[2021-New] Cisco 200-125 Dumps With Update Exam Questions (3-12)

200-125 Dumps

200-125 Exam Questions - Online Test

200-125 Premium VCE File

Learn More 100% Pass Guarantee - Dumps Verified - Instant Download
150 Lectures, 20 Hours

P.S. 100% Guarantee 200-125 bundle are available on Google Drive, GET MORE: https://www.slideshare.net/reinigerodp/certleader-200-125examquestionsmaterials

New Cisco 200-125 Exam Dumps Collection (Question 3 - Question 12)

Question No: 3

Refer to the exhibit.

An attempt to deny web access to a subnet blocks all traffic from the subnet. Which interface command immediately removes the effect of ACL 102?

A. no ip access-class 102 in

B. no ip access-class 102 out

C. no ip access-group 102 in

D. no ip access-group 102 out

E. no ip access-list 102 in

Answer: D

Explanation:

The u201cip access-groupu201d is used to apply and ACL to an interface. From the output shown, we know that the ACL is applied to outbound traffic, so u201cno ip access-group 102 outu201d will remove the effect of this ACL.

Question No: 4

Scenario

Refer to the topology. Your company has connected the routers R1, R2, and R3 with serial links. R2 and R3 are connected to the switches SW1 and SW2, respectively. SW1 and SW2 are also connected to the routers R4 and R5.

The EIGRP routing protocol is configured.

You are required to troubleshoot and resolve the EIGRP issues between the various routers.

Use the appropriate show commands to troubleshoot the issues.

Router R6 does not form an EIGRP neighbor relationship correctly with router R1. What is the cause for this misconfiguration?

A. The K values mismatch.

B. The AS does not match.

C. The network command is missing.

D. The passive interface command is enabled.

Answer: C

Explanation:

The link from R1 to R6 is shown below:

As you can see, they are both using e0/0. The IP addresses are in the 192.168.16.0 network:

But when we look at the EIGRP configuration, the u201cnetwork 192.168.16.0u201d command is missing on R6.

Question No: 5

Which two commands correctly verify whether port security has been configured on port FastEthernet 0/12 on a switch? (Choose two.)

A. SW1#show port-secure interface FastEthernet 0/12

B. SW1#show switchport port-secure interface FastEthernet 0/12

C. SW1#show running-config

D. SW1#show port-security interface FastEthernet 0/12

E. SW1#show switchport port-security interface FastEthernet 0/12

Answer: C,D

Explanation:

We can verify whether port security has been configured by using the u201cshow running- configu201d or u201cshow port-security interfaceu201d for more detail. An example of the output of u201cshow port-security interfaceu201d command is shown below:

Question No: 6

An administrator is trying to ping and telnet from SwitchC to RouterC with the results shown below.

Click the console connected to RouterC and issue the appropriate commands to answer the questions.

What would be the effect of issuing the commandip access-group 115 inon the s0/0/1 interface?

A. No host could connect to RouterC through s0/0/1.

B. Telnet and ping would work but routing updates would fail.

C. FTP, FTP-DATA, echo, and www would work but telnet would fail.

D. Only traffic from the 10.4.4.0 network would pass through the interface.

Answer: A

Explanation:

First letu2021s see what was configured on interface S0/0/1:

Question No: 7

What are three approaches that are used when migrating from an IPv4 addressing scheme to an IPv6 scheme. (Choose three.)

A. enable dual-stack routing

B. configure IPv6 directly

C. configure IPv4 tunnels between IPv6 islands

D. use proxying and translation to translate IPv6 packets into IPv4 packets

E. statically map IPv4 addresses to IPv6 addresses

F. use DHCPv6 to map IPv4 addresses to IPv6 addresses

Answer: A,C,D

Explanation:

Several methods are used terms of migration including tunneling, translators, and dual stack. Tunnels are used to carry one protocol inside another, while translators simply translate IPv6 packets into IPv4 packets. Dual stack uses a combination of both native IPv4 and IPv6. With dual stack, devices are able to run IPv4 and IPv6 together and if IPv6 communication is possible that is the preferred protocol. Hosts can simultaneously reach IPv4 and IPv6 content.

Question No: 8

Which set of commands is recommended to prevent the use of a hub in the access layer?

A. switch(config-if)#switchport mode trunk switch(config-if)#switchport port-security maximum 1

B. switch(config-if)#switchport mode trunk

switch(config-if)#switchport port-security mac-address 1

C. switch(config-if)#switchport mode access switch(config-if)#switchport port-security maximum 1

D. switch(config-if)#switchport mode access switch(config-if)#switchport port-security mac-address 1

Answer: C

Explanation:

This question is to examine the layer 2 security configuration.

