2014 Latest Cisco 200-120 Dump Free Download(191-200)!

QUESTION 191
Which statement describes the process ID that is used to run OSPF on a router?

A.    It is globally significant and is used to represent the AS number.
B.    It is locally significant and is used to identify an instance of the OSPF database.
C.    It is globally significant and is used to identify OSPF stub areas.
D.    It is locally significant and must be the same throughout an area.

Answer: B

QUESTION 192
Which three are the components of SNMP? (Choose three)

A.    MIB
B.    SNMP Manager
C.    SysLog Server
D.    SNMP Agent
E.    Set

Answer: ABD

QUESTION 193
What are the Popular destinations for syslog messages to be saved?

A.    Flash
B.    The logging buffer .RAM
C.    The console terminal
D.    Other terminals
E.    Syslog server

Answer: BCE

QUESTION 194
Syslog was configured with a level 3 trap. Which 3 types of logs would be generated (choose three)

A.    Emergencies
B.    Alerts
C.    Critical
D.    Errors
E.    Warnings

Answer: ABC

QUESTION 195
What are the benefit of using Netflow? (Choose three.)

A.    Network, Application & User Monitoring
B.    Network Planning
C.    Security Analysis
D.    Accounting/Billing

Answer: ACD

QUESTION 196
Which protocol can cause overload on a CPU of a managed device?

A.    Netflow
B.    WCCP
C.    IP SLA
D.    SNMP

Answer: D

QUESTION 197
What are the three things that the Netflow uses to consider the traffic to be in a same flow?

A.    IP address
B.    Interface name
C.    Port numbers
D.    L3 protocol type
E.    MAC address

Answer: ACD

QUESTION 198
What is the alert message generated by SNMP agents called ?

A.    TRAP
B.    INFORM
C.    GET
D.    SET

Answer: AB

QUESTION 199
Which three features are added in SNMPv3 over SNMPv2?

A.    Message Integrity
B.    Compression
C.    Authentication
D.    Encryption
E.    Error Detection

Answer: ACD

QUESTION 200
In a GLBP network, who is responsible for the arp request?

A.    AVF
B.    AVG
C.    Active Router
D.    Standby Router

Answer: B

If you want to pass the Cisco 200-120 Exam sucessfully, recommend to read latestCisco 200-120 Dum full version.


2014 Latest Cisco 200-120 Dump Free Download(181-190)!

QUESTION 181
What are three values that must be the same within a sequence of packets for Netflow to consider them a network flow? (Choose three.)

A.    source IP address
B.    source MAC address
C.    egress interface
D.    ingress interface
E.    destination IP address
F.    IP next-hop

Answer: ADE

QUESTION 182
What are three factors a network administrator must consider before implementing Netflow in the network? (Choose three.)

A.    CPU utilization
B.    where Netflow data will be sent
C.    number of devices exporting Netflow data
D.    port availability
E.    SNMP version
F.    WAN encapsulation

Answer: ABC

QUESTION 183
Which two statements about the OSPF Router ID are true? (Choose two.)

A.    It identifies the source of a Type 1 LSA.
B.    It should be the same on all routers in an OSPF routing instance.
C.    By default, the lowest IP address on the router becomes the OSPF Router ID.
D.    The router automatically chooses the IP address of a loopback as the OSPF Router ID.
E.    It is created using the MAC Address of the loopback interface.

Answer: AD

QUESTION 184
What parameter can be different on ports within an EtherChannel?

A.    speed
B.    DTP negotiation settings
C.    trunk encapsulation
D.    duplex

Answer: B

QUESTION 185
What are two benefits of using a single OSPF area network design? (Choose two.)

A.    It is less CPU intensive for routers in the single area.
B.    It reduces the types of LSAs that are generated.
C.    It removes the need for virtual links.
D.    It increases LSA response times.
E.    It reduces the number of required OSPF neighbor adjacencies.

Answer: BC

QUESTION 186
What are two enhancements that OSPFv3 supports over OSPFv2? (Choose two.)

A.    It requires the use of ARP.
B.    It can support multiple IPv6 subnets on a single link.
C.    It supports up to 2 instances of OSPFv3 over a common link.
D.    It routes over links rather than over networks.

Answer: BD

QUESTION 187
When a router undergoes the exchange protocol within OSPF, in what order does it pass through each state?

A.    exstart state > loading state > exchange state > full state
B.    exstart state > exchange state > loading state > full state
C.    exstart state > full state > loading state > exchange state
D.    loading state > exchange state > full state > exstart state

Answer: B

QUESTION 188
A network administrator creates a layer 3 EtherChannel, bundling four interfaces into channel group 1. On what interface is the IP address configured?

A.    the port-channel 1 interface
B.    the highest number member interface
C.    all member interfaces
D.    the lowest number member interface

Answer: A

QUESTION 189
What command sequence will configure a router to run OSPF and add network 10.1.1.0 /24 to area 0?

A.    router ospf area 0
network 10.1.1.0 255.255.255.0 area 0
B.    router ospf
network 10.1.1.0 0.0.0.255
C.    router ospf 1
network 10.1.1.0 0.0.0.255 area 0
D.    router ospf area 0
network 10.1.1.0 0.0.0.255 area 0
E.    router ospf
network 10.1.1.0 255.255.255.0 area 0
F.    router ospf 1
network 10.1.1.0 0.0.0.255

Answer: C

QUESTION 190
What OSPF command, when configured, will include all interfaces into area 0?

