we provide Tested Cisco ccna routing and switching 200 125 pdf dumps which are the best for clearing ccna 200 125 test, and to get certified by Cisco CCNA Cisco Certified Network Associate CCNA (v3.0). The ccna 200 125 ebook Questions & Answers covers all the knowledge points of the real cisco 200 125 exam. Crack your Cisco ccna 200 125 torrent Exam with latest dumps, guaranteed!

Q41.  - (Topic 3)

A network administrator needs to allow only one Telnet connection to a router. For anyone viewing the configuration and issuing the show run command, the password for Telnet access should be encrypted. Which set of commands will accomplish this task?

A. service password-encryption

access-list 1 permit

line vty 0 4 login

password cisco access-class 1

B. enable password secret line vty 0


password cisco

C. service password-encryption line vty 1


password cisco

D. service password-encryption line vty 0 4


password cisco

Answer: C


Only one VTY connection is allowed which is exactly what's requested. Incorrect Answer: command.

line vty0 4

would enable all 5 vty connections.

Topic 4, WAN Technologies

Q42.  - (Topic 4)

What are two characteristics of Frame Relay point-to-point subinterfaces? (Choose two.)

A. They create split-horizon issues.

B. They require a unique subnet within a routing domain.

C. They emulate leased lines.

D. They are ideal for full-mesh topologies.

E. They require the use of NBMA options when using OSPF.

Answer: B,C


Subinterfaces are used for point to point frame relay connections, emulating virtual point to point leased lines. Each subinterface requires a unique IP address/subnet. Remember, you cannot assign multiple interfaces in a router that belong to the same IP subnet.

Topic 5, Infrastructure Services

190.  - (Topic 5)

What is the alternative notation for the IPv6 address B514:82C3:0000:0000:0029:EC7A:0000:EC72?

A. B514 : 82C3 : 0029 : EC7A : EC72

B. B514 : 82C3 :: 0029 : EC7A : EC72

C. B514 : 82C3 : 0029 :: EC7A : 0000 : EC72

D. B514 : 82C3 :: 0029 : EC7A : 0 : EC72

Answer: D


There are two ways that an IPv6 address can be additionally compressed: compressing leading zeros and substituting a group of consecutive zeros with a single double colon (::). Both of these can be used in any number of combinations to notate the same address. It is important to note that the double colon (::) can only be used once within a single IPv6 address notation. So, the extra 0’s can only be compressed once.

Q43.  - (Topic 8)

Which command can you enter to determine whether a switch is operating in trunking mode?

A. show ip interface brief

B. show vlan

C. show interfaces

D. show interface switchport

Answer: D

Q44.  - (Topic 6)

Which two commands correctly verify whether port security has been configured on port FastEthernet 0/12 on a switch? (Choose two.)

A. SW1#show port-secure interface FastEthernet 0/12

B. SW1#show switchport port-secure interface FastEthernet 0/12

C. SW1#show running-config

D. SW1#show port-security interface FastEthernet 0/12

E. SW1#show switchport port-security interface FastEthernet 0/12

Answer: C,D


We can verify whether port security has been configured by using the “show running- config” or “show port-security interface” for more detail. An example of the output of “show port-security interface” command is shown below:

Q45.  - (Topic 8)

Which technology allows a large number of private IP addresses to be represented by a smaller number of public IP addresses?



C. RFC 1631

D. RFC 1918

Answer: A

Q46.  - (Topic 4)

The command frame-relay map ip 102 broadcast was entered on the router. Which of the following statements is true concerning this command?

A. This command should be executed from the global configuration mode.

B. The IP address is the local router port used to forward data.

C. 102 is the remote DLCI that will receive the information.

D. This command is required for all Frame Relay configurations.

E. The broadcast option allows packets, such as RIP updates, to be forwarded across the PVC.

Answer: E


Broadcast is added to the configurations of the frame relay, so the PVC supports broadcast, allowing the routing protocol updates that use the broadcast update mechanism to be forwarded across itself.

Q47.  - (Topic 8)

Refer to the exhibit.

What is the result of setting the no login command?

A. Telnet access is denied.

B. Telnet access requires a new password at the first login.

C. Telnet access requires a new password.

D. no password is required for telnet access.

Answer: D

Q48. CORRECT TEXT - (Topic 4)

A corporation wants to add security to its network. The requirements are:

✑ Host B should be able to use a web browser (HTTP) to access the Finance Web Server.

