It is impossible to pass Cisco 200 125 ccna book exam without any help in the short term. Come to Actualtests soon and find the most advanced, correct and guaranteed Cisco cisco 200 125 practice questions. You will get a surprising result by our Up to the immediate present CCNA Cisco Certified Network Associate CCNA (v3.0) practice guides.
2026 New 200-125 Exam Dumps with PDF and VCE Free: https://www.2passeasy.com/dumps/200-125/
Q1. - (Topic 8)
Which option is the default switch port port-security violation mode?
A. shutdown
B. protect
C. shutdown vlan
D. restrict
Answer: A
Explanation:
Shutdown—This mode is the default violation mode; when in this mode, the switch will automatically force the switchport into an error disabled (err-disable) state when a violation occurs. While in this state, the switchport forwards no traffic. The switchport can be brought out of this error disabled state by issuing the errdisable recovery cause CLI command or by disabling and reenabling the switchport.
Shutdown VLAN—This mode mimics the behavior of the shutdown mode but limits the error disabled state the specific violating VLAN.
Q2. - (Topic 7)
What Netflow component can be applied to an interface to track IPv4 traffic?
A. flow monitor
B. flow record
C. flow sampler
D. flow exporter
Answer: A
Explanation:
Flow monitors are the Flexible NetFlow component that is applied to interfaces to perform network traffic monitoring. Flow monitors consist of a record and a cache. You add the record to the flow monitor after you create the flow monitor. The flow monitor cache is automatically created at the time the flow monitor is applied to the first interface. Flow data
is collected from the network traffic during the monitoring process based on the key and nonkey fields in the record, which is configured for the flow monitor and stored in the flow monitor cache.
For example, the following example creates a flow monitor named FLOW-MONITOR-1 and enters Flexible NetFlow flow monitor configuration mode:
Router(config)# flow monitor FLOW-MONITOR-1 Router(config-flow-monitor)#
Q3. - (Topic 8)
R1# show running-config interface Loopback0
description ***Loopback***
ip address 192.168.1.1 255.255.255.255
ip ospf 1 area 0
!
interface Ethernet0/0
description **Connected to R1-LAN** ip address 10.10.110.1 255.255.255.0
ip ospf 1 area 0
!
interface Ethernet0/1
description **Connected to L2SW**
ip address 10.10.230.1 255.255.255.0
ip ospf hello-interval 25 ip ospf 1 area 0
!
router ospf 1
log-adjacency-changes
R2# show running-config R2
!
interface Loopback0 description **Loopback**
ip address 192.168.2.2 255.255.255.255
ip ospf 2 area 0
!
interface Ethernet0/0
description **Connected to R2-LAN**
ip address 10.10.120.1 255.255.255.0
ip ospf 2 area 0
!
interface Ethernet0/1
description **Connected to L2SW**
ip address 10.10.230.2 255.255.255.0
ip ospf 2 area 0
!
router ospf 2
log-adjacency-changes
R3# show running-config R3
username R6 password CISCO36
!
interface Loopback0 description **Loopback**
ip address 192.168.3.3 255.255.255.255
ip ospf 3 area 0
!
interface Ethernet0/0
description **Connected to L2SW**
ip address 10.10.230.3 255.255.255.0
ip ospf 3 area 0
!
interface Serial1/0
description **Connected to R4-Branch1 office** ip address 10.10.240.1 255.255.255.252
encapsulation ppp ip ospf 3 area 0
!
interface Serial1/1
description **Connected to R5-Branch2 office** ip address 10.10.240.5 255.255.255.252
encapsulation ppp
ip ospf hello-interval 50 ip ospf 3 area 0
!
interface Serial1/2
description **Connected to R6-Branch3 office** ip address 10.10.240.9 255.255.255.252
encapsulation ppp ip ospf 3 area 0
ppp authentication chap
!
router ospf 3
router-id 192.168.3.3
!