A.    network 0.0.0.0 255.255.255.255 area 0
B.    network 0.0.0.0 0.0.0.0 area 0
C.    network 255.255.255.255 0.0.0.0 area 0
D.    network all-interfaces area 0

Answer: A

If you want to pass the Cisco 200-120 Exam sucessfully, recommend to read latestCisco 200-120 Dum full version.


2014 Latest Cisco 200-120 Dump Free Download(171-180)!

QUESTION 171
What command instructs the device to timestamp Syslog debug messages in milliseconds?

A.    service timestamps log datetime localtime
B.    service timestamps debug datetime msec
C.    service timestamps debug datetime localtime
D.    service timestamps log datetime msec

Answer: B

QUESTION 172
What are three components that comprise the SNMP framework? (Choose three.)

A.    MIB
B.    agent
C.    set
D.    AES
E.    supervisor
F.    manager

Answer: ABF

QUESTION 173
What are three components that comprise the SNMP framework? (Choose three.)

A.    MIB
B.    agent
C.    set
D.    AES
E.    supervisor
F.    manager

Answer: ABF

QUESTION 174
What SNMP message alerts the manager to a condition on the network?

A.    response
B.    get
C.    trap
D.    capture

Answer: C

QUESTION 175
What authentication type is used by SNMPv2?

A.    HMAC-MD5
B.    HMAC-SHA
C.    CBC-DES
D.    community strings

Answer: D

QUESTION 176
Which three statements about the features of SNMPv2 and SNMPv3 are true? (Choose three.)

A.    SNMPv3 enhanced SNMPv2 security features.
B.    SNMPv3 added the Inform protocol message to SNMP.
C.    SNMPv2 added the Inform protocol message to SNMP.
D.    SNMPv3 added the GetBulk protocol messages to SNMP.
E.    SNMPv2 added the GetBulk protocol message to SNMP.
F.    SNMPv2 added the GetNext protocol message to SNMP.

Answer: ACE

QUESTION 177
What are three reasons to collect Netflow data on a company network? (Choose three.)

A.    To identify applications causing congestion.
B.    To authorize user network access.
C.    To report and alert link up / down instances.
D.    To diagnose slow network performance, bandwidth hogs, and bandwidth utilization.
E.    To detect suboptimal routing in the network.
F.    To confirm the appropriate amount of bandwidth that has been allocated to each Class of Service.

Answer: ADF

QUESTION 178
What Netflow component can be applied to an interface to track IPv4 traffic?

A.    flow monitor
B.    flow record
C.    flow sampler
D.    flow exporter

Answer: A

QUESTION 179
What Cisco IOS feature can be enabled to pinpoint an application that is causing slow network performance?

A.    SNMP
B.    Netflow
C.    WCCP
D.    IP SLA

Answer: B

QUESTION 180
What command visualizes the general NetFlow data on the command line?

A.    show ip flow export
B.    show ip flow top-talkers
C.    show ip cache flow
D.    show mls sampling
E.    show mls netflow ip

Answer: C

If you want to pass the Cisco 200-120 Exam sucessfully, recommend to read latestCisco 200-120 Dum full version.


2014 Latest Cisco 200-120 Dump Free Download(161-170)!

QUESTION 161
Hotspot Question

clip_image001

clip_image001[4]

clip_image001[6]

clip_image001[8]

clip_image001[10]

clip_image001[12]
Which will fix the issue and allow ONLY ping to work while keeping telnet disabled?

A.    Correctly assign an IP address to interface fa0/1.
B.    Change the ip access-group command on fa0/0 from “in* to “our.
C.    Remove access-group 106 in from interface fa0/0 and add access-group 115 in.
D.    Remove access-group 102 out from interface s0/0/0 and add access-group 114 in
E.    Remove access-group 106 in from interface fa0/0 and add access-group 104 in.

Answer: E
Explanation:
Let’s have a look at the access list 104:

clip_image001[14]
The question does not ask about ftp traffic so we don’t care about the two first lines. The 3rd line denies all telnet traffic and the 4th line allows icmp traffic to be sent (ping). Remember that the access list 104 is applied on the inbound direction so the 5th line “access-list 104 deny icmp any any echo-reply” will not affect our icmp traffic because the “echo-reply” message will be sent over the outbound direction.

QUESTION 162
Hotspot Question

clip_image001[16]

clip_image001[18]

clip_image001[20]

clip_image001[22]

clip_image001[24]

clip_image001[26]
What would be the effect of issuing the command ip access-group 114 in to the fa0/0 interface?

A.    Attempts to telnet to the router would fail.
B.    It would allow all traffic from the 10.4.4.0 network.
C.    IP traffic would be passed through the interface but TCP and UDP traffic would not.
D.    Routing protocol updates for the 10.4.4.0 network would not be accepted from the fa0/0 interface.

Answer: B
Explanation:
From the output of access-list 114: access-list 114 permit ip 10.4.4.0 0.0.0.255 any we can easily understand that this access list allows all traffic (ip) from 10.4.4.0/24 network

QUESTION 163
Hotspot Question

clip_image001[28]

clip_image001[30]

clip_image001[32]

clip_image001[34]

clip_image001[36]

clip_image001[38]
What would be the effect of Issuing the command ip access-group 115 in on the s0/0/1 interface?

