three values can be included in the routing table of a router? (Choose three)
A. classful and classless destination addresses
B. source interfaces
C. Routgoing interfaces
D. source IP addresses
E. next hop IP address
F. destination IP addresses
Answer: C D F
Which condition that service password-encryption is enabled?
A. The enable secret is in clear text in the configuration.
B. The enable secret is encrypted in the configuration.
C. The local username password is in clear text in the configuration.
D. The local username password is encrypted in the configuration.
Answer: D
Which two statements about floating static routers are true? (Choose two)
A. They are used when a route to the destination network is missing.
B. They are used as backup routes when the primary route goes down.
C. They are dynamic routes that are learned from a server.
D. They have a higher administrative distance than the default static route administrative distance.
E. They are routes to the exact /32 destination address.
508 of 629
Cisco - 200-125
Answer: B D
Which step must you perform first to begin a TACACS+ configuration?
A. Configure a TACACS+ server.
B. Associate the TACACS+ server to an AAA group
C. Enable AAA services.
D. Configure a local user
Answer: C
Which two EtherChannel PAgP modes can you configure? (Choose two.)
A. active
B. passive
C. desirable
D. on
E. auto
Answer: C E
Which two commands back up a configuration to a remote server? (Choose two)
A. copy tftp running-config
B. copy tftp startup-config
C. copy running-config tftp
D. copy startup-config tftp
E. copy running-config startup-config
509 of 629
Cisco - 200-125
Answer: C E
A network engineer wants to allow a temporary entry for a remote user with a specific username and password
so that the user can acess the entire network over the Internet. Which ACL can be used?
A. dynamic
B. standard
C. extended
D. reflexive
Answer: A
Explanation
We can use a dynamic access list to authenticate a remote user with a specific username and password. The
authentication process is done by the router or a central access server such as a TACACS+ or RADIUS server.
The configuration of dynamic ACL can be read here:
https://www.cisco.com/en/US/tech/tk583/tk822/technologies_tech_note09186a0080094524.shtml
Refer to Exhibit:
How many broadcast domains are shown in the graphic assuming only the default VLAN is configured on the
switches?
A. one
B. two
C. six
510 of 629
Cisco - 200-125
D. twelve
Answer: A
Explanation
Only router can break up broadcast domains but in this exhibit no router is used so there is only 1 broadcast
domain.
For your information, there are 7 collision domains in this exhibit (6 collision domains between hubs &
switches + 1 collision between the two switches).
Which two statements about multicast addresses are true? (Choose two)
A. 01-00-53-ab-11-c1 is a multicast MAC address
B. 01-00-5e-7b-11-c1 is a multicast MAC address
C. They allow one-to-one communication
D. They allow one-to-many communication
E. 02-00-5e-7f-11-c1 is a multicast MAC address
Answer: A B
Which two descriptions of the default behavior of a router when you enter an invalid Cisco IOS CLI command
are true?
A. The router returns an error message.
B. The router queries the default DNS server for the invalid command.
C. The router prompts the user to enter an IP address.
D. The router sends a broadcast message in an attempt to resolve the invalid command to an IP address.
E. The router displays a system message prompting you to configure a DNS server.
F. The router interprets the invalid command as a hostname
Answer: A F
511 of 629
Cisco - 200-125
Which protocol is typically used for communication between an NMS and an agent on a network device?
A. syslog
B. MIB
C. SNMP
D. SMTP
Answer: C
Explanation
QUESTON NO: 56
Which feature enables a router to pass DHCPOFFER messages to other interfaces on the same router?
A. DHCP server address exclusions
B. DNS helper addresses
C. DHCP smart-relay
D. DHCP server boot files
Answer: C
Under which two circumstances is a switch port that is configured with PortFast BPDU guard error-disabled?
(Choose two.)
A. when a single IP address is configured on the switch
B. when the switch receives a request for an IP address from an individual PC
C. when a connected server has more than one VLAN configured on its NIC
D. when the switch receives a BPDU from a connected switch
E. when a wireless access point running in bridge mode is connected to a switch
Answer: C E
512 of 629
Cisco - 200-125
Which two statements about the route 172.61.3.16/28 are true? (Choose two)
A. It has a metric of 1
B. It is less preferred than dynamically learned routes
C. It is preferred over dynamically learned routes
D. It was learned from a remote router
E. It has a default administrative distance of 1
Answer: C E
Which two statements about LLDP are true? (Choose two.)
A. It enables systems to learn about one another over the data-link layer.
B. It is a Cisco-proprietary technology.
C. It is implemented in accordance with the 802.11a specification.
D. It uses mandatory TLVs to discover the neighboring devices.
E. It functions at Layer 2 and Layer 3.
Answer: A D
513 of 629
Cisco - 200-125
This following commands are executed on interface fa0/1 of 2950Switch.
The Ethernet frame that is shown arrives on interface fa0/1. What two function will occur when this frame is
received by 2950Switch? (Choose two.)
A. Hosts B and C may forward frames out fa0/1 but frames arriving from other switches will not be
forwarded out fa0/1.
B. Only host A will be allowed to transmit frames fa0/1.
C. The MAC address table will now have an additional entry of fa0/1 FFFF. FFFFF,FFFF.
D. This frame will be discarded when it is received by 2950Switch.
E. All frame arriving on 2950Switch with a destination of 0000. 00aa. Aaaa will be forwarded out fa0/1.
F. Only frame from source 0000. 00bb bbbb, the first learned MAC address of 2950Switch, will be
forwarded out fa0/1.
Answer: B E
Host 1 is trying to communicate with Host 2. The e0 interface on Router C is down.
514 of 629
Cisco - 200-125
Which of the following are true? (Choose two.)
A. Router C will use ICMP to inform Host 1 that Host 2 cannot be reached.
B. Router C will use ICMP to inform Router B that Host 2 cannot be reached.
C. Router C will use ICMP to inform Host 1, Router A, and Router B that Host 2 cannot be reached.
D. Router C will send a Destination Unreachable message type.
E. Router C will send a Router Selection message type.
F. Router C will send a Source Quench message type.
Answer: A D
Explanation
Host 1 is trying to communicate with Host 2. The e0 interface on Router C is down. Router C will send ICMP
packets to inform Host 1 that Host 2 cannot be reached.
Which command can you enter to configure a local username with an encrypted password and EXEC mode
user privileges?
A. Router(config)#username jdone privilege 15 password 0 PASSWORD1
B. Router(config)#username jdone privilege 1 password 7 08314d5d1aa8
C. Router(confi)##username jdone privilege 1 password 7 PASSWORD1
D. Router(config)#username jdone privilege 15 password 0 08314D5D1A48
Answer: B
515 of 629
Cisco - 200-125
What is the effect of the given configuration?
A. It configures an inactive switch virtual interface.
B. It configures an active management interface.
C. It configures the native VLAN.
D. It configures the default VLAN.
Answer: A
You have configured a router with an OSPF router. ID, but its IP address still the physical interface. Which
action can you take to correct the problem in the least disruptive way?
A. Reload the OSPF process.
B. Reload the router.
C. Specify the router.
D. Save the router configuration.
Answer: A
Which command allows you to set the administrative distance for EIGRP for IPv6?
A. metric weights
B. ipv6 summary-address eigrp
C. ipv6 next-hop-self eigrp
516 of 629
Cisco - 200-125
D. ipv6 bandwidth-percent eigrp
Answer: B
Which command is configured on a switch to enable neighbor discovery in a multivendor environment?
A. cdp run
B. lldp run
C. lldp transmit
D. lldp receive
Answer: B
What are two benefits of private IPv4 IP addresses? (Choose two.)
A. They can be assigned to devices not requiring Internet connections.
B. They eliminate the necessity for NAT policies.
C. They eliminate duplicate IP conflicts.
D. They are routed to the Internet the same as public IP addresses.
E. They are less costly than public IP addresses.
Answer: A E
517 of 629
Cisco - 200-125
If the devices produced the given output, what is the cause of the EtherChannel problem?
A. There is a speed mismatch between SW1's SW2's Fa0/1 interfaces.
B. There is an encapsulation mismatch between SW1's Fa0/1 and SW2's Fa0/1 interfaces.
C. SW1's Fa0/1 interface is administratively shut down.
D. There is an MYU mismatch between SW!'s Fa0/1 interfaces.
Answer: A
518 of 629
Cisco - 200-125
Which two statements about northbound and southbound APIs are true? (Choose two.)
A. Only southbound APIs allow program control of the network.
B. Both northbound and southbound APIs allow program control of the network.
C. Both northbound and southbound API interlaces use a Service Abstraction Layer.
D. Only northbound APIs allow program control of the network.
E. Only southbound AP| .interlaces use a Service Abstraction Layer.
F. Only northbound API interfaces use a Service Abstraction Layer.
Answer: D E
Which command can you enter to set the default route for all traffic to an IP address router interface?
A. router(confi)#ip router0.0.0.0 255.255.255.255GigabitEthernet0/1
B. router(config)#ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/1
C. router(config)#ip default-gateway GigabitEthernet0/1
D. router(config-router) #default-information originate
Answer: B
Which two conditions must be met before two devices can establish a BGP neighbor relationship? (Choose
two)
A. Cisco Discovery Protocol must be enabled on both devices.
B. a Local AS number must be assigned on each device.
C. The AS number of the neighbor must be configured on each device.
D. The two devices must be connected by a Layer 2 device.
E. An IGP must be running between the two devices.
Answer: B C
519 of 629
Cisco - 200-125
Which two technologies can combine multiple physical switches into one logical switch? (Choose two.)
A. StackWise
B. VSS
C. VRRP
D. GLBP
E. HSRP
Answer: A B
Which two pieces of information is displayed with the show ip eigrp interfaces command? (Choose two)
A. number of routes in the transmit queue of each EIGRP interface
B. transmit and receive rates of each local EIGRP interface
C. reliability of each EIGRP interface
D. number of directly connected EIGRP neighbors on each EIGRP interface
E. number of errors on each EIGRP interface
Answer: C D
Which two values are needed to run the APIC-EM ACL Analysis tool? (Choose two.)
A. destination address
B. protocol
C. source address
D. source port
E. periodic refresh interval
F. destination port
520 of 629
Cisco - 200-125
Answer: A D
Which QoS tool can you use to optimize voice traffic on a network that is primarily intended for data traffic?
A. WFQ
B. PQ
C. WRED
D. FIFO
Answer: A
Which three ports will be STP designated if all the links are operating at the same bandwidth? (Choose three.)
A. Switch A -Fa0/0
B. Switch A - Fa0/1
C. Switch B - Fa0/0
D. Switch B - Fa0/1
E. Switch C - Fa0/0
F. Switch C - Fa0/1
Answer: B C D
521 of 629
Cisco - 200-125
Which two addresses are broadcast addresses? (Choose two)
A. 172.17.210.255/24
B. 10.1.2.255/23
C. 10.1.0 255/23
