2016/11/6 New CCNA Routing and Switching 200-125: CCNA Cisco Certified Network Associate CCNA (v3.0) Exam Questions Updated!

1.|200-125 CCNA Exam Dumps (PDF and VCE) 583Q&As Download:
http://www.braindump2go.com/200-125.html
2.|200-125 Exam Questions and Answers:
https://1drv.ms/b/s!AvI7wzKf6QBjgQjXWW7jljWtKnLu

QUESTION 546
In which two formats can the IPv6 address fd15:0db8:0000:0000:0700:0003:400F:572B be written? (Choose two.)

A.    fd15:0db8:0000:0000:700:3:400F:527B
B.    d15::db8::700:3:400F:527B
C.    fd15:db8:0::700:3:4F:527B
D.    fd15:0db8::7:3:4F:527B
E.    fd15:db8::700:3:400F:572B

Answer: AE

QUESTION 547
When an interface is configured with PortFast BPDU guard, how does the interface respond when it receives a BPDU?

A.    It continues operating normally.
B.    It goes into a down/down state.
C.    It becomes the root bridge for the configured VLAN.
D.    It goes into an errdisable state.

Answer: D

QUESTION 548
What are three characteristics of the TCP protocol? (Choose three.)

A.    It uses a single SYN-ACK message to establish a connection.
B.    The connection is established before data is transmitted.
C.    It ensures that all data is transmitted and received by the remote device.
D.    It supports significantly higher transmission speeds than UDP.
E.    It requires applications to determine when data packets must be retransmitted.
F.    It uses separate SYN and ACK messages to establish a connection.

Answer: BCF

QUESTION 549
Which command can you enter to determine whether serial interface 0/2/0 has been configured using HDLC encapsulation?

A.    router#show platform
B.    router#show interfaces Serial 0/2/0
C.    router#show ip interface s0/2/0
D.    router#show ip interface brief

Answer: B

QUESTION 550
Which function of the IP SLAs ICMP jitter operation can you use to determine whether a VoIP issue is caused by excessive end-to-end time?

A.    packet loss
B.    jitter
C.    successive packet loss
D.    round-trip time latency

Answer: D

QUESTION 551
Which condition does the err-disabled status indicate on an Ethernet interface?

A.    There is a duplex mismatch.
B.    The device at the other end of the connection is powered off.
C.    The serial interface is disabled.
D.    The interface is configured with the shutdown command.
E.    Port security has disabled the interface.
F.    The interface is fully functioning.

Answer: E

QUESTION 552
Which statement about RADIUS security is true?

A.    It supports EAP authentication for connecting to wireless networks.
B.    It provides encrypted multiprotocol support.
C.    Device-administration packets are encrypted in their entirety.
D.    It ensures that user activity is fully anonymous.

Answer: A

QUESTION 553
Which two statements about IPv4 multicast traffic are true? (Choose two.)

A.    It burdens the source host without affecting remote hosts.
B.    It uses a minimum amount of network bandwidth.
C.    It is bandwidth-intensive.
D.    It simultaneously delivers multiple streams of data.
E.    It is the most efficient way to deliver data to multiple receivers.

Answer: DE

QUESTION 554
Which type of device can be replaced by the use of subinterfaces for VLAN routing?

A.    Layer 2 bridge
B.    Layer 2 switch
C.    Layer 3 switch
D.    router

Answer: C

QUESTION 555
Which statement about LLDP is true?

A.    It is a Cisco proprietary protocol
B.    It is configured in global configuration mode.
C.    The LLDP update frequency is a fixed value.
D.    It runs over the transport layer.

Answer: B

QUESTION 556
What are two benefits of private IPv4 IP addresses? (Choose two.)

A.    They are routed the same as public IP addresses.
B.    They are less costly than public IP addresses.
C.    They can be assigned to devices without Internet connections.
D.    They eliminate the necessity for NAT policies.
E.    They eliminate duplicate IP conflicts.

Answer: BC

QUESTION 557
What is the authoritative source for an address lookup?

A.    a recursive DNS search
B.    the operating system cache
C.    the ISP local cache
D.    the browser cache

Answer: A

QUESTION 558
Which command can you enter to verify that a BGP connection to a remote device is established?