A.    No host could connect to RouterC through s0/0/1.
B.    Telnet and ping would work but routing updates would fail.
C.    FTP, FTP-DATA, echo, and www would work but telnet would fail.
D.    Only traffic from the 10.4.4.0 network would pass through the interface.

Answer: A
Explanation:
First let’s see what was configured on interface S0/0/1:

clip_image001[40]

QUESTION 164
Lab Simulation Question – NAT-2
A network associate is configuring a router for the Weaver company to provide internet access. The ISP has provided the company six public IP addresses of 198.18.184.105 – 198.18.184.110. The company has 14 hosts that need to access the internet simultaneously. The hosts in the company LAN have been assigned private space addresses in the range of 192.168.100.17 – 192.168.100.30.

clip_image001[42]
The following have already been configured on the router:
The basic router configuration
The appropriate interfaces have been configured for NAT inside and NAT outside
The appropriate static routes have also been configured (since the company will be a stub network, no routing protocol will be required.)
All passwords have been temporarily set to “cisco”
The task is to complete the NAT configuration using all IP addresses assigned by the ISP to provide internet access for the hosts in the weaver LAN. Functionality can be tested by clicking on the host provided for testing.
Configuration information:
Router name    –    Weaver
Inside global addresses    –    198.18.184.105 – 198.18.184.110 /29
Inside local addresses    –    192.168.100.17 – 192.168.100.30 /28
Number of inside hosts    –    14
Answer:
Step 1: Router Name
Router>enable
Router#configure terminal
Router(config)#hostname Weaver
Weaver(config)#
Step 2: NAT Configuration
Weaver(config)#access-list 10 permit 192.168.100.16 0.0.0.15
Weaver(config)#ip nat pool  mynatpool 198.18.184.105 198.18.184.110 netmask 255.255.255.248
Weaver(config)#ip nat inside source list 10 pool mynatpool overload
Weaver(config)#end
Step 3: Save Configuration
Weaver#copy run start
Verification:
We can verify the answer by pinging the ISP IP Address (192.0.2.114) from Host for testing.
Click “Host for testing”
In command prompt, type “ping 192.0.2.114”. If ping succeeded then the NAT is working properly.
Screen Shots:

clip_image002

clip_image002[4]

clip_image002[6]

QUESTION 165
In a switched environment, what does the IEEE 802.1Q standard describe?

A.    the operation of VTP
B.    a method of VLAN trunking
C.    an approach to wireless LAN communication
D.    the process for root bridge selection
E.    VLAN pruning

Answer: B
Explanation:
A broadcast domain must sometimes exist on more than one switch in the network. To accomplish this, one switch must send frames to another switch and indicate which VLAN a particular frame belongs to. On Cisco switches, a trunk link is created to accomplish this VLAN identification. ISL and IEEE 802.1Q are different methods of putting a VLAN identifier in a Layer 2 frame. The IEEE 802.1Q protocol interconnects VLANs between multiple switches, routers, and servers. With 802.1Q, a network administrator can define a VLAN topology to span multiple physical devices.
Cisco switches support IEEE 802.1Q for FastEthernet and Gigabit Ethernet interfaces. An 802.1Q trunk link provides VLAN identification by adding a 4-byte tag to an Ethernet Frame as it leaves a trunk port.

QUESTION 166
What are three benefits of GLBP? (Choose three.)

A.    GLBP supports up to eight virtual forwarders per GLBP group.
B.    GLBP supports clear text and MD5 password authentication between GLBP group members.
C.    GLBP is an open source standardized protocol that can be used with multiple vendors.
D.    GLBP supports up to 1024 virtual routers.
E.    GLBP can load share traffic across a maximum of four routers.
F.    GLBP elects two AVGs and two standby AVGs for redundancy.

Answer: BDE

QUESTION 167
Which three statements about HSRP operation are true? (Choose three.)

A.    The virtual IP address and virtual MA+K44C address are active on the HSRP Master router.
B.    The HSRP default timers are a 3 second hello interval and a 10 second dead interval.
C.    HSRP supports only clear-text authentication.
D.    The HSRP virtual IP address must be on a different subnet than the routers’ interfaces on the same LAN.
E.    The HSRP virtual IP address must be the same as one of the router’s interface addresses on the LAN.
F.    HSRP supports up to 255 groups per interface, enabling an administrative form of load balancing.

Answer: ABF

QUESTION 168
Which three statements about Syslog utilization are true? (Choose three.)

A.    Utilizing Syslog improves network performance.
B.    The Syslog server automatically notifies the network administrator of network problems.
C.    A Syslog server provides the storage space necessary to store log files without using router disk space.
D.    There are more Syslog messages available within Cisco IOS than there are comparable SNMP trap messages.
E.    Enabling Syslog on a router automatically enables NTP for accurate time stamping.
F.    A Syslog server helps in aggregation of logs and alerts.

Answer: CDF

QUESTION 169
A network administrator enters the following command on a router: logging trap 3. What are three message types that will be sent to the Syslog server? (Choose three.)

A.    informational
B.    emergency
C.    warning
D.    critical
E.    debug
F.    error

Answer: BDF

QUESTION 170
What is the default Syslog facility level?

A.    local4
B.    local5
C.    local6
D.    local7

Answer: D

If you want to pass the Cisco 200-120 Exam sucessfully, recommend to read latestCisco 200-120 Dum full version.


