1. Which RPVST+ port state is excluded from all STP operations?
learning
forwarding
blocking
disabled*
2. Which command can you enter to block HTTPS traffic from the whole class A private network range to a host?
R1(config)#access-list 105 deny tcp 10.1.0.0 0.0.255.255 40.0.0.2 0.0.0.0 eq 443
R1(config)#access-list 105 deny tcp 10.1.0.0 0.0.255.255 40.0.0.2 0.0.0.0 eq 53
R1(config)#access-list 105 deny tcp 10.0.0.0 0.255.255.255 40.0.0.2 0.0.0.0 eq 53
R1(config)#access-list 105 deny tcp 10.0.0.0 0.255.255.255 40.0.0.2 0.0.0.0 eq 443*
3. When is a routing table entry identified as directly connected?
when the local router is in use as the network default gateway
when the network resides on a remote router that is physically connected to the local router
when an interface on the router is configure with an ip address and enabled*
when the route is statically assigned to reach a specific network
4. Which address block identifies all link-local addresses?
FC00::/7
FC00::/8
FE80::/10*
FF00::/8
5. Which option is the industry-standard protocol for EtherChannel ?
PAgP
LACP*
Cisco Discovery Protocol
DTP
6. For which two reasons was RFC 1918 address space define (Choose two)
to preserve public IPv4 address space*
to reduce the occurrence of overlapping IP addresses*
to preserve public IPv6 address space
reduce the size of ISP routing tables
to support the NAT protocol
7. Which two statements about RIPv2 are true? (Choose two)
It must be manually enabled after RIP is configured as the routing protocol*
It uses multicast address 224.0.0.2 to share routing information between peers
its default administrative distances 120*
It is a link-state routing protocol
It is an EGP routing protocol
8. In which CLI configuration mode can you configure the hostname of a device?
line mode
interface mode
global mode*
router mode
9. In which two circumstances are private IPv4 addresses appropriate? (Choose two)
on internal hosts that stream data solely to external resources
on hosts that communicates only with other internal hosts*
on the public-facing interface of a firewall
on hosts that require minimal access to external resources*
to allow hosts inside an enterprise to communicate in both directions with hosts outside the enterprise
10. Which two statements about eBGP neighbor relationships are true? (Choose two)
The two devices must reside in different autonomous systems*
Neighbors must be specifically declared in the configuration of each device*
They can be created dynamically after the network statement is con-figured.
The two devices must reside in the same autonomous system
The two devices must have matching timer settings
11. Which two pieces of information can be shared with LLDP TLVs? (Choose two)
device management address.*
device type*
spanning-tree topology
routing configuration
access-list configuration
12. Which two statements about UDP are true? (Choose two)
It can transmit data at a rate higher than the path capacity*
It uses a three-way handshake to ensure that traffic is transmitted properly
It guarantees packet delivery
it includes protection against duplicate packets
it can be used for multicast and broadcast traffic*
13. Which two statements about access points are true? (Choose Two)
They can provide access within enterprises and to the public.
in Most cases, they are physically connected to other network devices to provide network connectivity*
They can protect a network from internal and external threats.
Most access points provide Wi-Fi and Bluetooth connectivity.*
They must be hardwired to a modem.