A.    show ip bgp summary
B.    show ip community-list
C.    show ip bgp paths
D.    show ip route

Answer: A

QUESTION 559
Which three circumstances can cause a GRE tunnel to be in an up/down state? (Choose three.)

A.    The tunnel interface IP address is misconfigured.
B.    The tunnel interface is down.
C.    A valid route to the destination address is missing from the routing table.
D.    The tunnel address is routed through the tunnel itself.
E.    The ISP is blocking the traffic.
F.    An ACL is blocking the outbound traffic.

Answer: BCD

QUESTION 560
Which command can you enter to display duplicate IP addresses that the DHCP server assigns?

A.    show ip dhcp conflict 10.0.2.12
B.    show ip dhcp database 10.0.2.12
C.    show ip dhcp server statistics
D.    show ip dhcp binding 10.0.2.12

Answer: A

QUESTION 561
Which two statements about using leased lines for your WAN infrastructure are true? (Choose two.)

A.    Leased lines provide inexpensive WAN access.
B.    Leased lines with sufficient bandwidth can avoid latency between endpoints.
C.    Leased lines require little installation and maintenance expertise.
D.    Leased lines provide highly flexible bandwidth scaling.
E.    Multiple leased lines can share a router interface.
F.    Leased lines support up to T1 link speeds.

Answer: CD

QUESTION 562
Which command can you enter to verify that a 128-bit address is live and responding?

A.    traceroute
B.    telnet
C.    ping
D.    ping ipv6

Answer: D

QUESTION 563
Which two Cisco IOS commands, used in troubleshooting, can enable debug output to a remote location? (Choose two)

A.    no logging console
B.    logging host ip-address
C.    terminal monitor
D.    show logging | redirect flashioutput.txt
E.    snmp-server enable traps syslog

Answer: BC

QUESTION 564
During which phase of PPPoE is PPP authentication performed?

A.    the PPP Session phase
B.    Phase 2
C.    the Active Discovery phase
D.    the Authentication phase
E.    Phase 1

Answer: A

QUESTION 565
Which two passwords must be supplied in order to connect by Telnet to a properly secured Cisco switch and make changes to the device configuration? (Choose two.)

A.    tty password
B.    enable secret password
C.    vty password
D.    aux password
E.    console password
F.    username password

Answer: BC

QUESTION 566
Which logging command can enable administrators to correlate syslog messages with millisecond precision?

A.    no logging console
B.    logging buffered 4
C.    no logging monitor
D.    service timestamps log datetime msec
E.    logging host 10.2.0.21

Answer: D

QUESTION 567
Which two statements about northbound and southbound APIs are true? (Choose two.)

A.    Only southbound APIs allow program control of the network.
B.    Only northbound APIs allow program control of the network.
C.    Only southbound API interfaces use a Service Abstraction Layer.
D.    Only northbound API interfaces use a Service Abstraction Layer.
E.    Both northbound and southbound API interfaces use a Service Abstraction Layer.
F.    Both northbound and southbound APIs allow program control of the network.

Answer: BC

QUESTION 568
Which switching method duplicates the first six bytes of a frame before making a switching decision?

A.    fragment-free switching
B.    store and-forward switching
C.    cut through switching
D.    ASIC switching

Answer: C
Explanation:
Cut and Through method has lowest latency. In this method Switch only read first six bytes from frame after the preamble. These six bytes are the destination address of frame. This is the fastest method of switching. This method also processes invalid frames. Only advantage of this method is speed.

QUESTION 569
Which interface counter can you use to diagnose a duplex mismatch problem?

A.    no earner
B.    late collisions
C.    giants
D.    CRC errors
E.    deferred
F.    runts

Answer: B

QUESTION 570
Refer to the exhibit. Which user-mode password has just been set?
 

A.    Telnet
B.    Auxiliary
C.    SSH
D.    Console

Answer: A

QUESTION 571
Which feature can you implement to reserve bandwidth for VoIP calls across the call path?

A.    PQ
B.    CBWFQ
C.    round robin
D.    RSVP

Answer: D
Explanation:
When implemented on all nodes in the path, RSVP guarantees bandwidth for the call along the entire path for the entire duration of the call. This is the only technique that achieves this level of accuracy.