2014 Latest Cisco 200-120 Dump Free Download(151-160)!

QUESTION 151
Drag and Drop Question

clip_image002
Answer:

clip_image001

QUESTION 152
Drag and Drop Question

clip_image002[4]
Answer:

clip_image001[4]

QUESTION 153
Drag and Drop Question

clip_image002[6]
Answer:

clip_image001[6]

QUESTION 154
Drag and Drop Question

clip_image002[8]
Answer:

clip_image001[8]

QUESTION 155
Drag and Drop Question

clip_image002[10]
Answer:

clip_image001[10]

QUESTION 156
Drag and Drop Question

clip_image002[12]
Answer:

clip_image001[12]

QUESTION 157
Drag and Drop Question

clip_image002[14]
Answer:

clip_image001[14]

QUESTION 158
Drag and Drop Question

clip_image002[16]
Answer:

clip_image002[18]

QUESTION 159
Drag and Drop Question

clip_image002[20]
Answer:

clip_image002[22]

QUESTION 160
Drag and Drop Question

clip_image002[24]
Answer:

clip_image002[26]

If you want to pass the Cisco 200-120 Exam sucessfully, recommend to read latestCisco 200-120 Dum full version.


2014 Latest Cisco 200-120 Dump Free Download(141-150)!

QUESTION 141
Which command enables IPv6 forwarding on a Cisco router?

A.    ipv6 local
B.    ipv6 host
C.    ipv6 unicast-routing
D.    ipv6 neighbor

Answer: C
Explanation:
to enable IPv6 routing on the Cisco router use the following command:
ipv6 unicast-routing
If this command is not recognized, your version of IOS does not support IPv6.

QUESTION 142
Which command encrypts all plaintext passwords?

A.    Router# service password-encryption
B.    Router(config)# password-encryption
C.    Router(config)# service password-encryption
D.    Router# password-encryption

Answer: C
Explanation:
The “service password-encryption” command allows you to encrypt all passwords on your router so they can not be easily guessed from your running-config. This command uses a very weak
encryption because the router has to be very quickly decode the passwords for its operation.
It is meant to prevent someone from looking over your shoulder and seeing the password, that is all. This is configured in global configuration mode.

QUESTION 143
You have been asked to come up with a subnet mask that will allow all three web servers to be on the same network while providing the maximum number of subnets. Which network address and subnet mask meet this requirement?

A.    192.168.252.0 255.255.255.252
B.    192.168.252.8 255.255.255.248
C.    192.168.252.8 255.255.255.252
D.    192.168.252.16 255.255.255.240
E.    192.168.252.16 255.255.255.252

Answer: B
Explanation:
A subnet mask of 255.255.255.248 will allow for up to 6 hosts to reside in this network. A subnet mask of 255.255.255.252 will allow for only 2 usable IP addresses, since we can not use the network or broadcast address.

QUESTION 144
Given an IP address 172.16.28.252 with a subnet mask of 255.255.240.0, what is the correct network address?

A.    172.16.16.0
B.    172.16.0.0
C.    172.16.24.0
D.    172.16.28.0

Answer: A
Explanation:
For this example, the network range is 172.16.16.1 – 172.16.31.254, the network address is 172.16.16.0 and the broadcast IP address is 172.16.31.255.

QUESTION 145
Which IPv6 address is the equivalent of the IPv4 interface loopback address 127.0.0.1?

A.    ::1
B.    ::
C.    2000::/3
D.    0::/10

Answer: A
Explanation:
In IPv6 the loopback address is written as,
This is a 128bit number, with the first 127 bits being ‘0’ and the 128th bit being ‘1’. It’s just a single address, so could also be written as ::1/128.

QUESTION 146
You are working in a data center environment and are assigned the address range 10.188.31.0/23. You are asked to develop an IP addressing plan to allow the maximum number of subnets with as many as 30 hosts each. Which IP address range meets these requirements?

A.    10.188.31.0/26
B.    10.188.31.0/25
C.    10.188.31.0/28
D.    10.188.31.0/27
E.    10.188.31.0/29

Answer: D
Explanation:
Each subnet has 30 hosts < 32 = 25 so we need a subnet mask which has at least 5 bit 0s -> /27. Also the question requires the maximum number of subnets (which minimum the number of hosts- per-subnet) so /27 is the best choice -> .

QUESTION 147
Which parameter or parameters are used to calculate OSPF cost in Cisco routers?

A.    Bandwidth
B.    Bandwidth and Delay
C.    Bandwidth, Delay, and MTU
D.    Bandwidth, MTU, Reliability, Delay, and Load

Answer: A
Explanation:
The well-known formula to calculate OSPF cost is Cost = 108 / Bandwidth

QUESTION 148
Why do large OSPF networks use a hierarchical design? (Choose three.)

A.    to decrease latency by increasing bandwidth
B.    to reduce routing overhead
C.    to speed up convergence
D.    to confine network instability to single areas of the network
E.    to reduce the complexity of router configuration
F.    to lower costs by replacing routers with distribution layer switches

Answer: BCD
Explanation:
OSPF implements a two-tier hierarchical routing model that uses a core or backbone tier known as area zero (0). Attached to that backbone via area border routers (ABRs) are a number of secondary tier areas. The hierarchical approach is used to achieve the following:
Rapid convergence because of link and/or switch failures
Deterministic traffic recovery
Scalable and manageable routing hierarchy, reduced routing overhead.

