Cisco IOS Technologies Exam

Exam Code: 200-125 New Question: 62q

Questions & Answers

New Question: 62q

Exam Code: 200-125

  1. Which two options are the best reasons to use an IPV4 private IP space? (Choose two)
    1. to enable intra-enterprise communication
    2. to conserve global address space
    3. to manage routing overhead
    4. to connect applications
    5. to implement NAT Answer : AB (dump v27)
  2. Which three statements about DWDM are true? (Choose three)
    1. lt allows a single strand of fi ber to support bidirectional communications
    2. lt is used for long-distance and submarine cable systems
    3. lt can multiplex up to 256 channels on a single fiber
    4. lt supports bath the SDH and SONET standards
    5. Each channel can carry up to a 1-Gbps signal
    6. lt supports simplex commun icat ions over multiple strands offiber

Answer:E CD ref: 0.html

  1. Which tunneling mechanism embeds an 1Pv4 address within an 1Pv6 address?
    1. Teredo
    2. 6to4
    3. 4to6
    4. GRE
    5. ISATAP

Answer:B ref :htt ps:/ / to ols.i et ht ml/ rfc6052#sect ion -2

  1. lf two OSPF neighbors have formed complete adjacency and are exchanging link-state advertisements, which state have they reached?
    1. Exstart
    2. 2-Way
    3. FULL
    4. Exchange

Answer:C ref =0ahUKEwjg7ebX jt LVA hXJAsAKHX oyATQQ_AUIDCgD& biw=1536& bih=735#imgrc=99-F38FQ0gZgVM:

  1. Which three statements about 1Pv6 address fd14 :920b:f83d:4079::/ 64 are true? (Choose three)
    1. The subnet ID is 14920bf83d
    2. The subnet ID is 4079
    3. The global ID is 14920bf83d
    4. The address is a link-local address
    5. The global ID is 4079
    6. The address is a unique local address

answer : BCF

ref htt ps:/ / part icipat e/ member-supp ort / lir-basics/ ipv6_reference_card.pdf

  1. Which functionality does an SVI provide?
    1. OSI Layer 2 connectivity to switches
    2. remote switch administration
    3. traffic routing for VLANs
    4. OSI Layer 3 connectivity to switches answer c
  2. Which three commands are required to enable NTP authentication on a Cisco router? (Choose three)
    1. ntp peer
    2. ntp max-associations
    3. ntp authenticate
    4. ntp trusted-key
    5. ntp aut henticat ion-key
    6. ntp refclock

answer: CD E

ref: htt p:/ / 2007/12/28/how-does-ntp-authentication-work/ 8.Which statement about DHCP snooping is true?

  1. it blacks traffic from DHCP servers on untrusted interfaces.
  2. it can be configured on switches and rout ers.
  3. it allows packets from untrusted ports if their source MAC address is found in the binding t able .
  4. it uses DHCPDiscover packets to identify DHCP servers. answer: A
  5. Which type of cable must you use to connect two device with mdi interfaces?
    1. rolled
    2. crossover
    3. crossed
    4. straight through answer B
  6. which port security violation mode allows traffic from valid mac address to pass but black traffic from invalid mac address?
    1. protect
    2. shutdown
    3. shutdown vlan
    4. restrict

answer A

  1. Which type of routing protocol operates by exchanging the entire routing information ?
    1. distance vector protocols
    2. link state protocols
    3. path vector protocols
    4. exterior gateway protocols answer A
  2. Which statements is true about Router on Stick.
    1. When a router have multiple subnets on a single physical link.
    2. When a router have single subnet on multiple physical links. C when a router have multiple interface on single physical links.

D. When a router have single interface on multiple physical links answer A

  1. Refer to the exhibit. Given the output from the show ip eigrp topology command, which router is the feasible successor?

router# show ip eigrp topology

IP-EIGRP topology entry for State is Passive, Query origin flag is 1, 1 Successor(s), FD is 41152000

A. (Serial0), from, Send flag is 0x0 Composite metric is (46152000/41640000), Route is Internai Vector metric:

Minimum bandwidth is 64 Kbit Total delay is 45000 Microseconds Reliability is 255/255

Load is 1/255 Minimum MTU is 1500 Hop count is 2

B. (Serial0.l), from, Send flag is 0x0 Composite metric is (53973248/128256), Route is Internai Vector Metric:

Minimum bandwidth is 48 Kbit Total delay is 25000 Microseconds Reliability is 255/255