QUESTION 572
Which command is necessary to permit SSH or Telnet access to a cisco switch that is otherwise configured for these vty line protocols?

A.    transport type all
B.    transport output all
C.    transport preferred all
D.    transport input all

Answer: D

QUESTION 573
Which command can you enter to determine whether a switch is operating in trunking mode?

A.    show ip interface brief
B.    show vlan
C.    show interfaces
D.    show interface switchport

Answer: D

QUESTION 574
What should be part of a comprehensive network security plan?

A.    Allow users to develop their own approach to network security.
B.    Physically secure network equipment from potential access by unauthorized individuals
C.    Encourage users to use personal information in their passwords to minimize the likelihood of passwords being forgotten.
D.    Delay deployment of software patches and updates until their effect on end-user equipment is well known and widely reported
E.    Minimize network overhead by deactivating automatic antivirus client updates.

Answer: B

QUESTION 575
Which two statements about wireless LAN controllers are true? (Choose two.)

A.    They can simplify the management and deployment of wireless LANs.
B.    They rely on external firewalls for WLAN security.
C.    They are best suited to smaller wireless networks.
D.    They must be configured through a GUI over HTTP or HTTPS.
E.    They can manage mobility policies at a systemwide level.

Answer: AE

QUESTION 576
Hotspot Question – DHCP
 
Examine the DHCP configuration between R2 and R3,R2 is configured as the DHCP server and R3 as the client. What is the reason R3 is not receiving the IP address via DHCP?

A.    On R3,DHCP is not enabled on the interface that is connected to R2.
B.    On R3,the interface that is connected to R2 is in shutdown condition.
C.    On R2, the interface that is connected to R3 is in shutdown condition.
D.    On R2, the network statement in the DHCP pool configuration is incorrectly configured

Answer: A
Explanation:
First we should check which interface on R3 that is connected to R2 via the “show run” command.
 
From the description we learn interface E0/1 is connected to R2. Use the “show ip interface brief” command to verify the IP address of this interface.
 
Therefore we can conclude this interface does not have any IP address and there is no configuration on this interface (except the “description Link to R2” line).
If R3 wants to receive an IP address from R2 via DHCP, interface E0/1 should be configured with the command “ip address dhcp” so the answer “DHCP is not enabled on this interface” is correct.

QUESTION 577
Hotspot Question – DHCP
 
R1 router clock is synchronized with ISP router. R2 is supposed to receive NTP updates from R1. But you observe that R2 clock is not synchronized with R1.
What is the reason R2 is not receiving NTP updates from R1?

A.    R1 router Ethernet interface that is connected to R2 is placed in shutdown condition.
B.    R2 router Ethernet interface that is connected to R1 is placed in shutdown condition.
C.    The NTP server command not configured on R2 router.
D.    The IP address that is used in the NTP configuration on R2 router is incorrect.

Answer: D
Explanation:
First we should verify if the ports connected between R1 and R2 is in “up/up” state with the “show ip interface brief” command on R1 & R2.
 
Note: We learn R1 & R2 connect to each other via E0/2 interface because the IP addresses of these interfaces belong to 192.168.10.0/30 subnet. Both of them are “up/up” so the link connecting between R1 & R2 is good.
Next we need to verify the ntp configuration on R2 with the “show running-config” command.
 
So there is only one command related to NTP configuration on R2 so we need to check if the IP address of 192.168.100.1 is correct or not. But from the “show ip interface brief” command on R1 we don’t see this IP -> This IP address is not correct. It should be 192.168.10.1 (IP address of interface E0/2 of R1), not 192.168.100.1.

QUESTION 578
Hotspot Question – DHCP
 
Why applications that are installed on PCs in R2 LAN network 10.100.20.0/24 are unable to communicate with server1?

A.    A standard ACL statement that is configured on R1 is blocking the traffic sourced from R2 LAN network.
B.    A standard ACL statement that is configured on R1 is blocking the traffic sourced from Server1 network.
C.    A standard ACL statement that is configured on R2 is blocking the traffic sourced from Server1 network.
D.    A standard ACL statement that is con^gured on R2 is blocking the traffic sourced from R2 LAN network.