QUESTION 149
Drag and Drop Question

clip_image002
Answer:

clip_image001

QUESTION 150
Drag and Drop Question

clip_image002[4]
Answer:

clip_image001[4]

If you want to pass the Cisco 200-120 Exam sucessfully, recommend to read latestCisco 200-120 Dum full version.


2014 Latest Cisco 200-120 Dump Free Download(131-140)!

QUESTION 131
Which two of these statements are true of IPv6 address representation? (Choose two.)

A.    There are four types of IPv6 addresses: unicast, multicast, anycast, and broadcast.
B.    A single interface may be assigned multiple IPv6 addresses of any type.
C.    Every IPv6 interface contains at least one loopback address.
D.    The first 64 bits represent the dynamically created interface ID.
E.    Leading zeros in an IPv6 16 bit hexadecimal field are mandatory.

Answer: BC
Explanation:
Leading zeros in IPv6 are optional do that 05C7 equals 5C7 and 0000 equals 0 -> D is not correct.

QUESTION 132
Which set of commands is recommended to prevent the use of a hub in the access layer?

A.    switch(config-if)#switchport mode trunk
switch(config-if)#switchport port-security maximum 1
B.    switch(config-if)#switchport mode trunk
switch(config-if)#switchport port-security mac-address 1
C.    switch(config-if)#switchport mode access
switch(config-if)#switchport port-security maximum 1
D.    switch(config-if)#switchport mode access
switch(config-if)#switchport port-security mac-address 1

Answer: C
Explanation:
This question is to examine the layer 2 security configuration. In order to satisfy the requirements of this question, you should perform the following configurations in the interface mode:
First, configure the interface mode as the access mode Second, enable the port security and set the maximum number of connections to 1.

QUESTION 133
What is known as “one-to-nearest” addressing in IPv6?

A.    global unicast
B.    anycast
C.    multicast
D.    unspecified address

Answer: B
Explanation:
IPv6 Anycast addresses are used for one-to-nearest communication, meaning an Anycast address is used by a device to send data to one specific recipient (interface) that is the closest out of a group of recipients (interfaces).

QUESTION 134
What is the first 24 bits in a MAC address called?

A.    NIC
B.    BIA
C.    OUI
D.    VAI

Answer: C
Explanation:
An Organizationally Unique Identifier (OUI) is a 24-bit number that uniquely identifies a vendor, manufacturer, or other organization globally or worldwide. They are used as the first 24 nits of the MAC address to uniquely identify a particular piece of equipment.

QUESTION 135
Refer to the exhibit. What is the most appropriate summarization for these routes?

clip_image001

A.    10.0.0.0 /21
B.    10.0.0.0 /22
C.    10.0.0.0 /23
D.    10.0.0.0 /24

Answer: B
Explanation:
The 10.0.0.0/22 subnet mask will include the 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 networks, and only those four networks.

QUESTION 136
What is the difference between a CSU/DSU and a modem?

A.    A CSU/DSU converts analog signals from a router to a leased line; a modem converts analog signals
from a router to a leased line.
B.    A CSU/DSU converts analog signals from a router to a phone line; a modem converts digital signals
from a router to a leased line.
C.    A CSU/DSU converts digital signals from a router to a phone line; a modem converts analog signals
from a router to a phone line.
D.    A CSU/DSU converts digital signals from a router to a leased line; a modem converts digital signals
from a router to a phone line.

Answer: D
Explanation:
CSU/DSU is used to convert digital signals from a router to a network circuit such as a T1, while a modem is used to convert digital signals over a regular POTS line.

QUESTION 137
Which two are features of IPv6? (Choose two.)

A.    anycast
B.    broadcast
C.    multicast
D.    podcast
E.    allcast

Answer: AC
Explanation:
IPv6 addresses are classified by the primary addressing and routing methodologies common in networkinG. unicast addressing, anycast addressing, and multicast addressing.

QUESTION 138
Which two are advantages of static routing when compared to dynamic routing? (Choose two.)

A.    Configuration complexity decreases as network size increases.
B.    Security increases because only the network administrator may change the routing table.
C.    Route summarization is computed automatically by the router.
D.    Routing tables adapt automatically to topology changes.
E.    An efficient algorithm is used to build routing tables, using automatic updates.
F.    Routing updates are automatically sent to neighbors.
G.    Routing traffic load is reduced when used in stub network links.

Answer: BG
Explanation:
Since static routing is a manual process, it can be argued that it is more secure (and more prone to human errors) since the network administrator will need to make changes to the routing table directly. Also, in stub networks where there is only a single uplink connection, the load is reduced as stub routers just need a single static default route, instead of many routes that all have the same next hop IP address.

QUESTION 139
A network administrator needs to configure port security on a switch. Which two statements are true? (Choose two.)

A.    The network administrator can apply port security to dynamic access ports.
B.    The network administrator can apply port security to EtherChannels.
C.    When dynamic MAC address learning is enabled on an interface, the switch can learn new addresses,
up to the maximum defined.
D.    The sticky learning feature allows the addition of dynamically learned addresses to the running configuration.
E.    The network administrator can configure static secure or sticky secure MAC addresses in the voice VLAN.

