2017 Cisco Official New Released 200-125 ♥♥
100% Free Download! 100% Pass Guaranteed!

We provide real 200 125 ccna v3 0 exam questions and answers braindumps in two formats. Download PDF & Practice Tests. Pass Cisco ccna routing and switching 200 125 official cert guide library Exam quickly & easily. The 200 125 cisco PDF type is available for reading and printing. You can print more and practice many times. With the help of our Cisco ccna routing and switching 200 125 pdf dumps pdf and vce product and material, you can easily pass the 125 200 exam.

Q121.  - (Topic 5)

In a GLBP network, who is responsible for the ARP request?



C. Active Router

D. Standby Router

Answer: B


Members of a GLBP group elect one gateway to be the active virtual gateway (AVG) for that group. Other group members provide backup for the AVG in the event that the AVG becomes unavailable. The AVG assigns a virtual MAC address to each member of the GLBP group. Each gateway assumes responsibility for forwarding packets sent to the virtual MAC address assigned to it by the AVG. These gateways are known as active virtual forwarders (AVFs) for their virtual MAC address.

The AVG is responsible for answering Address Resolution Protocol (ARP) requests for the virtual IP address. Load sharing is achieved by the AVG replying to the ARP requests with different virtual MAC addresses.

Reference: http://www.cisco.com/en/US/docs/ios/12_2t/12_2t15/feature/guide/ft_glbp.html

Q122.  - (Topic 7)

What Netflow component can be applied to an interface to track IPv4 traffic?

A. flow monitor

B. flow record

C. flow sampler

D. flow exporter

Answer: A


Flow monitors are the Flexible NetFlow component that is applied to interfaces to perform network traffic monitoring. Flow monitors consist of a record and a cache. You add the record to the flow monitor after you create the flow monitor. The flow monitor cache is automatically created at the time the flow monitor is applied to the first interface. Flow data

is collected from the network traffic during the monitoring process based on the key and nonkey fields in the record, which is configured for the flow monitor and stored in the flow monitor cache.

For example, the following example creates a flow monitor named FLOW-MONITOR-1 and enters Flexible NetFlow flow monitor configuration mode:

Router(config)# flow monitor FLOW-MONITOR-1 Router(config-flow-monitor)#

Q123.  - (Topic 7)

Refer to the exhibit.

HostA cannot ping HostB. Assuming routing is properly configured, what is the cause of this problem?

A. HostA is not on the same subnet as its default gateway.

B. The address of SwitchA is a subnet address.

C. The Fa0/0 interface on RouterA is on a subnet that can't be used.

D. The serial interfaces of the routers are not on the same subnet.

E. The Fa0/0 interface on RouterB is using a broadcast address.

Answer: D


Now let’s find out the range of the networks on serial link: For the network

Increment: 32

Network address:

Broadcast address: For the network Increment: 32

Network address:

Broadcast address:

-> These two IP addresses don’t belong to the same network and they can’t see each other.

Q124.  - (Topic 5)

When a DHCP server is configured, which two IP addresses should never be assignable to

hosts? (Choose two.)

A. network or subnetwork IP address

B. broadcast address on the network

C. IP address leased to the LAN

D. IP address used by the interfaces

E. manually assigned address to the clients

F. designated IP address to the DHCP server

Answer: A,B


Network or subnetwork IP address (for example or and broadcast address (for example should never be assignable to hosts. When try to assign these addresses to hosts, you will receive an error message saying that they can’t be assignable.

Q125.  - (Topic 7)


Refer to the topology. Your company has connected the routers R1, R2, and R3 with serial links. R2 and R3 are connected to the switches SW1 and SW2, respectively. SW1 and SW2 are also connected to the routers R4 and R5.

The EIGRP routing protocol is configured.

You are required to troubleshoot and resolve the EIGRP issues between the various routers.

Use the appropriate show commands to troubleshoot the issues.

The loopback interfaces on R4 with the IP addresses of,, and are not appearing in the routing table of R5. Why are the interfaces missing?

A. The interfaces are shutdown, so they are not being advertised.

B. R4 has been incorrectly configured to be in another AS, so it does not peer with R5.

C. Automatic summarization is enabled, so only the network is displayed.

D. The loopback addresses haven't been advertised, and the network command is missing on R4.

Answer: B


For an EIGRP neighbor to form, the following must match:

- Neighbors must be in the same subnet

- K values

- AS numbers

- Authentication method and key strings

Here, we see that R4 is configured for EIGRP AS 2, when it should be AS 1.

Topic 8, Mixed Questions

316.  - (Topic 8)

Two hosts are attached to a switch with the default configuration. Which statement about the configuration is true?

A. IP routing must be enabled to allow the two hosts to communicate.

B. The two hosts are in the same broadcast domain.

C. The switch must be configured with a VLAN to allow the two hosts to communicate.

D. Port security prevents the hosts from connecting to the switch.

Answer: A

Explanation: IP routing must be enables to allow the two hosts to communicate with each other with default configuration.


Q126.  - (Topic 3)

What is a global command?

A. a command that is set once and affects the entire router

B. a command that is implemented in all foreign and domestic IOS versions

C. a command that is universal in application and supports all protocols

D. a command that is available in every release of IOS, regardless of the version or deployment status

E. a command that can be entered in any configuration mode

Answer: A


When you enter global configuration mode and enter a command, it is applied to the running configuration file that is currently running in ram. The configuration of a global command affects the entire router. An example of a global command is one used for the hostname of the router.

Q127.  - (Topic 4)

Which protocol is an open standard protocol framework that is commonly used in VPNs, to provide secure end-to-end communications?