✑ Other types of access from host B to the Finance Web Server should be blocked.

✑ All access from hosts in the Core or local LAN to the Finance Web Server should be blocked.

✑ All hosts in the Core and on local LAN should be able to access the Public Web Server.

You have been tasked to create and apply a numbered access list to a single outbound interface. This access list can contain no more than three statements that meet these requirements.

Access to the router CLI can be gained by clicking on the appropriate host.

✑ All passwords have been temporarily set to “cisco”.

✑ The Core connection uses an IP address of

✑ The computers in the Hosts LAN have been assigned addresses of


✑ host A

✑ host B

✑ host C

✑ host D

✑ The Finance Web Server has been assigned an address of

✑ The Public Web Server in the Server LAN has been assigned an address of


Please check the below explanation for all details.


We should create an access-list and apply it to the interface that is connected to the Server LAN because it can filter out traffic from both S2 and Core networks. To see which interface this is, use the “show ip interface brief” command:

Macintosh HD:Users:danielkeller:Desktop:Screen Shot 2015-11-17 at 3.24.34 PM.png From this, we know that the servers are located on the fa0/1 interface, so we will place our numbered access list here in the outbound direction.

Corp1#configure terminal

Our access-list needs to allow host B – 192.168125.2 to the Finance Web Server via HTTP (port 80), so our first line is this:

Corp1(config)#access-list 100 permit tcp host host eq 80

Then, our next two instructions are these:

✑ Other types of access from host B to the Finance Web Server should be blocked.

✑ All access from hosts in the Core or local LAN to the Finance Web Server should be blocked.

This can be accomplished with one command (which we need to do as our ACL needs to be no more than 3 lines long), blocking all other access to the finance web server: Corp1(config)#access-list 100 deny ip any host

Our last instruction is to allow all hosts in the Core and on the local LAN access to the Public Web Server (

Corp1(config)#access-list 100 permit ip host any Finally, apply this access-list to Fa0/1 interface (outbound direction) Corp1(config)#interface fa0/1

Corp1(config-if)#ip access-group 100 out

Notice: We have to apply the access-list to Fa0/1 interface (not Fa0/0 interface) so that the access-list can filter traffic coming from both the LAN and the Core networks.

To verify, just click on host B to open its web browser. In the address box type to check if you are allowed to access Finance Web Server or not. If

your configuration is correct then you can access it.

Click on other hosts (A, C and D) and check to make sure you can’t access Finance Web Server from these hosts. Then, repeat to make sure they can reach the public server at Finally, save the configuration


Corp1#copy running-config startup-config

Q49.  - (Topic 7)


Refer to the topology. Your company has decided to connect the main office with three other remote branch offices using point-to-point serial links.

You are required to troubleshoot and resolve OSPF neighbor adjacency issues between the main office and the routers located in the remote branch offices.

R1 does not form an OSPF neighbor adjacency with R2. Which option would fix the issue?

A. R1 ethernet0/1 is shutdown. Configure no shutdown command.

B. R1 ethernet0/1 configured with a non-default OSPF hello interval of 25; configure no ip ospf hello-interval 25.

C. R2 ethernet0/1 and R3 ethernet0/0 are configured with a non-default OSPF hello

interval of 25; configure no ip ospf hello-interval 25.

D. Enable OSPF for R1 ethernet0/1; configure ip ospf 1 area 0 command under ethernet0/1.

Answer: B


Looking at the configuration of R1, we see that R1 is configured with a hello interval of 25 on interface Ethernet 0/1 while R2 is left with the default of 10 (not configured).

Q50.  - (Topic 3)

Refer to the exhibit.

The network administrator requires easy configuration options and minimal routing protocol traffic. What two options provide adequate routing table information for traffic that passes between the two routers and satisfy the requests of the network administrator? (Choose two.)

A. a dynamic routing protocol on InternetRouter to advertise all routes to CentralRouter.

B. a dynamic routing protocol on InternetRouter to advertise summarized routes to CentralRouter.

C. a static route on InternetRouter to direct traffic that is destined for to CentralRouter.

D. a dynamic routing protocol on CentralRouter to advertise all routes to InternetRouter.

E. a dynamic routing protocol on CentralRouter to advertise summarized routes to InternetRouter.

F. a static, default route on CentralRouter that directs traffic to InternetRouter.

Answer: C,F


The use of static routes will provide the necessary information for connectivity while producing no routing traffic overhead.