Answer: CD
Explanation:
Follow these guidelines when configuring port security:
+ Port security can only be configured on static access ports, trunk ports, or 802.1Q tunnel ports.
+ A secure port cannot be a dynamic access port.
+ A secure port cannot be a destination port for Switched Port Analyzer (SPAN). + A secure port cannot belong to a Fast EtherChannel or Gigabit EtherChannel port group. + You cannot configure static secure or sticky secure MAC addresses on a voice VLAN. + When you enable port security on an interface that is also configured with a voice VLAN, you must set the maximum allowed secure addresses on the port to at least two. + If any type of port security is enabled on the access VLAN, dynamic port security is automatically enabled on the voice VLAN.
+ When a voice VLAN is configured on a secure port that is also configured as a sticky secure port, all addresses seen on the voice VLAN are learned as dynamic secure addresses, and all addresses seen on the access VLAN (to which the port belongs) are learned as sticky secure addresses.
+ The switch does not support port security aging of sticky secure MAC addresses. + The protect and restrict options cannot be simultaneously enabled on an interface.
http://www.cisco.com/en/US/docs/switches/lan/catalyst3550/software/release/12.1_19_ea1/config uration/guide/swtrafc.html

QUESTION 140
What are three features of the IPv6 protocol? (Choose three.)

A.    optional IPsec
B.    autoconfiguration
C.    no broadcasts
D.    complicated header
E.    plug-and-play
F.    checksums

Answer: BCE
Explanation:
An important feature of IPv6 is that it allows plug and play option to the network devices by allowing them to configure themselves independently. It is possible to plug a node into an IPv6 network without requiring any human intervention. This feature was critical to allow network connectivity to an increasing number of mobile devices. This is accomplished by autoconfiguration.
IPv6 does not implement traditional IP broadcast, i.e. the transmission of a packet to all hosts on the attached link using a special broadcast address, and therefore does not define broadcast addresses. In IPv6, the same result can be achieved by sending a packet to the link-local all nodes multicast group at address ff02::1, which is analogous to IPv4 multicast to address 224.0.0.1.

If you want to pass the Cisco 200-120 Exam sucessfully, recommend to read latestCisco 200-120 Dum full version.


2014 Latest Cisco 200-120 Dump Free Download(121-130)!

QUESTION 121
What command is used to verify the DLCI destination address in a Frame Relay static configuration?

A.    show frame-relay pvc
B.    show frame-relay lmi
C.    show frame-relay map
D.    show frame relay end-to-end

Answer: C
Explanation:
Sample “show frame-relay map” output:
R1#sh frame mapSerial0/0 (up): ip 10.4.4.1 dlci 401(0x191,0x6410), dynamic,broadcast,, status defined, activeSerial0/0 (up): ip 10.4.4.3 dlci 403(0x193,0x6430), dynamic,broadcast,, status defined, activeSerial0/0 (up): ip 10.4.4.4 dlci 401(0x191,0x6410), static,CISCO, status defined, active

QUESTION 122
What is the purpose of Inverse ARP?

A.    to map a known IP address to a MAC address
B.    to map a known DLCI to a MAC address
C.    to map a known MAC address to an IP address
D.    to map a known DLCI to an IP address
E.    to map a known IP address to a SPID
F.    to map a known SPID to a MAC address

Answer: D
Explanation:
Dynamic address mapping relies on the Frame Relay Inverse Address Resolution Protocol (Inverse ARP), defined by RFC 1293, to resolve a next hop network protocol (IP) address to a local DLCI value. The Frame Relay router sends out Inverse ARP requests on its Frame Relay PVC to discover the protocol address of the remote device connected to the Frame Relay network. The responses to the Inverse ARP requests are used to populate an address-to-DLCI mapping table on the Frame Relay router or access server. The router builds and maintains this address-to- DLCI mapping table, which contains all resolved Inverse ARP requests, including both dynamic and static mapping entries.

QUESTION 123
How does using the service password-encryption command on a router provide additional security?

A.    by encrypting all passwords passing through the router
B.    by encrypting passwords in the plain text configuration file
C.    by requiring entry of encrypted passwords for access to the device
D.    by configuring an MD5 encrypted key to be used by routing protocols to validate routing exchanges
E.    by automatically suggesting encrypted passwords for use in configuring the router

Answer: B
Explanation:
By using this command, all the (current and future) passwords are encrypted. This command is primarily useful for keeping unauthorized individuals from viewing your password in your configuration file

QUESTION 124
Refer to the exhibit. Switch port FastEthernet 0/24 on ALSwitch1 will be used to create an IEEE 802.1Q-compliant trunk to another switch. Based on the output shown, what is the reason the trunk does not form, even though the proper cabling has been attached?

clip_image001

A.    VLANs have not been created yet.
B.    An IP address must be configured for the port.
C.    The port is currently configured for access mode.
D.    The correct encapsulation type has not been configured.
E.    The no shutdown command has not been entered for the port.

Answer: C
Explanation:
According to the output shown the switchport (layer 2 Switching) is enabled and the port is in access mode. To make a trunk link the port should configured as a trunk port, not an access port, by using the following command: (Config-if)#switchport mode trunk

QUESTION 125
A router has learned three possible routes that could be used to reach a destination network. One route is from EIGRP and has a composite metric of 20514560. Another route is from OSPF with a metric of 782. The last is from RIPv2 and has a metric of 4. Which route or routes will the router install in the routing table?

