An Expert interview about ccna 200 120 vs 200 125
Q141. - (Topic 4)
What are three reasons that an organization with multiple branch offices and roaming users might implement a Cisco VPN solution instead of point-to-point WAN links? (Choose three.)
A. reduced cost
B. better throughput
C. broadband incompatibility
D. increased security
F. reduced latency
IPsec offer a number of advantages over point to point WAN links, particularly when multiple locations are involved. These include reduced cost, increased security since all traffic is encrypted, and increased scalability as s single WAN link can be used to connect to all locations in a VPN, where as a point to point link would need to be provisioned to each location.
Q142. - (Topic 6)
Refer to exhibit.
A network administrator cannot establish a Telnet session with the indicated router. What is the cause of this failure?
A. A Level 5 password is not set.
B. An ACL is blocking Telnet access.
C. The vty password is missing.
D. The console password is missing.
The login keyword has been set, but not password. This will result in the “password
required, but none set” message to users trying to telnet to this router.
Q143. - (Topic 8)
You are a junior network engineer for a financial company, and the main office network is experiencing network issues. Troubleshoot the network issues.
Router R1 connects the main office to the internet, and routers R2 and R3 are internal routers.
NAT is enabled on router R1.
The routing protocol that is enabled between routers R1, R2 and R3 is RIPv2.
R1 sends the default route into RIPv2 for the internal routers to forward internet traffic to R1.
You have console access on R1, R2 and R3 devices. Use only show commands to troubleshoot the issues.
Users complain that they are unable to reach internet sites. You are troubleshooting internet connectivity problem at main office. Which statement correctly identifies the problem on Router R1?
A. Interesting traffic for NAT ACL is incorrectly configured.
B. NAT configurations on the interfaces are incorrectly configured
C. NAT translation statement incorrectly configured.
D. Only static NAT translation configured for the server, missing Dynamic NAT or Dynamic NAT overloading for internal networks.
Q144. - (Topic 8)
Which two statements about late collisions are true? (Choose two.)
A. They may indicate a duplex mismatch.
B. By definition, they occur after the 512th bit of the frame has been transmitted.
C. They indicate received frames that did not pass the FCS match.
D. They are frames that exceed 1518 bytes.
E. They occur when CRC errors and interference occur on the cable.
Q145. CORRECT TEXT - (Topic 7)
A network associate is adding security to the configuration of the Corp1 router. The user on host C should be able to use a web browser to access financial information from the Finance Web Server. No other hosts from the LAN nor the Core should be able to use a web browser to access this server. Since there are multiple resources for the corporation at this location including other resources on the Finance Web Server, all other traffic should be allowed.
The task is to create and apply an access-list with no more than three statements that will allow ONLY host C web access to the Finance Web Server. No other hosts will have web access to the Finance Web Server. All other traffic is permitted.
Access to the router CLI can be gained by clicking on the appropriate host.
All passwords have been temporarily set to "cisco".
The Core connection uses an IP address of 198.18.247.65
The computers in the Hosts LAN have been assigned addresses of 192.168.240.1 - 192.168.240.254
✑ host A 192.168.240.1
✑ host B 192.168.240.2
✑ host C 192.168.240.3
Corp1(config)# access-list 128 permit tcp host 192.168.240.1 host 172.22.141.26 eq www Corp1(config)# access-list 128 deny tcp any host 172.22.141.26 eq www
Corp1(config)# access-list 128 permit ip any any Corp1(config)#int fa0/1
Corp1(config-if)#ip access-group 128 out Corp1(config-if)#end
Corp1#copy run startup-config
Q146. - (Topic 3)
Before installing a new, upgraded version of the IOS, what should be checked on the router, and which command should be used to gather this information? (Choose two.)
A. the amount of available ROM
B. the amount of available flash and RAM memory
C. the version of the bootstrap software present on the router
D. show version
E. show processes
F. show running-config
When upgrading a new version of the IOS we need to copy the IOS to the Flash so first we have to check if the Flash has enough memory or not. Also running the new IOS may require more RAM than the older one so we should check the available RAM too. We can check both with the “show version” command.
Q147. - (Topic 5)
What are two benefits of using NAT? (Choose two.)
A. NAT facilitates end-to-end communication when IPsec is enabled.
B. NAT eliminates the need to re-address all hosts that require external access.
C. NAT conserves addresses through host MAC-level multiplexing.
D. Dynamic NAT facilitates connections from the outside of the network.
E. NAT accelerates the routing process because no modifications are made on the packets.
F. NAT protects network security because private networks are not advertised.
By not revealing the internal IP addresses, NAT adds some security to the inside network -
> F is correct.
NAT has to modify the source IP addresses in the packets -> E is not correct.
Connection from the outside of the network through a “NAT” network is more difficult than a more network because IP addresses of inside hosts are hidden -> C is not correct.
In order for IPsec to work with NAT we need to allow additional protocols, including Internet Key Exchange (IKE), Encapsulating Security Payload (ESP) and Authentication Header (AH) -> more complex -> A is not correct.
By allocating specific public IP addresses to inside hosts, NAT eliminates the need to re- address the inside hosts -> B is correct.
NAT does conserve addresses but not through host MAC-level multiplexing. It conserves addresses by allowing many private IP addresses to use the same public IP address to go to the Internet -> C is not correct.
Q148. - (Topic 5)
Which two are features of IPv6? (Choose two.)
IPv6 addresses are classified by the primary addressing and routing methodologies common in networking: unicast addressing, anycast addressing, and multicast addressing.
✑ A unicast address identifies a single network interface. The Internet Protocol
delivers packets sent to a unicast address to that specific interface.
✑ An anycast address is assigned to a group of interfaces, usually belonging to different nodes. A packet sent to an anycast address is delivered to just one of the member interfaces, typically the nearest host, according to the routing protocol’s definition of distance. Anycast addresses cannot be identified easily, they have the same format as unicast addresses, and differ only by their presence in the network at multiple points. Almost any unicast address can be employed as an anycast address.
✑ A multicast address is also used by multiple hosts, which acquire the multicast address destination by participating in the multicast distribution protocol among the network routers. A packet that is sent to a multicast address is delivered to all interfaces that have joined the corresponding multicast group.
Q149. - (Topic 3)
Refer to the exhibit.
C-router is to be used as a "router-on-a-stick" to route between the VLANs. All the interfaces have been properly configured and IP routing is operational. The hosts in the VLANs have been configured with the appropriate default gateway. What is true about this configuration?
A. These commands need to be added to the configuration: C-router(config)# router eigrp 123
C-router(config-router)# network 172.19.0.0
B. These commands need to be added to the configuration: C-router(config)# router ospf 1
C-router(config-router)# network 172.19.0.0 0.0.3.255 area 0
C. These commands need to be added to the configuration: C-router(config)# router rip
C-router(config-router)# network 172.19.0.0
D. No further routing configuration is required.
Since all the same router (C-router) is the default gateway for all three VLANs, all traffic destined to a different VLA will be sent to the C-router. The C-router will have knowledge of all three networks since they will appear as directly connected in the routing table. Since the C-router already knows how to get to all three networks, no routing protocols need to be configured.
Q150. - (Topic 5)
Which of these represents an IPv6 link-local address?
In the Internet Protocol Version 6 (IPv6), the address block fe80::/10 has been reserved for link-local unicast addressing. The actual link local addresses are assigned with the prefix fe80::/64. They may be assigned by automatic (stateless) or stateful (e.g. manual) mechanisms.