web analytics

200-125 New Questions

  • [February 2018] 200-125 Exam Dumps Free Download In Lead2pass 100% 200-125 Exam Questions 929q

    Lead2pass 200-125 Exam Dumps New Updated By Cisco Official Exam Center:

    https://www.lead2pass.com/200-125.html

    QUESTION 21
    Which two protocols are used by bridges and/or switches to prevent loops in a layer 2 network? (Choose two.)

    A.    802.1d
    B.    VTP
    C.    802.1q
    D.    STP
    E.    SAP

    Answer: AD
    Explanation:
    This question is to examine the STP protocol.
    STP (802.1d) is used to prevent Layer 2 loops.
    802.1q is a Frame Relay protocol which belongs to VLAN.
    SAP is a concept of the OSI model.

    QUESTION 22
    Which switch would STP choose to become the root bridge in the selection process?

    A.    32768: 11-22-33-44-55-66
    B.    32768: 22-33-44-55-66-77
    C.    32769: 11-22-33-44-55-65
    D.    32769: 22-33-44-55-66-78

    Answer: A

    QUESTION 23
    A switch is configured with all ports assigned to vlan 2 with full duplex FastEthernet to segment existing departmental traffic. What is the effect of adding switch ports to a new VLAN on the switch?

    A.    More collision domains will be created.
    B.    IP address utilization will be more efficient.
    C.    More bandwidth will be required than was needed previously.
    D.    An additional broadcast domain will be created.

    Answer: D
    Explanation:
    Each VLAN creates its own broadcast domain. Since this is a full duplex switch, each port is a separate collision domain.

    QUESTION 24
    What are three benefits of implementing VLANs? (Choose three.)

    A.    A higher level of network security can be reached by separating sensitive data traffic from other
    network traffic.
    B.    A more efficient use of bandwidth can be achieved allowing many physical groups to use the same
    network infrastructure.
    C.    A more efficient use of bandwidth can be achieved allowing many logical networks to use the same
    network infrastructure.
    D.    Broadcast storms can be mitigated by increasing the number of broadcast domains, thus reducing
    their size.
    E.    Broadcast storms can be mitigated by decreasing the number of broadcast domains, thus increasing
    their size.
    F.    VLANs make it easier for IT staff to configure new logical groups, because the VLANs all belong to
    the same broadcast domain.
    G.    Port-based VLANs increase switch-port use efficiency, thanks to 802.1Q trunks.

    Answer: ACD
    Explanation:
    Benefits of VLANs
    VLAN is a network structure which allows users to communicate while in different locations by sharing one multicast domain and a single broadcast. They provide numerous networking benefits and have become popular in the market. For instance, it helps reduce administrative costs when users are geographically dispersed.
    1. Inexpensive
    The popularity of VLANs is due to the fact that changes, adds, and moves can be attained simply by making necessary configurations on the VLAN port. Time-consuming, re-addressing, and host reconfigurations is now a thing of the past, because network configuration can be made at ease when need arises.
    2. Better management
    A VLAN typically solve the scalability issues that exist in a large network by breaking the main domain into several VLAN groups or smaller broadcast configurations, thereby encourage better control of multicast traffic as well as broadcast domains.
    3. Improves network security
    High-security can be positioned in different VLAN groups to ensure that non-members cannot receive their broadcasts. On the other hand, a router is added and workgroups relocated into centralized locations.
    4. Enhances performance
    A more efficient use of bandwidth can be achieved allowing many logical networks to use the same network infrastructure.
    5. Segment multiple networks
    VLANs are typically used to achieve multiple purposes. They are popularly used to reduce broadcast traffic. Each VLAN creates a separate, smaller broadcast domain.
    6. Better administration
    VLANs facilitate grouping of multiple geographical stations. When VLAN users move to another physical location, the network does not have to be configured.

    QUESTION 25
    Which IEEE standard protocol is initiated as a result of successful DTP completion in a switch over Fast Ethernet?

    A.    802.3ad
    B.    802.1w
    C.    802.1D
    D.    802.1Q

    Answer: D
    Explanation:
    Dynamic Trunking Protocol (DTP) is a Cisco proprietary protocol for negotiating trunking on a link between two devices and for negotiating the type of trunking encapsulation (802.1Q) to be used.

    QUESTION 26
    Which of the following are benefits of VLANs? (Choose three.)

    A.    They increase the size of collision domains.
    B.    They allow logical grouping of users by function.
    C.    They can enhance network security.
    D.    They increase the size of broadcast domains while decreasing the number of collision domains.
    E.    They increase the number of broadcast domains while decreasing the size of the broadcast domains.
    F.    They simplify switch administration.

    Answer: BCE
    Explanation:
    When using VLAN the number and size of collision domains remain the same -> VLANs allow to group users by function, not by location or geography -> . VLANs help minimize the incorrect configuration of VLANs so it enhances the security of the network -> .
    VLAN increases the size of broadcast domains but does not decrease the number of collision domains ->
    VLANs increase the number of broadcast domains while decreasing the size of the broadcast domains which increase the utilization of the links. It is also a big advantage of VLAN -> . VLANs are useful but they are more complex and need more administration ->

    QUESTION 27
    Refer to the exhibit. A technician has installed SwitchB and needs to configure it for remote access from the management workstation connected to SwitchA . Which set of commands is required to accomplish this task?

    271

    A.    SwitchB(config)# interface FastEthernet 0/1
    SwitchB(config-if)# ip address 192.168.8.252 255.255.255.0
    SwitchB(config-if)# no shutdown
    B.    SwitchB(config)# interface vlan 1
    SwitchB(config-if)# ip address 192.168.8.252 255.255.255.0
    SwitchB(config-if)# ip default-gateway 192.168.8.254 255.255.255.0
    SwitchB(config-if)# no shutdown
    C.    SwitchB(config)# ip default-gateway 192.168.8.254
    SwitchB(config)# interface vlan 1
    SwitchB(config-if)# ip address 192.168.8.252 255.255.255.0
    SwitchB(config-if)# no shutdown
    D.    SwitchB(config)# ip default-network 192.168.8.254
    SwitchB(config)# interface vlan 1
    SwitchB(config-if)# ip address 192.168.8.252 255.255.255.0
    SwitchB(config-if)# no shutdown
    E.    SwitchB(config)# ip route 192.168.8.254 255.255.255.0
    SwitchB(config)# interface FastEthernet 0/1
    SwitchB(config-if)# ip address 192.168.8.252 255.255.255.0
    SwitchB(config-if)# no shutdown

    Answer: C
    Explanation:
    To remote access to SwitchB, it must have a management IP address on a VLAN on that switch. Traditionally, we often use VLAN 1 as the management VLAN (but in fact it is not secure). In the exhibit, we can recognize that the Management Workstation is in a different subnet from the SwitchB. For intersubnetwork communication to occur, you must configure at least one default gateway. This default gateway is used to forward traffic originating from the switch only, not to forward traffic sent by devices connected to the switch.

    QUESTION 28
    In an Ethernet network, under what two scenarios can devices transmit? (Choose two.)

    A.    when they receive a special token
    B.    when there is a carrier
    C.    when they detect no other devices are sending
    D.    when the medium is idle
    E.    when the server grants access

    Answer: CD
    Explanation:
    Ethernet network is a shared environment so all devices have the right to access to the medium. If more than one device transmits simultaneously, the signals collide and can not reach the destination.
    If a device detects another device is sending, it will wait for a specified amount of time before attempting to transmit.
    When there is no traffic detected, a device will transmit its message. While this transmission is occurring, the device continues to listen for traffic or collisions on the LAN. After the message is sent, the device returns to its default listening mode.

    QUESTION 29
    Which two states are the port states when RSTP has converged? (Choose two.)

    A.    discarding
    B.    listening
    C.    learning
    D.    forwarding
    E.    disabled

    Answer: AD
    Explanation:
    http://www.cisco.com/en/US/tech/tk389/tk621/technologies_white_paper09186a0080094cfa.shtml#states

    QUESTION 30
    Which two commands can be used to verify a trunk link configuration status on a given Cisco switch interface? (Choose two.)

    A.    show interface trunk
    B.    show interface interface
    C.    show ip interface brief
    D.    show interface vlan
    E.    show interface switchport

    Answer: AE

    200-125 dumps full version (PDF&VCE): https://www.lead2pass.com/200-125.html

    Large amount of free 200-125 exam questions on Google Drive: https://drive.google.com/open?id=0B3Syig5i8gpDM0s1aXlFTXBWdGM

    You may also need:

    100-105 exam dumps: https://drive.google.com/open?id=0B3Syig5i8gpDdDNkZEswTDRMaVE

    200-105 exam dumps: https://drive.google.com/open?id=0B3Syig5i8gpDX09LZEFNYnpfM2c

  • [Q1-Q10] Lead2pass Latest 200-125 Free Dumps Guarantee 200-125 Certification Exam 100% Success

    Lead2pass Latest 200-125 PDF Guarantee 100% Pass 200-125 Exam:

    https://www.lead2pass.com/200-125.html

    QUESTION 1
    Refer to the exhibit. What will Router1 do when it receives the data frame shown? (Choose three.)