Load is 1/255 Minimum MTU is 1500 Hop count is 1

C. (Serial0), from, Send flag is 0x0 Composite metric is (46866176/46354176), Route is Internai Vector metric:

Minimum bandwidth is 56 Kbit Total delay is 45000 microseconds Reliability is 255/255

Load is 1/255 Minimum MTU is 1500 Hop count is 2

D. (Serial0 .1), from, Send flag is 0x0 Composite metric is (46763776/46251776), Route is External Vector metric:

Minimum bandwidth is 56 Kbit Total delay is 41000 microseconds Reliability is 255/255

Load is 1/255 Minimum MTU is 1500 Hop count is 2

Answer: B (old questions)

  1. Which IPsec security protocol should be used when confidentiality is required?
    1. MDS
    2. P5K
    3. AH
    4. E5P answer D
  2. Which 1Pv6 routing protocol uses multicast group FF02: :9 to send updates?
    1. static
    2. RIPng
    3. O5PFv3
    4. 15-15 for 1Pv6 answer B
  3. Which of the port is not part of 5TP protocol. (Question is not accurate but its sounds something like this)
    1. Listening
    2. Learning
    3. Forwarding
    4. Discarding Ans: D
  4. which definition of a hast route is true?
    1. A route that is manually configured.
    2. A route used when a destination route is missing.
    3. A route to the exact /32 destination address
    4. Dynamic route learned from the server. answer C
  5. .which statement about upgrading a cisco 105 device with TFTP server?

A . the operation is performed in active mode

B . the operation is performed in unencrypted format C . the operation is performed in passive mode

D. the cisco 105 device must be on the same LAN as the TFTP server answer: D

  1. .drag and drop (old question)

vty password —-remote access to device console console password—access to console 0 line

access-group —access to connected network or resources service-password encryption–viewing of password

enable secret—access to privileged mod

  1. What is a valid HSRP virtual MAC address? (old question)

A. 0000.SE00.01A3 B. 0007.B400.AEOl C. 0000.0C07.AC15 D. 0007.SEO0.B301

answer C

  1. which command do use we to see SNMP version snmp pending snmp enginelD C.snmp-server something D others

answer is A ref: en/ us/td/docs/ios/12 _2/ configfun/ cornmand/ reference/ffun_r/frf014.htm l#wp1053304

  1. Which command can you enter on a switch to determine the current SNMP security model?
    1. snmp-server contact
    2. show snmp pending
    3. show snmp group
    4. show snmp enginelD

Answer C and can also put D, C and Dis two valid ref: l#wp1053304

  1. When troubleshooting Ethernet connectivity issues, how can you verify that an IP address is known to a router?
    1. Check whether the IP address is in the routing table
    2. Check whether an ACL is blocking the IP address
    3. Check whether the IP address is in the CAM table
    4. Check whether the IP address is in the ARP table answer:D

After you apply the given configuration to a router, the DHCP clients behind the device cannot communicate with hosts outside of their subnet. Which action is most likely to correct the problem?

    1. Configure the dns server on the same subnet as the clients
    2. Activate the dhcp pool
    3. Correct the subnet mask

O. configure the default gateway Answer: D

  1. Refer to the exhibit. What set of commands was configured on interface Faü/3 to produce the given the output?

interface FastEthernet 0/3 Channel-group 1 mode desirable

Switchport trunk encapsulation dotlq Switchport mode trunk

    1. interface FastEthernet 0/3 Channel-group 2 mode passive

Switchport trunk encapsulation dotlq Switchport mode trunk

    1. interface FastEthernet 0/3 Channel-group 2 mode on

Switchport trunk encapsulation dotlq Switchport mode trunk

    1. interface FastEthernet 0/3 Channel-group 2 mode active

Switchport trunk encapsulation dotlq Switchport mode trunk

Answer : B

  1. While troubleshooting a DCHP client that is behaving erratically, you discover that the client has been assigned the same IP address as a printer that is a static IP address. Which option is the best way to resolve the problem?
  2. Configure a static route to the client.
  3. Assign the client the same IP address as the router.
  4. Move the client to another IP subnet
  5. Move the printer to another IP subnet.
  6. Reserve the printer IP address. answer E
  7. Refer to the exhibit

after you apply the give configurations to Rl and R2 you notice that OSPFv3 fails to start Which reason for the problem is most likely true?