D. 10.1.2.255/22
E. 10.1.1.255/23
Answer: A E
Which two statements about the extended tracerroute command are true? (Choose two)
A. It can validate the reply data
B. It can use a specified ToS
C. It can be repeated automatically at a specified interval
D. It can send packets from a specified interface or IP address
E. It can use a specified TTL value
Answer: B E
What two actions can be taken to secure the virtual terminal interfaces on a router? (Choose two.)
A. Administratively shut down the interface.
B. Physically secure the interface
C. Create an access list and apply it to the virtual terminal interfaces with the access-group command.
D. Enter an access list and apply it to the virtual terminal interfaces using the access command.
E. Configure a virtual terminal password and login process.
Answer: D E
522 of 629
Cisco - 200-125
If all routers on this network run RIPV2, which configuration should you apply router R3 to produce this
routing table
A. router rip
network 192.168.3.0
network 192.168.4.0
network 192.168.23.0
Passive-interface default.
B. router rip
Version 2
network 192.168.3.0
network 192.168.4.0
network 192.168.23.0
Distance 70
Passive-interface default
C. router
523 of 629
Cisco - 200-125
C.
network 192.168.3.0
network 192. 168.4.0
network 192.168.23.0
passive-interface default
D. router rip
Version 2
network 192.168.3.0
network 192.168.4.0
network 192.168.23.0
distance 70
passive-interface default
E. router rip
. version2
network 192.168.3.0
network 192.168.4.0
network 192. 168.23.0
Distance 50
Answer: D
Which two benefits of implementing point-to-point links for WAN connections are true? (Choose two)
A. You can configure multiple point-to-point connections on each interface.
B. They can provide dedicated capacity
C. They are a low-cost option
D. They operate with low latency
E. They can provide flexible routing.
524 of 629
Cisco - 200-125
Answer: B C
The server on this network is configured with an MTU of 9216, and the two interfaces on router R1 are
configured for MTUs of 2000 and 3000 as shown. What is the largest packet size that can pass between the
workstation and the server?
A. 1500 bytes
B. 2000 bytes
C. 3000 bytes
D. 9216 bytes
Answer: A
Which command is configure on a switch to enable neighbor discovery in a multivendor environment?
A. IIdp run
B. IIdp transmit
C. IIdp receive
D. cdp run
Answer: A
525 of 629
Cisco - 200-125
If all switches are configured with default values, which switch will take over when the primary root bridge
experiences a power loos?
A. switch 00E0.F90B.6BE3
B. switch 0040. 0BC0.90C5
C. switch 004.9A1A C182
D. switch 00E0 F726. 3D C6
Answer: C
Between which two states does a port transition when PortFast is enabled? (Choose two)
A. blocking
B. forwarding
C. active
D. listening
E. learning
Answer: A B
Which two routes originate from R1? (Choose two)
A. 172.20.20.21
B.
526 of 629
Cisco - 200-125
B. 192.168.10.0/24
C. 192.168.12.0/24
D. 192.168.11.0/24
E. 172.20.10.21
Answer: A D
Which two neighbor types are supported in a BGP environment? (Choose two)
A. remote
B. directly attached
C. external
D. autonomous
E. internal
Answer: C E
If Router R1 knows a static route to a destination network and then learns about the same destination through a
dynamic routing protocol does R1 respond?
A. it disables the routing protocol
B. it refuses to advertise the dynamic route to other neighbors
C. it prefers the static route
D. It sends a withdrawal notification to the neighboring router.
Answer: C
Which three elements are field in a basic Ethernet data frame? (Choose three.)
A. Preamble
527 of 629
Cisco - 200-125
B. Length/ Type
C. Header Checksum
D. Time to Live
E. Frame Check Sequence
F. Version
Answer: B D
Which two statements about private addresses are true? (Choose two)
A. They can be used without tracking or registration
B. They are used on a home network, they must be translated before they can connect to the Internet
C. They can traverse the Internet when an outbound ACL is applied.
D. The IP address authority issues them in conjunction with an autonomous system number
E. An individual enterprise network can use up to 65,536 private addresses
Answer: A B
Which benefit of a hub-and-spoke WAN topology is true?
A. It allows you to implement access restrictions between subscriber sites
B. It supports application optimization.
C. It supports Layer 2 VPNs
D. It allows you to provide direct connections between subscribers.
Answer: A
Which three advantages can static routing provide over dynamic routing? (Choose three)
528 of 629
Cisco - 200-125
A. Static routing is less time-consuming to manage in large networks than dynamic routing
B. Static routing requires fewer resources than dynamic routing
C. Static routes are more predictable than dynamic routes.
D. Unlike dynamic routing, static routing can operate normally without routine advertisements
E. Unlike dynamic routing, static routing allows the router to choose the best path
F. Unlike dynamic routing, static routing can automatically adjust the topology when traffic requires
rerouting
Answer: B C D
Which two tasks does a router perform when it receives a packet that is being forwarded from one network to
another? (Choose two.)
A. It removes the Layer 2 frame header and trailer.
B. It encapsulates the Layer 2 packet.
C. It removes the Layer 3 frame header and trailer.
D. It examines the routing table tor the best path to the destination IP address of the packet.
E. It examines the MAC address table for the forwarding interface.
Answer: A D
On which type of interface can you perform an ACL-based Path Trace with APIC-EM?
A. Layer 2
B. Layer 4
C. Layer 3
D. Layer 1
Answer: C
529 of 629
Cisco - 200-125
You are configuring IP SLA ICMP Echo operation to troubleshoot a networ connectivity issue. When do you
enter an IP address to test the IP SLA?
A. when you define the ICMP Echo operation
B. when you enable the ICMP Echo operation
C. when you verify the IP SLA operation
D. when you specify the test frequency
Answer: B
Which two pieces of information can you determine from the output of the show ntp status command?
(Choose two.)
A. whether the clock is synchronized
B. the NTP version number of the peer
C. the IP address of the peer to which the clock is synchronized
D. whether the NTP peer is statically configured ntp servers
E. the configured NTP servers
Answer: A C
Which command can you enter on a router to identify the path a packet takes to a remote device?
A. trace path
B. ping
C. debug Ip packet
D. traceroute
Answer: D
530 of 629
Cisco - 200-125
Which two are displayed with the show ipv6 ospf command? (Choose two)
A. transmit and receive rates of each local interface
B. OSPF interface of the local router
C. number of interfaces in each area on the device
D. number of times the SPF algorithm executed on the device
E. ID of the advertised router
Answer: C D
Which two commands can you enter to configure an interface to actively negotiate an EtherChannel? (Choose
two.)
A. channel-group 10 mode on
B. channel-group 10 mode passive
C. channel-group 10 mode active
D. channel-group 10 mode desirable
E. channel-group 10 mode auto
Answer: C D
531 of 629
Cisco - 200-125
HostA cannot ping HostB. Assuming routing is properly configured, what is the cause of this problem?
A. HostA is not on the same subnet as its default gateway.
B. The address of SwitchA is a subnet address.
C. The Fa0/0 interface on RouterA is on a subnet that can't be used.
D. The serial interfaces of the routers are not on the same subnet.
E. The Fa0/0 interface on RouterB is using a broadcast address.
Answer: D
Explanation
Now let’s find out the range of the networks on serial link:
For the network 192.168.1.62/27:
Increment: 32
Network address: 192.168.1.32
Broadcast address: 192.168.1.63
For the network 192.168.1.65/27:
Increment: 32
Network address: 192.168.1.64
532 of 629
Cisco - 200-125
Broadcast address: 192.168.1.95
-> These two IP addresses don’t belong to the same network and they can’t see each other.
Which two routes are using a link state protocol? (Choose two)
A. 172.20.30.21
B. 192.168.11.0/24
C. 172.20.20.21
D. 172.20.10.21
E. 192 168 10 0/24
Answer: B C
Which two descriptions of distance-vector routing protocols are true? (Choose two)
A. Each router is aware of only its neighbor routers.
B. Each router determines its own path to a destination.
C. Each router views the network as if it were the root of its own topology.
D. The hop count metric is used to determine the best path to a destination.
E. Each router in the network shares a database of known routes.
Answer: D E
533 of 629
Cisco - 200-125
Which three statements about link-state routing are true? (Choose three)
A. Updates are sent to a broadcast address.
B. Updates are sent to a multicast address by default.
C. Routes are updated when a change in topology occurs.
D. It uses split horizon.
E. OSPF is a link-state protocol.
F. RIP is a link-state protocol.
Answer: B C E
What authentication type is used by SNMPv2?
A. username and password
B. community strings
C. HMAC-SHA
D. HMAC-MD5
Answer: B
Which utility can you use to identify redundant or shadow rules?
A. the Cisco IWAN application
B. the Cisco APIC-EM automation scheduler
C. the ACL trace tool in Cisco APIC-EM
D. the ACL analysis tool in Cisco APIC-EM
Answer: D
534 of 629
Cisco - 200-125
Which option is the primary purpose of traffic shaping?
A. Providing best-effort service
B. limiting bandwidth usage
C. enabling policy-based routing
D. enabling dynamic flow identification
Answer: B
Which two QoS tools can you use to guarantee minimum bandwidth to certain traffic? (Choose two)
A. WFQ
B. RSVP
C. LLC
D. FIFO
E. CBWFQ
Answer: A E
Which two differences between distance -vector and link-state routing protocols are true?
A. Only distance-vector routing protocol send full routing table updates.
B. Only distance-vector routing protocol offer faster convergence than distance-vector protocol during
network changes.
C. Distance-vector routing protocols are less susceptible to loops than link-state protocols.
D. Only link-state routing protocols use can the Bellman-Ford algorithm.
Answer: C
Which two networking standards use copper cable? (Choose two)
535 of 629
Cisco - 200-125
A. 100BASE-LX
B. 10BASE-T
C. 802 11ac
D. 802.3d
E. 802.3
Answer: A B
Which two statements about IPv6 multicast addresses are true?(Choose two )
A. It the lifetime parameter is set to 1, the route is permanent
B. They use the prefix FF00:: /8.
C. They use the prefix FC80::/8.
D. If the scope parameter is set to 5, the route is local to the node
E. They identify a group of interfaces on different devices.
Answer: B E
Which symbol in the APIC-EM path Trace tool output indicates that an ACL is present and might deny
packets?
A)
B)
536 of 629
Cisco - 200-125
C)
D)
A. Option A
B. Option B
C. Option C
D. Option D
Answer: C
What are two advantages of static routing? (Choose two)
A. It cannot be used to load-balance traffic over multiple links
B. It allows the network to respond immediately to changes
C. It can be implemented easily even in large environments.
D. It allows the administrator to control the path of traffic
E. It produces minimal CPU load.
Answer: C D
Which condition that defines a DMVPN cloud is most important?
A. It is a Layer 2 MPLS cloud that includes devices in different physical locations.
B. It uses point-to-point links to connect hub pairs
C. It uses point-to-point links to connect the hub and spoke routers.
