♥♥ 2017 NEW RECOMMEND ♥♥

Free VCE & PDF File for Cisco 200-125 Real Exam (Full Version!)

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW 200-125 Exam Dumps (PDF & VCE):
Available on: http://www.surepassexam.com/200-125-exam-dumps.html

Q1.  - (Topic 5)

Which three features are added in SNMPv3 over SNMPv2?

A. Message Integrity

B. Compression

C. Authentication

D. Encryption

E. Error Detection

Answer: A,C,D


Cisco IOS software supports the following versions of SNMP:

+ SNMPv1 – The Simple Network Management Protocol: A Full Internet Standard, defined in RFC 1157. (RFC 1157 replaces the earlier versions that were published as RFC 1067 and RFC 1098.) Security is based on community strings.

+ SNMPv2c – The community-string based Administrative Framework for SNMPv2. SNMPv2c (the “c” stands for “community”) is an Experimental Internet Protocol defined in RFC 1901, RFC 1905, and RFC 1906. SNMPv2c is an update of the protocol operations and data types of SNMPv2p (SNMPv2 Classic), and uses the community-based security model of SNMPv1.

+ SNMPv3 – Version 3 of SNMP. SNMPv3 is an interoperable standards-based protocol defined in RFCs 2273 to 2275. SNMPv3 provides secure access to devices by a combination of authenticating and encrypting packets over the network. The security features provided in SNMPv3 are as follows:

– Message integrity: Ensuring that a packet has not been tampered with in transit.

– Authentication: Determining that the message is from a valid source.

– Encryption: Scrambling the contents of a packet prevent it from being learned by an unauthorized source.

Q2.  - (Topic 5)

Refer to the exhibit.

The Bigtime router is unable to authenticate to the Littletime router. What is the cause of the problem?

A. The usernames are incorrectly configured on the two routers.

B. The passwords do not match on the two routers.

C. CHAP authentication cannot be used on a serial interface.

D. The routers cannot be connected from interface S0/0 to interface S0/0.

E. With CHAP authentication, one router must authenticate to another router. The routers cannot be configured to authenticate to each other.

Answer: B


With CHAP authentication, the configured passwords must be identical on each router. Here, it is configured as little123 on one side and big123 on the other.

Q3.  - (Topic 5)

In a GLBP network, who is responsible for the ARP request?



C. Active Router

D. Standby Router

Answer: B


Members of a GLBP group elect one gateway to be the active virtual gateway (AVG) for that group. Other group members provide backup for the AVG in the event that the AVG becomes unavailable. The AVG assigns a virtual MAC address to each member of the GLBP group. Each gateway assumes responsibility for forwarding packets sent to the virtual MAC address assigned to it by the AVG. These gateways are known as active virtual forwarders (AVFs) for their virtual MAC address.

The AVG is responsible for answering Address Resolution Protocol (ARP) requests for the virtual IP address. Load sharing is achieved by the AVG replying to the ARP requests with different virtual MAC addresses.

Reference: http://www.cisco.com/en/US/docs/ios/12_2t/12_2t15/feature/guide/ft_glbp.html

Q4.  - (Topic 4)

What occurs on a Frame Relay network when the CIR is exceeded?

A. All TCP traffic is marked discard eligible.

B. All UDP traffic is marked discard eligible and a BECN is sent.

C. All TCP traffic is marked discard eligible and a BECN is sent.

D. All traffic exceeding the CIR is marked discard eligible.

Answer: D


Committed information rate (CIR): The minimum guaranteed data transfer rate agreed to by the Frame Relay switch. Frames that are sent in excess of the CIR are marked as discard eligible (DE) which means they can be dropped if the congestion occurs within the Frame Relay network.

Note: In the Frame Relay frame format, there is a bit called Discard eligible (DE) bit that is used to identify frames that are first to be dropped when the CIR is exceeded.

Q5.  - (Topic 3)

If IP routing is enabled, which two commands set the gateway of last resort to the default gateway? (Choose two.)

A. ip default-gateway

B. ip route

C. ip default-network

D. ip default-route

E. ip route

Answer: C,E


Both the “ip default-network” and “ip route (next hop)” commands can be used to set the default gateway in a Cisco router.

Q6.  - (Topic 5)

Refer to the exhibit.

A network administrator is adding two new hosts to SwitchA. Which three values could be used for the configuration of these hosts? (Choose three.)

A. host A IP address:

B. host A IP address:

C. host A default gateway:

D. host B IP address:

E. host B default gateway:

F. host B IP address:

Answer: A,C,F


It’s a “router-on-a-stick” configuration. Which means each host in the VLAN must corresponds with the VLAN configured on the sub-interfaces.