  1. The area numbers on Rl and R2 are mismatched
  2. The IPv6 network addresses on Rl and R2 are mismatched
  3. The autonomous system numbers on Rl and R2 are mismatched
  4. The router ids on Rl and R2 are mismatched Answer: A
  5. Which two statements about IPv6 address 2002:ablü:beef::/48 are true? (Choose two.)
    1. The embedded IPv4 address can be globally routed
    2. lt is used for an ISATAP tunnel
    3. The embedded IPv4 address is an RFC 1918 address
    4. The MAC address 20:02:bü:10:be:ef is embedded into the IPv6 address
    5. lt is used for a 6to4 tunnel Answer: AE
  6. While troubleshooting a connection problem on a computer, you determined that the computer can

ping a specific web server but it cannot connect to TCP port 80 on that server. Which reason for the problem is most likely ture?

    1. A VLAN number is incorrect
    2. An ARP table entry is missing
    3. A route is missing
    4. An ACL is blocking the TCP port answer D
  1. Which two steps must you perform on each device that is configured for IPv4 routing before you implement OSPFv3? (Choose t wo.)
    1. configure an autonomous system number
    2. configure a loopback interface
    3. configure a router ID
    4. enable IPv6 on an interface
    5. enable IPv6 unicast ro uting Answer : DE
  2. Which option is the main function of congestion management?
    1. discarding excess traffic
    2. queuing traffic based on priority
    3. classifying traffic
    4. providing long-term storage of buffered data Answer : B
  3. Which command must you enter to enable OSPFV2 in an IPV4 network?
    1. ip ospf hello -int erval seconds
    2. router ospfv2 process-id
    3. router ospf value
    4. router ospf process-id Answer : D
  4. Which three statements about the features of SNMPv2 and SNMPv3 are true? (Choose three.)

A.SNMPv3 enhanced SNMPv2 security feat ures.

B.SNM Pv3 added the lnform protocol message to SNMP C.SNMPv2 added the lnform protocol message to SNMP D.SNMPv3 added the GetBulk protocol messages to SNMP E.SNMPv2 added the GetBulk protocol message to SNMP F.SNM Pv2 added the GetNext protocol message to SNM P. answer ACE

  1. Why do large OSPF networks use a hierarchical design? (choose three)
  2. to confine network instability to single areas of the network.
  3. to reduce the complexity of router configuration
  4. to speed up convergence!
  5. to lower costs by replacing routers with distribution layer switchesl
  6. to decrease latency by increasing bandwidth
  7. to reduce routing overhead

answer AC F

  1. Assuming the default switch configuration which vlan range can be added modified and removed on a Cisco switch?
  2. 2 through 1001
  3. 1 through 1001
  4. 1 through 1002
  5. 2 through 1005

answer A

  1. Which of the following is true about spanning-tree root-bridge election?
    1. lt happens automatically. (something like that)
    2. Every root bridge has the same VLAN.
    3. Every VLAN has its own root bridge.
    4. i forgot the last

answer: C reference:

https:/ / ww rch?q=stp+vla n&source=Inms&tbm=isch &sa=X&ved =0ahUKEwjnzvrUn OHVAhWHUIAKHa_bBnMQ_AUICigB&biw=1536&bih=735#imgrc=-IJEHv6yQBsDNM:

stp per vlan is a pvst

  1. What is the most efficient subnet mask for a point to point ipv6 connection? A./127

B. /128 C. /64 D. /48 E. /32

answer A

ref: htt ps:/ / tools.ietf .org/ ht ml/ rfc6164

  1. Which protocol does ipv6 use to discover other ipv6 nodes on the same segment? A.CLNS
  2. TCPv6
  3. NHRP
  4. NDP
  5. ARP

answer 😀

ref: htt ps:/ / tools.ietf. org/ ht ml/ rfc4861

  1. which technology supports multiple dynamic secure connections an unsecure transport network?
    1. DMVPN
    2. VPN
    3. Site-to-site VPN
    4. client VPN answer A
  2. To enable router on a stick on a router subinterface, which two steps must you perform ? choose two
    1. configure full duplex and speed
    2. configure a default to route traffic between subinterfaces
    3. configure the subinterface with an ip address
    4. configure encapsulation dotlq
    5. configure an ip route to the vlan destination network answer CD
  3. Which feature can you use to restrict SNMP queries to a specific 01D tree?
  4. server group
  5. a community
  6. a view record
  7. an access group answer C
  8. Which two options are fields in an Ethernet frame? (choose two)
    1. frame check sequence
    2. header
    3. source IP address
    4. destination IP address
    5. type answer A E
  9. Refer to the exhibit

After you apply the given configuration to Rl , you determine that it is failing to advertise the network. Which action most likely to correct the problem.