14. For which two protocols can PortFast alleviate potential host startup is-sues? (Choose two.)
DHCP*
DNS*
OSPF
RIP
CDP
15. What does it take for BGP to establish connection. (Choose two)
Enable cdp
AS number on local router*
AS number on remote router*
IGP
EGP
16. On which layer tcp/ip is ACL Apic-EM path
Layer 1
Layer 2
Layer 3
Layer 4*
17. Which cloud service is typically used to provide DNS and DHCP services to an enterprise?
IaaS
DaaS
SaaS*
PaaS
18. Which three statements about Syslog utilization are true? (Choose three.)
Utilizing Syslog improves network performance
The Syslog server automatically notifies the network administrator of network problems
A Syslog server provides the storage space necessary to store log files without using router disk space*
There are more Syslog messages available within Cisco IOS than there are comparable SNMP trap messages.*
Enabling Syslog on a router automatically enables NTP for accurate time stamping
A Syslog server helps in aggregation of logs and alerts.*
19. What are the two statements about EUI-64 addressing? (Choose two)
A locally administrated address has the universal/local bit set to 0.*
A 64-bit interface identifier is derived from the interface MAC address
A 96-bit interface identifier is derived from the interface MAC address
The address includes the hex digits FFFE after the first 24 bits of the interface MAC address*
The address includes the hex digits FFFE after the last 24 bits of the interface MAC address
20. After you configure the ip dns spoofing command globally on a device,under which two conditions is DNS spoofing enabled on the device?(choose two)
The DNS server queue limit id disabled
The ip host command is disabled
All configured IP name server addresses are removed*
The ip dns spoofing command is disabled on the local interface
The no ip domain lookup command is configured*
21. which task must you perform to enable an IOS device to use DNS services?
configure a relay agent information reforwarding policy
configure manual bindings*
configure the relay agent information option
configure a name server
22. Which two IP SLA operations can you use to measure the end-to-end response time for all IP traffic between a Cisco router and an end device? (choose two)
UDP jitter
ICMP path jitter
TCP connect
ICMP path echo
ICMP echo*
UDP echo*
23. What authentication type is used by SNMPv2 ?
username and password
community strings*
HMAC-MD5
HMAC-SHA
24. Which MAC protocol sets a random timer to reattempt communication ?
RARP
CSMA/CA
CSMA/CD*
IEEE 802.1x
25. While troubleshooting a GRE tunnel interface issue,show interface command output displays tunnel status up,but line protocol is down.
Which reason for this problem is most likely ?
The route to the tunnel destination address is through the tunnel itself*
The next hop server is misconfigured
The interface has been administratively shut down
The tunnel was just reset
26. Which two statements about stacking Cisco switches are true ?(choose two)
It enables the administrator to manage multiple switches from a single management interface*
The administrator can create only one stack of switches in a network which is under the same administrative domian
When a new master switch is elected,it queries the previous master for its running configuration
The administrator can add additional switches to the stack as demand increases*
Each switch manages its own MAC address table
27. Router R1 has a static route that is configured to destination network.A directly connected interface is configured with an IP address in the same destination network.Which statement about R1 is true?
R1 refuses to advertise the dynamic route to other neighbors
R1 prefers the static route
R1 prefers the directly connected interface*
R1 sends a withdrawal notification to the neighboring router
28. Which type of address is the public IP address of a NAT device?
outside public
inside local
inside global*
inside public
outside global
outside local
29. Which configuration register value can you set on a Cisco device so that it ignores the NVRAM when it boots?
0x2124
0x2120
0x2142*
0x2102
30. Which two benefits can you get by stacking Cisco switches?(choose two)
Each switch in the stack handles the MAC table independently from the others
You can add or remove switches without taking the stack down.*
Each switch in the stack can use a different IOS image
The stack enables any active member to take over as the master switch if the existing master fails.*
You can license the entire stack with a single master license
31. Which command can you enter to verify that a router is synced with a configures time source?
show ntp authenticate
ntp associations
ntp server time
ntp authenticate
show ntp associations*
32. two statements about LLDP are true ?(choose two)
It uses mandatory TLVs to discover the neighboring devices*
It functions at Layer 2 and Layer 3
It is a Cisco-proprietary technology
It is implemented in accordance with the 802.11a specification
It enables systems to learn about one another over the data-link layer*
33. A network administrator enters the following command on a router:logging trap 3 . What are three message types that will be sent to the Syslog server?(choose three)
warning
informational
error*
emergency*
debug
critical*
34. Refer to the exhibit.
CCNA 200-125 Certification Exam Answers Part 7 q34
Which statement is true?
The Fa0/11 role confirms that SwitchA is the root bridge for VLAN 20.
VLAN 20 is running the Per VLAN Spanning Tree Protocol
The MAC address of the root bridge is 0017.596d.1580.
SwitchA is not the root bridge, because not all of the interface roles are designated*
35. Which technology allows a large number of private IP addresses to be represented by a smaller number of public IP addresses?
NAT*
NTP
RFC 1631
RFC 1918
36. Which two types of NAT addresses are used in a Cisco NAT device? (Choose two.)
inside local*
inside global*
inside private
outside private
external global
external local
37. Refer to the exhibit.
CCNA 200-125 Certification Exam Answers Part 7 q37
A new subnet with 60 hosts has been added to the network. Which subnet address should this network use to provide enough usable addresses while wasting the fewest addresses?