    11

    A.    Router1 will strip off the source MAC address and replace it with the MAC address 0000.0c36.6965.
    B.    Router1 will strip off the source IP address and replace it with the IP address 192.168.40.1.
    C.    Router1 will strip off the destination MAC address and replace it with the MAC address 0000.0c07.4320.
    D.    Router1 will strip off the destination IP address and replace it with the IP address of 192.168.40.1.
    E.    Router1 will forward the data packet out interface FastEthernet0/1.
    F.    Router1 will forward the data packet out interface FastEthernet0/2.

    Answer: ACF
    Explanation:
    Remember, the source and destination MAC changes as each router hop along with the TTL being decremented but the source and destination IP address remain the same from source to destination.

    QUESTION 2
    Refer to the exhibit. Which three statements correctly describe Network Device A? (Choose three.)

    21

    A.    With a network wide mask of 255.255.255.128, each interface does not require an IP address.
    B.    With a network wide mask of 255.255.255.128, each interface does require an IP address on a
    unique IP subnet.
    C.    With a network wide mask of 255.255.255.0, must be a Layer 2 device for the PCs to communicate
    with each other.
    D.    With a network wide mask of 255.255.255.0, must be a Layer 3 device for the PCs to communicate
    with each other.
    E.    With a network wide mask of 255.255.254.0, each interface does not require an IP address.

    Answer: BDE
    Explanation:
    If Subnet Mask is 255.255.255.128 the hosts vary from x.x.x.0 – x.x.x.127 & x.x.x.128- x.x.x.255,so the IP Addresses of 2 hosts fall in different subnets so each interface needs an IP an address so that they can communicate each other.
    If Subnet Mask is 255.255.255.0 the 2 specified hosts fall in different subnets so they need a Layer 3 device to communicate.
    If Subnet Mask is 255.255.254.0 the 2 specified hosts are in same subnet so are in network address and can be accommodated in same Layer 2 domain and can communicate with each other directly using the Layer 2 address.

    QUESTION 3
    Which layer in the OSI reference model is responsible for determining the availability of the receiving program and checking to see if enough resources exist for that communication?

    A.    transport
    B.    network
    C.    presentation
    D.    session
    E.    application

    Answer: E
    Explanation:
    This question is to examine the OSI reference model. The Application layer is responsible for identifying and establishing the availability of the intended communication partner and determining whether sufficient resources for the intended communication exist.

    QUESTION 4
    Refer to the exhibit. Host A pings interface S0/0 on router 3. What is the TTL value for that ping?

    41

    A.    252
    B.    253
    C.    254
    D.    255

    Answer: B
    Explanation:
    From the CCNA ICND2 Exam book: “Routers decrement the TTL by 1 every time they forward a packet; if a router decrements the TTL to 0, it throws away the packet. This prevents packets from rotating forever.” I want to make it clear that before the router forwards a packet, the TTL is still remain the same. For example in the topology above, pings to S0/1 and S0/0 of Router 2 have the same TTL.

    QUESTION 5
    Which of the following describes the roles of devices in a WAN? (Choose three.)

    A.    A CSU/DSU terminates a digital local loop.
    B.    A modem terminates a digital local loop.
    C.    A CSU/DSU terminates an analog local loop.
    D.    A modem terminates an analog local loop.
    E.    A router is commonly considered a DTE device.
    F.    A router is commonly considered a DCE device.

    Answer: ADE

    QUESTION 6
    Refer to the exhibit. Refer to the exhibit. After HostA pings HostB, which entry will be in the ARP cache of HostA to support this transmission?

    61

    A.     62
    B.     63
    C.     64
    D.     65
    E.     66
    F.     67

    Answer: A
    Explanation:
    When a host needs to reach a device on another subnet, the ARP cache entry will be that of the Ethernet address of the local router (default gateway) for the physical MAC address. The destination IP address will not change, and will be that of the remote host (HostB).

    QUESTION 7
    A network administrator is verifying the configuration of a newly installed host by establishing an FTP connection to a remote server. What is the highest layer of the protocol stack that the network administrator is using for this operation?

    A.    application
    B.    presentation
    C.    session
    D.    transport
    E.    internet
    F.    data link

    Answer: A
    Explanation:
    FTP belongs to Application layer and it is also the highest layer of the OSI model.

    QUESTION 8
    A network interface port has collision detection and carrier sensing enabled on a shared twisted pair network. From this statement, what is known about the network interface port?

    A.    This is a 10 Mb/s switch port.
    B.    This is a 100 Mb/s switch port.
    C.    This is an Ethernet port operating at half duplex.
    D.    This is an Ethernet port operating at full duplex.
    E.    This is a port on a network interface card in a PC.

    Answer: C
    Explanation:
    Modern Ethernet networks built with switches and full-duplex connections no longer utilize CSMA/CD. CSMA/CD is only used in obsolete shared media Ethernet (which uses repeater or hub).

    QUESTION 9
    A receiving host computes the checksum on a frame and determines that the frame is damaged. The frame is then discarded. At which OSI layer did this happen?

    A.    session
    B.    transport
    C.    network
    D.    data link
    E.    physical

    Answer: D
    Explanation:
    The Data Link layer provides the physical transmission of the data and handles error notification, network topology, and flow control. The Data Link layer formats the message into pieces, each called a data frame, and adds a customized header containing the hardware destination and source address. Protocols Data Unit (PDU) on Datalink layer is called frame. According to this question the frame is damaged and discarded which will happen at the Data Link layer.

    QUESTION 10
    Which of the following correctly describe steps in the OSI data encapsulation process? (Choose two.)

    A.    The transport layer divides a data stream into segments and may add reliability and flow control information.
    B.    The data link layer adds physical source and destination addresses and an FCS to the segment.
    C.    Packets are created when the network layer encapsulates a frame with source and destination host
    addresses and protocol-related control information.
    D.    Packets are created when the network layer adds Layer 3 addresses and control information to a segment.
    E.    The presentation layer translates bits into voltages for transmission across the physical link.

    Answer: AD
    Explanation:
    The Application Layer (Layer 7) refers to communications services to applications and is the interface between the network and the application. Examples include. Telnet, HTTP, FTP, Internet browsers, NFS, SMTP gateways, SNMP, X.400 mail, and FTAM.
    The Presentation Layer (Layer 6) defining data formats, such as ASCII text, EBCDIC text, binary, BCD, and JPEG. Encryption also is defined as a presentation layer service. Examples include. JPEG, ASCII, EBCDIC, TIFF, GIF, PICT, encryption, MPEG, and MIDI.
    The Session Layer (Layer 5) defines how to start, control, and end communication sessions. This includes the control and management of multiple bidirectional messages so that the application can be notified if only some of a series of messages are completed. This allows the presentation layer to have a seamless view of an incoming stream of data. The presentation layer can be presented with data if all flows occur in some cases. Examples include. RPC, SQL, NFS, NetBios names, AppleTalk ASP, and DECnet SCP
    The Transport Layer (Layer 4) defines several functions, including the choice of protocols. The most important Layer 4 functions are error recovery and flow control. The transport layer may provide for retransmission, i.e., error recovery, and may use flow control to prevent unnecessary congestion by attempting to send data at a rate that the network can accommodate, or it might not, depending on the choice of protocols. Multiplexing of incoming data for different flows to applications on the same host is also performed. Reordering of the incoming data stream when packets arrive out of order is included. Examples include. TCP, UDP, and SPX.
    The Network Layer (Layer 3) defines end-to-end delivery of packets and defines logical addressing to accomplish this. It also defines how routing works and how routes are learned; and how to fragment a packet into smaller packets to accommodate media with smaller maximum transmission unit sizes. Examples include. IP, IPX, AppleTalk DDP, and ICMP. Both IP and IPX define logical addressing, routing, the learning of routing information, and end-to-end delivery rules. The IP and IPX protocols most closely match the OSI network layer (Layer 3) and are called Layer 3 protocols because their functions most closely match OSI’s Layer 3.
    The Data Link Layer (Layer 2) is concerned with getting data across one particular link or medium.
    The data link protocols define delivery across an individual link. These protocols are necessarily concerned with the type of media in use. Examples includE. IEEE 802.3/802.2, HDLC, Frame Relay, PPP, FDDI, ATM, and IEEE 802.5/802.2.

    200-125 dumps full version (PDF&VCE): https://www.lead2pass.com/200-125.html

    Large amount of free 200-125 exam questions on Google Drive: https://drive.google.com/open?id=0B3Syig5i8gpDM0s1aXlFTXBWdGM

    You may also need:

    100-105 exam dumps: https://drive.google.com/open?id=0B3Syig5i8gpDdDNkZEswTDRMaVE

    200-105 exam dumps: https://drive.google.com/open?id=0B3Syig5i8gpDX09LZEFNYnpfM2c

  • [Q386-Q395] Lead2pass 2017 New 200-125 Exam PDF Ensure 200-125 Certification Exam Pass 100%

    Lead2pass 2017 New 200-125 Exam PDF Ensure 200-125 Certification Exam Pass Successfully:

    https://www.lead2pass.com/200-125.html

    QUESTION 386
    In which situation would the use of a static route be appropriate?