D. It uses mGRE tunnels to interconnect the hub and spoke routers.
537 of 629
Cisco - 200-125
Answer: D
Which two route codes indicate routes that use a Distance Vector Protocol? (Choose two)
A. C
B. D
C. O
D. R
E. S
Answer: B D
You are transitioning your organization’s DHCP and DNS cloud services to new provider. Which two public
cloud options can provide a secure and relatively easy migration? (Choose two)
A. Internet VPN
B. MPLS VPN
C. inter-cloud exchange
D. Internet
E. Ethernet WAN
Answer: A B
Which command should you enter to configure a device as an NTP sever?
538 of 629
Cisco - 200-125
A. ntp peer
B. ntp authenticate
C. ntp sever
D. ntp master
Answer: A
Explanation
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/system_management/503_n1_1/b_cisco_n5k
Which two statements about 1000BASE-T UTP cable are true? (Choose two)
A. It uses four wires.
B. It uses four wire pairs.
C. It is most appropriate for installations up to 1000 feet in length.
D. It is most appropriate for installations up to 1000 meters in length.
E. Both ends of the cable can transmit and receive simultaneously.
Answer: B E
Which two server types are used to support DNS lookup? (Choose two.)
A. web server
B. ESX host
C. authoritative name server
D. file transfer server
E. name resolver
Answer: A C
539 of 629
Cisco - 200-125
The network administrator must establish a route by which London workstations can forward traffic to the
Manchester workstations. What is the simplest way to accomplish this?
A. Configure a dynamic routing protocol on London to advertise all routes to Manchester.
B. Configure a dynamic routing protocol on London to advertise summarized routes to Manchester.
C. Configure a dynamic routing protocol on Manchester to advertise a default route to the London router.
D. Configure a static default route on London with a next hop of 10.1.1.1.
E. Configure a static route on London to direct all traffic destined for 172.16.0.0/22 to 10.1.1.2.
F. Configure Manchester to advertise a static default route to London.
Answer: E
Explanation
This static route will allow for communication to the Manchester workstations and it is better to use this more
specific route than a default route as traffic destined to the Internet will then not go out the London Internet
connection.
540 of 629
Cisco - 200-125
Which effects of the terminal monitor command is true?
If need more dump or exam mail me : rahmansumon2@gmail.com / skype: rahmansumon1
Cisco-microsoft-oracle-vmware-ceh-chfi-ecsa-ciso-A+,N+,itil-prince2-more exam get low price
A. It displays the configuration of the syslog server.
B. It configuration the device to log messages to the console.
C. it configures a syslog server
D. It pulls the device into global configuration mode.
Answer: A
You notice that packets that are sent from a local host to well-known service on TCP port 80 remote host are
sometimes lost. You suspect an ACL issue. Which two APIC-EM path Trace ACL-analysis option should you
use to troubleshooting the problem? (Choose two.)
A. destination port
B. QoS
C. debug
D. protocol
E. performance Monitor
Answer: A C
Which two fields are included in the TCP and UDP packet headers? (Choose two)
A. destination port
B. sequence number
C. checksum
D.
541 of 629
Cisco - 200-125
D. offset
E. window
Answer: A B
Which two statements about chassis aggregation with mLACP are true? (Choose two)
A. It supports full-duplex links only
B. It supports FastEthernet interfaces
C. MTP traffic flows on all members of port channel
D. It supports single neighbors only
E. It supports multiple neighbors
Answer: A D
What are two requirements for an HSRP group? (Choose two.)
A. one or more standby routers.
B. one or more backup virtual routers
C. exactly one standby active router
D. exactly one backup virtual router
E. exactly one active router
Answer: A E
Which three functions are major components of a network virtualization architecture? (Choose three.)
A. network access control
B. virtual network services
C. policy enforcement
542 of 629
Cisco - 200-125
D. authentication services
E. network resilience
F. path isolation
Answer: A B F
Explanation
Network virtualization architecture has three main components: + Network access control and segmentation of
classes of users: Users are authenticated and either allowed or denied into a logical partition. Users are
segmented into employees, contractors and consultants, and guests, with respective access to IT assets. This
component identifies users who are authorized to access the network and then places them into the appropriate
logical partition. + Path isolation: Network isolation is preserved across the entire enterprise: from the edge to
the campus to the WAN and back again. This component maintains traffic partitioned over a routed
infrastructure and transports traffic over and between isolated partitions. The function of mapping isolated
paths to VLANs and to virtual services is also performed in component.+ Network Services virtualization:
This component provides access to shared or dedicated network services such as security, quality of service
(QoS), and address management (Dynamic Host Configuration Protocol [DHCP] and Domain Name System
[DNS]). It also applies policy per partition and isolates application environments, if required.
Reference: http://www.cisco.com/c/en/us
/products/collateral/switches/catalyst-6500-series-switches/white_paper_c11-531522.pdf
Which prompt does a Cisco switch display when it is running in privileged exec mode?
A. switch>
B. switch#
C. switch(config)#
D. switch(config-if)#
Answer: B
Which two advantages do dynamic touting protocols provide over static routing? (Choose two)
A. Dynamic routing requires fewer resources than static routing.
B. Only dynamic routing is supported on all topologies that require multiple routers.
C. Dynamic routing protocols ate easier to manage on very large networks.
543 of 629
Cisco - 200-125
D. Dynamic routing protocols automatically adapt to reroute traffic it possible.
E. Dynamic routing is more secure than static routing.
Answer: C D
Which PPP subprotocol negotiates authentication options?
A. LCP
B. ISDN
C. DLCI
D. SLIP
E. NCP
Answer: A
Which utility can you use to identify the cause of a traffic-flow blockage between two devices ina network?
A. ACL analysis tool in APIC-EM
B. ACL path analysis tool in APIC-EM
C. APIC-EM automation scheduler
D. iWan application
Answer: B
Which command can you execute to set the user inactivity timer to 10 seconds?
A. SW1(config-line)#exec-timeout 0 10
B. SW1(config-line)#exec-timeout 10
C. SW1(config-line)#absolute-timeout 0 10
D.
544 of 629
Cisco - 200-125
D. SW1(config-line)#absolute-timeout 10
Answer: A
When EIGRP for IPv6 is configured, what is the effect of the distance 100 150 command?
A. It adds 100 to the external administrative distance and adds 150 to the internal administrative distance
B. It sets the internal EIGRP administrative distance to 100 and the external EIGRP administrative distance
to 150
C. It sets the external EIGRP administrative distance to 100 and the internal EIGRP administrative distance
to 150 E. It adds 10O to the internal administrative distance and adds 150 to the external administrative
distance
Answer: B
Drag and drop the extended traceroute options from the left onto the correct descriptions on the right.
Answer:
545 of 629
Cisco - 200-125
Explanation
546 of 629
Cisco - 200-125
An attempt to deny web access to a subnet blocks all traffic from the subnet. Which interface command
immediately removes the effect of ACL 102?
A. no ip access-class 102 in
B. no ip access-class 102 out
C. no ip access-group 102 in
D. no ip access-group 102 out
E. no ip access-list 102 in
Answer: D
Explanation
The “ip access-group” is used to apply and ACL to an interface. From the output shown, we know that the
ACL is applied to outbound traffic, so “no ip access-group 102 out” will remove the effect of this ACL.
Users on the 172.17.22.0 network cannot reach the server located on the 172.31.5.0 network. The network
administrator connected to router Coffee via the console port, issued the show ip route command, and was able
to ping the server.
547 of 629
Cisco - 200-125
Based on the output of the show ip route command and the topology shown in the graphic, what is the cause of
the failure?
A. The network has not fully converged.
B. IP routing is not enabled.
C. A static route is configured incorrectly.
D. The FastEthernet interface on Coffee is disabled.
E. The neighbor relationship table is not correctly updated.
F. The routing table on Coffee has not updated.
Answer: C
Explanation
The default route or the static route was configured with incorrect next-hop ip address 172.19.22.2. The
correct IP address will be 172.18.22.2 to reach server located on 172.31.5.0 network. IP route 0.0.0.0 0.0.0.0
172.18.22.2
Which API uses HTTP messages to transfer data to applications residing on different hosts?
A. OpFlex
B. OpenStack
C. REST
D. OpenFlow
Answer: C
548 of 629
Cisco - 200-125
Which cloud service is typically used to provide operating systems services to an enterprise?
A. SLBaaS
B. IaaS
C. PaaS
D. SaaS
Answer: C
Which two pieces of information are displayed with the show ipv6 ospf 5 multi-area command? (Choose
two)
A. Interface ID number
B. reliability of each local interface
C. local OSPF area
D. number of interfaces in the area
E. transmit and receive rates of each local interface
Answer: A D
Which two statements about the ip default-network command are true? (Choose two.)
A. It specifies the network that is used when the device cannot find an exact match in the routing table.
B. It can be configured on a Layer 2 switch to specify the next hop.
C. It specifies the network that is used when the device finds an exact match in the routing table.
D. It requires IP routing to be enabled on the device.
E. It requires IP routing to be disabled on the device.
Answer: C D
Explanation
549 of 629
Cisco - 200-125
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_pi/configuration/xe-3se/3650/iri-xe-3se-3650-book/iri-iprou
Drag and drop the Ethernet terms from the left onto the correct descriptions on the right.
Answer:
Explanation
Calculated value that can increase when a new station is added to a network
Ability of an end device to determine that another device is communicating on a shared link
550 of 629
Cisco - 200-125
Link used to transport data between a source and a destination
Which impact of the passive-interface serial0/0 command is true when configuring RIPv2?
A. The interface begins transmitting RIPvl and RIPv2 routes
B. The interface stops sending outbound routing updates.
C. The interface begins ignoring inbound routing updates
D. The interfile begins accepting RIPvl and RIPv2 routes
Answer: B
Which feature or utility enables a switch or router to monitor network performance and availability using a
responder?
A. traceroute
B. NetFlow
C. ping
D. IPSLA
Answer: D
A network administrator needs to configure port security on a switch. Which two statements are true? (Choose
two.)
A. The network administrator can apply port security to dynamic access ports.
B. When dynamic MAC address learning is enabled on an interface, the switch learns new addresses, up
the maximum defined.
C. The network administrator can configure static secure or sickly secure MAC address in the voice a
VLAN.
D. The sticky learning feature allows the addition of dynamic learned address to the running configuration.
E. The network administrator can apply security to EtherChennels.