192.168.1.56/27
192.168.1.64/26*
192.168.1.64/27
192.168.1.56/26
38. Refer to the exhibit.
CCNA 200-125 Certification Exam Answers Part 7 q38
If the devices produced the given output,what is the cause of the EtherChannel problem?
There is a speed mismatch between SW1’s Fa0/1 and SW2’s Fa0/1 interfaces.*
There is an MTU mismatch between SW1’s Fa0/1 and SW2’s Fa0/1 interfaces
There is an encapsulation mismatch between SW1’s Fa0/1 and SW2’s Fa0/1 interface
SW1’s Fa0/1 interface is administratively shut down.
39. Which option is a valid IPv6 address?
2001:0000:130F::099a::12a
2002:7654:A1AD:61:81AF:CCC1
FEC0:2927:1860:W067::2A4
2004:1:25A4:886F::1*
40. Which two statements about configuring an Ether Channel on a Cisco switch are true?(Choose two)
The interfaces configured in the Ether Channel must have the same STP port path cost
The interfaces configured in the Ether Channel must be on the same physical switch*
An Ether Channel can operate in Layer 2 mode only
The interfaces configured in the Ether Channel must operate at the same speed and duplex mode*
The interfaces configured in the Ether Channel must be part of the same VLAN or trunk
41. Which two statements about IPv6 anycast addresses are true?( Choose two)
They receive packets on the closest interface that is discovered by the routing protocol*
They are allocated from the IPv6 broadcast address space
They are used in conjunction with source-specific multicast for IPv6
They use the prefix FC00::/8
They arr allocated from the IPv6 unicast address space*
42. What is the first step in the NAT configuration process?
Define inside and outside interfaces*
Define public and private IP addresses
Define IP address pools
Define global and local interfaces
43. It you change the weight and distance parameters on a device with an establshed BGP neighbor, which additional task must you perfom to allow the two devices to continue exchanging routes?
Reset the BGP connections on the device
Reset the gateway interface
Clear the IP routes on the device*
Change the weight and distance settings on the other device to match
44. Which two features can you enable on a switch to capture and analyze frames that transt an interface? (Choose two)
SNMP
NetFlow
IP SLA
SPAN*
RSPAN*
45. Which two characteristics of an ICMP echo-based IP SLA are true? (Choose two)
It can use RSPAN to report network statistics to a designated remote port
It aggregates traffic statistics for reporting on a configurable basis
It requires a remote device to log and maintain collected data
It measures traffic to determine the reliability of a connection from a Cisco router to a designated end device*
It generates continuous traffic to monitor network performance*
46. Which two are features of IPv6?(choose two)
multicast*
broadcast
allcast
podcast
anycast*
47. Which two statements about Cisco Discovery Protocol are true?(Choose two)
It is used to initiate a VTP server and cient relationship
It uses SNMP to share device information to an external server
It runs on the network layer and the data link layer.
It runs on the data link layer only*
It uses TLVs to share device information*
48. Which two QoS tools can provide congestion management?(Choose two)
CBWFQ*
FRTS
CAR
PQ*
PBR
49. Refer to the diagram.
CCNA 200-125 Certification Exam Answers Part 7 q49
All hosts have connectivity with one another. Which statements describe the addressing scheme that is in use in the network? (Choose three.)
The subnet mask in use is 255.255.255.192
The subnet mask in use is 255.255.255.128*
The IP address 172.16.1.25 can be assigned to hosts in VLAN1*
The IP address 172.16.1.205 can be assigned to hosts in VLAN1
The LAN interface of the router is configured with one IP address.
The LAN interface of the router is configured with multiple IP addresses.*
50. A national retail chain needs to design an IP addressing scheme to support a nationwide network. The company needs a minimum of 300 sub-networks and a maximum of 50 host addresses per subnet.
Working with only one Class B address, which of the following subnet masks will support an appropriate addressing scheme? (Choose two.)