    A.    To configure a route to the first Layer 3 device on the network segment.
    B.    To configure a route from an ISP router into a corporate network.
    C.    To configure a route when the administrative distance of the current routing protocol is too low.
    D.    To reach a network is more than 15 hops away.
    E.    To provide access to the Internet for enterprise hosts.

    (more…)

  • [2017-Dec-New] Cisco Exam 200-125 PDF Dump Free Download In Lead2pass (366-375)

    Today I passed the 200-125 exam, This 200-125 dump is valid exactly. Please read all of theory and then use this 200-125 dump.

    Following questions and answers are all new published by Cisco Official Exam Center: https://www.lead2pass.com/200-125.html

    QUESTION 366
    What are two benefits of using VTP in a switching environment? (Choose two.)

    A.    It allows switches to read frame tags.
    B.    It allows ports to be assigned to VLANs automatically.
    C.    It maintains VLAN consistency across a switched network.
    D.    It allows frames from multiple VLANs to use a single interface.
    E.    It allows VLAN information to be automatically propagated throughout the switching environment. (more…)

  • [2017-Dec-New] Cisco Exam 200-125 PDF Dump Free Download In Lead2pass (356-365)

    There is no need to hassle if you are stuck in the 200-125 exam difficulties, Lead2pass will assist you right through 200-125 exam with 200-125 PDF and VCE dumps. Lead2pass delivers the most comprehensive 200-125 exam dumps, covering each and every aspect of 200-125 exam curriculum. We ensure you 100% success in 200-125 exam.

    Following questions and answers are all new published by Cisco Official Exam Center: https://www.lead2pass.com/200-125.html

    QUESTION 356
    Which pairing reflects a correct protocol-and-metric relationship?

    A.    OSPF and mumber of hops and reliability
    B.    EIGRP and link cost
    C.    IS-IS and delay and reliability
    D.    RIPv2 and number of hops (more…)

  • [2017-Dec-New] Cisco Exam 200-125 PDF Dump Free Download In Lead2pass (346-355)

    200-125 easy pass study guide: Preparing for Cisco 200-125 exam is really a tough task to accomplish. However, Lead2pass delivers the most comprehensive 200-125 braindumps, covering each and every aspect of 200-125 exam curriculum.

    Following questions and answers are all new published by Cisco Official Exam Center: https://www.lead2pass.com/200-125.html


    QUESTION 346
    On a network of one department, there are four PCs connected to a switch, as shown in the following figure: After the Switch1 restarts. Host A ( the host on the left ) sends the first frame to Host C (the host on the right). What the first thing should the switch do?

    (more…)

  • [2017-Dec-New] CompTIA Exam 200-125 PDF Dump Free Download In Lead2pass (336-345)

    How to 100% pass 200-125 exam? Lead2pass provides the guaranteed 200-125 exam dumps to boost up your confidence in 200-125 exam. Successful candidates have provided their reviews about our 200-125 dumps. Now Lead2pass supplying the new version of 200-125 VCE and PDF dumps. We ensure our 200-125 exam questions are the most complete and authoritative compared with others’, which will ensure your 200-125 exam pass.

    Following questions and answers are all new published by Cisco Official Exam Center: https://www.lead2pass.com/200-125.html

    QUESTION 336
    The access control list shown in the graphic has been applied to the Ethernet interface of router R1 using the ip access-group 101 in command.
    Which of the following Telnet sessions will be blocked by this ACL? (Choose two.) (more…)

  • [2017-Dec-New] Cisco Exam 200-125 PDF Dump Free Download In Lead2pass (326-335)

    Are you struggling for the 200-125 exam? Good news, Lead2pass Cisco technical experts have collected all the questions and answers which are updated to cover the knowledge points and enhance candidates’ abilities. We offer the latest 200-125 PDF and VCE dumps with new version VCE player for free download, and the new 200-125 dump ensures your 200-125 exam 100% pass.

    Following questions and answers are all new published by Cisco Official Exam Center: https://www.lead2pass.com/200-125.html

    QUESTION 326
    Which additional configuration step is necessary in order to connect to an access point that has SSID broadcasting disabled?

    A.    Set the SSID value in the client software to public.
    B.    Configure open authentication on the AP and the client.
    C.    Set the SSID value on the client to the SSID configured on the AP.
    D.    Configured MAC address filtering to permit the client to connect to the AP. (more…)

  • [2017-08-15] Free Sharing Of Updated 200-125 VCE And PDF Dumps From Lead2pass (795-800)

    2017 August Cisco Official New Released 200-125 Dumps in Lead2pass.com!

    100% Free Download! 100% Pass Guaranteed!

    We are all well aware that a major problem in the IT industry is that there is a lack of quality study materials. Our exam preparation material provides you everything you will need to take a certification examination. Our Cisco 200-125 Exam will provide you with exam questions with verified answers that reflect the actual exam. These questions and answers provide you with the experience of taking the actual test. High quality and value for the 200-125 Exam. 100% guarantee to pass your Cisco 200-125 exam and get your Cisco certification.

    Following questions and answers are all new published by Cisco Official Exam Center: https://www.lead2pass.com/200-125.html

    QUESTION 795
    While troubleshooting a connection problem on a computer,you determined that the computer can ping a specific web server but it
    cannot connect to TCP port 80 on that server.Which reason for the problem is most likely ture?

    A.    A VLAN number is incorrect
    B.    An ARP table entry is missing
    C.    A route is missing
    D.    An ACL is blocking the TCP port

    (more…)

  • [2017 New] Free Lead2pass Cisco 200-125 VCE And PDF Instant Download (301-325)

    2017 July Cisco Official New Released 200-125 Dumps in Lead2pass.com!

    100% Free Download! 100% Pass Guaranteed!

    Lead2pass 200-125 braindumps including the exam questions and the answer, completed by our senior IT lecturers and the Cisco product experts, include the current newest 200-125 exam questions.

    Following questions and answers are all new published by Cisco Official Exam Center: https://www.lead2pass.com/200-125.html

    QUESTION 301
    Syslog was configured with a level 3 trap. Which 4 types of logs would be generated (choose four)

    A.    Emergencies
    B.    Alerts
    C.    Critical
    D.    Errors
    E.    Warnings

    (more…)

  • [2017 New] Free Lead2pass Cisco 200-125 VCE And PDF Instant Download (276-300)

    2017 July Cisco Official New Released 200-125 Dumps in Lead2pass.com!

    100% Free Download! 100% Pass Guaranteed!

    Cisco New Released Exam 200-125 exam questions are now can be download from Lead2pass! All questions and answers are the latest! 100% exam pass guarantee! Get this IT exam certification in a short time!

    Following questions and answers are all new published by Cisco Official Exam Center: https://www.lead2pass.com/200-125.html

    QUESTION 276
    What are three components that comprise the SNMP framework? (Choose three.)

    A.    MIB
    B.    agent
    C.    set
    D.    AES
    E.    supervisor
    F.    manager

    (more…)

  • [2017 New] Try Lead2pass Latest Cisco 200-125 Dumps To Pass The Exam Successfully (251-275)

    2017 June Cisco Official New Released 200-125 Dumps in Lead2pass.com!

    100% Free Download! 100% Pass Guaranteed!

    200-125 dumps free share: Lead2pass presents the highest quality of 200-125 exam dump which helps candidates to pass the 200-125 exams in the first attempt.

    Following questions and answers are all new published by Cisco Official Exam Center: http://www.lead2pass.com/200-125.html

    QUESTION 251
    Drag and Drop Question

    Answer:

    QUESTION 252
    Lab Simulation Question – ACL-1
    A network associate is adding security to the configuration of the Corp1 router. The user on host C should be able to use a web browser to access financial information from the Finance Web Server. No other hosts from the LAN nor the Core should be able to use a web browser to access this server. Since there are multiple resources for the corporation at this location including other resources on the Finance Web Server, all other traffic should be allowed.
    The task is to create and apply an access-list with no more than three statements that will allow ONLY host C web access to the Finance Web Server. No other hosts will have web access to the Finance Web Server. All other traffic is permitted.
    Access to the router CLI can be gained by clicking on the appropriate host.

    All passwords have been temporarily set to “cisco”.
    The Core connection uses an IP address of 198.18.196.65
    The computers in the Hosts LAN have been assigned addresses of 192.168.33.1 – 192.168.33.254
    Host A 192.168.33.1
    Host B 192.168.33.2
    Host C 192.168.33.3
    Host D 192.168.33.4
    The servers in the Server LAN have been assigned addresses of 172.22.242.17 – 172.22.242.30 The Finance Web Server is assigned an IP address of 172.22.242.23.

    Answer:
    Corp1>enable
    Password: cisco

    We should create an access-list and apply it to the interface which is connected to the Servers LAN interface, because it can filter out traffic from both Sw-Hosts and Core networks. The Server LAN network has been assigned addresses of 172.22.242.17 – 172.22.242.30 so we can guess the interface connected to them has an IP address of 172.22.242.30 (.30 is the number shown in the figure). Use the “show ip interface brief” command to check which interface has the IP address of 172.22.242.30.