551 of 629
Cisco - 200-125
Answer: B D
Which two values must you specify to perform an ACL-based Path Trace using APIC-EM? (Choose two)
A. destination port
B. source port
C. source interface
D. destination IP address
E. source IP address
Answer: D E
Which two statements about wireless controllers are true? (Choose two)
A. They provide Layer 2 services only
B. They can be configured as virtual controllers to support autonomous access points
C. They provide the configuration for managed access points on the network
D. They are intended to directly manage a small number of access points
E. At least one physical controller is needed to manage the virtual controllers of a network
F. They can facilitate load balancing between access points
Answer: C F
On which combinations are standard access lists based?
A. destination address and subnet mask
B. destination address and wildcard mask
C. source address and subnet mask
D. source address and wildcard mask
552 of 629
Cisco - 200-125
Answer: D
The network shown in diagram is experiencing connectivity problems. Which two configuration changes will
correct the problems? (Choose two.)
A. Configure the gateway on Host A as 10.1.1.1.
B. Configure the gateway on Host B as 10.1.2.254.
C. Configure the IP address of Host A as 10.1.2.2.
D. Configure the IP address of Host B as 10.1.2.2.
E. Configure the masks on both hosts to be 255.255.255.224.
F. Configure the masks on both hosts to be 255.255.255.240.
Answer: B D
Explanation
The switch 1 is configured with two VLANs: VLAN1 and VLAN2.
The IP information of member Host A in VLAN1 is as follows:
Address : 10.1.1.126
Mask : 255.255.255.0
Gateway : 10.1.1.254
553 of 629
Cisco - 200-125
The IP information of member Host B in VLAN2 is as follows:
Address : 10.1.1.12
Mask : 255.255.255.0
Gateway : 10.1.1.254
The configuration of sub-interface on router 2 is as follows:
Fa0/0.1 -- 10.1.1.254/24 VLAN1
Fa0/0.2 -- 10.1.2.254/24 VLAN2
It is obvious that the configurations of the gateways of members in VLAN2 and the associated network
segments are wrong. The layer3 addressing information of Host B should be modified as follows:
Address : 10.1.2.X
Mask : 255.255.255.0
Which command should you enter to configure a single port to discard inferior BPDUs?
A. spanning-tree portfast bpdufilter default
B. spanning-tree guard root
C. spanning-tree portfast bpduguard
D. spanning-tree portfast bpdufilter
Answer: C
Which two EXEC mode commands can simplify DHCP lease management? (Choose two)
A. release dhcp
B. no ip dhcp conflict logging
C. Renew dhcp
D. ip address dhcp
E. ip dhcp ping timeout 500
554 of 629
Cisco - 200-125
Answer: A C
Given this output for SwitchC, what should the network administrator's next action be?
A. Check the trunk encapsulation mode for SwitchC's fa0/1 port.
B. Check the duplex mode for SwitchC's fa0/1 port.
C. Check the duplex mode for SwitchA's fa0/2 port.
D. Check the trunk encapsulation mode for SwitchA's fa0/2 port.
Answer: C
Explanation
Here we can see that this port is configured for full duplex, so the next step would be to check the duplex
setting of the port on the other switch. A mismatched trunk encapsulation would not result in input errors and
CRC errors.
555 of 629
Cisco - 200-125
Which three commands can you use to set a router boot image? (Choose three.)
A. Router(config)#boot system flash c4500-p-mz .121-20.bin
B. Router(config)#boot flash:c180x adventerprisek9-mz-124-6T.bin
C. Router>noot flash:c180-adventerprisek9-mz-124-6t.bin
D. Router(confi)#boot bootldr bootflash:c4500-jk9s-mz.122-23f.bin
E. Router(config)#boot system tftp c7300-js-mz.122-33.SB8a.bin
F. Router(Configure)#boot system rom c7301-adviservicek9-mz.124-24.T4.bin
Answer: A F
Which two results occur when the ipv6 enable command is entered? (Choose two)
A. An IPv6 EUI-64 interface ID is configured automatically on the interface.
B. IPv6 is enabled on a single interface.
C. An IPv6 link-local unicast address is configured automatically on the interface.
D. The administrator is prompted to configure an IP address on the interface
E. IPv6 is enabled globally on the device.
Answer: B C
Which two addresses are defined as private IP addresses? (Choose two)
A. 172.31.255.100
B. 12.17.1.20
C. 172.15.2.250
D. 10.172.76.200
E. 192.109.32.10
556 of 629
Cisco - 200-125
Answer: A D
Which three options are types of Layer 2 network attacks? (Choose three.)
A. botnet attacks
B. spoofing attacks
C. brute force attacks
D. DDOS attacks
E. VLAN hooping
F. ARP attacks
Answer: B E F
Which BGP configuration do you need to apply to router R4 to allow traffic to flow normally on this network?
A. router bgp 1
no synchronization
neighbor 192.168.1.1 remote-as1
neighbor 192.168.2.1remote-as 1
neighbor 192.168.3.1 remote-as 5
no auto-summary
B.
557 of 629
Cisco - 200-125
B. router bgp 1
No synchronization
neighbor 192. 168.2.1ebgp-multihop 4
neighbor 192. 168.3.1remote-as 5
no auto-summary
C. router bgp 1
-multihop 4no synchronization
neighbor 192.168.1.1ebgp-multihop 4
neighbor 192.168.3.1ebgp-multihope
D. router bgp 1
no synchronization
no auto-summary
E. router bgp 1
no synchronization
558 of 629
Cisco - 200-125
F. router bgp 1
no synchronization
no auto-summary
neighbor 192.168.31ebgp-multihop 4
no auto-summary
G. router bpg 1
no synchronization
neighbor 192.168.2.1remove-as 1
Answer: D
Which two topology state codes are displayed with the show ip eigrp topology command? (Choose two)
A. A – Active
B. I – Inter-Area
C. U – Update
D. C – Connected
559 of 629
Cisco - 200-125
E. S – Static
Answer: A D
Which two types of NAT addresses are used in a Cisco NAT device? (Choose two.)
A. external global
B. inside local
C. inside private
D. external local
E. inside global
F. outside private
Answer: B E
Which two addresses can be used to communicate with more than one device at a time? (Choose two)
A. 01-00-53-ab-11-c1
B. 10.1.1.255/22
C. 01-00-5e-7b-11-c1
D. 10.1.2.255/23
E. 172.17.210.255/24
Answer: A C
Which factor must you take into consideration before deciding to use Metro Ethernet to connect to a WAN?
A. It is most appropriate for networks that are limited to a small geographic area
B. It requires VPLS to be supported by MPLS
C. It supports only point-to-point connections.
560 of 629
Cisco - 200-125
D. WAN aggregation is not supported.
Answer: B
Which two tasks must you perform to configure PPPoE on an interface? (Choose two)
A. Create a client dialer pool.
B. Enable PPPoE logging.
C. Enable PPPoE on the interface.
D. Enable PPPoE globally.
E. Configure a loopback interface.
Answer: C E
For which routes does the distance bgp 10 50 70 command set the administrative distance?
A. for BGP external routes only
B. for all BGP routes
C. between BGP routes and IGP routes
D. for BGP internal routes only
Answer: B
A Cisco router is booting and has just completed the POST process. It is now ready to find and load an IOS
image. What function does the router perform next?
A. It attempts to boot from a TFTP server.
B. It checks the configuration register.
C. It inspects the configuration file in NVRAM for boot instructions.
D. It loads the first image file in flash memory.
561 of 629
Cisco - 200-125
Answer: B
Which two tools do you use to troubleshoot DNS issues? (Choose two)
A. RFP tool
B. ping
C. Feature Navigator
D. Embedded Event Manager
E. traceroute
Answer: D E
Which two statements about wireless LAN controllers are true? (Choose two)
A. They can manage mobility policies at a systemwide level
B. They rely on external firewalls for WLAN security.
C. They can simplify the management and deployment of wireless LANs.
D. They are ideal for small wireless networks.
E. They must be configured through a GUI over HTTP or HTTPS.
Answer: A C
562 of 629
Cisco - 200-125
A technician has installed SwitchB and needs to configure it for remote access from the management
workstation connected to SwitchA. Which set of commands is required to accomplish this task?
A. SwitchB(config)# interface FastEthernet 0/1
SwitchB(config-if)# ip address 192.168.8.252 255.255.255.0
SwitchB(config-if)# no shutdown
B. SwitchB(config)# interface vlan 1
SwitchB(config-if)# ip default-gateway 192.168.8.254 255.255.255.0
C. SwitchB(config)# ip default-gateway 192.168.8.254
SwitchB(config)# interface vlan 1
D. SwitchB(config)# ip default-network 192.168.8.254
SwitchB(config)# interface vlan 1
E. SwitchB(config)# ip route 192.168.8.254 255.255.255.0
SwitchB(config)# interface FastEthernet 0/1
563 of 629
Cisco - 200-125
Answer: C
Explanation
To remote access to SwitchB, it must have a management IP address on a VLAN on that switch. Traditionally,
we often use VLAN 1 as the management VLAN (but in fact it is not secure).
In the exhibit, we can recognize that the Management Workstation is in a different subnet from the SwitchB.
For intersubnetwork communication to occur, you must configure at least one default gateway. This default
gateway is used to forward traffic originating from the switch only, not to forward traffic sent by devices
connected to the switch.
Which two statements about the data field in an Ethernet frame are true? (Choose two)
A. It includes 6 bytes of the source address and 6 bytes of the destination address
B. The frame is marked as a jumbo frame if the data field is more than 512 bytes in length
C. It can be padded so that the frame meets the minimum length requirement
D. It contains a 32-bit CRC.
E. The frame is marked as a runt if data field is less than 64 bytes in length
Answer: D E
Which functionality does split horizon provide?
A. It prevents routing loops in link-state protocols.
B. It prevents switching loops in distance-vector protocols.
C. It prevents routing loops in distance-vector protocols.
D. It prevents switching loops in link-state protocols.
Answer: C
564 of 629
Cisco - 200-125
Which two services can be provided by a wireless controller?
A. mitigating threats from the Internet
B. issuing IP addresses to wired devices
C. Layer 3 routing between wired and wireless devices
D. Providing authentication services to users
E. managing interface in a dense network
Answer: B D
Which two layers can be found in the TCP/IP model and the OSI model? (Choose two)
A. application
B. presentation
C. network
D. transport
E. physical
Answer: B D
Which IPv6 header field is equivalent to the TTL?
A. Hop Limit
B. Scan Timer
C. Hop Count
D. Flow Label
E. TTD
Answer: A
565 of 629
Cisco - 200-125
Which two statements about the APIC-EM ACL Trace tool are true? (Choose two)
A. Traffic analysis is performed for an entire path from source to destination, even if an ACL along the
path would have blocked the actual traffic
B. It analyzes egress traffic flow only
C. It can analyze ingress and egress traffic flows
D. It can ACL along the path from source to destination would have blocked the actual traffic, the traffic
analysis stops at that ACL.
E. If traffic matches more than one entry in a single ACL, higher and lower priority entries are applied
Answer: C D
Which two options are features of the extended ping command? (Choose two.)
A. It can send a specified number of packets.
B. It can resolve the destination host name.
C. It can ping multiple hosts at the same time.
D. It can send packets from a specified interface or IP address.
E. It can count the number of hops to the remote host.
Answer: A D
. Which two Layer 2 WAN transports are most appropriate to extend Ethernet over a WAN? (Choose two)
A. 802.1Q VLAN tagging
B. DMVPN
C. 4GLTE with VPN
D. Point-to-multipoint service
