Cisco CCNA 200-125 Certification Exam Answers 70 questions last 2018 Part 2
1. How do you maintain security in multiple websites?
2. Refer to the exhibit.
Switch-1 needs to send data to a host with a MAC address of 00b0.d056.efa4. What will Switch-1 do with this data?
Switch-1 will drop the data because it does not have an entry for that MAC address.
Switch-1 will flood the data out all of its ports except the port from which the data originated.*
Switch-1 will send an ARP request out all its ports except the port from which the data originated.
Switch-1 will forward the data to its default gateway.
3. What routing protocol use first-hand information from peers?
The reason is that unlike the routing-by-rumor approach of distance vector, link state routers have firsthand information from all their peer routers. Each router originates information about itself, its directly connected links, and the state of those links (hence the name). This information is passed around from router to router, each router making a copy of it, but never changing it. The ultimate objective is that every router has identical information about the internetwork, and each router will independently calculate its own best paths.
4. What field is consist of 6 bytes in the field identification frame in IEEE 802.1Q?
5. What is new in HSRPv2?
higher priority values
Multiple backup routers
a greater number in hsrp group field*
6. Which switching method duplicates the first six bytes of a frame before making a switching decision?
7. Which logging command can enable administrators to correlate syslog messages with millisecond precision?
no logging console
logging buffered 4
no logging monitor
service timestamps log datetime mscec*
logging host 10.2.0.21
8. Which three statements about link-state routing are true? (Choose three.)
OSPF is a link-state protocol.*
Updates are sent to a broadcast address.
It uses split horizon.
Routes are updated when a change in topology occurs.*
RIP is a link-state protocol.
Updates are sent to a multicast address by default.*
9. Which command can you enter to determine whether a switch is operating in trunking mode?
show ip interface brief
show interface switchport*
10. Which command can you enter to view the ports that are assigned to VLAN 20?
Switch#show ip interface vlan 20
Switch#show vlan id 20*
Switch#show ip interface brief
Switch#show interface vlan 20
11. In which two formats can the IPv6 address fd15:0db8:0000:0000:0700:0003:400F:572B be written? (Choose two.)
12. Which function of the IP SLAs ICMP jitter operation can you use to determine whether a VoIP issue is caused by excessive end-to-end time?
successive packet loss
round-trip time latency*
13. Refer to the exhibit.
Which of these statements correctly describes the state of the switch once the boot process has been completed?
A. The switch will need a different IOS code in order to support VLANs and ST.
Remote access management of this switch will not be possible without configuration change.*
As FastEthernet0/12 will be the last to come up, it will be blocked by STP.
More VLANs will need to be created for this switch.
14. Refer to the exhibit.
The network administrator normally establishes a Telnet session with the switch from host A. However, host A is unavailable. The administrator’s attempt to telnet to the switch from host fails, but pings to the other two hosts are successful. What is the issue?
The switch interfaces need the appropriate IP addresses assigned.
Host and the switch need to be in the same subnet.
The switch needs an appropriate default gateway assigned.*
The switch interface connected to the router is down.
Host needs to be assigned an IP address in VLAN 1.
15. Which condition does the err-disabled status indicate on an Ethernet interface?
There is a duplex mismatch.
The device at the other end of the connection is powered off.
The serial interface is disabled.
The interface is configured with the shutdown command.
Port security has disabled the interface.*
The interface is fully functioning.
16. Refer to the exhibit
All of the routers in the network are configured with the ip subnet-zero command. Which network addresses should be used for Link A and Network A? (Choose two.)
Link A 172.16.3.0/30*
Link A 172.16.3.112/30
Network A 172.16.3.48/26
Network A 172.16.3.128/25*
Link A 172.16.3.40/30
Network A 172.16.3.192/26
17. Which type of device can be replaced by the use of subinterfaces for VLAN routing?
Layer 2 bridge
Layer 2 switch
Layer 3 switch*
18. Which statement about LLDP is true?
It is configured in global configuration mode.