    Corp1#show ip interface brief
    Interface        IP-Address      OK? Method Status Protocol
    FastEthernet0/0  192.168.33.254  YES manual up     up
    FastEthernet0/1  172.22.242.30   YES manual up     up
    Serial0/0        198.18.196.65   YES manual up     up

    We learn that interface FastEthernet0/1 is the interface connected to Server LAN network. It is the interface we will apply our access-list (for outbound direction).
    Corp1#configure terminal

    Our access-list needs to allow host C – 192.168.33.3 to the Finance Web Server 172.22.242.23 via web (port 80)
    Corp1(config)#access-list 100 permit tcp host 192.168.33.3 host 172.22.242.23 eq 80

    Deny other hosts access to the Finance Web Server via web
    Corp1(config)#access-list 100 deny tcp any host 172.22.242.23 eq 80

    All other traffic is permitted
    Corp1(config)#access-list 100 permit ip any any
    Apply this access-list to Fa0/1 interface (outbound direction)

    Corp1(config)#interface fa0/1
    Corp1(config-if)#ip access-group 100 out

    Notice: We have to apply the access-list to Fa0/1 interface (not Fa0/0 interface) so that the access-list can filter traffic coming from both the LAN and the Core networks. If we apply access list to the inbound interface we can only filter traffic from the LAN network.
    In the real exam, just click on host C and open its web browser. In the address box type http://172.22.242.23 to check if you are allowed to access Finance Web Server or not. If your configuration is correct then you can access it.
    Click on other hosts (A, B and D) and check to make sure you can’t access Finance Web Server from these hosts.
    Finally, save the configuration

    Corp1(config-if)#end
    Corp1#copy running-config startup-config

    This configuration only prevents hosts from accessing Finance Web Server via web but if this server supports other traffic – like FTP, SMTP… then other hosts can access it, too.
    Notice: In the real exam, you might be asked to allow other host (A, B or D) to access the Finance Web Server so please read the requirement carefully.

    Modification #1
    A network associate is adding security to the configuration of the Corp router. The user on host B should be able to access the Finance Web Server. Host B should be denied to access other server on S1-SRVS network. Since there are multiple resources for the corporation at this location including other resources on the Finance Web Server, all other traffic should be allowed.
    The task is to create and apply a numbered access-list with no more than three statements that will allow ONLY host B access to the Finance Web Server. Deny host B from accessing the other servers. All other traffic is permitted.

    access-list 100 permit ip host 192.168.33.2 host 172.22.242.23
    access-list 100 deny ip host 192.168.33.2 172.22.242.16 0.0.0.15
    access-list 100 permit ip any any

    Modification #2
    A network associate is adding security to the configuration of the Corp1 router. The user on host C should be able to access the Finance Web Server. No other hosts from the LAN nor the Core should be able access this server. All other traffic should be allowed.
    The task is to create and apply a numbered access-list with no more than three statements that will allow ONLY host C access the Finance Web Server. No other hosts will have access to the Finance Web Server. All other traffic is permitted.

    access-list 100 permit ip host 192.168.33.3 host 172.22.242.23
    access-list 100 deny ip any host 172.22.242.23
    access-list 100 permit ip any any

    Modification #3
    A network associate is adding security to the configuration of the Corp1 router. The user on host C should be able to use a web browser to access financial information from the Finance Web Server. Other access from host C to Finance Web Server should be denied. No other hosts from the LAN nor the Core should be able to access the Finance Web Server. All other traffic should be allowed.
    The task is to create and apply a numbered access-list with no more than three statements that will allow ONLY host C web access to the Finance Web Server. Also host C should be denied to access any other services of Finance Web Server. No other hosts will access to the Finance Web Server. All other traffic is permitted.
    access-list 100 permit tcp host 192.168.33.3 host 172.22.242.23 eq 80
    access-list 100 deny ip any host 172.22.242.23
    access-list 100 permit ip any any

    Modification #4
    A network associate is adding security to the configuration of the Corp1 router. The user on host D should be able to use a web browser to access financial information from the Finance Web Server. Other access from host C to Finance Web Server should be denied. No other hosts from the LAN nor the Core should be able to access the Finance Web Server. All hosts from the LAN nor the Core should able to access public web server.

    The task is to create and apply a numbered access-list with no more than three statements that will allow ONLY host D should be able to use a web browser(HTTP)to access the Finance Web Server. Other types of access from host D to the Finance Web Server should be blocked. All access from hosts in the Core or local LAN to the Finance Web Server should be blocked. All hosts in the Core and local LAN should be able to access the Public Web Server.

    access-list 100 permit tcp host 192.168.33.3 host 172.22.242.23 eq 80
    access-list 100 deny ip any host 172.22.242.23
    access-list 100 permit ip any any

    QUESTION 253
    Drag and Drop Question

    Answer:

    QUESTION 254
    Drag and Drop Question

    Answer:

    QUESTION 255
    Drag and Drop Question

    Answer:

    QUESTION 256
    Hotspot Question

    Which will fix the issue and allow ONLY ping to work while keeping telnet disabled?

    A.    Correctly assign an IP address to interface fa0/1.
    B.    Change the ip access-group command on fa0/0 from “in* to “our.
    C.    Remove access-group 106 in from interface fa0/0 and add access-group 115 in.
    D.    Remove access-group 102 out from interface s0/0/0 and add access-group 114 in
    E.    Remove access-group 106 in from interface fa0/0 and add access-group 104 in.

    Answer: E
    Explanation:
    Let’s have a look at the access list 104:

    The question does not ask about ftp traffic so we don’t care about the two first lines. The 3rd line denies all telnet traffic and the 4th line allows icmp traffic to be sent (ping). Remember that the access list 104 is applied on the inbound direction so the 5th line “access-list 104 deny icmp any any echo-reply” will not affect our icmp traffic because the “echo-reply” message will be sent over the outbound direction.

    QUESTION 257
    Hotspot Question

    What would be the effect of issuing the command ip access-group 114 in to the fa0/0 interface?

    A.    Attempts to telnet to the router would fail.
    B.    It would allow all traffic from the 10.4.4.0 network.
    C.    IP traffic would be passed through the interface but TCP and UDP traffic would not.
    D.    Routing protocol updates for the 10.4.4.0 network would not be accepted from the fa0/0 interface.

    Answer: B
    Explanation:
    From the output of access-list 114: access-list 114 permit ip 10.4.4.0 0.0.0.255 any we can easily understand that this access list allows all traffic (ip) from 10.4.4.0/24 network

    QUESTION 258
    Hotspot Question

    What would be the effect of Issuing the command ip access-group 115 in on the s0/0/1 interface?

    A.    No host could connect to RouterC through s0/0/1.
    B.    Telnet and ping would work but routing updates would fail.
    C.    FTP, FTP-DATA, echo, and www would work but telnet would fail.
    D.    Only traffic from the 10.4.4.0 network would pass through the interface.

    Answer: A
    Explanation:
    First let’s see what was configured on interface S0/0/1:

    QUESTION 259
    Refer to the exhibit. Based on the information given, which switch will be elected root bridge and why?

    A.    Switch A, because it has the lowest MAC address
    B.    Switch A, because it is the most centrally located switch
    C.    Switch B, because it has the highest MAC address
    D.    Switch C, because it is the most centrally located switch
    E.    Switch C, because it has the lowest priority
    F.    Switch D, because it has the highest priority

    Answer: E

    QUESTION 260
    Lab Simulation Question – EIGRP

    Answer:
    First we should check the configuration of the ENG Router.
    Click the console PC “F” and enter the following commands.

    ENG> enable
    Password: cisco
    ENG# show running-config
    Building configuration…
    Current configuration : 770 bytes
    !
    version 12.2
    no service timestamps log datetime msec
    no service timestamps debug datetime msec
    no service password-encryption
    !
    hostname ENG
    !
    enable secret 5 $1$mERr$hx5rVt7rPNoS4wqbXKX7m0
    !
    interface FastEthernet0/0
    ip address 192.168.77.34 255.255.255.252
    duplex auto
    speed auto
    !
    interface FastEthernet0/1
    ip address 192.168.60.65 255.255.255.240
    duplex auto
    speed auto
    !
    interface FastEthernet1/0
    ip address 192.168.60.81 255.255.255.240
    duplex auto
    speed auto
    !
    router eigrp 22
    network 192.168.77.0
    network 192.168.60.0
    no auto-summary
    !
    ip classless
    !
    line con 0
    line vty 0 4
    login
    !
    end
    ENG#
    From the output above, we know that this router was wrongly configured with an autonomous number (AS) of 22. When the AS numbers among routers are mismatched, no adjacency is formed.
    (You should check the AS numbers on other routers for sure)
    To solve this problem, we simply re-configure router ENG router with the following commands:

    ENG# conf t
    ENG(config)# no router eigrp 22
    ENG(config)# router eigrp 12
    ENG(config-router)# network 192.168.60.0
    ENG(config-router)# network 192.168.77.0
    ENG(config-router)# no auto-summary
    ENG(config-router)# end
    ENG# copy running-config startup-config

    Second we should check the configuration of the MGT Router.
    Click the console PC “G” and enter the following commands.

