The Down to date Guide To 200-125 dump Apr 2017

The article at going over is very comprehensive.

Q41.  - (Topic 6)

Which statement about access lists that are applied to an interface is true?

A. You can place as many access lists as you want on any interface.

B. You can apply only one access list on any interface.

C. You can configure one access list, per direction, per Layer 3 protocol.

D. You can apply multiple access lists with the same protocol or in different directions.

Answer: C


We can have only 1 access list per protocol, per direction and per interface. It means:

+ We cannot have 2 inbound access lists on an interface

+ We can have 1 inbound and 1 outbound access list on an interface

Q42.  - (Topic 8)

Which statement about LLDP is true?

A. It is a Cisco proprietary protocol.

B. It is configured in global configuration mode.

C. The LLDP update frequency is a fixed value.

D. It runs over the transport layer.

Answer: B

Q43.  - (Topic 5)

What will happen if a private IP address is assigned to a public interface connected to an ISP?

A. Addresses in a private range will not be routed on the Internet backbone.

B. Only the ISP router will have the capability to access the public network.

C. The NAT process will be used to translate this address to a valid IP address.

D. A conflict of IP addresses happens, because other public routers can use the same range.

Answer: A


Private RFC 1918 IP addresses are meant to be used by organizations locally within their own network only, and cannot be used globally for Internet use.

Q44.  - (Topic 6)

Refer to the exhibit.

The following commands are executed on interface fa0/1 of 2950Switch. 2950Switch(config-if)# switchport port-security

2950Switch(config-if)# switchport port-security mac-address sticky 2950Switch(config-if)# switchport port-security maximum 1

The Ethernet frame that is shown arrives on interface fa0/1. What two functions will occur when this frame is received by 2950Switch? (Choose two.)

A. The MAC address table will now have an additional entry of fa0/1 FFFF.FFFF.FFFF.

B. Only host A will be allowed to transmit frames on fa0/1.

C. This frame will be discarded when it is received by 2950Switch.

D. All frames arriving on 2950Switch with a destination of 0000.00aa.aaaa will be forwarded out fa0/1.

E. Hosts B and C may forward frames out fa0/1 but frames arriving from other switches will not be forwarded out fa0/1.

F. Only frames from source 0000.00bb.bbbb, the first learned MAC address of 2950Switch, will be forwarded out fa0/1.

Answer: B,D


The configuration shown here is an example of port security, specifically port security using sticky addresses. You can use port security with dynamically learned and static MAC addresses to restrict a port's ingress traffic by limiting the MAC addresses that are allowed to send traffic into the port. When you assign secure MAC addresses to a secure port, the port does not forward ingress traffic that has source addresses outside the group of defined addresses. If you limit the number of secure MAC addresses to one and assign a single secure MAC address, the device attached to that port has the full bandwidth of the port.

Port security with sticky MAC addresses provides many of the same benefits as port security with static MAC addresses, but sticky MAC addresses can be learned dynamically. Port security with sticky MAC addresses retains dynamically learned MAC addresses during a link-down condition.

Q45.  - (Topic 8)

Which network topology allows all traffic to flow through a central hub?

A. bus

B. star

C. mesh

D. ring

Answer: B

Q46.  - (Topic 7)


Refer to the topology. Your company has decided to connect the main office with three other remote branch offices using point-to-point serial links.

You are required to troubleshoot and resolve OSPF neighbor adjacency issues between the main office and the routers located in the remote branch offices.

An OSPF neighbor adjacency is not formed between R3 in the main office and R5 in the Branch2 office. What is causing the problem?

A. There is an area ID mismatch.

B. There is a PPP authentication issue; a password mismatch.

C. There is an OSPF hello and dead interval mismatch.

D. There is a missing network command in the OSPF process on R5.

Answer: C


The “show ip ospf interface command on R3 and R5 shows that the hello and dead intervals do not match. They are 50 and 200 on R3 and 10 and 40 on R5.

Q47.  - (Topic 5)

Which three statements about Syslog utilization are true? (Choose three.)

A. Utilizing Syslog improves network performance.

B. The Syslog server automatically notifies the network administrator of network problems.

C. A Syslog server provides the storage space necessary to store log files without using router disk space.

D. There are more Syslog messages available within Cisco IOS than there are comparable SNMP trap messages.

E. Enabling Syslog on a router automatically enables NTP for accurate time stamping.

F. A Syslog server helps in aggregation of logs and alerts.

Answer: C,D,F


The Syslog sender sends a small (less than 1KB) text message to the Syslog receiver. The Syslog receiver is commonly called "syslogd," "Syslog daemon," or "Syslog server." Syslog messages can be sent via UDP (port 514) and/or TCP (typically, port 5000). While there are some exceptions, such as SSL wrappers, this data is typically sent in clear text over the network. A Syslog server provides the storage space necessary to store log files without using router disk space.

In general, there are significantly more Syslog messages available within IOS as compared to SNMP Trap messages. For example, a Cisco Catalyst 6500 switch running Cisco IOS Software Release 12.2(18)SXF contains about 90 SNMP trap notification messages, but has more than 6000 Syslog event messages.

System logging is a method of collecting messages from devices to a server running a syslog daemon. Logging to a central syslog server helps in aggregation of logs and alerts. Cisco devices can send their log messages to a UNIX-style syslog service. A syslog service accepts messages and stores them in files, or prints them according to a simple configuration file.


Q48.  - (Topic 5)

A network administrator enters the following command on a router: logging trap 3. What are three message types that will be sent to the Syslog server? (Choose three.)

A. informational

B. emergency

C. warning

D. critical

E. debug

F. error

Answer: B,D,F


The Message Logging is divided into 8 levels as listed below:

Level Keyword Description 0

emergencies System is unusable 1


Immediate action is needed 2


Critical conditions exist 3


Error conditions exist 4


Warning conditions exist 5


Normal, but significant, conditions exist 6

informational Informational messages 7

debugging Debugging messages

If you specify a level with the “logging trap level” command, that level and all the higher levels will be logged. For example, by using the “logging trap 3 command, all the logging of emergencies, alerts, critical, and errors, will be logged.

Q49.  - (Topic 3)

Why do large OSPF networks use a hierarchical design? (Choose three.)

A. to decrease latency by increasing bandwidth

B. to reduce routing overhead

C. to speed up convergence

D. to confine network instability to single areas of the network

E. to reduce the complexity of router configuration

F. to lower costs by replacing routers with distribution layer switches

Answer: B,C,D


OSPF implements a two-tier hierarchical routing model that uses a core or backbone tier known as area zero (0). Attached to that backbone via area border routers (ABRs) are a number of secondary tier areas. The hierarchical approach is used to achieve the following:

•Rapid convergence because of link and/or switch failures

•Deterministic traffic recovery

•Scalable and manageable routing hierarchy, reduced routing overhead.

Q50. DRAG DROP - (Topic 7)

Drag each category on the left to its corresponding router output line on the right. Each router output line is the result of a show ip interface command. Not all categories are used.



A simple way to find out which layer is having problem is to remember this rule: “the first statement is for Layer 1, the last statement is for Layer 2 and if Layer 1 is down then surely Layer 2 will be down too”, so you have to check Layer 1 before checking Layer 2. For example, from the output “Serial0/1 is up, line protocol is down” we know that it is a layer 2 problem because the first statement (Serial0/1 is up) is good while the last statement (line protocol is down) is bad. For the statement “Serial0/1 is down, line protocol is down”, both layers are down so the problem belongs to Layer 1.

There is only one special case with the statement “…. is administrator down, line protocol is down”. In this case, we know that the port is currently disabled and shut down by the administrators.