It is configured in global configuration mode.*
The LLDP update frequency is a fixed value.
It runs over the transport layer.
19. If the primary root bridge experiences a power loss, which switch takes over?
20. A network administrator is troubleshooting an EIGRP problem on a router and needs to confirm the IP addresses of the devices with which the router has established adjacency. The retransmit interval and the queue counts for the adjacent routers also need to be checked. What command will display the required information?
Router# show ip eigrp neighbors*
Router# show ip eigrp interfaces
Router# show ip eigrp adjacency
Router# show ip eigrp topology
21. Which three statements about IPv6 prefixes are true? (Choose three.)
FEC0::/10 is used for IPv6 broadcast.
FC00::/7 is used in private networks.*
FE80::/8 is used for link-local unicast.
FE80::/10 is used for link-local unicast.*
2001::1/127 is used for loopback addresses.
FF00::/8 is used for IPv6 multicast.*
22. Which command can you enter to display duplicate IP addresses that the DHCP server assigns?
show ip dhcp conflict 10.0.2.12*
show ip dhcp database 10.0.2.12
show ip dhcp server statistics
show ip dhcp binding 10.0.2.12
23. Which three ports will be STP designated ports if all the links are operating at the same bandwidth? (Choose three.)
Switch B – F0/0*
Switch A – Fa0/1*
Switch B – Fa0/l*
Switch C – F0/1
Switch A – Fa0/0
Switch C – Fa0/0
24. Refer to the exhibit
The network administrator cannot connect to Switch 1 over a Telnet session, although the hosts attached to Switch1 can ping the interface Fa0/0 of the router. Given the information in the graphic and assuming that the router and Switch2 are configured properly, which of the following commands should be issued on Switch1 to correct this problem?
Switch1(config)# ip default-gateway 192.168.24.1*
Switch1(config)# interface fa0/1Switch1(config-if)# switchport mode trunk
Switch1(config)# line con0Switch1(config-line)# password ciscoSwitch1(config-line)# login
Switch1(config)# interface fa0/1Switch1(config-if)# ip address 192.168.24.3 255.255.255.0
Switch1(config)# interface fa0/1Switch1(config-if)# duplex fullSwitch1(confiq-if)# speed 100
25. Refer to the exhibit.
Each of these four switches has been configured with a hostname, as well as being configured to run RSTP.No other configuration changes have been made. Which three of these show the correct RSTP port roles for the indicated switches and interfaces? (Choose three.)
SwitchD. Gi0/2, root*
SwitchA, Fa0/2, designated*
SwitchB, Gi0/l, designated
SwitchA, Fa0/l, root*
SwitchB, Gi0/2, root
SwitchC, Fa0/2, root
26. Which feature builds a FIB and an adjacency table to expedite packet forwarding?
Cisco Express Forwarding*
27. Which command can you enter to verify that a 128-bit address is live and responding?
28. What are two reasons that duplex mismatches can be difficult to diagnose? (Choose two.)
The interface displays a connected (up/up) state even when the duplex settings are mismatched.*
1-Gbps interfaces are full-duplex by default.
Full-duplex interfaces use CSMA/CD logic, so mismatches may be disguised by collisions.
The symptoms of a duplex mismatch may be intermittent.*
Autonegotiation is disabled.
29. Which condition indicates that service password-encryption is enabled?
The local username password is in clear text in the configuration.
The enable secret is in clear text in the configuration.
The local username password is encrypted in the configuration.*
The enable secret is encrypted in the configuration.
30. Which protocol advertises a virtual IP address to facilitate transparent failover of a Cisco routing device?
31. What is the correct routing match to reach 172.16.1.5/32?
the default route
32. Which layer in the OSI reference model is responsible for determining the availability of the receiving program and checking to see if enough resources exist for that communication?