    MGT> enable
    Password: cisco
    MGT# show running-config
    Building configuration…
    Current configuration : 1029 bytes
    !
    version 12.2
    no service timestamps log datetime msec
    no service timestamps debug datetime msec
    no service password-encryption
    !
    hostname MGT
    !
    enable secret 5 $1$mERr$hx5rVt7rPNoS4wqbXKX7m0
    !
    interface FastEthernet0/0
    ip address 192.168.77.33 255.255.255.252
    duplex auto
    speed auto
    !
    interface Serial0/0
    ip address 192.168.36.13 255.255.255.252
    clock rate 64000
    !
    interface Serial0/1
    ip address 192.168.60.25 255.255.255.252
    clock rate 64000
    !
    interface Serial1/0
    ip address 198.0.18.6 255.255.255.252
    !
    interface Serial1/1
    no ip address
    shutdown
    !
    interface Serial1/2
    no ip address
    shutdown
    !
    interface Serial1/3
    no ip address
    shutdown
    !
    router eigrp 12
    network 192.168.36.0
    network 192.168.60.0
    network 192.168.85.0
    network 198.0.18.0
    no auto-summary
    !
    ip classless
    ip route 0.0.0.0 0.0.0.0 198.0.18.5
    !
    line con 0
    line vty 0 4
    login
    !
    end
    MGT#

    Notice that it is missing a definition to the network ENG. Therefore we have to add it so that it can recognize ENG router

    MGT# conf t
    MGT(config)# router eigrp 12
    MGT(config-router)# network 192.168.77.0
    MGT(config-router)# end
    MGT# copy running-config startup-config

    Now the whole network will work well. You should check again with ping command from router ENG to other routers!

    In Short:

    ENG Router
    ENG>enable
    Password: cisco ENG# conf t
    ENG(config)# no router eigrp 22
    ENG(config)# router eigrp 12
    ENG(config-router)# network 192.168.60.0
    ENG(config-router)# network 192.168.77.0
    ENG(config-router)# no auto-summary
    ENG(config-router)# end
    ENG# copy running-config startup-config

    MGT Router
    MGT>enable
    Password: cisco MGT# conf t
    MGT(config)# router eigrp 12
    MGT(config-router)# network 192.168.77.0
    MGT(config-router)# end
    MGT# copy running-config startup-config

    Some Modification in Question
    After adding ENG router, no routing updates are being exchanged between MGT and the new location. All other inter connectivity for the existing locations of the company are working properly. But Internet connection for existing location including Remote1 and Remote2 networks are not working.
    Faults Identified:
    1. Incorrect Autonomous System Number configured in ENG router.
    2. MGT router does not advertise route to the new router ENG.
    3. Internet Connection is not working all stations.
    We need to correct the above two configuration mistakes to have full connectivity

    Steps:
    1. ENG Router: Change the Autonomous System Number of ENG
    2. Perimiter Router: Add the network address of interface of Permiter that link between MGT and ENG.
    3. Perimiter Router: Add default route and default-network.

    Check the IP Address of S1/0 interface of MGT Router using show running-config command. (The interfaced used to connect to the ISP)
    !
    interface Serial1/0
    ip address 198.0.18.6 255.255.255.252
    !

    For Internet sharing we have create a default route, and add default-network configuration. The IP address is 198.0.18.6/30. Then the next hop IP will be 198.0.18.5.

    ENG Router
    ENG>enable
    Password: cisco ENG# conf t
    ENG(config)# no router eigrp 22
    ENG(config)# router eigrp 12
    ENG(config-router)# network 192.168.60.0
    ENG(config-router)# network 192.168.77.0
    ENG(config-router)# no auto-summary
    ENG(config-router)# end
    ENG# copy running-config startup-config

    MGT Router
    MGT>enable
    Password: cisco MGT# conf t
    MGT(config)# router eigrp 12
    MGT(config-router)# network 192.168.77.0
    MGT(config-router)# exit

    MGT(config)# ip route 0.0.0.0 0.0.0.0 198.0.18.5
    MGT(config)# ip default-network 198.0.18.0
    MGT(config)# exit
    MGT# copy running-config startup-config

    Important:
    If you refer the topology and IP chart, the MGT router uses Fa0/0 to connect ENG router, S0/0 used to connect Remote1, and S0/1 used to connect Remote2.

    Refer to the command show running-config, the command #PASSIVE-INTERFACE <Interface Name> will deny EIGRP updates to specified interface. In that case we need to use #no passive-interface <Interface Name> to allow the routing updates to be passed to that interface. For example when used the #show run command and we see the output like below.
    !
    router eigrp 22
    network 192.168.77.0
    network 192.168.60.0
    passive-interface FastEthernet 0/0
    passive-interface Serial 1/0
    no auto-summary
    !

    Then the command would be

    MGT(config)#router eigrp 12
    MGT(config-router)#no passive-interface Fa0/0
    MGT(config-router)#end

    Also MGT router connect to the ISP router using Serial 1/0. If you seen passive-interface s1/0, then do not remove it using #no passive-interface s1/0 command.

    QUESTION 261
    Lab Simulation Question – CLI
    Central Florida Widgets recently installed a new router in their office. Complete the network installation by performing the initial router configurations and configuring R1PV2 routing using the router command line interface (CLI) on the RC.
    Configure the router per the following requirements:

    – Name of the router is R2
    – Enable.secret password is cisco
    – The password to access user EXEC mode using the console is cisco2
    – The password to allow telnet access to the router is cisco3

    IPV4 addresses mast be configured as follows:

    – Ethernet network 209.165.201.0/27 – router has fourth assignable host address in subnet
    – Serial network is 192.0.2.176/28 – router has last assignable host address in the subnet.
    – Interfaces should be enabled.
    – Router protocol is RIPV2

    Attention:
    In practical examinations, please note the following, the actual information will prevail.

    1. Name or the router is xxx
    2. EnablE. secret password is xxx
    3. Password In access user EXEC mode using the console is xxx
    4. The password to allow telnet access to the router is xxx
    5. IP information

    Answer:
    Step 1:
    Click on the console host, you will get a pop-up screen CLI of Router.

    Router>

    Configure the new router as per the requirements provided in Lab question
    Requirement 1:
    Name of the router is R2

    Step 2:
    To change the hostname of the router to R2 follow the below steps:

    Router>
    Router>enable
    Router#configure terminal
    Router(config)#hostname R2
    R2(config)#

    Requirement 2:
    Enable-secret password is cisco1

    Step 3:
    To set the enable secret password to cisco1 use the following command

    R2(config)#enable secret cisco1

    Requirement 3:
    The password to access user EXEC mode using the console is cisco2

    Step 4:
    We need to configure the line console 0 with the password cisco2
    Also remember to type login command after setting up the password on line con 0 which allows router to accept logins via console.

    R2(config)#line con 0
    R2(config-line)#password cisco2
    R2(config-line)#login
    R2(config-line)#exit
    R2(config)#

    Requirement 4:
    The password to allow telnet access to the router is cisco3

    Step 5:
    To allow telnet access we need to configure the vty lines 0 4 with the password cisco3
    Also remember to type login command after setting up the password on line vty 0 4 which allows router to accept logins via telnet.

    R2(config)#line vty 0 4
    R2(config-line)#password cisco3
    R2(config-line)#login
    R2(config-line)#exit
    R2(config)#

    Requirement 5:
    (5.1) Ethernet network 209.165.201.0 /27 – Router has the fourth assignable host address in subnet.
    (5.2) Serial Network is 192.0.2.176 /28 – Router has the last assignable host address in subnet.

    Step 6:
    Ethernet network 209.165.201.0 /27 – Router has the fourth assignable host address in subnet.
    Ethernet Interface on router R2 is Fast Ethernet 0/0 as per the exhibit
    First we need to identify the subnet mask
    Network: 209.165.201.0 /27
    Subnet mask: /27: 27 bits = 8 + 8 + 8 + 3
    =8(bits).8(bits).8(bits) .11100000 (3bits)
    =255.255.255.11100000
    =11100000 = 128+64+32+0+0+0+0+0
    = 224
    Subnet mask: 255.255.255.224
    Different subnet networks and there valid first and last assignable host address range for above subnet mask are
    Subnet Networks :::::: Valid Host address range :::::: Broadcast address
    209.165.201.0 :::::: 209.165.201.1 – 209.165.201.30 ::::: 209.165.201.31
    209.165.201.32 :::::: 209.165.201.33 – 209.165.201.62 ::::: 209.165.201.63
    209.165.201.64 :::::: 209.165.201.65 – 209.165.201.94 :::::: 209.165.201.95
    209.165.201.96 :::::: 209.165.201.97 – 209.165.201.126 :::::: 209.165.201.127
    209.165.201.128 :::::: 209.165.201.129 – 209.165.201.158 :::::: 209.165.201.159
    209.165.201.160 :::::: 209.165.201.161 – 209.165.201.190 :::::: 209.165.201.191
    209.165.201.192 :::::: 209.165.201.193 – 209.165.201.222 :::::: 209.165.201.223
    209.165.201.224 :::::: 209.165.201.225 – 209.165.201.254 :::::: 209.165.201.255
    Use above table information for network 209.165.201.0 /27 to identify
    First assignable host address: 209.165.201.1
    Last assignable host address: 209.165.201.30
    Fourth assignable host address: 209.165.201.4
    This IP address (209.165.201.4) which we need to configure on Fast Ethernet 0/0 of the router using the subnet mask 255.255.255.224