Answer: C
Explanation:
We should check if we can ping from R1 to Server 1 or not:
 
The ping worked well so maybe R1 is good so we should check R2 first. We notice on R2 there is an access-list:
 
This access-list is applied to E0/2 interface with inbound direction. The purpose of this access-list is to block traffic with source IP address of 172.16.200.0/24 so it will block all traffic sent from Server 1 to us.

QUESTION 579
Hotspot Question – DHCP
 
Users complain that they are unable to reach internet sites.
You are troubleshooting internet connectivity problem at main office.
Which statement correctly identifies the problem on Router R1?

A.    NAT configurations on the interfaces are incorrectly configured.
B.    NAT translation statement incorrectly configured.
C.    Interesting traffic for NAT ACL is incorrectly configured.
D.    Only static NAT translation configured from the server, missing Dynamic NAT or Dynamic NAT overloading for internal networks.

Answer: A
Explanation:
If all users cannot access internet then R1 is most likely to cause the problem so we should check it first. From the “show running-config” command we will see:
 
We notice that interface E0/0 (connected to ISP) has been configured as “nat inside” while interfaces E0/1 & E0/2 (connected to our company) have been configured as “nat outside”. This is not correct because “nat inside” should be configured with interfaces connected to our company while “nat outside” should be configured with interfaces connected to the internet. Therefore we can conclude the NAT configuration on these interfaces is not correct.

QUESTION 580
Hotspot Question – RIPv2 Troubleshooting
 
– Router R1 connects the main office to internet, and routers R2 and R3 are internal routers
– NAT is enabled on Router R1
– The routing protocol that is enabled between R1, R2 and R3 is RIPv2
– R1 sends default route into RIPv2 for internal routers to forward internet traffic to R1
– Server1 and Server 2 are placed in VLAN 100 and 200 respectively, and are still running on stick Configuration with router R2.
You have console access on R1, R2, R3 and L2SW1 devices.
Use only show commands to troubleshoot the issues.
Server1 and Server2 are unable to communicate with the rest of the network. Your initial check with system administrators shows that IP address settings are correctly configured on the server side. What could be an issue?

A.    The VLAN encapsulation is misconfigured on the router subinterfaces.
B.    The Router is missing subinterface configuration.
C.    The Trunk is not configured on the L2SW1 switch.
D.    The IP address is misconfigured on the primary router interface.

Answer: A
Explanation:
Check the configuration of the interface that is connected to Server1 and Server2 on R2 with “show running-config” command.
 
We see that subinterface E0/1.100 has been configured with VLAN 200 (via “encapsulation dot1Q 200” command) while Server1 belongs to VLAN 100. Therefore this configuration is not correct. It should be “encapsulation dot1Q 100” instead. The same thing for interface E0/1.200, it should be “encapsulation dot1Q 200” instead.

QUESTION 581
Hotspot Question – RIPv2 Troubleshooting
 
– Router R1 connects the main office to internet, and routers R2 and R3 are internal routers
– NAT is enabled on Router R1
– The routing protocol that is enabled between R1, R2 and R3 is RIPv2
– R1 sends default route into RIPv2 for internal routers to forward internet traffic to R1
– Server1 and Server 2 are placed in VLAN 100 and 200 respectively, and are still running on stick Configuration with router R2.
You have console access on R1, R2, R3 and L2SW1 devices.
Use only show commands to troubleshoot the issues.
Users in the main office complain that they are unable to reach internet sites.
You observe that internet traffic that is destined towards ISP router is not forwarded correctly on Router R1.
What could be an issue? Ping to Internet server shows the following results from R1:
 

A.    The next hop router address for the default route is incorrectly configured.
B.    Default route pointing to ISP router is not configured on Router R1.
C.    Default route pointing to ISP router is configured with AD of 225.
D.    Router R1 configured as DHCP client is not receiving default route via DHCP from ISP router.