33. What is the purpose of the POST operation on a router?
determine whether additional hardware has been added*
locate an IOS image for booting
enable a TFTP server
set the configuration register
34. Which protocol is the Cisco proprietary implementation of FHRP?
35. Which three characteristics are representative of a link-state routing protocol? (Choose three.)
provides common view of entire topology*
exchanges routing tables with neighbors
calculates shortest path*
utilizes event-triggered updates*
utilizes frequent periodic updates
36. Which part of the PPPoE server configuration contains the information used to assign an IP address to a PPPoE client?
37. Drag and drop the correct address space on the left to left IPv6 multicast feature or protocol on the right.
FF02::5 ———— OSPFv3 Routers
FF02::6 ———— OSPFv3 Designated Routers
FF02::A ———— EIGRPv3 Routers
FF02::D ———— PIM Routers
FF05::2 ———— All Routers (site-local)
38. Which three statements about RSTP are true? (Choose three.)
RSTP significantly reduces topology reconverging time after a link failure.*
RSTP expands the STP port roles by adding the alternate and backup roles.*
RSTP port states are blocking, discarding, learning, or forwarding.
RSTP provides a faster transition to the forwarding state on point-to-point links than STP does.*
RSTP also uses the STP proposal-agreement sequence.
RSTP uses the same timer-based process as STP on point-to-point links
39. What are two benefits of using NAT? (Choose two.)
NAT facilitates end-to-end communication when IPsec is enabled.
NAT eliminates the need to re-address all hosts that require external access.*
NAT conserves addresses through host MAC-level multiplexing.
Dynamic NAT facilitates connections from the outside of the network.
NAT accelerates the routing process because no modifications are made on the packets.
NAT protects network security because private networks are not advertised.*
40. Which two commands correctly verify whether port security has been configured on port FastEthernet 0/12 on a switch? (Choose two.)
SW1#show port-secure interface FastEthernet 0/12
SW1#show switchport port-secure interface FastEthernet 0/12
SW1#show port-security interface FastEthernet 0/12*
SW1#show switchport port-security interface FastEthernet 0/12
41. Refer to the exhibit.
Given this output for SwitchC, what should the network administrator’s next action be?
Check the trunk encapsulation mode for Switch C’s fa0/1 port.
Check the duplex mode for Switch C’s fa0/1 port.
Check the duplex mode for Switch A’s fa0/2 port.*
Check the trunk encapsulation mode for Switch A’s fa0/2 port
42. Which statement is correct regarding the operation of DHCP?
A DHCP client uses a ping to detect address conflicts.
A DHCP server uses a gratuitous ARP to detect DHCP clients.
A DHCP client uses a gratuitous ARP to detect a DHCP server.
If an address conflict is detected, the address is removed from the pool and an administrator must resolve the conflict.*
If an address conflict is detected, the address is removed from the pool for an amount of time configurable by the administrator.
If an address conflict is detected, the address is removed from the pool and will not be reused until the server is rebooted.
43. Which two statements about using the CHAP authentication mechanism in a PPP link are true? (Choose two.)
CHAP uses a two-way handshake.
CHAP uses a three-way handshake.*
CHAP authentication periodically occurs after link establishment.*
CHAP authentication passwords are sent in plaintext.
CHAP authentication is performed only upon link establishment.
CHAP has no protection from playback attacks.
44. Refer to the exhibit.
Switch port FastEthernet 0/24 on ALSwitch1 will be used to create an IEEE 802.1Q-compliant trunk to another switch. Based on the output shown, what is the reason the trunk does not form, even though the proper cabling has been attached?
VLANs have not been created yet.
An IP address must be configured for the port.
The port is currently configured for access mode.*
The correct encapsulation type has not been configured.
The no shutdown command has not been entered for the port.
45. Refer to the exhibit.
A junior network administrator was given the task of configuring port security on SwitchA to allow only PC_A to access the switched network through port fa0/1. If any other device is detected, the port is to drop frames from this device. The administrator configured the interface and tested it with successful pings from PC_A to RouterA, and then observes the output from these two show commands. Which two of these changes are necessary for SwitchA to meet the requirements? (Choose two.)