255.255.255.0
255.255.255.128*
255.255.252.0
255.255.255.224
255.255.255.192*
255.255.248.0
51. which two statements describe key differences between single- and dual-homed WAN connections? (Choose two)
Dual-homed WAN connections are more expensive than single-homed connections*
Dual-homed WAN connections have more management-application overhead than single-homed connections
Dual-homed WAN connections require more skill to administer than single-homed connections*
Dual-homed WAN connections have a simpler topology than single-homed connections
Dual-homed WAN connections have higher WAN speed than single- homed connections
52. which two values are needed to run the APIC-EM ACL Analysis tool ?(choose two)
destination address*
destination port
periodic refresh intervlan
source address*
protocol
source port
53. Which QOS feature can drop traffic that exceeds the committed access rate?
weighted fair queuing
FIFO
policing*
shaping
54. Which two criteria must be met to support the ICMP echo IP SLA? (Choose two)
The destination device must support the echo protocol*
default gateway must be configured for the source and destination devices
The source device must be running Layer 2 services.
The source and destination devices must be Cisco devices
The source device must be a Cisco device but the destination device can be from any vendor*
55. What SNMP message alerts the manager to a condition on the network?
trap*
get
response
capture
56. In which STP state does MAC address learning take place on a PortFast-enabled port?
listening
forwarding*
discarding
learning
57. Refer to the exhibit.
CCNA 200-125 Certification Exam Answers Part 7 q57
A network technician is asked to design a small network with redundancy. The exhibit represents this design, with all hosts configured in the same VLAN. What conclusions can be made about this design?
The design will function as intended
Spanning-tree will need to be used
The router will not accept the addressing scheme*
The connection between switches should be a trunk.
The router interfaces must be encapsulated with the 802.1Q protocol.
58. For which two reasons might you choose chassis aggregation instead of stacking switches?(Choose two)
to allow hot-swapping modules
to increase the number of devices in use*
to avoid the use of a centralized configuration manager*
to avoid relying solely on Ethemet interfaces
to increase the maximum port count
59. Which two benefits of implementing a full-mesh WAN topology are true?(Choose two)
increased latency
redundancy*
improved scalability
reliability*
reduced itter
60. Refer to the exhibit.
CCNA 200-125 Certification Exam Answers Part 7 q60
Traffic on the control plane uses which VLAN ?
VLAN 1
VLAN 5
VLAN 10*
VLAN 20
61. Which two conditions can be used to elect the spanning-tree root bridge?(choose two)
the highest MAC address
the lowest MAC address*
the highest port priority
the lowest system ID
the lowest switch priority*
62. Which type of device should you use to preserve IP addresses on your network?
firewall*
WLAN controller
load balancer
intrusion prevention device
63. What two actions can be taken to secure the virtual teminal interfaces on a router?(choose two)
Administratively shut down the interface
Enter an access list and apply it to the virtual terminal interfaces using the access-class command*
Physically secure the interface
Create an access list and apply it to the virtual terminal interfaces using the access-group command
Configure a virtual terminal password and logi process*
64. Which two cable specifications can support 1-Gbps Ethernet? (choose two)
Category 5e*
RG11
RG-6
Category 6*
Category 3
65. Which value is included in the initial TCP syn message?
a session ID
sequence number*
a TTL number
an acknowledgment number
66. At which severity level can syslog logging begin to affect router performance?
debugging
emergency*
notification
critical
67. Refer to the exhibit.
CCNA 200-125 Certification Exam Answers Part 7 q67
What is the effect of the configuration?
Traffic from PC A is dropped when it uses the trunk to communicate with PC B
Traffic from PC A is sent untagged when it uses the trunk to communicate with PC B
Traffic from PC B is dropped when it uses the trunk to communicate with PC A*
Traffic from PC B is sent untagged when it uses the trunk to communicate with PCA
68. Which effete does the aaa new-model coniguration commandhave?
It enables AAA services on the device*
It configures the device to connect to a RADIUS server for AAA
It associates a RADIUS server to an AAA group.
It configures a local user on the device.
69. A BPDU guard is configured on an interface that has PortFast Enable. Which state does the interface enter when it recives a BPDU ?
Blocking
Shutdown
Listening
Errdisable*
70. Which IEEE standard protocol is initiated as a result of successful DTP completion in a switch over FastEthernet?
802.3ad
802.1w
802.1Q*
802.1d