E. Point-to-point service
566 of 629
Cisco - 200-125
Answer: D E
Which command can you enter on a Cisco IOS device to enable a schedule algorithm that directs lookup calls
to multiple DNS hosts?
A. ip name-server 192.168.10.14.192.168.10.15
B. ip domain lookup
C. ip domain round-robin
D. ip domain list
Answer: A
After you enable routing on a switch, which two tasks must you perform to configure inter-VLAN routing on
an SVI interface? (Choose two)
A. Configure a routing protocol to route the traffic
B. Configure the ip default-gateway command on the switch
C. Configure an ACL to route only the necessary traffic
D. Configure an IP address on each VLAN interface.
E. Ensure that the target VLANs are present in the switch database
Answer: C E
Which command is used to enter IP SLA configuration mode?
A. icmp-echo
B. frequency
C. ip sla
D. enable
Answer: C
567 of 629
Cisco - 200-125
Which two commends can you use lo verity an IP SLA?? (Choose two.)
A. show Ip sla reaction-configuration
B. show ip sla statistics
C. show ip sla configuration
D. show ip sla application
E. show ip sla history
Answer: C D
What is the effect of configuring a server farm on a switch that operates in VLAN 20 using isolated ports?
A. Hosts in the server farm are unable to communicate with each other.
B. The primary VLAN and hosts are able to communicate with hosts on other VLANs
C. The primary VLAN and hosts are able to reach community ports.
D. The primary VLAN and hosts are able to communicate with each other
Answer: D
What ids the default Syslog facility level?
A. livcal4
B. local5
C. local7
D. local6
Answer: C
568 of 629
Cisco - 200-125
Which two design models can you use to deploy DMVPN? (Choose two)
A. WAN aggregation
B. DMVPN only
C. Internet VPN
D. DMVPN backup shared
E. dual DMVPN
F. DMVPN backup dedicated
Answer: B E
Which two statements about BPDU guard are true? (Choose two)
A. It is supported on trunk ports
B. It sends BPDUs on a port to maintain the up status.
C. It error-disables a PortFast-configured port when the port receives a BPDU.
D. It is required on private VLAN access ports
E. It is supported on non-trunking access ports
F. It can increase the likelihood of loops occurring in a network
Answer: C E
Which two commands can you use to troubleshoot DHCP issues? (Choose two)
A. service dhcps
B. ip helper-address
C. clear ip route dhcp
D. show ip route dhcp
E. show ip name-server
569 of 629
Cisco - 200-125
Answer: A B
Several users on your network have complained of connectivity issues to a specific host. While
troubleshooting task can you perform to eliminate DNS issues as the cause?
A. Connect to the host by its IP address
B. Verity the DHCP settings on the host
C. Verity that a valid route to the host is present in the routing table
D. Connect to the host by its FQDN
Answer: D
Which two characteristics of a link-state routing protocol are true? (Choose two)
A. Each router in the network maintains a separate routing database of its own neighbors.
B. Each router uses LSAs to exchange the information about the network topology.
C. Each router uses Dijkstra's algorithm to determine the shortest path.
D. Each router establishes an adjacency to every other router in the network
E. Each router uses the same path to each network in the topology.
Answer: B C
Refer to exhibit:
570 of 629
Cisco - 200-125
Which two destination addresses will be used by Host A to send data to Host C? (Choose two.)
A. the IP address of Switch 1
B. the MAC address of Switch 1
C. the IP address of Host C
D. the MAC address of Host C
E. the IP address of the router's E0 interface
F. the MAC address of the router's E0 interface
Answer: C F
Explanation
While transferring data through many different networks, the source and destination IP addresses are not
changed. Only the source and destination MAC addresses are changed. So in this case Host A will use the IP
address of Host C and the MAC address of E0 interface to send data. When the router receives this data, it
replaces the source MAC address with its own E1 interface’s MAC address and replaces the destination MAC
address with Host C’s MAC address before sending to Host C.
571 of 629
Cisco - 200-125
All of the routers in the network are configured with the ip subnet-zero command. Which network addresses
should be used for Link A and Network A? (Choose two.)
A. Network A - 172.16.3.48/26
B. Network A - 172.16.3.128/25
C. Network A - 172.16.3.192/26
D. Link A - 172.16.3.0/30
E. Link A - 172.16.3.40/30
F. Link A - 172.16.3.112/30
Answer: B D
Explanation
Only a /30 is needed for the point to point link and sine the use of the ip subnet-zero was used, 172.16.3.0/30
is valid. Also, a /25 is required for 120 hosts and again 172.16.3.128/25 is the best, valid option.
572 of 629
Cisco - 200-125
Topic 6, New Pool Exam F
Examine the R2 configuration. The traffic that is destined to the R3 LAN network that Is sourced from R2 is
forwarded to R1 instead of R3. What could be an issue?
A. RIPv2 routing updates are suppressed Between R2 and R3 using the passive interface feature
B. RIPv2 is enabled on R3 Out the R3 LAN network is not advertised into the RIPv2 domain.
C. There is no issue This behavior is normal because the default route is propagated into the RIPv2 domain
by R1.
D. RIPv2 is not enabled on R3.
Answer: D
What are two benefits that the UDP protocol provides for application traffic? (Choose two)
A. UDP maintains the connection state to provide more stable connections than TCP
B. The CTL field in the UDP packet header enables a three-way handshake to establish the connection.
C. UDP traffic has lower overhead than CTP traffic
D. The application can use checksum to verify the integrity of application data
E. UDP provides a built in recover mechanism to retransmit lost packets
Answer: B C
573 of 629
Cisco - 200-125
Which two circumstances can prevent two routers from establishing an ospf neighbor adjacency?
A. Mismatched autonomous system numbers
B. Mismatched hello timers and dead timers
C. An ACL blocking traffic from multicast address 224.0.0.10
D. Use of the same router id on both devices
E. Mismatched process ids
Answer: A B
Which two circumstances can prevent two routers from establishing an EIGRP neighbor adjacency ? (Choose
two.)
A. Both routers have the same router ID
B. The routers are on different subnets
C. The two routers have the same autonomous system number
D. The routers have mismatched K values.
E. An ACL is blocking traffic from multicast address 224.0.0.5.
Answer: C D
Which port security violation mode drops traffic from unknown MAC addresses and sends an SNMP trap?
A. protect
B. restrict
C. shutdown
D. shutdown VLAN
Answer: A
574 of 629
Cisco - 200-125
Which two statements correctly describe RADIUS? (Choose two)
A. It separates authentication, authorization, and accounting functions.
B. It can authorize specific router commands.
C. It encrypts only the password.
D. It combines authentication and authorization.
E. It uses TCP as its transport protocol
Answer: C D
Drag each route source from the left to the numbers on the right. Beginning with the lowest and ending with
the highest administrative distance.
Answer:
575 of 629
Cisco - 200-125
Explanation
Which value is used to build the can table
A.
576 of 629
Cisco - 200-125
A. Source ip address
B. Destination ip address
C. Destination MAC address
D. Source MAC address
Answer: C
Which two statements about IPv4 multicast traffic are true? (Choose two)
A. It is bandwidth-intensive.
B. It simultaneously delivers multiple streams of data
C. It is the most efficient way to deliver data to multiple receivers
D. It burdens the source host without affecting remote hosts.
E. It uses a minimum amount of network bandwidth.
Answer: B C
577 of 629
Cisco - 200-125
Which two statements about the network environment of router R1 must be true'? (Choose two )
A. A static default route to 10.85.33.14 was defined.
B. There are 20 different network masks within the 10 0 0 0/8 network
C. The EIGRP administrative distance was manually changed from 90 to 170.
D. The routes are equally load-balanced between Te0/1/0 100 and TeO/2/0 100
E. The 10 0 0 0/8 network was learned via external EIGRP
Answer: C D
Which two commands can you use to configure an LACP EtherChannel? (Choose two.)
578 of 629
Cisco - 200-125
A. channel-group 10 mode active
B. channel-group 10 mode auto
C. channel-group 10 mode on
D. channel-group 10 mode desirable
E. channel-group 10 mode passive
Answer: A D
Drag and drop each WAN design option on the left onto the correct description on the right.
Answer:
579 of 629
Cisco - 200-125
Explanation
Dual-homed = one router with two connections to the same ISP
Dual-multihomed = one or more router with redundant connections to two or more ISPs.
Single-homed = One router with a connection to an ISP
Single-multihomed = one or more routers with connections to two or more ISPs.
Which command can you enter to determine whether serial interface 0/2/0 has been configured using HDLC
encapsulation?
A. router#show ip Interface s02/0
B. router#show platform
C. router#show interfaces Serial 0/2/0
D. router#show ip interface brief
Answer: C
Which two facts must you take into account when you deploy pppoe? (Choose two)
A. An individual pvc can support one pppoe client?
B. DDR is not supported
C. DDR idle timers must be configured to support VPDN logging
D. You must manually configure ip addresses on the pppoe interface
E. Pppoe supports a maximum of 10 clients per customer premises equipment
Answer: C D
Which two commands should you enter to view the PID and serial number of a router? (Choose two)
A. show version
B.
580 of 629
Cisco - 200-125
B. show license udi
C. show license
D. show license status
E. show license feature
Answer: A C
Which command must you enter to guarantee that an HSRP router with higher priority becomes the HSRP
primary router after it is reloaded?
A. standby 10 preempt
B. standby 10 version 2
C. standby 10 version 1
D. Istandby 10 priority 150
Answer: D
Which address block identifies all link-local addresses?
A. FC00::/7
B. FC00-78
C. FE80::10
D. FF00::/8
Answer: C
What is the maximum number of switches that stackwise can support in one stack?
A. 6
B. 8
C.
581 of 629
Cisco - 200-125
C. 9
D. 10
Answer: C
Which two statements about router R1 are true? (Choose two )
A. The router is learning external OSPF and EIGRP routes
B. At least two IGP routing protocols are running on the router
C. The router has two EIGRP neighbors and one OSPF neighbor
D. At least three IGP routing protocols are running on the router
E. The router has an QSPF Area Q adiacencv with the device at 10.82.4.42
Answer: B D
582 of 629
Cisco - 200-125
Which two statements about PAP authentication in a PPP environment are true? (Choose two.)
A. It sends the password in clear text
B. It uses a username with an MD5 password to authenticate.
C. It is performed at the beginning of the session and is repeated periodically for as long as the session is
maintained
D. It is performed at the beginning of the session only
E. It hashes the password before sending it.
Answer: A D
Which two conditions can be used to elect the spanning-tree root bridge? (Choose two )
A. the lowest MAC address
B. the highest port priority
C. the lowest switch priority
D. the highest MAC address
E. the lowest system ID
Answer: A C
Which place handles switches traffic through a Cisco router ?
A. data
B. performance
C. control
D. management
Answer: A
583 of 629
Cisco - 200-125
