It is more faster and easier to pass the Cisco 200 125 ccna pdf exam by using Virtual Cisco CCNA Cisco Certified Network Associate CCNA (v3.0) questuins and answers. Immediate access to the Most up-to-date 200 125 ccna book Exam and find the same core area ccna routing and switching 200 125 pdf questions with professionally verified answers, then PASS your exam with a high score now.

P.S. Virtual 200-125 tutorials are available on Google Drive, GET MORE:

New Cisco 200-125 Exam Dumps Collection (Question 1 - Question 10)

Q1. What are three advantages of VLANs? (Choose three.)

A. They establish broadcast domains in switched networks.

B. They provide a low-latency internetworking alternative to routed networks.

C. They utilize packet filtering to enhance network security.

D. They can simplify adding, moving, or changing hosts on the network.

E. They allow access to network services based on department, not physical location.

F. They provide a method of conserving IP addresses in large networks.

Answer: A,D,E

Q2. If router R1 knows a static route to a destination network and then learn about the same destination network through a dynamic routing protocol, how does R1 respond?

A. It sends a withdrawal notification to the neighboring router.

B. It refuses to advertise the dynamic route to other neighbors.

C. It disables the routing protocol.

D. It prefers the static route.

Answer: D

Q3. What is the effect of using the service password-encryption command?

A. Only the enable password will be encrypted.

B. It will encrypt all current and future passwords.

C. It will encrypt the secret password and remove the enable secret password from the configuration.

D. Only the enable secret password will be encrypted.

E. Only passwords configured after the command has been entered will be encrypted.

Answer: B


Enable vty, console, AUX passwords are configured on the Cisco device. Use the show run command to show most passwords in clear text. If the service password-encryption is used, all the passwords are encrypted. As a result, the security of device access is improved.

Q4. Which tow options describe benefits of aggregated chassis technology? (Choose two.)

A. It requires only three IP addresses per VLAN.

B. It reduces management overhead.

C. It requires only one IP address per VLAN.

D. It supports redundant configuration files.

E. It supports HSRP, VRRP, and GLBP.

F. Switches can be located anywhere regardless of their physical distance from one another.

Answer: B,C

Q5. Which step in the router boot process searches for an IOS image to load into the router?

A. bootstrap


C. mini-IOS

D. ROMMON mode

Answer: A

Q6. CORRECT TEXTA corporation wants to add security to its network. The requirements are:

u2711 Host C should be able to use a web browser (HTTP) to access the Finance Web Server.

u2711 Other types of access from host C to the Finance Web Server should be blocked.

u2711 All access from hosts in the Core or local LAN to the Finance Web Server should be blocked.

u2711 All hosts in the Core and on local LAN should be able to access the Public Web Server.

You have been tasked to create and apply anumbered access listto a single outbound interface. This access list can contain no more thanthreestatements that meet these requirements.

Access to the router CLI can be gained by clicking on the appropriate host.

u2711 All passwords have been temporarily set to u201cciscou201d.

u2711 The Core connection uses an IP address of

u2711 The computers in the Hosts LAN have been assigned addresses of u2013

u2711 host A

u2711 host B

u2711 host C

u2711 host D

u2711 The Finance Web Server has been assigned an address of

u2711 The Public Web Server in the Server LAN has been assigned an address of


Please see below explanation part for details answer steps:


We should create an access-list and apply it to the interface that is connected to the Server LAN because it can filter out traffic from both S2 and Core networks. To see which interface this is, use the u201cshow ip int briefu201d command:

From this, we know that the servers are located on the fa0/1 interface, so we will place our numbered access list here in the outbound direction.

Corp1#configure terminal

Our access-list needs to allow host C u2013 192.168125.3 to the Finance Web Server via HTTP (port 80), so our first line is this:

Corp1(config)#access-list 100 permit tcp host host eq 80

Then, our next two instructions are these:

u2711 Other types of access from host C to the Finance Web Server should be blocked.

u2711 All access from hosts in the Core or local LAN to the Finance Web Server should be blocked.

This can be accomplished with one command (which we need to do as our ACL needs to

be no more than 3 lines long), blocking all other access to the finance web server:

Corp1(config)#access-list 100 deny ip any host

Our last instruction is to allow all hosts in the Core and on the local LAN access to the Public Web Server (

Corp1(config)#access-list 100 permit ip host any Finally, apply this access-list to Fa0/1 interface (outbound direction) Corp1(config)#interface fa0/1

Corp1(config-if)#ip access-group 100 out

Notice: We have to apply the access-list to Fa0/1 interface (not Fa0/0 interface) so that the access-list can filter traffic coming from both the LAN and the Core networks.

To verify, just click on host C to open its web browser. In the address box type to check if you are allowed to access Finance Web Server or not. If your configuration is correct then you can access it.

Click on other hosts (A, B and D) and check to make sure you canu2019t access Finance Web Server from these hosts. Then, repeat to make sure they can reach the public server at Finally, save the configuration


Corp1#copy running-config startup-config

Q7. Which type of address is the public IP address of a NAT device?

A. outside global

B. outside local

C. inside global

D. inside local

E. outside public

F. inside public

Answer: C

Q8. Which two circumstances can cause collision domain issues on VLAN domain? (Choose two.)

A. duplex mismatches on Ethernet segments in the same VLAN

B. multiple errors on switchport interfaces

C. congestion on the switch inband path

D. a failing NIC in an end device

E. an overloaded shared segment

Answer: A,C

Explanation: Collision Domains

Acollision domainis an area of a single LAN where end stations contend for access to the network because all end stations are connected to a shared physical medium. If two connected devices transmit onto the media at the same time, acollisionoccurs. When a collision occurs, a JAM signal is sent on the network, indicating that a collision has occurred and that devices should ignore any fragmented data associated with the collision. Both sending devices back off sending their data for a random amount and then try again if the medium is free for transmission. Therefore, collisions effectively delay transmission of data, lowering the effective throughput available to a device. The more devices that are attached to a collision domain, the greater the chances of collisions; this results in lower bandwidth and performance for each device attached to the collision domain. Bridges and switches terminate the physical signal path of a collision domain, allowing you to segment separate collision domains, breaking them up into multiple smaller pieces to provide more bandwidth per user within the new collision domains formed.

Q9. By default, how many MAC addresses are permitted to be learned on a switch port with port security enabled?

A. 8

B. 2

C. 1

D. 0

Answer: C

Q10. Which two statements about IPv6 and routing protocols are true? (Choose two.)

A. Link-local addresses are used to form routing adjacencies.

B. OSPFv3 was developed to support IPv6 routing.

C. EIGRP, OSPF, and BGP are the only routing protocols that support IPv6.

D. Loopback addresses are used to form routing adjacencies.

E. EIGRPv3 was developed to support IPv6 routing.

Answer: A,B

100% Most up-to-date Cisco 200-125 Questions & Answers shared by Examcollection, Get HERE: (New 889 Q&As)