Want to know Ucertify 200-125 Exam practice test features? Want to lear more about Cisco CCNA Cisco Certified Network Associate CCNA (v3.0) certification experience? Study Guaranteed Cisco 200-125 answers to Improve 200-125 questions at Ucertify. Gat a success with an absolute guarantee to pass Cisco 200-125 (CCNA Cisco Certified Network Associate CCNA (v3.0)) test on your first attempt.

Q81.  - (Topic 6)

How does using the service password-encryption command on a router provide additional security?

A. by encrypting all passwords passing through the router

B. by encrypting passwords in the plain text configuration file

C. by requiring entry of encrypted passwords for access to the device

D. by configuring an MD5 encrypted key to be used by routing protocols to validate routing exchanges

E. by automatically suggesting encrypted passwords for use in configuring the router

Answer: B

Explanation:

By using this command, all the (current and future) passwords are encrypted. This command is primarily useful for keeping unauthorized individuals from viewing your password in your configuration file


Q82.  - (Topic 5)

Refer to the exhibit.

What is the most appropriate summarization for these routes?

A. 10.0.0.0 /21

B. 10.0.0.0 /22

C. 10.0.0.0 /23

D. 10.0.0.0 /24

Answer: B

Explanation:

The 10.0.0.0/22 subnet mask will include the 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 networks, and only those four networks.


Q83. CORRECT TEXT - (Topic 4)

A corporation wants to add security to its network. The requirements are:

✑ Host B should be able to use a web browser (HTTP) to access the Finance Web Server.

✑ Other types of access from host B to the Finance Web Server should be blocked.

✑ All access from hosts in the Core or local LAN to the Finance Web Server should be blocked.

✑ All hosts in the Core and on local LAN should be able to access the Public Web Server.

You have been tasked to create and apply a numbered access list to a single outbound interface. This access list can contain no more than three statements that meet these requirements.

Access to the router CLI can be gained by clicking on the appropriate host.

✑ All passwords have been temporarily set to “cisco”.

✑ The Core connection uses an IP address of 198.18.132.65.

✑ The computers in the Hosts LAN have been assigned addresses of 192.168.201.1

– 192.168.201.254.

✑ host A 192.168.201.1

✑ host B 192.168.201.2

✑ host C 192.168.201.3

✑ host D 192.168.201.4

✑ The Finance Web Server has been assigned an address of 172.22.237.17.

✑ The Public Web Server in the Server LAN has been assigned an address of 172.22.237.18.

Answer: 

Please check the below explanation for all details.

Explanation:

We should create an access-list and apply it to the interface that is connected to the Server LAN because it can filter out traffic from both S2 and Core networks. To see which interface this is, use the “show ip interface brief” command:

Macintosh HD:Users:danielkeller:Desktop:Screen Shot 2015-11-17 at 3.24.34 PM.png From this, we know that the servers are located on the fa0/1 interface, so we will place our numbered access list here in the outbound direction.

Corp1#configure terminal

Our access-list needs to allow host B – 192.168125.2 to the Finance Web Server 172.22.109.17 via HTTP (port 80), so our first line is this:

Corp1(config)#access-list 100 permit tcp host 192.168.125.2 host 172.22.109.17 eq 80

Then, our next two instructions are these:

✑ Other types of access from host B to the Finance Web Server should be blocked.

✑ All access from hosts in the Core or local LAN to the Finance Web Server should be blocked.

This can be accomplished with one command (which we need to do as our ACL needs to be no more than 3 lines long), blocking all other access to the finance web server: Corp1(config)#access-list 100 deny ip any host 172.22.109.17

Our last instruction is to allow all hosts in the Core and on the local LAN access to the Public Web Server (172.22.109.18)

Corp1(config)#access-list 100 permit ip host 172.22.109.18 any Finally, apply this access-list to Fa0/1 interface (outbound direction) Corp1(config)#interface fa0/1

Corp1(config-if)#ip access-group 100 out

Notice: We have to apply the access-list to Fa0/1 interface (not Fa0/0 interface) so that the access-list can filter traffic coming from both the LAN and the Core networks.

To verify, just click on host B to open its web browser. In the address box type

http://172.22.109.17 to check if you are allowed to access Finance Web Server or not. If

your configuration is correct then you can access it.

Click on other hosts (A, C and D) and check to make sure you can’t access Finance Web Server from these hosts. Then, repeat to make sure they can reach the public server at 172.22.109.18. Finally, save the configuration

Corp1(config-if)#end

Corp1#copy running-config startup-config


Q84.  - (Topic 8)

Which dynamic routing protocol uses only the hop count to determine the best path to a destination?

A. IGRP

B. RIP

C. EIGRP

D. OSPF

Answer: C


Q85.  - (Topic 3)

What OSPF command, when configured, will include all interfaces into area 0?

A. network 0.0.0.0 255.255.255.255 area 0

B. network 0.0.0.0 0.0.0.0 area 0

C. network 255.255.255.255 0.0.0.0 area 0

D. network all-interfaces area 0

Answer: A

Explanation:

Example 3-1 displays OSPF with a process ID of 1 and places all interfaces configured with an IP address in area 0. The network command network 0.0.0.0 255.255.255.255 area 0 dictates that you do not care (255.255.255.255) what the IP address is, but if an IP address is enabled on any interface, place it in area 0.

Example 3-1 Configuring OSPF in a Single Area

router ospf 1

network 0.0.0.0 255.255.255.255 area 0

Reference: http://www.ciscopress.com/articles/article.asp?p=26919&seqNum=3


Q86.  - (Topic 4)

Which two options are valid WAN connectivity methods? (Choose two.)

A. PPP

B. WAP

C. DSL

D. L2TPv3

E. Ethernet

Answer: A,C

Explanation:

The Point-to-Point Protocol (PPP) provides a standard method for transporting multi- protocol datagrams over point-to-point links. PPP was originally emerged as an encapsulation protocol for transporting IP traffic between two peers. It is a data link layer protocol used for WAN connections.

DSL is also considered a WAN connection, as it can be used to connect networks, typically when used with VPN technology.


Q87.  - (Topic 5)

Which subnet mask would be appropriate for a network address range to be subnetted for up to eight LANs, with each LAN containing 5 to 26 hosts?

A. 0.0.0.240

B. 255.255.255.252

C. 255.255.255.0

D. 255.255.255.224

E. 255.255.255.240

Answer: D

Explanation:

For a class C network, a mask of 255.255.255.224 will allow for up to 8 networks with 32 IP addresses each (30 usable).


Q88.  - (Topic 8)

Which Cisco platform can verify ACLs?

A. Cisco Prime Infrastructure

B. Cisco Wireless LAN Controller

C. Cisco APIC-EM

D. Cisco IOS-XE

Answer: B


Q89.  - (Topic 8)

If the primary root bridge experiences a power loss, which switch takes over?

A. switch 0004.9A1A.C182

B. switch 00E0.F90B.6BE3

C. switch 00E0.F726.3DC6

D. switch 0040.0BC0.90C5

Answer: A


Q90.  - (Topic 5)

Which command enables IPv6 forwarding on a Cisco router?

A. ipv6 local

B. ipv6 host

C. ipv6 unicast-routing

D. ipv6 neighbor

Answer: C

Explanation:

To enable IPv6 routing on the Cisco router use the following command: ipv6 unicast-routing

If this command is not recognized, your version of IOS does not support IPv6.