Which port security violation mode is configured on interface Fa0/1 ?
A. Protect
B. shutdown VLAN
C. restrict
D. shutdown
Answer: A
According to security best practices, which two actions must you take to protect an unused switch port?
(Choose two )
A. Administratively shut down the port
B. Configure the port as a trunk port
C. Configure the port to automatically come online
D. Enable CDP.
E. Configure the port as an access port on a VLAN other than VLAN 1.
Answer: A D
Which effect does the switchport trunk native vlan 10 command have?
A. lt sets VLAN 10 as the native VLAN on the trunk
B. It configures the interface as a trunk port
C. It allows traffic from native VLAN 10 on the trunk
D. It prevents traffic on VLAN 1 from passing on the trunk
584 of 629
Cisco - 200-125
Answer: A
What are two reasons to use multicast to deliver video traffic, instead of unicast or broadcast? (Choose two )
A. It enables multiple clients to send video streams simultaneously
B. It enables multiple servers to send video streams simultaneously.
C. lt enables multiple clients to receive the video stream simultaneously.
D. It supports distributed applications.
E. It provides reliable TCP transport.
Answer: B C
After an FTP session to ftp.cisco.com fails. You attempt to ping the server. Aping to ftp.cisco.com also fails.
But a ip address successful .what is reason for the failed ftp session?
A. An ACL is blocking the ftp request
B. The internet connection is down
C. The assigned dns server is down
D. A firewall is blocking traffic from the ftp site
Answer: A
Which effect does the aaa new-model configuration command have?
A. It configures the device to connect to a RADIUS server for AAA.
B. It configures a local user on the device.
C. It associates a RADIUS server to an AAA group.
D. lt enables AAA services on the device.
Answer: D
585 of 629
Cisco - 200-125
Which two statements about the interface that generated the output are true? (Choose two.)
A. The interface is error-disabled.
B. The interface dynamically learned two secure MAC addresses.
C. An SNMP trap is generated when the maximum number of secure MAC addresses is reached on the
interface.
D. A syslog message is generated when the maximum number of secure MAC addresses is reached on the
interface.
E. Two secure MAC address are manually configured on the interface
Answer: C E
Which algorithm is used for the frame check sequence in an Ethernet frame?
A. SHA-1
B. AES-256
C. CRC
D. MD5
Answer: C
586 of 629
Cisco - 200-125
You configure a DHCP server on VLAN 10 to service clients on VLAN 10 and VLAN 20, clients on VLAN
10 are given ip address assignments, but client on VLAN 20 fail to receive IP addresses. Which action must
you take to correct the problem?
A. Configure the default gateway in the DHCP server configuration
B. Configure the ip helper-address command in the DHCP server configuration
C. Configure a separate DHCP server on VLAN 20
D. Configure the DNS name option in the DHCP server configuration
Answer: B
What is the effect of the configuration?
A. Traffic from PC B is dropped when it uses the trunk to communicate with PC
B. Traffic from PC A is sent untagged when it uses the trunk to communicate with PC
C. Traffic from PC A is dropped when it uses the trunk to communicate with PC B
D. Traffic from PC B is sent untagged when it uses the trunk to communicate with PC A.
587 of 629
Cisco - 200-125
Answer: D
Which Rapid PVST+ port role provides a different path to the root bridge?
A. alternate
B. designated
C. forwarding
D. backup
Answer: B
Which protocol does IPv6 use to discover other IPv6 nodes on the same segment?
A. NDP
B. ARP
C. NHRP
D. TCPv6
E. CLNS
Answer: A
Which command must you use to verify hostname-to-IP-address mapping information?
A. show arp
B. show sessions
C. show hosts
D. show mac-address-table
Answer: A
588 of 629
Cisco - 200-125
Which IOS troubleshooting tool should you use to direct system messages to your screen?
A. log events
B. terminal monitor
C. local SPAN
D. ARC-EM
Answer: B
Which technology is a critical component of a cloud-based architecture?
A. MPLS
B. DNS
C. DHCP
D. IPv6
Answer: B
Which OoS feature can drop traffic that exceeds the committed access rate?
A. policing
B. shaping
C. OFIFO
D. weighted fair queuing
Answer: A
Which two command sequences must you configure on a switch to establish a Layer 3 EtherChannel with an
open-standard protocol? (Choose two )
A.
589 of 629
Cisco - 200-125
A. interface GigabitEthernetO/0/1
channel-group 10 mode on
B. interface GigabitEthernetO/0/1 channel-group 10 mode auto
C. interface port-channel 10 no switchport ip address 172.16.0.1 255.255.255.0
D. interface GigabitEthernet0/0/1 channel-group 10 mode active
E. interface port-channel 10
switchport switchport mode trunk
Answer: C D
Which layer of the TCP/IP model manages the transmission of binary digits across an Ethernet cable?
A. network
B. physical
C. data link
D. transport
Answer: C
Which two cable specifications can support 1-gbps Ethernet ? choose two
A. RG-6
B. RG-11
C. Category 6
D. Category 5e
E. Category 3
Answer: C D
590 of 629
Cisco - 200-125
Which two statements about TACACS+ are true? (Choose two.)
A. It supports full command logging
B. It uses UDP port 49
C. It uses TCP port 49
D. It combines authentication and authorization to simplify configuration
E. lt encrypts the password only
Answer: C E
Which two best practices protect your network from VLAN hopping attacks? (Choose two.)
A. Configure an ACL to prevent traffic from changing VLANs
B. Configure port security
C. sign all access ports to VLANs other than the native VLAN
D. Configure dynamic ARP inspection
E. Range the native VLAN to an unused VLAN ID
Answer: B C
Which command must you use to test DNS connectivity?
A. show hosts
B. ipeon fig
C. show interfaces
D. telnet
Answer: B
591 of 629
Cisco - 200-125
What is the minimum Ethernet frame size?
A. 32 bytes
B. 64 bytes
C. 1024 bytes
D. 1500 bytes
Answer: B
Drag and drop the routing table components on the left onto the corresponding letter from the exhibit on the
right. Not all options are used.
Answer:
592 of 629
Cisco - 200-125
Explanation
Which two address spaces are valid class b ipv4 ranges that are non-routable to the internet ?
A. 10.0.0.0 through 10.0.255.255
B. 169.254.0.0 through 169.254.255.255
C. 172.16.0.0 through 172.31.255.255.
D. 172.16.0.0 through 172.32.255.255
E. 192.168.0.0. through 192.168.255.255
Answer: A E
593 of 629
Cisco - 200-125
Which two facts about configuring eigrpv6 are true ?
A. The variance command for eigrpv6 is independent of eigrpv4
B. If you change the interface delay, the eigrpv4 delay remains unchanged
C. You must configure neighboring devices with the same ipv6 hello-interval eigrp value
D. The router id must be an ipv6 address
E. If you change the interface bandwidth the eigrpv4 metric is affected.
Answer: C D
Which the system management command is used frequently when IOS backups, upgrades, and restores are
performed?
A. show file
B. show dir
C. copy
D. delete
Answer: C
594 of 629
Cisco - 200-125
How wilt switch SW2 handle traffic from VLAN 10 on SW1?
A. It sends the traffic to VLAN 1
B. It sends the traffic to VLAN 10
C. It drops the traffic
D. It sends the traffic to VLAN 100
Answer: B
You are implementing WAN access for an enterprise network while running applications that require a fully
meshed network, which two design standards are appropriate for such an environment? (Choose two)
A. a dedicated WAN distribution layer, to consolidate connectivity to remote sites.
B. a centralized DMVPN solution, to simplify connectivity for the enterprise.
C. multiple MPLS VPN connections with static routing
D. a collapsed core and distribution layer, to minimize costs.
E. multiple MPLS VPN connections with dynamic routing
Answer: B C
595 of 629
Cisco - 200-125
Which two facts must you take into account when you deploy PPPoE? (Choose two.)
A. IPPPoE supports a maximum of 10 clients per customer premises equipment
B. You must manually configure IP addresses on the PPPoE interface.
C. DDR is not supported.
D. An individual PVC can support one PPPoE client
E. DDR idle timers must be configured to supported VPDN logging.
Answer: A D
Which feature or protocol determines whether the QoS on the network is sufficient to support IP services?
A. LLDP
B. CDP
C. lP SLA
D. EEM
Answer: C
Which two pins does an RJ-45 connector use to transmit data? (Choose two )
A. 1
B. 2
C. 3
D. 4
E. 6
Answer: A B
596 of 629
Cisco - 200-125
Which value is used to build the CAM table?
A. destination MAC address
B. source IP address
C. source MAC address
D. destination IP address
Answer: A
Which two statements about an Ethernet frame source address are true?
A. The leftmost bit is always 1.
B. The address is 6 bytes long
C. The address is 4 bits long
D. The address is 4 bytes long
E. The leftmost bit is always 0
Answer: B D
Which plane handles switching traffic through a cisco router?
A. Control
B. Data
C. Performance
D. Management
Answer: B
Which command should you enter to configure a device as an NTP server?
A.
597 of 629
Cisco - 200-125
A. ntp authenticate
B. ntp server
C. ntp peer
D. Jntp master
Answer: D
Which two actions must you take to correctly configure pppoe on a client?
A. Define a dialer interface.
B. Create a BBA group and link it to the dialer interface
C. Create a dialer pool and bind it to the physical interface
D. Create a dialer pool and bind it to the virtual template
E. Define a virtual template interface
Answer: A C
Which two statements about RIPv2 ate true? (Choose two )
A. lt uses the Bellman-Ford routing algorithm
B. It sends periodic updates via broadcast
C. It stores RIP neighbor adjacency information in a neighbor table
D. It does not support clear text authentication, similar to RIPv1.
E. It supports CIDR and VLSM.
Answer: A E
Which two statements about the ip subnet-zero command are true? (Choose two)
A. It specifies the broadcast IP addresses in the subnet
B.
598 of 629
Cisco - 200-125
B. It is enabled by default on Cisco routers.
C. It must be configured before you activate NAT on a router
D. It enables the network to make full use of the available IP address space
E. It must be configured each time you reboot a router.
Answer: B D
Which two statements about GRE tunnels are true? (Choose two)
A. They allow multicast traffic to traverse WAN circuits.
B. They encapsulate the payload
C. They add 8 bytes to the IP header of each packet
D. They provide privacy, integrity and authenticity
E. They can operate in tunnel mode and transport mode.
Answer: A B
Which two statements about link-state routing protocols are true? (Choose two.)
A. Each router is aware only of its neighbor routers.
B. Link-state routing protocols use split horizon to avoid routing loops.
C. Each router determines its own path to a destination.
D. Each router maintains its own unique routing database.
E. Each router shares a database of known routes.
Answer: C E
Which symbol in the APIC –EM path trace tool output indicates that an ACL is present and might deny
packets?
A)
599 of 629
Cisco - 200-125
B)
C)
D)
A. Option A
B. Option B
C. Option C
D. Option D
Answer: C
Which two statements describe key differences between single- and dual-homed WAN connections? (Choose
two )
A. Dual-homed WAN connections have higher WAN speed than single-homed connections
B. Dual-homed WAN connections are more expensive than single-homed connections
C. Dual-homed WAN connections have more management-application overhead than single-homed