    1. Enable passive interface
    2. Enable RIPv2
    3. Enable manual summarization
    4. Enable auto summarization answer B
  1. Which type of secure MAC address must be configured manually?
    1. dynamic
    2. bia
    3. static
    4. sticky answer C
  2. What are types of 1Pv6 static routes? (Choose Three)
    1. Recursive Static routes
    2. Directly connected static routes
    3. Fully specified static routes
    4. Dynamically specified static routes
    5. injected static routes
    6. Redistributed st at ic routes answer : ABC
  3. Which option is the industry-standard protocol for ether channel
    1. Cisco Discovery protocol
    2. PAGP
    3. LACP D.DTP

answer c

47 .Router Rl has a static router that is configured to a destination network. A directly connected inference is configured

with an ip address in the same destination network. which statement about Rl is true

  1. lt refuses to advertise the dynamic route to other neighbors
  2. lt sends a withdrawal signal to the neighboring router
  3. lt disables the routing protocol
  4. lt prefers the static route answer: D
  5. Where does a switch maintain DHCP snooping information?
    1. in the CAM table
    2. in the VLAN database
    3. in the DHCP binding database
    4. in the MAC address t able. answer: C
  6. When is a routing table entry identified as directly connected?
    1. when the local router is in use as the network default gateway
    2. when the network resides on a remote router that is physically connected to the local router
    3. when an interface on the router is configure with an ip address and enabled
    4. when the route is statically assigned to reach a specific network answer: C
  7. which command can you enter in a network switch configuration so that learned mac addresses are saved in configuration as they connect?
    1. Switch(config-if)#Switch port-security
    2. Switch(config-if)#Switch port -securit y Mac-address stcky
    3. Switch(config-if)#Switch port-security maximum 10
    4. Switch(config-if)#Switch mode access answer: B

If Computer Ais sending traffic to computer B, which option is the source ip address when a packet leaves Rl on

interface F0/1?

    1. IP address of the R2 interface F0/1
    2. lp address of computer B
    3. lp address of Rl interface F0/1
    4. lp address of Computer A Answer : D
  1. Which three options are the major components of a network virtualization architecture? (Choose three.)
    1. virtual network services
    2. authentication services
    3. network access contrai
    4. network resilience
    5. path isolation
    6. policy enforcement Answer: ACE
  2. Which RPVST+ port state is excluded from ail STP operations?
    1. learning
    2. forwarding
    3. blocking
    4. disabled Answer : D
  3. Which command can you enter to block HTTPS traffic from the whole class A private network range to a host?

A. Rl(config)#access-list 105 deny tep eq 443

B. Rl(config)#access-list 105 deny tep eq 53

C. Rl(config)#access-list 105 deny tep eq 53

D. Rl(config)#access-list 105 deny tep eq 443 Answer 😀

Drag and Drog :

  1. difference between Radius and tacacs +

Radius : multi-vendors


RADIUS combines authentication and authorization RADIUS encrypts only the password

Tacacs +: proprietary


Separate AAA

Encrypts the entire body

  1. e.BGP and i.BGP

+ BGP speaker : a router running BGP

+ BGP peer or BGP neighbor: Any two routers that have formed a TCP connection to exchange BGP routing information (as BGP runs over TCP on port 179, not UDP)

+ Prefix: Maybe you learned the word “subnet”. ln BGP world, it is usually called “prefix” because

BGP usually does not advertise small subnet s. lt advertises blacks of large subnets so “prefix” is often used instead

+ Internai BGP (iBGP) : refers to the BGP neighbor relationship within the same AS. The iBGP neighbor does not have to be directly connected

+ External BGP (eBGP): refers to the BGP neighbor relationship between two peers belongs to

different AS. lt is recommended that eBGP should be directly connect ed. Never run an IGP between eBGP peers

  1. IP sla schedule (1 command vs many options to choose the best interpretation)

Command: ip sla schedule 1 startime now life forever

lp sla schedule 1 : Number of the IP SLAs operation to schedule is 1

1 startime now lite forever: schedule the operation 1 to start immediately (now) and run indefinitely (forever)

  1. RIPVl vs RIPV2

RIPVl :classful

Non support VLSM Updates send in broadcast

Non support authentication

RIPV2: classless

Support VLSM

Updates send in multicast support authentication

  1. vty console….


