Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
P.S. Vivid 200-125 testing material are available on Google Drive, GET MORE: https://drive.google.com/open?id=1h4WwjNBP_fjjnxXJLxNgPsEiO-cPwGBa
Q1. What SNMP message alerts the manager to a condition on the network?
A. response
B. get
C. trap
D. capture
Answer: C
Explanation:
An agent can send unsolicited traps to the manager. Traps are messages alerting the SNMP manager to a condition on the network. Traps can mean improper user authentication, restarts, link status (up or down), MAC address tracking, closing of a TCP connection, loss of connection to a neighbor, or other significant events.
Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2950/software/release/12- 1_9_ea1/configuration/guide/scg/swsnmp.html
Q2. You have been asked to come up with a subnet mask that will allow all three web servers to be on the same network while providing the maximum number of subnets. Which network address and subnet mask meet this requirement?
A. 192.168.252.0 255.255.255.252
B. 192.168.252.8 255.255.255.248
C. 192.168.252.8 255.255.255.252
D. 192.168.252.16 255.255.255.240
E. 192.168.252.16 255.255.255.252
Answer: B
Explanation:
A subnet mask of 255.255.255.248 will allow for up to 6 hosts to reside in this network. A subnet mask of 255.255.255.252 will allow for only 2 usable IP addresses, since we cannot use the network or broadcast address.
Q3. Which two commands correctly verify whether port security has been configured on port FastEthernet 0/12 on a switch? (Choose two.)
A. SW1#show port-secure interface FastEthernet 0/12
B. SW1#show switchport port-secure interface FastEthernet 0/12
C. SW1#show running-config
D. SW1#show port-security interface FastEthernet 0/12
E. SW1#show switchport port-security interface FastEthernet 0/12
Answer: C,D
Explanation:
We can verify whether port security has been configured by using the u201cshow running- configu201d or u201cshow port-security interfaceu201d for more detail. An example of the output of u201cshow port-security interfaceu201d command is shown below:
Q4. You are working in a data center environment and are assigned the address range 10.188.31.0/23. You are asked to develop an IP addressing plan to allow the maximum number of subnets with as many as 30 hosts each. Which IP address range meets these requirements?
A. 10.188.31.0/26
B. 10.188.31.0/25
C. 10.188.31.0/28
D. 10.188.31.0/27
E. 10.188.31.0/29
Answer: D
Explanation:
Each subnet has 30 hosts < 32 = 25 so we need a subnet mask which has at least 5 bit 0s
-> /27. Also the question requires the maximum number of subnets (which minimum the number of hosts-per-subnet) so /27 is the best choice.
Q5. In a GLBP network, who is responsible for the ARP request?
A. AVF
B. AVG
C. Active Router
D. Standby Router
Answer: B
Explanation:
Members of a GLBP group elect one gateway to be the active virtual gateway (AVG) for that group. Other group members provide backup for the AVG in the event that the AVG becomes unavailable. The AVG assigns a virtual MAC address to each member of the GLBP group. Each gateway assumes responsibility for forwarding packets sent to the virtual MAC address assigned to it by the AVG. These gateways are known as active virtual forwarders (AVFs) for their virtual MAC address.
The AVG is responsible for answering Address Resolution Protocol (ARP) requests for the virtual IP address. Load sharing is achieved by the AVG replying to the ARP requests with different virtual MAC addresses.
Reference: http://www.cisco.com/en/US/docs/ios/12_2t/12_2t15/feature/guide/ft_glbp.html
Q6. Refer to the exhibit.
What is the cause of the Syslog output messages?
A. The EIGRP neighbor on Fa0/1 went down due to a failed link.
B. The EIGRP neighbor connected to Fa0/1 is participating in a different EIGRP process, causing the adjacency to go down.
C. A shut command was executed on interface Fa0/1, causing the EIGRP adjacency to go
down.
D. Interface Fa0/1 has become error disabled, causing the EIGRP adjacency to go down.
Answer: C
Explanation:
The first lines of the message show that a configuration change was made, and that the fa0/1 interface changed to a state of administratively down. This can only be done by issuing the shutdown command. The last line indicates that this caused an EIGRP neighbor adjacency to go down.
Q7. Refer to the exhibit.
An administrator pings the default gateway at 10.10.10.1 and sees the output as shown. At which OSI layer is the problem?
A. data link layer
B. application layer
C. access layer
D. session layer
E. network layer
Answer: E
Explanation:
The command ping uses ICMP protocol, which is a network layer protocol used to propagate control message between host and router. The command ping is often used to verify the network connectivity, so it works at the network layer.
Q8. What authentication type is used by SNMPv2?
A. HMAC-MD5
B. HMAC-SHA
C. CBC-DES
D. community strings
Answer: D
Explanation:
SNMP Versions
Cisco IOS software supports the following versions of SNMP:
u2022SNMPv1 u2014 The Simple Network Management Protocol: A Full Internet Standard, defined in RFC 1157. (RFC 1157 replaces the earlier versions that were published as RFC 1067 and RFC 1098.) Security is based on community strings.
u2022SNMPv2c u2014 The community-string based Administrative Framework for SNMPv2. SNMPv2c (the "c" stands for "community") is an Experimental Internet Protocol defined in RFC 1901, RFC 1905, and RFC 1906. SNMPv2c is an update of the protocol operations and data types of SNMPv2p (SNMPv2 Classic), and uses the community-based security model of SNMPv1.
u2022SNMPv3 u2014 Version 3 of SNMP. SNMPv3 is an interoperable standards-based protocol defined in RFCs 2273 to 2275. SNMPv3 provides secure access to devices by a combination of authenticating and encrypting packets over the network.
SNMP Security Models and Levels
Model Level
Authentication Encryption What Happens v1 noAuthNoPriv
Community String No
Uses a community string match for authentication. v2c
noAuthNoPriv Community String No
Uses a community string match for authentication. v3
noAuthNoPriv Username
No
Uses a username match for authentication. v3
authNoPriv MD5 or SHA
No
Provides authentication based on the HMAC-MD5 or HMAC-SHA algorithms. v3
authPriv MD5 or SHA DES
Provides authentication based on the HMAC-MD5 or HMAC-SHA algorithms. Provides DES 56-bit encryption in addition to authentication based on the CBC-DES (DES-56) standard.
Reference: http://www.cisco.com/c/en/us/td/docs/ios/12_2/configfun/configuration/guide/ffun_c/fcf014.h tml
Q9. When you are troubleshooting an ACL issue on a router, which command would you use to verify which interfaces are affected by the ACL?
A. show ip access-lists
B. show access-lists
C. show interface
D. show ip interface
E. list ip interface
Answer: D
Explanation:
Incorrect:
show ip access-lists does not show interfaces affected by an ACL.
Q10. On which options are standard access lists based?
A. destination address and wildcard mask
B. destination address and subnet mask
C. source address and subnet mask
D. source address and wildcard mask
Answer: D
Explanation:
Standard ACLu2021s only examine the source IP address/mask to determine if a match is made. Extended ACLu2021s examine the source and destination address, as well as port information.
P.S. Easily pass 200-125 Exam with 2passeasy Vivid Dumps & pdf vce, Try Free: https://www.2passeasy.com//dumps/200-125/ (890 New Questions)