connections
D. Dual-homed WAN connections have a simpler topology than single-homed connections.
E. Dual-homed WAN connections require more skill to administer than single-homed connections
Answer: A B
600 of 629
Cisco - 200-125
Which VLAN ID is associated with the native VLAN?
A. VLAN 1
B. VLAN1 5
C. VLAN 10
D. VLAN 20
Answer: A
Which two statements about the successor and feasible successor are true? (Choose two.)
A. The successor is stored in the routing table
B. The feasible successor is stored in both the topology table and the routing table
C. The successor is the primary route
D. The successor is the secondary route
E. The feasible successor has a lower metric than the successor.
Answer: A E
601 of 629
Cisco - 200-125
Which two statements about router R1 are true? (Choose two.)
A. The router has two EIGRP neighbors and one OSPF neighbor.
B. The router is learning external OSPF and EIGRP routes.
C. At least two IGP routing protocols are running on the router.
D. The least two IGP routing protocols are running on the router.
E. The router has an OSPF Area 0 adjacency with the device at 10.82.4.42.
Answer: A B
602 of 629
Cisco - 200-125
Which two pieces of information can you determine from the EIGRP topology table? (Choose two)
A. The EIGRP neighbor IP address is 10.111.253.216
B. Each route has only one best path
C. Route 10.42.91.0/24 has a tag of 28160
D. Route 10.42.88.0/21 has an administrative distance of 28160
E. The reported distance of 10.0.0.0/8 is 0.
Answer: D E
Which option is a valid IPv6 address?
A. 2004:1:25A4:886F::1
B. 2001:0000:130F:099a::12a
C. 2002:7654:A1AD.61:81AF:CCC1
D. FEC0:4873.5394:W06T::2A4
Answer: A
603 of 629
Cisco - 200-125
Which frame type allows STP to compute the spanning-tree topology ?
A. RSTP
B. LSP
C. BPDU
D. LSA
Answer: C
Which two goals are reasons to implement private IPv4 addressing on your network choose two.
A. Comply with PCL regulations reduce the size of the forwarding table on network routers.
B. Conserve ipv4 addresses
C. Comply with local law
D. Reduce the risk of a network security breach.
Answer: B D
Which statement about the interface that generated the output is true?
A. Five secure MAC addresses are dynamically learned on the interface.
604 of 629
Cisco - 200-125
B. One secure MAC address is manually configured on the interface
C. One secure MAC address is dynamically learned on the interface
D. A syslog message is generated when a violation occurs.
Answer: A
Which protocol speeds up the MAC aging process?
A. 802.1D
B. OSPF
C. RIP
D. RSTP
Answer: D
Which command should you enter to configure a single port to prevent alternate ports from becoming
designated ports?
A. Spanning-tree guard loop
B. Spanning-tree loopguard default
C. Spanning-tree guard root
Answer: B
Which feature can cause a port to shut down immediately after a switch reboot?
A. COPP
B. PortFast
C. port security
D.
605 of 629
Cisco - 200-125
D. DTP
Answer: C
Which extended ping feature do you use to specify the path that the packet traverses?
A. record
B. verbose
C. timestamp
D. strict
Answer: D
Which two statements about PDU encapsulation are true? (Choose two)
A. During encapsulation, each layer adds a header and trailer to the PDU from the layer below
B. In the TCP/IP reference model, PDU encapsulation starts on the Internet layer with the data from the
application layer
C. PDU encapsulation takes place only at the transport layer.
D. In the TCP/IP reference model, PDU encapsulation occurs on the network layer
E. During encapsulation, each layer adds a header and sometimes adds a trailer to the PDU from the layer
above
Answer: B C
Which command should you enter to view the error log in an EIGRP for IPv6 environment?
A. show ipv6 eigrp traffic
B. show ipv6 eigrp topology
C. show ipv6 eigrp events
D. show ipv6 eigrp neighbors
606 of 629
Cisco - 200-125
Answer: C
Which two approaches are common when troubleshooting network issues? (Choose two)
A. top-down
B. divide and conquer
C. round-robin
D. layer-by-layer
E. policing
Answer: A B
Which VLAN ID is associated with the default VLAN in the given environment?
A. VLAN 1
B. VLAN 5
C.
607 of 629
Cisco - 200-125
C. VLAN 10
D. VLAN 20
Answer: A
Which value must you configure on a device before EIGRP for IPv6 can start running?
A. public IP address
B. loopback interface
C. process
D. router ID
Answer: D
Which type of device should you use to preserve IP addresses on your network?
A. intrusion prevention device
B. WLAN controller
C. load balancer
D. firewall
Answer: B
Which switching method checks for CRC errors?
A. Store-and forward
B. Layer 3
C. Fragment-free
D. Cut-through
608 of 629
Cisco - 200-125
Answer: A
Which value is included in the initial TCP syn message?
A. a session ID
B. sequence number
C. a TTL number
D. an acknowledgment number
Answer: B
Which two benefits are provided by cloud resources to an enterprise network?
A. Easy access with low security
B. Flexibility
C. Complexity at higher cost
D. Full control of infrastructure
E. On-demand scalability
Answer: B E
You are configuring an ip sla icmp echo operation to troubleshoot a network connectivity issue. When do you
enter an ip address to test the ip SLA?
A. When you verify the ip sla operation
B. When you specify the test frequency
C. When you enable the icmp echo operation
D. When you define the icmp echo operation
Answer: A
609 of 629
Cisco - 200-125
Which two protocols does the internet layer in the TCP/IP model encapsulate? (Choose two)
A. DNS
B. TCP
C. SMTP
D. ARP
E. Icmp
Answer: D E
Which component of an Ethernet frame is used to notify a host that traffic is coming?
A. start of frame delimiter
B. Type field
C. Data field
D. preamble
Answer: B
Which command must you enter to configure a DHCP relay?
A. ip dhcp relay
B. Ip address dhcp
C. ip helper-address
D. Ip dhcp pool
Answer: C
610 of 629
Cisco - 200-125
If the router attempts to send a frame out of the interface, but the carrier is busy, which counter will
increment?
A. collisions
B. deferred
C. lost carrier
D. late collision
Answer: B
In a CDP environment, what happens when the CDP interface on an adjacent device is configured without an
IP address?
A. CDP operates normally but it cannot provide any information for that neighbor
B. CDP operates normally, but it cannot provide IP address information for that neighbor
C.
611 of 629
Cisco - 200-125
C. DP uses the IP address of another interface for that neighbor
D. CDP becomes inoperable on that neighbor
Answer: D
Which command must you enter to switch from privileged EXEC mode to user EXEC mode on a Cisco
device?
A. configure terminal
B. disable
C. enable
D. logout
Answer: C
The network shown in the diagram is experiencing connectivity problems. Which of the following will correct
the problems? (Choose two.)
A. Configure the gateway on Host A as 10.1.1.1.
B. Configure the gateway on Host B as 10.1.2.254.
C. Configure the IP address of Host A as 10.1.2.2.
D. Configure the IP address of Host B as 10.1.2.2.
612 of 629
Cisco - 200-125
E. Configure the masks on both hosts to be 255.255.255.224.
F. Configure the masks on both hosts to be 255.255.255.240.
Answer: B D
Explanation
The switch 1 is configured with two VLANs: VLAN1 and VLAN2.
The IP information of member Host A in VLAN1 is as follows:
Address : 10.1.1.126
Mask : 255.255.255.0
Gateway : 10.1.1.254
The IP information of member Host B in VLAN2 is as follows:
Address : 10.1.1.12
Mask : 255.255.255.0
Gateway : 10.1.1.254
The configuration of sub-interface on router 2 is as follows:
Fa0/0.1 -- 10.1.1.254/24 VLAN1
Fa0/0.2 -- 10.1.2.254/24 VLAN2
It is obvious that the configurations of the gateways of members in VLAN2 and the associated network
segments are wrong. The layer3 addressing information of Host B should be modified as follows:
Address : 10.1.2.X
Mask : 255.255.255.0
Which two statements about UTP cables ate true? (Choose two )
A. Category 5 Ethernet cables support speeds up to 1000 Mbps beyond 100m.
B. Category 6 Ethernet cables are appropriate for installations of up to 200m .
C. Category 6a Ethernet cable can transmit up to 10 Gbps.
D.
613 of 629
Cisco - 200-125
D. Category 5e Ethernet cables support speeds up to 1000 Mbps.
E. All Ethernet cable types from Category 1 through Category 6 are suitable for transmitting data in the
appropriate environments.
Answer: C D
The router has an OSPF area 0 adjacency with the device at 10.82.4.42
A. The router has two eigrp neighbors and one OSPF neighbor
B. The router is learning external OSPF and eigrp routes
C. At least two EGP routing protocols are running on the router
D. At least three EGP routing protocols are running on the router.
Answer: C D
Which two statements describe characteristics of IPv6 unicast addressing? (Choose two.)
A. Global addresses start with 2000::/3.
B. Link-local addresses start with FE00:/12.
C. Link-local addresses start with FF00::/10.
D. There is only one loopback address and it is ::1.
E. If a global address is assigned to an interface, then that is the only allowable address for the interface.
Answer: A D
Explanation
Below is the list of common kinds of IPv6 addresses:
614 of 629
Cisco - 200-125
What are two common types of copper cable? (Choose two.)
A. unshielded twisted pair
B. single-mode
C. shielded twisted pair
D. OM4
E. multimode
Answer: A C
Which two statements about RFC 1918 addresses are true? (Choose two)
A. They provide security to end users when the users access the Internet.
B. They must be registered.
C. They have reserved address space for Class A and Class B networks only.
D. They require Network Address Translation or Port Address Translation to access the Internet.
E. They increase network performance
Answer: A B
After you deploy a new WLAN controller on your network, which two additional tasks should you consider?
(Choose two)
A. Deploy POE switches
B. Deploy load balancers
C. Configure additional security policies.
D. Configure additional VLANs
E. Configure multiple VRRP groups
615 of 629
Cisco - 200-125
Answer: C D
Which task should you perform before you use the APIC-EM Path Trace tool to perform ACL analysis?
A. Configure the IP address from which to generate the trace
B. Verify that the devices of interest are included in the device inventory
C. Execute a standard traceroute to the destination
D. Verify that DNS is configured on the controller
Answer: A
Which network appliance checks the state of a packet to determine whether the packet is legitimate?
A. the firewall
B. the LAN controller
C. the Layer 2 switch
D. the load balancer
Answer: C
Which two statements about exterior routing protocols are true? (Choose two )
A. Most modern network routers support both EGP and EIGRP for external routing
B. BGP is the current standard exterior routing protocol
C. They determine the optimal path within an autonomous system
D. Most modern networking supports both EGP and BGP for external routing.
E. They determine the optimal path between autonomous systems
Answer: A E
616 of 629
Cisco - 200-125
Which cloud service that usually provides software beyond the basic operating system is normally used for
development?
A. platform-as-a-service
B. software-as-a-service
C. infrastructure-as-a-service
D. database-as-a-service
Answer: C
Which type of frame is larger than 9000 bytes?
A. baby giant
B. jumbo
C. runt
D. giant
Answer: B
Which two statements about IGP and EGP routing protocols are true? (Choose two)
A. IGP routing protocols are used within internal networks.
B. Service providers use EGP and BGP for intra AS routing.
C. EGP routing protocols are used to connect multiple IGP networks.
D. Service providers use OSPF and IS-IS for intra AS routing.
E. OSPF, EIGRP and BGP are categorized as IGP routing protocols.
Answer: A B
617 of 629
Cisco - 200-125
Which two facts can you determine from the EIGRP topology table? (Choose two )
A. The FD 28416 for route 10.242.O.148 is also the metric for the routing table
B. The variance command must have been issued to allow route 10.85.184 0 to have two successors. C. If a
route has more than once successor only one route is injected into the routing table.
C. All successors are injecting into the routing table.
D. The reported distance value is greater than the feasible distance
Answer: A C
Which two address spaces are valid Class B IPv4 ranges that are non-routable to the Internet? (Choose two.)
A. 10-0.0.0 through 10.0-255-255
B. 169254 0-0 through 169 254255.255
C. 172.16.0.0 through 172 31 255.255
D. 172.16.0.0 through 172.32.255-255
E. 192.1680.0 through 192 168.255.255
Answer: B C
618 of 629
Cisco - 200-125
Drag and drop BGP terms from the left onto the correct description on the right.
Answer:
Explanation
619 of 629
Cisco - 200-125
C:\Users\wk\Desktop\mudassar\Untitled.jpg
Which two statements correctly describe the ping utility?
A. It can identify the source of an icmp time exceeded message
B. It uses UDP
C. It can verify connectivity to a remote device without identifying the path
D. It can identify the path that a packet takes to a remote device
E. It uses icmp
Answer: A E
What is the easiest way to verify the Layer 3 path from a router to host 192 168.2.1?
A. Use Telnet to connect the router to host 192 168 2 1
B. Add a static route for host 192.168 2 1 to the routing table of the router
C. Execute a traceroute from the router to host 192 168.2.1.
D. Execute a ping from the router to host 192 168.2.1.
Answer: C
620 of 629
Cisco - 200-125
Which two statements about NTP operations are true? (Choose two )
A. Cisco routers can act only as NTP servers
B. Cisco routers can act only as NTP clients.
C. NTP uses TCP over IP
D. Cisco routers can act as both NTP authoritative servers and NTP clients.
E. NTP uses UDP over IP
Answer: C D
Which two features are compatible with port security?
A. Etherchannel
B. Voice VALN
C. Span source port
D. Span destination port
E. DTP
Answer: B C
621 of 629
Cisco - 200-125
Which two events occur on the interface. If packets from an unknown source address arrive after the interface
learn the maximum number of secure MAC addresses.
A. The port led turns off
B. The security violation counter does not increment
C. A sys log message is generated
D. The interface drops traffic from unknown mac addresses
E. The interface is error-disabled
Answer: B D
Which feature or protocol is required for an IP SLA to measure UDP jitter?
A. CDP
B. LLDP
C. NTP
D. EEM
Answer: D
Which keyboard shortcut can you use lo exit the System Configuration Dialog on a Cisco networking device
and return to privileged EXEC mode without making changes?
A. Shift-Esc
B. Ctrl-Alt-Delete
C. Ctrl-C
D. Ctrl-V
Answer: C
What is the default Syslog facility level?
A.
622 of 629
Cisco - 200-125
A. loca15
B. local4
C. loca16
D. local7
Answer: D
Which two pieces of information can you learn by viewing the routing table? (Choose two )
A. the length of time that a route has been known
B. the EIGRP or BGP autonomous system
C. whether the administrative distance was manually or dynamically configured
D. which neighbor adjacencies are established
E. whether an ACL was applied inbound or outbound to an interface
Answer: C D
Which feature or protocol must you enable so that the output of the show interfaces trunk command includes
information about native VLAN mismatches?
A. RSTP
B. CDP
C. PortFast
D. DTP
Answer: D
Which circumstance is a common cause of late collisions?
A. Over loaded hardware queues
623 of 629
Cisco - 200-125
B. Duplex mismatch
C. Native vlan mismatch
D. Software misconfiguration
Answer: B
Which two statements correctly describe distance-vector routing protocols? (Choose two )
A. They update other devices on the network when one device detects a topology change
B. They generate a complete topology of the network
C. They specify the next hop toward the destination subnet
D. They use a variety of metrics to identify the distance to a destination network
E. They require quick network convergence to support normal operations
Answer: A C
Which two TCP messages use a 32-bit number as part of the initial TCP handshake? (Choose two.)
A. REPACK
B. FIN
C. RST
D. SYN-ACK
E. SYN
Answer: A E
Which adverse circumstance can occur when you connect full-duplex devices lo a shared Ethernet hub?
A. alignment errors
624 of 629
Cisco - 200-125
B. a duplex mismatch
C. native VLAN mismatches
D. excessive collisions
Answer: B
Which two VLAN IDs indicate a default VLAN? (Choose two.)
A. 0
B. 1
C. 1005
D. 1006
E. 4096
Answer: B C
Which two facts about configuring EIGRPv6 are true? (Choose two)
A. If you change the interface delay, the EIGRFV4 delay remains unchanged.
B. The router ID must be an IPv6 address.
C. If you change the interface bandwidth, the EIGRPv4 metric is affected
D. You must configure neighboring devices with the same ipv6 hello-interval eigrp value
E. The variance command for EIGRPv6 is independent of EIGRPv4.
Answer: B C
Which two pieces of information can you learn by viewing the routing table? (Choose two )
A. whether routes were summarized
B. whether a route was tagged
625 of 629
Cisco - 200-125
C. whether access lists are blocking incoming routes
D. whether a route was learned via IGP or EGP
E. the interface on which traffic is sent
Answer: C E
After an ftp session to ftp.cisco.com fails, you attempt to ping the server A ping to ftp.cisco.com also fails, but
a ping to the ip address of the server successful. What is reason for the failed FTP session?
A. A firewall is blocking traffic from the FTP site
B. An ACL is blocking the FTP request
C. The assigned DNS server is down
D. The internet connection is down
Answer: A
Refer to the exhibit. Which two statements about the interface that generated the output are true? (Choose
two.)
A. Learned MAC addresses are deleted after five minutes of inactivity.
B. It has dynamically learned two secure MAC addresses.
C. The security violation counter increments if packets arrive from a new unknown source address.
D. The interface is error-disabled if packets arrive from a new unknown source address.
E.
626 of 629
Cisco - 200-125
E. It has dynamically learned three secure MAC addresses
Answer: A C
Which port status does the interface enter when UDLD detects a unidirectional link?
A. down/down
B. errdisable
C. up/up
D. shutdown
Answer: B
Cisco IOS supports which QoS models?
A. best-effort and integrated services
B. best-effort and differentiated services
C. best-effort, integrated services, and differentiated
D. integrated services and differentiated services
Answer: D
What happens to new traffic that is sent to a destination MAC address after the MAC aging time expires?
A. It is dropped
B. It is flooded.
C. It is queued
D. It is process-switched
Answer: B
627 of 629
Cisco - 200-125
Which configuration register value can you set so that a Cisco device loads an IOS Software image from flash
memory and then loads the startup configuration when the router boots?
A. 0x2102
B. 0x2120
C. 0x2124
D. 0x2142
Answer: A
Which access layer threat mitigation technique provides security by acting as a filter between trusted and
untrusted traffic.
A. Dhcp snooping
B. A nondefault native vlan
C. Dynamic packet inspection
D. 802.1x
Answer: C
Which two statements about DNS lookup operations are true? (Choose two)
A. When the primary IP address of the destination is down, the DNS server can forward the client to an
alternate IP address.
B. The client sends a request for IP address to domain name resolution to the DNS server
C. The DNS server pings the destination to verify that it is available
D. They use destination port 53-
E. The client sends a request for domain name to IP address resolution to the DNS server
Answer: B C
628 of 629
Cisco - 200-125
Which LLDP extension provides additional support for VoIP?
A. LLDPv3
B. TLV
C. LLDP-VOIP
D. LLDP-MED
Answer: D
Which two tasks can help you gather relevant facts when you troubleshoot a network problem? (Choose two.)
A. Define the problem in terms of symptoms and causes.
B. Collect technical data from network management systems and logging servers
C. Change one setting or component and then analyze the result
D. liminate known issues first
E. Ask questions of the users who are affected by the problem.
Answer: C E
629 of 629