Port security needs to be globally enabled.
Port security needs to be enabled on the interface.*
Port security needs to be configured to shut down the interface in the event of a violation.
Port security needs to be configured to allow only one learned MAC address.*
Port security interface counters need to be cleared before using the show command.
The port security configuration needs to be saved to NVRAM before it can become active.
46. Which three statements about static routing are true? (Choose three.)
It uses consistent route determination.*
It is best used for small-scale deployments.*
Routing is disrupted when links fail.*
It requires more resources than other routing methods.
It is best used for large-scale deployments.
Routers can use update messages to reroute when links fail.
47. What are the address that will show at the show ip route if we configure the above statements? (Choose Three.)
48. Which feature facilitates the tagging of frames on a specific VLAN?
49. What does split horizon prevent?
routing loops, link state
routing loops, distance vector*
switching loops, STP
switching loops, VTP
50. Which value to use in HSRP protocol election process?
virtual IP address
51. Which of the following is needed to be enable back the role of active in HSRP?
52. Which command is used to show the interface status of a router?
show interface status
show ip interface brief*
show ip route
53. Which of the following privilege level is the most secured?
54. Which IPV6 feature is supported in IPV4 but is not commonly used?
55. Which two statements are true about IPv6 Unique Local Addresses? (Choose Two.)
It is the counterpart of IPv4 private addresses*
It uses FC00::/7 as prefix*
56. Which range represents the standard access list?
57. What to do when the router password was forgotten?
use default password cisco to reset
access router physically
Type confreg 0x2142 at the rommon 1*
58. What is true about Cisco Discovery Protocol?
it discovers the routers, switches and gateways.
it is network layer protocol
it is physical and data link layer protocol
it is proprietary protocol*
59. Which of the following encrypts the traffic on a leased line?
60. How do you configure a hostname?
61. You have been asked to come up with a subnet mask that will allow all three web servers to be on the same network while providing the maximum number of subnets. Which network address and subnet mask meet this requirement?
62. What parameter can be different on ports within an EtherChannel?
DTP negotiation settings*
63. Which two statements about IPv6 router advertisement messages are true? (Choose two.)
They use ICMPv6 type 134.*
The advertised prefix length must be 64 bits.*
The advertised prefix length must be 48 bits.
They are sourced from the configured IPv6 interface address.
Their destination is always the link-local address of the neighboring node.
64. Which spanning-tree protocol rides on top of another spanning-tree protocol?
Mono Spanning Tree
65. A network administrator needs to configure port security on a switch. Which two statements are true? (Choose two.)
The network administrator can apply port security to dynamic access ports.
The network administrator can apply port security to EtherChannels.
The sticky learning feature allows the addition of dynamically learned addresses to the running configuration.*
When dynamic MAC address learning is enabled on an interface, the switch can learn new addresses, up to the maximum defined.*
The network administrator can configure static secure or sticky secure MAC addresses in the voice VLAN
66. What’s are true about MPLS?
It use a label to separate traffic from several costumer*
It use IPv4 IPv6
67. A network engineer wants to allow a temporary entry for a remote user with a specific username and password so that the user can access the entire network over the internet. Which ACL can be used?
68. Which command is necessary to permit SSH or Telnet access to a cisco switch that is otherwise configured for these vty line protocols?
transport type all
transport output all
transport preferred all
transport input all*
69. What should be part of a comprehensive network security plan?
Allow users to develop their own approach to network security
Physically secure network equipment from potential access by unauthorized individuals*
Encourage users to use personal information in their passwords to minimize the likelihood of passwords being forgotten
Delay deployment of software patches and updates until their effect on end-user equipment is well known and widely reported
Minimize network overhead by deactivating automatic antivirus client updates
70. Which two Cisco IOS commands, used in troubleshooting, can enable debug output to a remote location? (Choose two)
no logging console
logging host ip-address*
show logging | redirect flashioutput.txt
snmp-server enable traps syslog