    R2(config)#interface fa 0/0
    R2(config-if)#ip address 209.165.201.4 255.255.255.224

    Requirement 6:
    To enable interfaces
    Use no shutdown command to enable interfaces

    R2(config-if)#no shutdown
    R2(config-if)#exit

    Step 7:
    Serial Network is 192.0.2.176 /28 – Router has the last assignable host address in subnet.
    Serial Interface on R2 is Serial 0/0/0 as per the exhibit
    First we need to identify the subnet mask
    Network: 192.0.2.176 /28
    Subnet mask: /28: 28bits = 8bits+8bits+8bits+4bits
    =8(bits).8(bits).8(bits) .11110000 (4bits)
    =255.255.255.11100000
    =11100000 = 128+64+32+16+0+0+0+0
    = 240
    Subnet mask: 255.255.255.240
    Different subnet networks and there valid first and last assignable host address range for above subnet mask are
    Subnet  Networks ::::: Valid Host address ::::::::::: Broadcast address
    192.0.2.0 :::::: 192.0.2.1 – 192.0.2.14 ::::::: 192.0.2.15
    192.0.2.16 ::::::: 192.0.2.17 – 192.0.2.30 ::::::: 192.0.2.31
    192.0.2.32 :::::::: 192.0.2.33 – 192.0.2.46 :::::: 192.0.2.47
    192.0.2.48 :::::: 192.0.2.49 – 192.0.2.62 ::::::: 192.0.2.64
    192.0.2.64 ::::::: 192.0.2.65 – 192.0.2.78 ::::::: 192.0.2.79
    192.0.2.80 :::::::: 192.0.2.81 – 192.0.2.94 :::::: 192.0.2.95
    192.0.2.96 :::::: 192.0.2.97 – 192.0.2.110 ::::::: 192.0.2.111
    192.0.2.112 ::::::: 192.0.2.113 – 192.0.2.126 ::::::: 192.0.2.127
    192.0.2.128 :::::::: 192.0.2.129 – 192.0.2.142 :::::: 192.0.2.143
    192.0.2.144 :::::: 192.0.2.145 – 192.0.2.158 ::::::: 192.0.2.159
    192.0.2.160 ::::::: 192.0.2.161 – 192.0.2.174 ::::::: 192.0.2.175
    192.0.2.176 :::::::: 192.0.2.177 – 192.0.2.190 :::::: 192.0.2.191
    and so on ….
    Use above table information for network 192.0.2.176 /28 to identify
    First assignable host address: 192.0.2.177
    Last assignable host address: 192.0.2.190
    We need to configure Last assignable host address (192.0.2.190) on serial 0/0/0 using the subnet mask 255.255.255.240

    R2(config)#interface serial 0/0/0
    R2(config-if)#ip address 192.0.2.190 255.255.255.240

    Requirement 6:
    To enable interfaces
    Use no shutdown command to enable interfaces

    R2(config-if)#no shutdown
    R2(config-if)#exit

    Requirement 7:
    Router protocol is RIPv2

    Step 8:
    Need to enable RIPv2 on router and advertise its directly connected networks

    R2(config)#router rip

    To enable RIP v2 routing protocol on router use the command version 2

    R2(config-router)#version 2

    Optional: no auto-summary (Since LAB networks do not have discontinuous networks)
    RIP v2 is classless, and advertises routes including subnet masks, but it summarizes routes by default.
    So the first things we need to do when configuring RIP v2 is turn off auto-summarization with the router command no auto-summary if you must perform routing between disconnected subnets.

    R2 (config-router) # no auto-summary

    Advertise the serial 0/0/0 and fast Ethernet 0/0 networks into RIP v2 using network command

    R2(config-router)#network 192.0.2.176
    R2(config-router)#network 209.165.201.0
    R2(config-router)#end

    Step 9:
    Important please do not forget to save your running-config to startup-config

    R2# copy running-config startup-config

    QUESTION 262
    Lab Simulation Question – ACL-4

    Answer:

    Corp1>enable
    Corp1#configure terminal
    Corp1(config)#access-list 100 permit tcp host 192.168.33.3 host 172.22.242.23 eq 80
    Corp1(config)#access-list 100 deny tcp any host 172.22.242.23 eq 80
    Corp1(config)#access-list 100 permit ip any any
    Corp1(config)#interface fa 0/1 sh ip int brief
    Corp1(config-if)#ip access-group 100 out
    Corp1(config-if)#end
    Corp1#copy running-config startup-config

    Explanation:

    Select the console on Corp1 router
    Configuring ACL

    Corp1>enable
    Corp1#configure terminal

    Comment: To permit only Host C (192.168.33.3){source addr} to access finance server address (172.22.242.23) {destination addr} on port number 80 (web)

    Corp1(config)#access-list 100 permit tcp host 192.168.33.3 host 172.22.242.23 eq 80
    Comment: To deny any source to access finance server address (172.22.242.23) {destination addr} on port number 80 (web)

    Corp1(config)#access-list 100 deny tcp any host 172.22.242.23 eq 80

    Comment: To permit ip protocol from any source to access any destination because of the implicit deny any any statement at the end of ACL.

    Corp1(config)#access-list 100 permit ip any any

    Applying the ACL on the Interface
    Comment: Check show ip interface brief command to identify the interface type and number by checking the IP address configured.

    Corp1(config)#interface fa 0/1

    If the ip address configured already is incorrect as well as the subnet mask. this should be corrected in order ACL to work type this commands at interface mode :
    no ip address 192.x.x.x 255.x.x.x (removes incorrect configured ipaddress and subnet mask) Configure Correct IP Address and subnet mask:
    ip address 172.22.242.30 255.255.255.240 ( range of address specified going to server is given as 172.22.242.17 – 172.22.242.30 )
    Comment: Place the ACL to check for packets going outside the interface towards the finance web server.

    Corp1(config-if)#ip access-group 100 out
    Corp1(config-if)#end

    Important: To save your running config to startup before exit.

    Corp1#copy running-config startup-config

    Verifying the Configuration:
    Step1: show ip interface brief command identifies the interface on which to apply access list. Step2: Click on each host A,B,C & D . Host opens a web browser page , Select address box of the web browser and type the ip address of finance web server(172.22.242.23) to test whether it permits /deny access to the finance web Server .
    Step 3: Only Host C (192.168.33.3) has access to the server . If the other host can also access then maybe something went wrong in your configuration . check whether you configured correctly and in order.
    Step 4: If only Host C (192.168.33.3) can access the Finance Web Server you can click on NEXT button to successfully submit the ACL SIM.

    QUESTION 263
    Lab Simulation Question – ACL-2

    Answer:

    Corp1#conf t
    Corp1(config)# access-list 128 permit tcp host 192.168.240.1 host 172.22.141.26 eq www Corp1(config)# access-list 128 deny tcp any host 172.22.141.26 eq www
    Corp1(config)# access-list 128 permit ip any any
    Corp1(config)#int fa0/1
    Corp1(config-if)#ip access-group 128 out
    Corp1(config-if)#end
    Corp1#copy run startup-config

    QUESTION 264
    Lab Simulation Question – ACL-3

    Answer:

    Corp1>enable
    Corp1#configure terminal
    Corp1(config)#access-list 100 permit tcp host 192.168.33.3 host 172.22.242.23 eq 80
    Corp1(config)#access-list 100 deny tcp 192.168.33.0 0.0.0.255 host 172.22.242.23 eq 80
    Corp1(config)#access-list 100 permit ip any any
    Corp1(config)#interface fa 0/1 sh ip int brief
    Corp1(config-if)#ip access-group 100 out
    Corp1(config-if)#end
    Corp1#copy running-config startup-config

    Explanation:

    Select the console on Corp1 router
    Configuring ACL

    Corp1 >enable
    Corp1#configure terminal

    comment: To permit only Host C (192.168. 33. 3){source addr} to access finance server address (172.22. 242. 23){destination addr} on port number 80 (web)

    Corp1(config)#access-list 100 permit tcp host 192.168.33.3 host 172.22.242.23 eq 80

    Comment: To deny any source to access finance server address (172. 22. 242. 23) {destination addr} on port number 80 (web)

    Corp1(config)#access-list 100 deny tcp any host 172.22.242.23 eq 80

    Comment: To permit ip protocol from any source to access any destination because of the implicit deny any any statement at the end of ACL.

    Corp1(config)#access-list 100 permit ip any any

    Applying the ACL on the Interface
    comment: Check show ip interface brief command to identify the interface type and number by checking the IP address configured.

    Corp1(config)#interface fa 0/1

    If the ip address configured already is incorrect as well as the subnet mask, this should be corrected in order ACL to work type this commands at interface mode :
    no ip address 192. x. x. x 255. x. x. x (removes incorrect configured ip address and subnet mask) Configure Correct IP Address and subnet mask:
    ip address 172. 22. 242. 30 255. 255. 255. 240 (range of address specified going to server is given as 172. 22. 242. 17-172. 22. 242. 30 )
    Comment: Place the ACL to check for packets going outside the interface towards the finance web server.