In order to satisfy the requirements of this question, you should perform the following

configurations in the interface mode:

First, configure the interface mode as the access mode

Second, enable the port security and set the maximum number of connections to 1.

Question No: 9

What are three factors a network administrator must consider before implementing Netflow in the network? (Choose three.)

A. CPU utilization

B. where Netflow data will be sent

C. number of devices exporting Netflow data

D. port availability

E. SNMP version

F. WAN encapsulation

Answer: A,B,C

Explanation:

NetFlow has a reputation for increasing CPU utilization on your network devices. Cisco's performance testing seems to indicate that newer hardware can accommodate this load pretty well, but you will still want to check it out before you turn on the feature. Some symptoms of high CPU utilization are very large jitter and increased delay. Services running on the device may also be affected.

Another thing to keep in mind is the amount of data you're going to be sending across the network. Depending on how much traffic you have and how you configure it, the traffic can be substantial. For example, you may not want to send NetFlow data from a datacenter switch to a NetFlow collector on the other side of a small WAN circuit. Also bear in mind that the flows from aggregating large numbers of devices can add up.

Reference: http://searchenterprisewan.techtarget.com/tip/How-the-NetFlow-protocol- monitors-your-WAN

Question No: 10

A network administrator is configuring ACLs on a Cisco router, to allow traffic from hosts on networks 192.168.146.0, 192.168.147.0, 192.168.148.0, and 192.168.149.0 only. Which two ACL statements, when combined, would you use to accomplish this task? (Choose two.)

A. access-list 10 permit ip 192.168.146.0 0.0.1.255

B. access-list 10 permit ip 192.168.147.0 0.0.255.255

C. access-list 10 permit ip 192.168.148.0 0.0.1.255

D. access-list 10 permit ip 192.168.149.0 0.0.255.255

E. access-list 10 permit ip 192.168.146.0 0.0.0.255

F. access-list 10 permit ip 192.168.146.0 255.255.255.0

Answer: A,C

Explanation:

u201caccess-list 10 permit ip 192.168.146.0 0.0.1.255u201d would allow only the 192.168.146.0 and

192.168.147.0 networks, and u201caccess-list 10 permit ip 192.168.148.0 0.0.1.255u201d would allow only the 192.168.148.0 and 192.168.149.0 networks.

Question No: 11

Which three features are added in SNMPv3 over SNMPv2?

A. Message Integrity

B. Compression

C. Authentication

D. Encryption

E. Error Detection

Answer: A,C,D

Explanation:

Cisco IOS software supports the following versions of SNMP:

+ SNMPv1 u2013 The Simple Network Management Protocol: A Full Internet Standard, defined

in RFC 1157. (RFC 1157 replaces the earlier versions that were published as RFC 1067 and RFC 1098.) Security is based on community strings.

+ SNMPv2c u2013 The community-string based Administrative Framework for SNMPv2. SNMPv2c (the u201ccu201d stands for u201ccommunityu201d) is an Experimental Internet Protocol defined in RFC 1901, RFC 1905, and RFC 1906. SNMPv2c is an update of the protocol operations and data types of SNMPv2p (SNMPv2 Classic), and uses the community-based security model of SNMPv1.

+ SNMPv3 u2013 Version 3 of SNMP. SNMPv3 is an interoperable standards-based protocol defined in RFCs 2273 to 2275. SNMPv3 provides secure access to devices by a combination of authenticating and encrypting packets over the network. The security features provided in SNMPv3 are as follows:

u2013 Message integrity: Ensuring that a packet has not been tampered with in transit.

u2013 Authentication: Determining that the message is from a valid source.

u2013 Encryption: Scrambling the contents of a packet prevent it from being learned by an unauthorized source.

Question No: 12

Refer to the exhibit.

A junior network administrator was given the task of configuring port security on SwitchA to allow only PC_A to access the switched network through port fa0/1. If any other device is

detected, the port is to drop frames from this device. The administrator configured the interface and tested it with successful pings from PC_A to RouterA, and then observes the output from these two show commands.

Which two of these changes are necessary for SwitchA to meet the requirements? (Choose two.)

A. Port security needs to be globally enabled.

B. Port security needs to be enabled on the interface.

C. Port security needs to be configured to shut down the interface in the event of a violation.

D. Port security needs to be configured to allow only one learned MAC address.

E. Port security interface counters need to be cleared before using the show command.

F. The port security configuration needs to be saved to NVRAM before it can become active.

Answer: B,D

Explanation:

From the output we can see that port security is disabled so this needs to be enabled. Also, the maximum number of devices is set to 2 so this needs to be just one if we want the single host to have access and nothing else.

100% Down to date Cisco 200-125 Questions & Answers shared by Dumpscollection, Get HERE: http://www.dumpscollection.net/dumps/200-125/ (New 890 Q&As)