Answer: B
Explanation:
When all the users cannot reach internet sites we should check on the router connecting to the ISP to see if it has a default route pointing to the ISP or not. Use the “show ip route” command on R1:
 
We cannot find a default route on R1 (something like this: S* 0.0.0.0/0 [1/0] via 209.165.201.2) so maybe R1 was not configured with a default route. We can check with the “show running-config” on R1:
 
We need a default route (like “ip route 0.0.0.0 0.0.0.0 209.165.201.2”) but we cannot find here so we can conclude R1 was not be configured with a default route pointing to the ISP router.

QUESTION 582
Hotspot Question – RIPv2 Troubleshooting
 
– Router R1 connects the main office to internet, and routers R2 and R3 are internal routers
– NAT is enabled on Router R1
– The routing protocol that is enabled between R1, R2 and R3 is RIPv2
– R1 sends default route into RIPv2 for internal routers to forward internet traffic to R1
– Server1 and Server 2 are placed in VLAN 100 and 200 respectively, and are still running on stick Configuration with router R2.
You have console access on R1, R2, R3 and L2SW1 devices.
Use only show commands to troubleshoot the issues.
Examine R2 configuration,the traffic that is destined to R3 LAN network sourced from Router R2 is forwarded to R1 instead R3. What could be an issue?
 

A.    RIPv2 enabled on R3, but R3 LAN network that is not advertised into RIPv2 domain.
B.    RIPv2 routing updates are suppressed between R2 and R3 using passive interface feature.
C.    RIPv2 not enabled on R3.
D.    No issue that is identified; this behavior is normal since default route propagated into RIPv2 domain by Router R1.

Answer: C
Explanation:
First we should check the routing table of R2 with the “show ip route” command.
 
In this table we cannot find the subnet “10.10.12.0/24” (R3 LAN network) so R2 will use the default route advertised from R1 (with the command “default-information originate” on R1) to reach unknown destination, in this case subnet 10.10.12.0/24 -> R2 will send traffic to 10.10.12.0/24 to R1.
Next we need to find out why R3 did not advertise this subnet to R2. A quick check with the “show running-config” on R3 we will see that R3 was not configured with RIP ( no “router rip” section). Therefore we can conclude RIPv2 was not enabled on R3.

QUESTION 583
Hotspot Question – RIPv2 Troubleshooting
 
– Router R1 connects the main office to internet, and routers R2 and R3 are internal routers
– NAT is enabled on Router R1
– The routing protocol that is enabled between R1, R2 and R3 is RIPv2
– R1 sends default route into RIPv2 for internal routers to forward internet traffic to R1
– Server1 and Server 2 are placed in VLAN 100 and 200 respectively, and are still running on stick Configuration with router R2.
You have console access on R1, R2, R3 and L2SW1 devices.
Use only show commands to troubleshoot the issues.
What is the correct statement below after examining the R1 routing table?

A.    Traffic that is destined to 10.10.10.0/24 from R1 LAN network uses static route instead RIPv2
Because the static route AD that is configured is less than the AD of RIPv2
B.    Traffic that is destined to 10.10.10.0/24 from R1 LAN network uses RIPv2 instead static route
Because the static route AD that is configured is higher than the AD of RIPv2
C.    Traffic that is destined to 10.10.10.0/24 from R1 LAN network uses static route instead RIPv2
But the traffic is forwarded to the ISP instead of the internal network.
D.    Traffic that is destined to 10.10.10.0/24 from R1 LAN network uses RIPv2 instead static route
Because the static route AD that is configured is 255

Answer: B
Explanation:
Surely we have to use the “show ip route” command to check the R1 routing table.
 
As we see here, 10.10.10/24 is learned from RIP. Notice that although there is a static route on R1 to this destination (you can check with the “show running-config” on R1 to see the line “ip route 10.10.10.0 255.255.255.0 172.16.14.2 200”), this static route is not installed to the routing table because it is not the best path because the Administrative Distance (AD) of this static route is 200 while the AD of RIP is 120 -> R1 chose the path with lowest AD so it chose path advertised via RIP.


!!!RECOMMEND!!!

1.Braindump2go|200-125 CCNA Exam Dumps (PDF and VCE) 583Q&As Download:
http://www.braindump2go.com/200-125.html
2.Braindump2go|200-125 Exam Questions and Answers:
https://1drv.ms/b/s!AvI7wzKf6QBjgQjXWW7jljWtKnLu