A.    the OSPF route
B.    the EIGRP route
C.    the RIPv2 route
D.    all three routes
E.    the OSPF and RIPv2 routes

Answer: B
Explanation:
When one route is advertised by more than one routing protocol, the router will choose to use the routing protocol which has lowest Administrative Distance. The Administrative Distances of popular routing protocols are listed below:

clip_image001[4]

QUESTION 126
A network administrator needs to allow only one Telnet connection to a router. For anyone viewing the configuration and issuing the show run command, the password for Telnet access should be encrypted. Which set of commands will accomplish this task?

A.    service password-encryption
access-list 1 permit 192.168.1.0 0.0.0.255
line vty 0 4
login
password cisco
access-class 1
B.    enable password secret
line vty 0
login
password cisco
C.    service password-encryption
line vty 1
login
password cisco
D.    service password-encryption
line vty 0 4
login
password cisco

Answer: C
Explanation:
Only one VTY connection is allowed which is exactly what’s requested.
Incorrect answer: command.
line vty0 4
would enable all 5 vty connections.

QUESTION 127
What is the effect of using the service password-encryption command?

A.    Only the enable password will be encrypted.
B.    Only the enable secret password will be encrypted.
C.    Only passwords configured after the command has been entered will be encrypted.
D.    It will encrypt the secret password and remove the enable secret password from the configuration.
E.    It will encrypt all current and future passwords.

Answer: E
Explanation:
Enable vty, console, AUX passwords are configured on the Cisco device. Use the show run command to show most passwords in clear text. If the service password-encryption is used, all the passwords are encrypted. As a result, the security of device access is improved.

QUESTION 128
Refer to the exhibit. What is the effect of the configuration that is shown?

clip_image001[6]

A.    It configures SSH globally for all logins.
B.    It tells the router or switch to try to establish an SSh connection first and if that fails to use Telnet.
C.    It configures the virtual terminal lines with the password 030752180500.
D.    It configures a Cisco network device to use the SSH protocol on incoming communications via the
virtual terminal ports.
E.    It allows seven failed login attempts before the VTY lines are temporarily shutdown.

Answer: D
Explanation:
Secure Shell (SSH) is a protocol which provides a secure remote access connection to network devices. Communication between the client and server is encrypted in both SSH version 1 and SSH version 2. If you want to prevent non-SSH connections, add the “transport input ssh” command under the lines to limit the router to SSH connections only. Straight (non-SSH) Telnets are refused.
Reference: www.cisco.com/warp/public/707/ssh.shtml

QUESTION 129
Refer to the exhibit. What is the reason that the interface status is “administratively down, line protocol down”?

clip_image001[8]

A.    There is no encapsulation type configured.
B.    There is a mismatch in encapsulation types.
C.    The interface is not receiving any keepalives.
D.    The interface has been configured with the shutdown command.
E.    The interface needs to be configured as a DTE device.
F.    The wrong type of cable is connected to the interface.

Answer: D
Explanation:
Interface can be enabled or disabled with shutdown/no shutdown command. If you interface is down, it will display administratively down status. You can bring up an interface having administratively down interface using no shutdown command.

QUESTION 130
Refer to the exhibit. When running OSPF, what would cause router A not to form an adjacency with router B?

clip_image001[10]

A.    The loopback addresses are on different subnets.
B.    The values of the dead timers on the routers are different.
C.    Route summarization is enabled on both routers.
D.    The process identifier on router A is different than the process identifier on router B.

Answer: B
Explanation:
To form an adjacency (become neighbor), router A & B must have the same Hello interval, Dead interval and AREA number.s

If you want to pass the Cisco 200-120 Exam sucessfully, recommend to read latestCisco 200-120 Dum full version.


2014 Latest Cisco 200-120 Dump Free Download(111-120)!

QUESTION 111
A network administrator needs to configure a serial link between the main office and a remote location. The router at the remote office is a non-Cisco router. How should the network administrator configure the serial interface of the main office router to make the connection?

A.    Main(config)# interface serial 0/0
Main(config-if)# ip address 172.16.1.1 255.255.255.252
Main(config-if)# no shut
B.    Main(config)# interface serial 0/0
Main(config-if)# ip address 172.16.1.1 255.255.255.252
Main(config-if)# encapsulation ppp
Main(config-if)# no shut
C.    Main(config)# interface serial 0/0
Main(config-if)# ip address 172.16.1.1 255.255.255.252
Main(config-if)# encapsulation frame-relay
Main(config-if)# authentication chap
Main(config-if)# no shut
D.    Main(config)# interface serial 0/0
Main(config-if)#ip address 172.16.1.1 255.255.255.252
Main(config-if)#encapsulation ietf
Main(config-if)# no shut

Answer: B
Explanation:
With serial point to point links there are two options for the encapsulation. The default, HDLC, is Cisco proprietary and works only with other Cisco routers. The other option is PPP which is standards based and supported by all vendors.

QUESTION 112
What are three reasons that an organization with multiple branch offices and roaming users might implement a Cisco VPN solution instead of point-to-point WAN links? (Choose three.)

A.    reduced cost
B.    better throughput
C.    broadband incompatibility
D.    increased security
E.    scalability
F.    reduced latency

Answer: ADE
Explanation:
IPsec offer a number of advantages over point to point WAN links, particularly when multiple locations are involved. These include reduced cost, increased security since all traffic is encrypted, and increased scalability as s single WAN link can be used to connect to all locations in a VPN, where as a point to point link would need to be provisioned to each location.