VLAN 10 is configured on fa0/0.10 and VLAN 20 on fa0/0.20. So each hosts in VLAN 10 must use fa0/0.10 IP address as their default gateway, each hosts must also be in the same subnet as fa0/0.10 IP – same with hosts in VLAN 20.

So find out the usable IP addresses on each sub-interfaces – for /27: – .94 and for /26: – .190.

Host A (using port 6 – VLAN 10) must use IP, default gateway Host B (using port 9 – VLAN 20) must use IP, default gateway

Q7. CORRECT TEXT - (Topic 7)

The following have already been configured on the router:

✑ The basic router configuration

✑ The appropriate interfaces have been configured for NAT inside and NAT outside.

✑ The appropriate static routes have also been configured (since the company will be a stub network, no routing protocol will be required)

✑ All passwords have been temporarily set to “cisco”.

The task is to complete the NAT configuration using all IP addresses assigned by the ISP to provide Internet access for the hosts in the Weaver LAN. Functionality can be tested by clicking on the host provided for testing.

Configuration information:

router name – Weaver

inside global addresses – - inside local addresses - – number of inside hosts – 14

A network associate is configuring a router for the weaver company to provide internet access. The ISP has provided the company six public IP addresses of The company has 14 hosts that need to access the internet simultaneously. The hosts in the company LAN have been assigned private space addresses in the range of –


The company has 14 hosts that need to access the internet simultaneously but we just have 6 public IP addresses from to Therefore we have to use NAT overload (or PAT)

Double click on the Weaver router to open it

Router>enable Router#configure terminal

First you should change the router's name to Weaver

Router(config)#hostname Weaver

Create a NAT pool of global addresses to be allocated with their netmask. Weaver(config)#ip nat pool mypool netmask

Create a standard access control list that permits the addresses that are to be translated.

Weaver(config)#access-list 1 permit

Establish dynamic source translation, specifying the access list that was defined in the prior step.

Weaver(config)#ip nat inside source list 1 pool mypool overload

This command translates all source addresses that pass access list 1, which means a source address from to, into an address from the pool named mypool (the pool contains addresses from to Overload keyword allows to map multiple IP addresses to a single registered IP address (many-to-one) by using different ports.

The question said that appropriate interfaces have been configured for NAT inside and NAT outside statements.

This is how to configure the NAT inside and NAT outside, just for your understanding:

Weaver(config)#interface fa0/0 Weaver(config-if)#ip nat inside Weaver(config-if)#exit Weaver(config)#interface s0/0 Weaver(config-if)#ip nat outside Weaver(config-if)#end

Finally, we should save all your work with the following command:

Weaver#copy running-config startup-config

Check your configuration by going to "Host for testing" and type:

C :\>ping

The ping should work well and you will be replied from

Q8.  - (Topic 8)

Why has the Branch3 router lost connectivity with R1?

Use only show commands to troubleshoot because usage of the debug command is restricted on the Branch3 and R1 routers.

A. A PPP chap hostname mismatch is noticed between Branch3 and R1.

B. A PPP chap password mismatch is noticed between Branch3 and R1.

C. PPP encapsulation is not configured on Branch3.

D. The PPP chap hostname and PPP chap password commands are missing on the Branch3 router.

Answer: A

Q9.  - (Topic 4)

Users have been complaining that their Frame Relay connection to the corporate site is very slow. The network administrator suspects that the link is overloaded.

Based on the partial output of the Router# show frame relay pvc command shown in the graphic, which output value indicates to the local router that traffic sent to the corporate site is experiencing congestion?

A. DLCI = 100

B. last time PVC status changed 00:25:40

C. in BECN packets 192

D. in FECN packets 147

E. in DE packets 0

Answer: C


If device A is sending data to device B across a Frame Relay infrastructure and one of the intermediate Frame Relay switches encounters congestion, congestion being full buffers, over-subscribed port, overloaded resources, etc, it will set the BECN bit on packets being returned to the sending device and the FECN bit on the packets being sent to the receiving device.

Q10.  - (Topic 4)

At which layer of the OSI model does PPP perform?

A. Layer 2

B. Layer 3

C. Layer 4

D. Layer 5

Answer: A


The Point-to-Point Protocol (PPP) provides a standard method for transporting multi- protocol datagrams over point-to-point links. PPP was originally emerged as an encapsulation protocol for transporting IP traffic between two peers. It is a data link layer protocol (layer 2 in the OSI model)