200 125

Uploaded by

Copyright:

Available Formats

200 125

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

200 125

Uploaded by

Copyright:

Available Formats

Cisco - 200-125

Exam Topic Breakdown

Topic 1, New Pool Exam A

Question #:2 - (Exam Topic 1)

which three options are benefits of using TACACS+ on a device ?

A. Device administration packets are encrypted in their entirety

B. it allows the user to remotely access devices from other vendors

C. it supports access level authorization for commands

D. it ensures that user activity is untraceable

E. it allows users to be authenticated against a remote server

F. it provides a secure accounting facility on the device

Question #:3 - (Exam Topic 1)

A. the EIGRP route

B. the OSPF route

C. the RIPv2 route

D. all three routes

E. the OSPF and RIPv2 routes

Question #:4 - (Exam Topic 1)

Refer to the exhibit.

A. 10.1.0.1 (Serial0), from 10.1.0.1, Send flag is 0x0

Composite metric is (46152000/41640000), Route is Internal

Minimum bandwidth is 64 Kbit

Total delay is 45000 Microseconds

Minimum MTU is 1500

B. 10.0.0.2 (Serial0.1), from 10.0.0.2, Send flag is 0x0

Composite metric is (53973248/128256), Route is Internal

Minimum bandwidth is 48 Kbit

Total delay is 25000 Microseconds

Minimum MTU is 1500

C. 10.1.0.3 (Serial0), from 10.1.0.3, Send flag is 0x0

Composite metric is (46866176/46354176), Route is Internal

Minimum bandwidth is 56 Kbit

Total delay is 45000 microseconds

Minimum MTU is 1500

D. 10.1.1.1 (Serial0.1), from 10.1.1.1, Send flag is 0x0

Composite metric is (46763776/46251776), Route is External

Minimum bandwidth is 56 Kbit

Total delay is 41000 microseconds

Minimum MTU is 1500

Question #:5 - (Exam Topic 1)

B. Configure the native VLAN

C. Define Each vlan

Question #:6 - (Exam Topic 1)

Question #:7 - (Exam Topic 1)

A. The embedded IPv4 address can be globally routed.

B. It is used for an ISATAP tunnel

C. The embedded IPv4 address is an RFC 1918 address

D. The MAC address 20:02:b0:10:be:ef is embedded into the IPv6 address

E. It is used for a 6to4 tunnel

Question #:8 - (Exam Topic 1)

Question #:9 - (Exam Topic 1)

A. A VLAN number is incorrect.

C. An ARP table entry is missing.

D. An ACL is blocking the TCP port.

D. router#show interface gig 0/1

Question #:11 - (Exam Topic 1)

Which mode is compatible with Trunk, Access, and desirable ports?

Question #:12 - (Exam Topic 1)