Refined of ccna 200 120 vs 200 125 exam price materials and testing bible for Cisco certification for client, Real Success Guaranteed with Updated ccna 200 125 book pdf dumps vce Materials. 100% PASS CCNA Cisco Certified Network Associate CCNA (v3.0) exam Today!

Q51. CORRECT TEXT - (Topic 7)

A network associate is adding security to the configuration of the Corp1 router. The user on host C should be able to use a web browser to access financial information from the Finance Web Server. No other hosts from the LAN nor the Core should be able to use a web browser to access this server. Since there are multiple resources for the corporation at this location including other resources on the Finance Web Server, all other traffic should be allowed.

The task is to create and apply an access-list with no more than three statements that will allow ONLY host C web access to the Finance Web Server. No other hosts will have web access to the Finance Web Server. All other traffic is permitted.

Access to the router CLI can be gained by clicking on the appropriate host.

All passwords have been temporarily set to "cisco".

The Core connection uses an IP address of 198.18.247.65

The computers in the Hosts LAN have been assigned addresses of 192.168.240.1 - 192.168.240.254

✑ host A 192.168.240.1

✑ host B 192.168.240.2

✑ host C 192.168.240.3

Answer: 

Corp1#conf t

Corp1(config)# access-list 128 permit tcp host 192.168.240.1 host 172.22.141.26 eq www Corp1(config)# access-list 128 deny tcp any host 172.22.141.26 eq www

Corp1(config)# access-list 128 permit ip any any Corp1(config)#int fa0/1

Corp1(config-if)#ip access-group 128 out Corp1(config-if)#end

Corp1#copy run startup-config


Q52.  - (Topic 8)

If three devices are plugged into one port on a switch and two devices are plugged into a different port, how many collision domains are on the switch?

A. 2

B. 4

C. 5

D. 6

Answer: C


Q53.  - (Topic 4)

Refer to the exhibit.

What is the meaning of the term dynamic as displayed in the output of the show frame- relay map command shown?

A. The Serial0/0 interface is passing traffic.

B. The DLCI 100 was dynamically allocated by the router.

C. The Serial0/0 interface acquired the IP address of 172.16.3.1 from a DHCP server.

D. The DLCI 100 will be dynamically changed as required to adapt to changes in the Frame Relay cloud.

E. The mapping between DLCI 100 and the end station IP address 172.16.3.1 was learned through Inverse ARP.

Answer: E

Explanation:

Inverse Address Resolution Protocol (Inverse ARP) was developed to provide a mechanism for dynamic DLCI to Layer 3 address maps. Inverse ARP works much the same way Address Resolution Protocol (ARP) works on a LAN. However, with ARP, the device knows the Layer 3 IP address and needs to know the remote data link MAC address. With Inverse ARP, the router knows the Layer 2 address which is the DLCI, but needs to know the remote Layer 3 IP address.

When using dynamic address mapping, Inverse ARP requests a next-hop protocol address for each active PVC. Once the requesting router receives an Inverse ARP response, it updates its DLCI-to-Layer 3 address mapping table. Dynamic address mapping is enabled by default for all protocols enabled on a physical interface. If the Frame Relay environment supports LMI autosensing and Inverse ARP, dynamic address mapping takes place automatically. Therefore, no static address mapping is required.


Q54.  - (Topic 5)

Which three are characteristics of an IPv6 anycast address? (Choose three.)

A. one-to-many communication model

B. one-to-nearest communication model

C. any-to-many communication model

D. a unique IPv6 address for each device in the group

E. the same address for multiple devices in the group

F. delivery of packets to the group interface that is closest to the sending device

Answer: B,E,F

Explanation:

A new address type made specifically for IPv6 is called the Anycast Address. These IPv6 addresses are global addresses, these addresses can be assigned to more than one interface unlike an IPv6 unicast address. Anycast is designed to send a packet to the nearest interface that is a part of that anycast group.

The sender creates a packet and forwards the packet to the anycast address as the destination address which goes to the nearest router. The nearest router or interface is found by using the metric of a routing protocol currently running on the network. However in a LAN setting the nearest interface is found depending on the order the neighbors were learned. The anycast packet in a LAN setting forwards the packet to the neighbor it learned about first.