R4# show running-config R4
!
interface Loopback0 description **Loopback**
ip address 192.168.4.4 255.255.255.255
ip ospf 4 area 2
!
interface Ethernet0/0
ip address 172.16.113.1 255.255.255.0
ip ospf 4 area 2
!
interface Serial1/0
description **Connected to R3-Main Branch office** ip address 10.10.240.2 255.255.255.252
encapsulation ppp ip ospf 4 area 2
!
router ospf 4
log-adjacency-changes
R5# show running-config R5
!
interface Loopback0 description **Loopback**
ip address 192.168.5.5 255.255.255.255
ip ospf 5 area 0
!
interface Ethernet0/0
ip address 172.16.114.1 255.255.255.0
ip ospf 5 area 0
!
interface Serial1/0
description **Connected to R3-Main Branch office** ip address 10.10.240.6 255.255.255.252
encapsulation ppp ip ospf 5 area 0
!
router ospf 5
log-adjacency-changes
R6# show running-config R6
username R3 password CISCO36
!
interface Loopback0 description **Loopback**
ip address 192.168.6.6 255.255.255.255
ip ospf 6 area 0
!
interface Ethernet0/0
ip address 172.16.115.1 255.255.255.0
ip ospf 6 area 0
!
interface Serial1/0
description **Connected to R3-Main Branch office** ip address 10.10.240.10 255.255.255.252
encapsulation ppp ip ospf 6 area 0
ppp authentication chap
!
router ospf 6
router-id 192.168.3.3
!
An OSPF neighbor adjacency is not formed between R3 in the main office and R5 in the Branch2 office. What is causing the problem?
A. There is an area ID mismatch.
B. There is a PPP authentication issue; a password mismatch.
C. There is an OSPF hello and dead interval mismatch.
D. There is a missing network command in the OSPF process on R5.
Answer: C
Q4. - (Topic 5)
Which three statements about the features of SNMPv2 and SNMPv3 are true? (Choose three.)
A. SNMPv3 enhanced SNMPv2 security features.
B. SNMPv3 added the Inform protocol message to SNMP.
C. SNMPv2 added the Inform protocol message to SNMP.
D. SNMPv3 added the GetBulk protocol messages to SNMP.
E. SNMPv2 added the GetBulk protocol message to SNMP.
F. SNMPv2 added the GetNext protocol message to SNMP.
Answer: A,C,E
Explanation:
SNMPv1/v2 can neither authenticate the source of a management message nor provide encryption. Without authentication, it is possible for nonauthorized users to exercise SNMP network management functions. It is also possible for nonauthorized users to eavesdrop on management information as it passes from managed systems to the management system. Because of these deficiencies, many SNMPv1/v2 implementations are limited to simply a read-only capability, reducing their utility to that of a network monitor; no network control applications can be supported. To correct the security deficiencies of SNMPv1/v2, SNMPv3 was issued as a set of Proposed Standards in January 1998. -> A is correct.
The two additional messages are added in SNMP2 (compared to SNMPv1)
GetBulkRequest The GetBulkRequest message enables an SNMP manager to access large chunks of data. GetBulkRequest allows an agent to respond with as much information as will fit in the response PDU. Agents that cannot provide values for all variables in a list will send partial information. -> E is correct.
InformRequest The InformRequest message allows NMS stations to share trap information. (Traps are issued by SNMP agents when a device change occurs.) InformRequest messages are generally used between NMS stations, not between NMS stations and agents. -> C is correct.
Note: These two messages are carried over SNMPv3.
Q5. - (Topic 3)
A router receives information about network 192.168.10.0/24 from multiple sources. What will the router consider the most reliable information about the path to that network?
A. a directly connected interface with an address of 192.168.10.254/24
B. a static route to network 192.168.10.0/24
C. a RIP update for network 192.168.10.0/24
D. an OSPF update for network 192.168.0.0/16
E. a default route with a next hop address of 192.168.10.1
F. a static route to network 192.168.10.0/24 with a local serial interface configured as the next hop
Answer: A
Explanation:
When there is more than one way to reach a destination, it will choose the best one based on a couple of things. First, it will choose the route that has the longest match; meaning the most specific route. So, in this case the /24 routes will be chosen over the /16 routes. Next, from all the /24 routes it will choose the one with the lowest administrative distance. Directly connected routes have an AD of 1 so this will be the route chosen.