    Corp1(config-if)#ip access-group 100 out
    Corp1(config-if)#end

    Important: To save your running config to startup before exit.

    Corp1#copy running-config startup- config

    Verifying the Configuration:

    Step1: show ip interface brief command identifies the interface on which to apply access list. Step2: Click on each host A,B,C & D. Host opens a web browser page, Select address box of the web browser and type the ip address of finance web server(172. 22. 242. 23) to test whether it permits /deny access to the finance web Server.
    Step 3: Only Host C (192.168. 33. 3) has access to the server. If the other host can also access then maybe something went wrong in your configuration check whether you configured correctly and in order.
    Step 4: If only Host C (192.168. 33. 3) can access the Finance Web Server you can click on NEXT button to successfully submit the ACL SIM.

    QUESTION 265
    Lab Simulation Question – NAT-1

    A network associate is configuring a router for the weaver company to provide internet access. The ISP has provided the company six public IP addresses of 198.18.184.105 198.18.184.110. The company has 14 hosts that need to access the internet simultaneously. The hosts in the company LAN have been assigned private space addresses in the range of 192.168.100.17 ?192.168.100.30.

    Answer:
    The company has 14 hosts that need to access the internet simultaneously but we just have 6 public IP addresses from 198.18.184.105 to 198.18.184.110/29.
    Therefore we have to use NAT overload (or PAT)
    Double click on the Weaver router to open it

    Router>enable
    Router#configure terminal

    First you should change the router’s name to Weaver

    Router(config)#hostname Weaver

    Create a NAT pool of global addresses to be allocated with their netmask.
    Weaver(config)#ip nat pool mypool 198.18.184.105 198.18.184.110 netmask 255.255.255.248

    Create a standard access control list that permits the addresses that are to be translated

    Weaver(config)#access-list 1 permit 192.168.100.16 0.0.0.15

    Establish dynamic source translation, specifying the access list that was defined in the prior step

    Weaver(config)#ip nat inside source list 1 pool mypool overload

    This command translates all source addresses that pass access list 1, which means a source address from 192.168.100.17 to 192.168.100.30, into an address from the pool named mypool (the pool contains addresses from 198.18.184.105 to 198.18.184.110)
    Overload keyword allows to map multiple IP addresses to a single registered IP address (many-to-one) by using different ports
    The question said that appropriate interfaces have been configured for NAT inside and NAT outside statements.
    This is how to configure the NAT inside and NAT outside, just for your understanding:

    Weaver(config)#interface fa0/0
    Weaver(config-if)#ip nat inside
    Weaver(config-if)#exit
    Weaver(config)#interface s0/0
    Weaver(config-if)#ip nat outside
    Weaver(config-if)#end

    Finally, we should save all your work with the following command:

    Weaver#copy running-config startup-config

    Check your configuration by going to “Host for testing” and type:
    C :\>ping 192.0.2.114

    The ping should work well and you will be replied from 192.0.2.114

    QUESTION 266
    Lab Simulation Question – NAT-2
    A network associate is configuring a router for the Weaver company to provide internet access. The ISP has provided the company six public IP addresses of 198.18.184.105 – 198.18.184.110. The company has 14 hosts that need to access the internet simultaneously. The hosts in the company LAN have been assigned private space addresses in the range of 192.168.100.17 – 192.168.100.30.

    The following have already been configured on the router:

    The basic router configuration
    The appropriate interfaces have been configured for NAT inside and NAT outside
    The appropriate static routes have also been configured (since the company will be a stub network, no routing protocol will be required.)
    All passwords have been temporarily set to “cisco”

    The task is to complete the NAT configuration using all IP addresses assigned by the ISP to provide internet access for the hosts in the weaver LAN. Functionality can be tested by clicking on the host provided for testing.

    Configuration information:

    Router name    –    Weaver
    Inside global addresses    –    198.18.184.105 – 198.18.184.110 /29
    Inside local addresses    –    192.168.100.17 – 192.168.100.30 /28
    Number of inside hosts    –    14

    Answer:

    Step 1: Router Name

    Router>enable
    Router#configure terminal
    Router(config)#hostname Weaver
    Weaver(config)#

    Step 2: NAT Configuration

    Weaver(config)#access-list 10 permit 192.168.100.16 0.0.0.15
    Weaver(config)#ip nat pool  mynatpool 198.18.184.105 198.18.184.110 netmask 255.255.255.248
    Weaver(config)#ip nat inside source list 10 pool mynatpool overload
    Weaver(config)#end

    Step 3: Save Configuration

    Weaver#copy run start

    Verification:

    We can verify the answer by pinging the ISP IP Address (192.0.2.114) from Host for testing.

    Click “Host for testing”

    In command prompt, type “ping 192.0.2.114”. If ping succeeded then the NAT is working properly.

    Screen Shots:

    QUESTION 267
    In a switched environment, what does the IEEE 802.1Q standard describe?

    A.    the operation of VTP
    B.    a method of VLAN trunking
    C.    an approach to wireless LAN communication
    D.    the process for root bridge selection
    E.    VLAN pruning

    Answer: B
    Explanation:
    A broadcast domain must sometimes exist on more than one switch in the network. To accomplish this, one switch must send frames to another switch and indicate which VLAN a particular frame belongs to. On Cisco switches, a trunk link is created to accomplish this VLAN identification. ISL and IEEE 802.1Q are different methods of putting a VLAN identifier in a Layer 2 frame. The IEEE 802.1Q protocol interconnects VLANs between multiple switches, routers, and servers. With 802.1Q, a network administrator can define a VLAN topology to span multiple physical devices.
    Cisco switches support IEEE 802.1Q for FastEthernet and Gigabit Ethernet interfaces. An 802.1Q trunk link provides VLAN identification by adding a 4-byte tag to an Ethernet Frame as it leaves a trunk port.

    QUESTION 268
    What are three benefits of GLBP? (Choose three.)

    A.    GLBP supports up to eight virtual forwarders per GLBP group.
    B.    GLBP supports clear text and MD5 password authentication between GLBP group members.
    C.    GLBP is an open source standardized protocol that can be used with multiple vendors.
    D.    GLBP supports up to 1024 virtual routers.
    E.    GLBP can load share traffic across a maximum of four routers.
    F.    GLBP elects two AVGs and two standby AVGs for redundancy.

    Answer: BDE

    QUESTION 269
    Which three statements about HSRP operation are true? (Choose three.)

    A.    The virtual IP address and virtual MA+K44C address are active on the HSRP Master router.
    B.    The HSRP default timers are a 3 second hello interval and a 10 second dead interval.
    C.    HSRP supports only clear-text authentication.
    D.    The HSRP virtual IP address must be on a different subnet than the routers’ interfaces on the same LAN.
    E.    The HSRP virtual IP address must be the same as one of the router’s interface addresses on the LAN.
    F.    HSRP supports up to 255 groups per interface, enabling an administrative form of load balancing.

    Answer: ABF
    Explanation:
    The virtual MAC address of HSRP version 1 is 0000.0C07.ACxx, where xx is the HSRP group number in hexadecimal based on the respective interface. For example, HSRP group 10 uses the HSRP virtual MAC address of 0000.0C07.AC0A. HSRP version 2 uses a virtual MAC address of 0000.0C9F.FXXX (XXX: HSRP group in hexadecimal)

    QUESTION 270
    Which three statements about Syslog utilization are true? (Choose three.)

    A.    Utilizing Syslog improves network performance.
    B.    The Syslog server automatically notifies the network administrator of network problems.
    C.    A Syslog server provides the storage space necessary to store log files without using router disk space.
    D.    There are more Syslog messages available within Cisco IOS than there are comparable SNMP trap messages.
    E.    Enabling Syslog on a router automatically enables NTP for accurate time stamping.
    F.    A Syslog server helps in aggregation of logs and alerts.

    Answer: CDF

    QUESTION 271
    A network administrator enters the following command on a router: logging trap 3. What are three message types that will be sent to the Syslog server? (Choose three.)

    A.    informational
    B.    emergency
    C.    warning
    D.    critical
    E.    debug
    F.    error

    Answer: BDF

    QUESTION 272
    What is the default Syslog facility level?

    A.    local4
    B.    local5
    C.    local6
    D.    local7

    Answer: D

    QUESTION 273
    What command instructs the device to timestamp Syslog debug messages in milliseconds?

    A.    service timestamps log datetime localtime
    B.    service timestamps debug datetime msec
    C.    service timestamps debug datetime localtime
    D.    service timestamps log datetime msec

    Answer: B
    Explanation:
    The “service timestamps debug” command configures the system to apply a time stamp to debugging messages. The time-stamp format for datetime is MMM DD HH:MM:SS, where MMM is the month, DD is the date, HH is the hour (in 24-hour notation), MM is the minute, and SS is the second. With the additional keyword msec, the system includes milliseconds in the time stamp, in the format HH:DD:MM:SS.mmm, where .mmm is milliseconds

    QUESTION 274
    Refer to the exhibit. What is the cause of the Syslog output messages?

