[Free] 2017(July) EnsurePass Examcollection Cisco 200-125 Dumps with VCE and PDF 391-400

EnsurePass
2017 July Cisco Official New Released 200-125
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/200-125.html

CCNA Cisco Certified Network Associate CCNA (v3.0)

Question No: 391 – (Topic 8)

Which IPV6 function serves the same purpose as ARP entry verification on an IPv4 network?

  1. interface ip address verification.

  2. MAC address table verification

  3. neighbor discovery verification

  4. routing table entry verification

Answer: C

Question No: 392 – (Topic 8)

Which option describes a benefit of a point-to-point leased line?

  1. full-mesh capability

  2. flexibility of design

  3. low cost

  4. simplicity of configuration

Answer: D

Question No: 393 – (Topic 8)

which statement about snmpv2 is true ?

  1. it requires password at least eight characters in length

  2. it requires passwords to be encrypted

  3. its privacy algorithms use md5 encryption by default

  4. its authentic and privacy algorithms are enabled without default values

Answer: D

Question No: 394 – (Topic 8)

Which protocol authenticates connected devices before allowing them to access the LAN?

A. 802.1d B. 802.11 C. 802.1w D. 802.1x

Answer: D Explanation:

802.1X authentication involves three parties: a supplicant, an authenticator, and an authentication server. The supplicant is a client device (such as a laptop) that wishes to attach to the LAN/WLAN. The term #39;supplicant#39; is also used interchangeably to refer to the software running on the client that provides credentials to the authenticator. The authenticator is a network device, such as an Ethernet switch or wireless access point; and the authentication server is typically a host running software supporting the RADIUS

and EAP protocols.

The authenticator acts like a security guard to a protected network. The supplicant (i.e., client device) is not allowed access through the authenticator to the protected side of the network until the supplicant’s identity has been validated and authorized. An analogy to this is providing a valid visa at the airport#39;s arrival immigration before being allowed to enter the country. With 802.1X port-based authentication, the supplicant provides credentials, such as user name/password or digital certificate, to the authenticator, and the authenticator forwards the credentials to the authentication server for verification. If the authentication server determines the credentials are valid, the supplicant (client device) is allowed to access resources located on the protected side of the network.

Question No: 395 – (Topic 8)

Which option is a valid hostname for a switch?

  1. Switch-Cisco

  2. Switch-Cisco!

  3. SwitchCisco

  4. SwitchCisc0

Answer: C

Question No: 396 – (Topic 8)

Which MAC protocol sets a random timer to reattempt communication?

  1. IEEE 802.1x

  2. RARP

  3. CSMA/CA

  4. CSMA/CD

Answer: D

Question No: 397 CORRECT TEXT – (Topic 8)

A corporation wants to add security to its network. The requirements are:

->Host C should be able to use a web browser (HTTP) to access the Finance Web Server.

->Other types of access from host C to the Finance Web Server should be blocked.

->All access from hosts in the Core or local LAN to the Finance Web Server should be blocked.

->All hosts in the Core and on local LAN should be able to access the Public Web Server.

You have been tasked to create and apply a numbered access list to a single outbound interface. This access list can contain no more than three statements that meet these requirements.

Access to the router CLI can be gained by clicking on the appropriate host.

->All passwords have been temporarily set to 鈥渃isco鈥?

->The Core connection uses an IP address of 198.18.209.65.

->The computers in the Hosts LAN have been assigned addresses of 192.168.78.1 鈥?192.168.78.254.

->host A 192.168.78.1

->host B 192.168.78.2

->host C 192.168.78.3

->host D 192.168.78.4

->The Finance Web Server has been assigned an address of 172.22.146.17.

->The Public Web Server in the Server LAN has been assigned an address of 172.22.146.18.

image

image

image

image

image

image

image

image

Answer: Please see below explanation part for details answer steps:

Explanation:

We should create an access-list and apply it to the interface that is connected to the Server LAN because it can filter out traffic from both S2 and Core networks. To see which interface this is, use the 鈥渟how ip int brief鈥?command:

image

From this, we know that the servers are located on the fa0/1 interface, so we will place our numbered access list here in the outbound direction.

Corp1#configure terminal

Our access-list needs to allow host C 鈥?192.168125.3 to the Finance Web Server 172.22.109.17 via HTTP (port 80), so our first line is this:

Corp1(config)#access-list 100 permit tcp host 192.168.125.3 host 172.22.109.17 eq 80

Then, our next two instructions are these:

->Other types of access from host C to the Finance Web Server should be blocked.

->All access from hosts in the Core or local LAN to the Finance Web Server should be blocked.

This can be accomplished with one command (which we need to do as our ACL needs to

be no more than 3 lines long), blocking all other access to the finance web server:

Corp1(config)#access-list 100 deny ip any host 172.22.109.17

Our last instruction is to allow all hosts in the Core and on the local LAN access to the Public Web Server (172.22.109.18)

Corp1(config)#access-list 100 permit ip host 172.22.109.18 any Finally, apply this access-list to Fa0/1 interface (outbound direction) Corp1(config)#interface fa0/1

Corp1(config-if)#ip access-group 100 out

Notice: We have to apply the access-list to Fa0/1 interface (not Fa0/0 interface) so that the access-list can filter traffic coming from both the LAN and the Core networks.

To verify, just click on host C to open its web browser. In the address box type http://172.22.109.17 to check if you are allowed to access Finance Web Server or not. If your configuration is correct then you can access it.

Click on other hosts (A, B and D) and check to make sure you can’t access Finance Web Server from these hosts. Then, repeat to make sure they can reach the public server at 172.22.109.18. Finally, save the configuration

Corp1(config-if)#end

Corp1#copy running-config startup-config

Question No: 398 – (Topic 8)

Where does the configuration reside when a helper address is configured to support DHCP ?

  1. on the switch trunk interface.

  2. on the router closest to the client.

  3. on the router closest to the server.

  4. on every router along the path.

Answer: B

Question No: 399 – (Topic 8)

What are three advantages of VLANs? (Choose three.)

  1. They establish broadcast domains in switched networks.

  2. They provide a low-latency internetworking alternative to routed networks.

  3. They utilize packet filtering to enhance network security.

  4. They can simplify adding, moving, or changing hosts on the network.

  5. They allow access to network services based on department, not physical location.

  6. They provide a method of conserving IP addresses in large networks.

Answer: A,D,E

Question No: 400 – (Topic 8)

Which three statements about VTP features are true? (Choose three.)

  1. VTP works at Layer 3 of the OSI model and requires that a management VLAN IP address be configured.

  2. When properly configured, VTP minimizes VLAN misconfigurations and configuration inconsistencies.

  3. When properly configured, VTP maintains VLAN configuration consistency and accelerates trunk link negotiation.

  4. Each broadcast domain on a switch can have its own unique VTP domain.

  5. VTP pruning is used to increase available bandwidth in trunk links.

  6. To configure a switch to be part of two VTP domains, each domain must have its own passwords.

  7. Client, server, and transparent are valid VTP modes.

Answer: B,E,G

100% Free Download!
Download Free Demo:200-125 Demo PDF
100% Pass Guaranteed!
Download 2017 EnsurePass 200-125 Full Exam PDF and VCE
Get 10% off your purchase! Copy it:TJDN-947R-9CCD [2017.07.01-2017.07.31]

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE

Leave a Reply