C. IPsec


Answer: C


IPSec is a framework of open standards that provides data confidentiality, data integrity, and data authentication between participating peers at the IP layer. IPSec can be used to protect one or more data flows between IPSec peers.

Q128.  - (Topic 4)

Which two statements about using the CHAP authentication mechanism in a PPP link are true? (Choose two.)

A. CHAP uses a two-way handshake.

B. CHAP uses a three-way handshake.

C. CHAP authentication periodically occurs after link establishment.

D. CHAP authentication passwords are sent in plaintext.

E. CHAP authentication is performed only upon link establishment.

F. CHAP has no protection from playback attacks.

Answer: B,C


CHAP is an authentication scheme used by Point to Point Protocol (PPP) servers to validate the identity of remote clients. CHAP periodically verifies the identity of the client by using a three-way handshake. This happens at the time of establishing the initial link (LCP), and may happen again at any time afterwards. The verification is based on a shared secret (such as the client user's password).

Q129.  - (Topic 3)

Which commands are required to properly configure a router to run OSPF and to add network to OSPF area 0? (Choose two.)

A. Router(config)# router ospf 0

B. Router(config)# router ospf 1

C. Router(config)# router ospf area 0

D. Router(config-router)# network 0

E. Router(config-router)# network area 0

F. Router(config-router)# network area 0

Answer: B,E


In the router ospf command, the ranges from 1 to 65535 so o is an invalid number -> but To configure OSPF, we need a wildcard in the “network” statement, not a subnet mask. We also need to assgin an area to this process ->.

Q130.  - (Topic 4)

The output of the show frame-relay pvc command shows "PVC STATUS = INACTIVE". What does this mean?

A. The PVC is configured correctly and is operating normally, but no data packets have been detected for more than five minutes.

B. The PVC is configured correctly, is operating normally, and is no longer actively seeking the address of the remote router.

C. The PVC is configured correctly, is operating normally, and is waiting for interesting traffic to trigger a call to the remote router.

D. The PVC is configured correctly on the local switch, but there is a problem on the remote end of the PVC.

E. The PVC is not configured on the local switch.

Answer: D


The PVC STATUS displays the status of the PVC. The DCE device creates and sends the report to the DTE devices. There are 4 statuses:

+ ACTIVE: the PVC is operational and can transmit data

+ INACTIVE: the connection from the local router to the switch is working, but the connection to the remote router is not available

+ DELETED: the PVC is not present and no LMI information is being received from the Frame Relay switch

+ STATIC: the Local Management Interface (LMI) mechanism on the interface is disabled (by using the “no keepalive” command). This status is rarely seen so it is ignored in some books.

Q131.  - (Topic 5)

What are two benefits of using NAT? (Choose two.)

A. NAT facilitates end-to-end communication when IPsec is enabled.

B. NAT eliminates the need to re-address all hosts that require external access.

C. NAT conserves addresses through host MAC-level multiplexing.

D. Dynamic NAT facilitates connections from the outside of the network.

E. NAT accelerates the routing process because no modifications are made on the packets.

F. NAT protects network security because private networks are not advertised.

Answer: B,F


By not revealing the internal IP addresses, NAT adds some security to the inside network -

> F is correct.

NAT has to modify the source IP addresses in the packets -> E is not correct.

Connection from the outside of the network through a “NAT” network is more difficult than a more network because IP addresses of inside hosts are hidden -> C is not correct.

In order for IPsec to work with NAT we need to allow additional protocols, including Internet Key Exchange (IKE), Encapsulating Security Payload (ESP) and Authentication Header (AH) -> more complex -> A is not correct.

By allocating specific public IP addresses to inside hosts, NAT eliminates the need to re- address the inside hosts -> B is correct.

NAT does conserve addresses but not through host MAC-level multiplexing. It conserves addresses by allowing many private IP addresses to use the same public IP address to go to the Internet -> C is not correct.

Q132.  - (Topic 8)

when you troubleshoot an IPv4 connectivity issue on a router, which three router configuration checks you must perform?

A. Verify that the router interface IP address IP address is correct.

B. Verify that the DNS is configured correctly.

C. Verify that the router and the host use the same subnet mask.

D. Verify that the router firmware is up-to-date.

E. Verify that a default route is configured.

F. Verify that the route appears in the routing table

Answer: A,B,F

Q133.  - (Topic 5)

Which IPv6 address is the equivalent of the IPv4 interface loopback address

A. ::1

B. ::

C. 2000::/3

D. 0::/10

Answer: A


In IPv6 the loopback address is written as, ::1

This is a 128bit number, with the first 127 bits being '0' and the 128th bit being '1'. It's just a single address, so could also be written as ::1/128.

Q134.  - (Topic 3)

What OSPF command, when configured, will include all interfaces into area 0?

A. network area 0

B. network area 0

C. network area 0

D. network all-interfaces area 0

Answer: A


Example 3-1 displays OSPF with a process ID of 1 and places all interfaces configured with an IP address in area 0. The network command network area 0 dictates that you do not care ( what the IP address is, but if an IP address is enabled on any interface, place it in area 0.

Example 3-1 Configuring OSPF in a Single Area

router ospf 1

network area 0

Reference: http://www.ciscopress.com/articles/article.asp?p=26919&seqNum=3

Q135.  - (Topic 3)

Which command would you configure globally on a Cisco router that would allow you to view directly connected Cisco devices?

A. enable cdp

B. cdp enable

C. cdp run

D. run cdp

Answer: C


CDP is enabled on Cisco routers by default. If you prefer not to use the CDP capability, disable it with the no cdp run command. In order to reenable CDP, use the cdp run command in global configuration mode. The “cdp enable” command is an interface command, not global.