    A.    The EIGRP neighbor on Fa0/1 went down due to a failed link.
    B.    The EIGRP neighbor connected to Fa0/1 is participating in a different EIGRP process, causing the adjacency
    to go down.
    C.    A shut command was executed on interface Fa0/1, causing the EIGRP adjacency to go down.
    D.    Interface Fa0/1 has become error disabled, causing the EIGRP adjacency to go down.

    Answer: C

    QUESTION 275
    What are three components that comprise the SNMP framework? (Choose three.)

    A.    MIB
    B.    agent
    C.    set
    D.    AES
    E.    supervisor
    F.    manager

    Answer: ABF

    Lead2pass is now offering Lead2pass 200-125 PDF dumps with 100% passing guarantee. Use Lead2pass 200-125 PDF and pass your exam easily. Download Cisco 200-125 exam dumps and prepare for exam.

    200-125 new questions on Google Drive: https://drive.google.com/open?id=0B3Syig5i8gpDUG9MR3ZFUDNqeDQ

    2017 Cisco 200-125 exam dumps (All 765 Q&As) from Lead2pass:

    http://www.lead2pass.com/200-125.html [100% Exam Pass Guaranteed]

  • [2017 New] Try Lead2pass Latest Cisco 200-125 Dumps To Pass The Exam Successfully (226-250)

    2017 June Cisco Official New Released 200-125 Dumps in Lead2pass.com!

    100% Free Download! 100% Pass Guaranteed!

    How to pass 200-125 exam easily? Are you struggling for the 200-125 exam? Good news, Lead2pass Cisco technical experts have collected all the questions and answers which are updated to cover the knowledge points and enhance candidates’ abilities. We offer the latest 200-125 PDF and VCE dumps with new version VCE player for free download, and the new 200-125 dump ensures your 200-125 exam 100% pass.

    Following questions and answers are all new published by Cisco Official Exam Center: http://www.lead2pass.com/200-125.html

    QUESTION 226
    What is known as “one-to-nearest” addressing in IPv6?

    A.    global unicast
    B.    anycast
    C.    multicast
    D.    unspecified address

    (more…)

  • [2017 New] Try Lead2pass Latest Cisco 200-125 Dumps To Pass The Exam Successfully (201-225)

    2017 June Cisco Official New Released 200-125 Dumps in Lead2pass.com!

    100% Free Download! 100% Pass Guaranteed!

    We at Lead2pass are committed to help you clear your 200-125 certification test with high scores. The chances of you failing to clear your 200-125 test, after going through our comprehensive exam dumps is very bleak.

    Following questions and answers are all new published by Cisco Official Exam Center: http://www.lead2pass.com/200-125.html

    QUESTION 201
    Refer to the exhibit. Which statement describes DLCI 17?

     

    A.    DLCI 17 describes the ISDN circuit between R2 and R3.
    B.    DLCI 17 describes a PVC on R2. It cannot be used on R3 or R1.
    C.    DLCI 17 is the Layer 2 address used by R2 to describe a PVC to R3.
    D.    DLCI 17 describes the dial-up circuit from R2 and R3 to the service provider.

    (more…)

  • [2017 New] Try Lead2pass Latest Cisco 200-125 Dumps To Pass The Exam Successfully (176-200)

    2017 June Cisco Official New Released 200-125 Dumps in Lead2pass.com!

    100% Free Download! 100% Pass Guaranteed!

    Lead2pass dumps for 200-125 exam are written to the highest standards of technical accuracy, provided by our certified subject matter experts and published authors for development. We guarantee the best quality and accuracy of our products. We hope you pass the exams successfully with our practice test. With our Cisco 200-125 dumps, you will pass your exam easily at the first attempt. You can also enjoy 365 days free update for your product.

    Following questions and answers are all new published by Cisco Official Exam Center: http://www.lead2pass.com/200-125.html

    QUESTION 176
    Which port state is introduced by Rapid-PVST?

    A.    learning
    B.    listening
    C.    discarding
    D.    forwarding

    (more…)

  • [2017 New] Try Lead2pass Latest Cisco 200-125 Dumps To Pass The Exam Successfully (151-175)

    2017 June Cisco Official New Released 200-125 Dumps in Lead2pass.com!

    100% Free Download! 100% Pass Guaranteed!

    Lead2pass is ready to provide Cisco candidates with 200-125 exam dumps which can be very helpful for getting Cisco certification, which means that candidates can easily get access to the services of Cisco 200-125 exam dumps, which will assure them 100% passing success rate. With Lead2pass 200-125 exam dumps, it will be easy to pass your 200-125 exam at your first time.

    Following questions and answers are all new published by Cisco Official Exam Center: http://www.lead2pass.com/200-125.html

    QUESTION 151
    Refer to exhibit. A network administrator cannot establish a Telnet session with the indicated router. What is the cause of this failure?
     
    A.    A Level 5 password is not set.
    B.    An ACL is blocking Telnet access.
    C.    The vty password is missing.
    D.    The console password is missing.

    (more…)

  • [2017 New] Try Lead2pass Latest Cisco 200-125 Dumps To Pass The Exam Successfully (126-150)

    2017 June Cisco Official New Released 200-125 Dumps in Lead2pass.com!

    100% Free Download! 100% Pass Guaranteed!

    There are many companies that provide 200-125 braindumps but those are not accurate and latest ones. Preparation with Lead2pass 200-125 new questions is a best way to pass this certification exam in easy way.

    Following questions and answers are all new published by Cisco Official Exam Center: http://www.lead2pass.com/200-125.html

    QUESTION 126
    Which commands are required to properly configure a router to run OSPF and to add network 192.168.16.0/24 to OSPF area 0? (Choose two.)

    A.    Router(config)# router ospf 0
    B.    Router(config)# router ospf 1
    C.    Router(config)# router ospf area 0
    D.    Router(config-router)# network 192.168.16.0 0.0.0.255 0
    E.    Router(config-router)# network 192.168.16.0 0.0.0.255 area 0
    F.    Router(config-router)# network 192.168.16.0 255.255.255.0 area 0

    (more…)

  • [2017 New] Try Lead2pass Latest Cisco 200-125 Dumps To Pass The Exam Successfully (101-125)

    2017 June Cisco Official New Released 200-125 Dumps in Lead2pass.com!

    100% Free Download! 100% Pass Guaranteed!

    I have already passed Cisco 200-125 certification exam yesterday….Scored 984/1000 in US! Many new exam questions added into the 2017 200-125 test! So I just come here to share with your guys and wish more 200-125 candidates can pass easily!

    Following questions and answers are all new published by Cisco Official Exam Center: http://www.lead2pass.com/200-125.html

    QUESTION 101
    Refer to the exhibit. The Lakeside Company has the internetwork in the exhibit. The administrator would like to reduce the size of the routing table on the Central router. Which partial routing table entry in the Central router represents a route summary that represents the LANs in Phoenix but no additional subnets?

     
    A.    10.0.0.0/22 is subnetted, 1 subnets
    D 10.0.0.0 [90/20514560] via 10.2.0.2, 6w0d, Serial0/1
    B.    10.0.0.0/28 is subnetted, 1 subnets
    D 10.2.0.0 [90/20514560] via 10.2.0.2, 6w0d, Serial0/1
    C.    10.0.0.0/30 is subnetted, 1 subnets
    D 10.2.2.0 [90/20514560] via 10.2.0.2, 6w0d, Serial0/1
    D.    10.0.0.0/22 is subnetted, 1 subnets
    D 10.4.0.0 [90/20514560] via 10.2.0.2, 6w0d, Serial0/1
    E.    10.0.0.0/28 is subnetted, 1 subnets
    D 10.4.4.0 [90/20514560] via 10.2.0.2, 6w0d, Serial0/1
    F.    10.0.0.0/30 is subnetted, 1 subnets
    D 10.4.4.4 [90/20514560] via 10.2.0.2, 6w0d, Serial0/1

    (more…)

  • [2017 New] Try Lead2pass Latest Cisco 200-125 Dumps To Pass The Exam Successfully (76-100)

    2017 June Cisco Official New Released 200-125 Dumps in Lead2pass.com!

    100% Free Download! 100% Pass Guaranteed!

    I have already passed Cisco 200-125 certification exam today! Scored 989/1000 in Australia. SO MANY new added exam questions which made me headache….. Anyway, I finally passed 200-125 exam with the help of Lead2pass! 

    Following questions and answers are all new published by Cisco Official Exam Center: http://www.lead2pass.com/200-125.html

    QUESTION 76
    What are three approaches that are used when migrating from an IPv4 addressing scheme to an IPv6 scheme. (Choose three.)

    A.    enable dual-stack routing
    B.    configure IPv6 directly
    C.    configure IPv4 tunnels between IPv6 islands
    D.    use proxying and translation to translate IPv6 packets into IPv4 packets
    E.    statically map IPv4 addresses to IPv6 addresses
    F.    use DHCPv6 to map IPv4 addresses to IPv6 addresses

    (more…)

  • Pages: 1 2
Posts navigation