Accespt incoming cnc over vty lines———————–terminal Display logging inf during a terminal session———-terminal monitor Provides lovai access to a device————————console

Stores log msg externally ——————————–syslog server logging

Stores log msg in RAM————————————buffered logging


  1. assign the port in the correct vlan

Interface f’x/y Switchport mode access Switchport access vlan X end

  1. ensure the Trunking between switches

Interface f’x/y

switchport trunk encapsulation dotlq Switchport mode trunk

  1. there is a native vlan mismatch and you resolve a problem

Interface f’x/y

switchport trunk encapsulation dotlq Switchport mode trunk

Switchport trunk native vlan Y

  1. gre eigrp


Refer to th e- t o pology below and ans er t he, follwo ing questions .

,ri \l:U,H:fmn•

– – — – – – — – –

– .• ,.

—,–;== =-“-_,a== = – – – – – –

– – – – ‘l!’llll””‘i


Which statement a.b out the router configurations is correct?

    1. PPP PAP is authenticati”on con figure<l het ween Branch2 and R1 _

B-. Tunnel keep alives are. no! configured for the tunn-eto inte rfa c é on Br anch2′ and H2 _

  1. The Branch2 LAN net work 192 .1fü t 11 0/24 is not ad:verbse d: intn th.e- ElGRP networ!:c.
  2. The Br13-nch3 LA W netwo-rk 1 9-2. 1 68.10.0/24 is not advertised into the EIGRP network.
  3. PPP CHAP ïs authenticatïon co-nfigured between Branch1 and R1.

W hy did fü anc h1· ro ter losE! WAN co nnectivit y with Rî router?

  • A The IP addres.s i5. m i sconfigured on PPP mult”ilin k i tlterfac_e on the Brandi1 muter.

P) B. Th_e. PPP multili n!t grnup is misc onfigured on the. Branch1 serial inl erfac s.

0 C. The PPP multilin l\: g roup is misco nfigure-d on t he, R1 s’ erial interfaces _

P) D. Th.e BrancM serial interfaces are, pl aced .in a shuttjown c ondi ti on.

Why has the Branch3 routeT los! oonnecti vfty with R1?

Use ·only show rn mm ano s to frou b lesh· oot because usag.e of the ‘ deb ug éomm1m d is restr icte d on the·Branch3 and R1 routers .

@ A. A PPP cha p ho stna m e m is matc h is noticed bet weèn Branc h3· and R1. O B. A PPP hap pas wordi m isrnatc h is noti ced betweècn B r a nch3 an,d Rî . O -C. PPP em c apsulati ori is riot corifigured on Branch3 .

O D. Thé PPP cha p hostna m e and PPP ch ap pass word c omm andrs ‘am missingr o·n the Branch3 route”r.

W hy is _th e Br anch 2 network 10.1 G. 2 0. 0/ 24-u nable to comm un- icate wil:h_th e Server farm1 network ‘1G. 1 0.1 0. 0/ 24 over the GRE tunnel?

ê A_ The GRE tunnel .-d esl ination is not configured on· the R2 router _

!{) B _ The GRE tunne.l destinati on is not configured on the Branc.h2 router _

C_ The stati c, route points ID the tunnelO ,i te rface that is misconfigured on the Brimch 2· router .

© D _ The st ati c, route points tG the tunnelO interface that fs m iscon figured on the 82 router .

  1. OSPF simulation

INO roulngwtll pn,cess IO numbtr 100 Refe.f’to lhetopofogydiagramfor

8SPF-areaa The Loopl>ack 0 tfllAt address. s the OSPF router ID on each rou1e1:

Qie–lfDvtdefaiultroulB onrouaHQwtlh efaul pœway as 2001: &.e.e1 02::1

V< t*\gillQPffMdtl st!P,i6adelress m 1:D88:0:1111:·1 atter no defëlul1routeonHŒ

.. -. e defaultroute1s adVeftised lnIPY6 OSPF on router HΠThts default route shOuld b9

act,ltl8:ad Glftly vman HO f’l:as a defaull ri>ute 1n ds routinç mt>le

“AclldlttttQ l:!J notfOtmlng IP.6 OSPF ntlghborwi1h BR. You must troubteshqat and resotve lbtS issue.

Toga1a111e ma-mum num• ot points, must complete 1he n SSWY comtgura oos ami fflC

iuue wiltlroultt BR tM OSPM must be coaltgur&d wdhout uslng addres9 tamllies.. Do

While we don’t have any information about running configuration, we should able to 1-configure default route on router HQ: ipv6 unicast-routing

ipv6 route ::/0 2001:DB8:B:B1B2::1

  1. advertise this route under ospfv3

Ipv6 router ospf 100

Default-information originate

  1. fix adjacency problem if a area mismatches We need to enter in s1/0

Ipv6 ospf 100 area 0