Q6. - (Topic 3)
Which command would you configure globally on a Cisco router that would allow you to view directly connected Cisco devices?
A. enable cdp
B. cdp enable
C. cdp run
D. run cdp
Answer: C
Explanation:
CDP is enabled on Cisco routers by default. If you prefer not to use the CDP capability, disable it with the no cdp run command. In order to reenable CDP, use the cdp run command in global configuration mode. The “cdp enable” command is an interface command, not global.
Q7. - (Topic 3)
Which command is used to display the collection of OSPF link states?
A. show ip ospf link-state
B. show ip ospf lsa database
C. show ip ospf neighbors
D. show ip ospf database
Answer: D
Explanation:
The “show ip ospf database” command displays the link states. Here is an example: Here is the lsa database on R2.
R2#show ip ospf database
OSPF Router with ID (2.2.2.2) (Process ID 1) Router Link States (Area 0)
Link ID ADV Router Age Seq# Checksum Link count 2.2.2.2 2.2.2.2 793 0x80000003 0x004F85 2
10.4.4.4 10.4.4.4 776 0x80000004 0x005643 1
111.111.111.111 111.111.111.111 755 0x80000005 0x0059CA 2
133.133.133.133 133.133.133.133 775 0x80000005 0x00B5B1 2
Net Link States (Area 0)
Link ID ADV Router Age Seq# Checksum
10.1.1.1 111.111.111.111 794 0x80000001 0x001E8B
10.2.2.3 133.133.133.133 812 0x80000001 0x004BA9
10.4.4.1 111.111.111.111 755 0x80000001 0x007F16
10.4.4.3 133.133.133.133 775 0x80000001 0x00C31F
Q8. - (Topic 7)
What command visualizes the general NetFlow data on the command line?
A. show ip flow export
B. show ip flow top-talkers
C. show ip cache flow
D. show mls sampling
E. show mls netflow ip
Answer: C
Explanation:
The following is an example of how to visualize the NetFlow data using the CLI. There are three methods to visualize the data depending on the version of Cisco IOS Software. The traditional show command for NetFlow is "show ip cache flow" also available are two forms of top talker commands. One of the top talkers commands uses a static configuration to view top talkers in the network and another command called dynamic top talkers allows real-time sorting and aggregation of NetFlow data. Also shown is a show MLS command to view the hardware cache on the Cisco Catalyst 6500 Series Switch.
The following is the original NetFlow show command used for many years in Cisco IOS Software. Information provided includes packet size distribution; basic statistics about number of flows and export timer setting, a view of the protocol distribution statistics and the NetFlow cache.
The “show ip cache flow” command displays a summary of the NetFlow accounting statistics.
Reference: http://www.cisco.com/c/en/us/products/collateral/ios-nx-os-software/ios-netflow/prod_white_paper0900aecd80406232.html
Q9. - (Topic 5)
Which IPv6 address is the all-router multicast group?
A. FF02::1
B. FF02::2
C. FF02::3
D. FF02::4
Answer: B
Explanation:
Well-known IPv6 multicast addresses:
Address Description ff02::1
All nodes on the local network segment
ff02::2
All routers on the local network segment
Q10. - (Topic 4)
Which two statements about using the CHAP authentication mechanism in a PPP link are true? (Choose two.)
A. CHAP uses a two-way handshake.
B. CHAP uses a three-way handshake.
C. CHAP authentication periodically occurs after link establishment.
D. CHAP authentication passwords are sent in plaintext.
E. CHAP authentication is performed only upon link establishment.
F. CHAP has no protection from playback attacks.
Answer: B,C
Explanation:
CHAP is an authentication scheme used by Point to Point Protocol (PPP) servers to validate the identity of remote clients. CHAP periodically verifies the identity of the client by using a three-way handshake. This happens at the time of establishing the initial link (LCP), and may happen again at any time afterwards. The verification is based on a shared secret (such as the client user's password).