Q55.  - (Topic 8)

Which dynamic routing protocol uses only the hop count to determine the best path to a destination?

A. IGRP

B. RIP

C. EIGRP

D. OSPF

Answer: C


Q56.  - (Topic 7)

What Netflow component can be applied to an interface to track IPv4 traffic?

A. flow monitor

B. flow record

C. flow sampler

D. flow exporter

Answer: A

Explanation:

Flow monitors are the Flexible NetFlow component that is applied to interfaces to perform network traffic monitoring. Flow monitors consist of a record and a cache. You add the record to the flow monitor after you create the flow monitor. The flow monitor cache is automatically created at the time the flow monitor is applied to the first interface. Flow data

is collected from the network traffic during the monitoring process based on the key and nonkey fields in the record, which is configured for the flow monitor and stored in the flow monitor cache.

For example, the following example creates a flow monitor named FLOW-MONITOR-1 and enters Flexible NetFlow flow monitor configuration mode:

Router(config)# flow monitor FLOW-MONITOR-1 Router(config-flow-monitor)#


Q57.  - (Topic 6)

A network administrator is configuring ACLs on a Cisco router, to allow traffic from hosts on networks 192.168.146.0, 192.168.147.0, 192.168.148.0, and 192.168.149.0 only. Which

two ACL statements, when combined, would you use to accomplish this task? (Choose two.)

A. access-list 10 permit ip 192.168.146.0 0.0.1.255

B. access-list 10 permit ip 192.168.147.0 0.0.255.255

C. access-list 10 permit ip 192.168.148.0 0.0.1.255

D. access-list 10 permit ip 192.168.149.0 0.0.255.255

E. access-list 10 permit ip 192.168.146.0 0.0.0.255

F. access-list 10 permit ip 192.168.146.0 255.255.255.0

Answer: A,C

Explanation:

“access-list 10 permit ip 192.168.146.0 0.0.1.255” would allow only the 192.168.146.0 and

192.168.147.0 networks, and “access-list 10 permit ip 192.168.148.0 0.0.1.255” would allow only the 192.168.148.0 and 192.168.149.0 networks.

Topic 7, Infrastructure Management


Q58. DRAG DROP - (Topic 7)

Drag each category on the left to its corresponding router output line on the right. Each router output line is the result of a show ip interface command. Not all categories are used.

Answer:

Explanation:

A simple way to find out which layer is having problem is to remember this rule: “the first statement is for Layer 1, the last statement is for Layer 2 and if Layer 1 is down then surely Layer 2 will be down too”, so you have to check Layer 1 before checking Layer 2. For example, from the output “Serial0/1 is up, line protocol is down” we know that it is a layer 2 problem because the first statement (Serial0/1 is up) is good while the last statement (line protocol is down) is bad. For the statement “Serial0/1 is down, line protocol is down”, both layers are down so the problem belongs to Layer 1.

There is only one special case with the statement “…. is administrator down, line protocol is down”. In this case, we know that the port is currently disabled and shut down by the administrators.


Q59.  - (Topic 6)

Refer to exhibit.

A network administrator cannot establish a Telnet session with the indicated router. What is the cause of this failure?

A. A Level 5 password is not set.

B. An ACL is blocking Telnet access.

C. The vty password is missing.

D. The console password is missing.

Answer: C

Explanation:

The login keyword has been set, but not password. This will result in the “password

required, but none set” message to users trying to telnet to this router.


Q60.  - (Topic 5)

What are the Popular destinations for syslog messages to be saved? (Choose three)

A. Flash

B. The logging buffer .RAM

C. The console terminal

D. Other terminals

E. Syslog server

Answer: B,C,E

Explanation:

By default, switches send the output from system messages and debug privileged EXEC commands to a logging process. The logging process controls the distribution of logging messages to various destinations, such as the logging buffer (on RAM), terminal lines (console terminal), or a UNIX syslog server, depending on your configuration. The process also sends messages to the console.

Note: Syslog messages can be written to a file in Flash memory although it is not a popular place to use. We can configure this feature with the command logging file flash:filename.