QUESTION 113
Which two statistics appear in show frame-relay map output? (Choose two.)

A.    the number of BECN packets that are received by the router
B.    the value of the local DLCI
C.    the number of FECN packets that are received by the router
D.    the status of the PVC that is configured on the router
E.    the IP address of the local router

Answer: BD
Explanation:
Sample “show frame-relay map” output:
R1#sh frame mapSerial0/0 (up): ip 10.4.4.1 dlci 401(0x191,0x6410), dynamic,broadcast,, status defined, activeSerial0/0 (up): ip 10.4.4.3 dlci 403(0x193,0x6430), dynamic,broadcast,, status defined, activeSerial0/0 (up): ip 10.4.4.4 dlci 401(0x191,0x6410), static,CISCO, status defined, active

QUESTION 114
Which command allows you to verify the encapsulation type (CISCO or IETF) for a Frame Relay link?

A.    show frame-relay lmi
B.    show frame-relay map
C.    show frame-relay pvc
D.    show interfaces serial

Answer: B
Explanation:
When connecting Cisco devices with non-Cisco devices, you must use IETF4 encapsulation on both devices. Check the encapsulation type on the Cisco device with the show frame-relay map exec command.

QUESTION 115
It has become necessary to configure an existing serial interface to accept a second Frame Relay virtual circuit. Which of the following procedures are required to accomplish this task? (Choose three.)

A.    Remove the IP address from the physical interface.
B.    Encapsulate the physical interface with multipoint PPP.
C.    Create the virtual interfaces with the interface command.
D.    Configure each subinterface with its own IP address.
E.    Disable split horizon to prevent routing loops between the subinterface networks.
F.    Configure static Frame Relay map entries for each subinterface network.

Answer: ACD
Explanation:
For multiple PVC’s on a single interface, you must use subinterfaces, with each subinterface configured for each PVC. Each subinterface will then have its own IP address, and no IP address will be assigned to the main interface.

QUESTION 116
What occurs on a Frame Relay network when the CIR is exceeded?

A.    All TCP traffic is marked discard eligible.
B.    All UDP traffic is marked discard eligible and a BECN is sent.
C.    All TCP traffic is marked discard eligible and a BECN is sent.
D.    All traffic exceeding the CIR is marked discard eligible.

Answer: D
Explanation:
Committed information rate (CIR): The minimum guaranteed data transfer rate agreed to by the Frame Relay switch. Frames that are sent in excess of the CIR are marked as discard eligible (DE) which means they can be dropped if the congestion occurs within the Frame Relay network. Note: In the Frame Relay frame format, there is a bit called Discard eligible (DE) bit that is used to identify frames that are first to be dropped when the CIR is exceeded.

QUESTION 117
Which two statements about using the CHAP authentication mechanism in a PPP link are true? (Choose two.)

A.    CHAP uses a two-way handshake.
B.    CHAP uses a three-way handshake.
C.    CHAP authentication periodically occurs after link establishment.
D.    CHAP authentication passwords are sent in plaintext.
E.    CHAP authentication is performed only upon link establishment.
F.    CHAP has no protection from playback attacks.

Answer: BC
Explanation:
CHAP is an authentication scheme used by Point to Point Protocol (PPP) servers to validate the identity of remote clients. CHAP periodically verifies the identity of the client by using a three-way handshake. This happens at the time of establishing the initial link (LCP), and may happen again at any time afterwards. The verification is based on a shared secret (such as the client user’s password).

rictly a Layer 2 protocol suite.

QUESTION 118
What is the result of issuing the frame-relay map ip 192.168.1.2 202 broadcast command?

A.    defines the destination IP address that is used in all broadcast packets on DCLI 202
B.    defines the source IP address that is used in all broadcast packets on DCLI 202
C.    defines the DLCI on which packets from the 192.168.1.2 IP address are received
D.    defines the DLCI that is used for all packets that are sent to the 192.168.1.2 IP address

Answer: D
Explanation:
This command identifies the DLCI that should be used for all packets destined to the 192.168.1.2 address. In this case, DLCI 202 should be used.

QUESTION 119
Which PPP subprotocol negotiates authentication options?

A.    NCP
B.    ISDN
C.    SLIP
D.    LCP
E.    DLCI

Answer: D
Explanation:
The PPP Link Control Protocol (LCP) is documented in RFC 1661. LPC negotiates link and PPP parameters to dynamically configure the data link layer of a PPP connection. Common LCP options include the PPP MRU, the authentication protocol, compression of PPP header fields, callback, and multilink options.

QUESTION 120
What are two characteristics of Frame Relay point-to-point subinterfaces? (Choose two.)

A.    They create split-horizon issues.
B.    They require a unique subnet within a routing domain.
C.    They emulate leased lines.
D.    They are ideal for full-mesh topologies.
E.    They require the use of NBMA options when using OSPF.

Answer: BC
Explanation:
Subinterfaces are used for point to point frame relay connections, emulating virtual point to point leased lines. Each subinterface requires a unique IP address/subnet. Remember, you can not assign multiple interfaces in a router that belong to the same IP subnet.

If you want to pass the Cisco 200-120 Exam sucessfully, recommend to read latestCisco 200-120 Dum full version.


2014 Latest Cisco 200-120 Dump Free Download(101-110)!

QUESTION 101
Refer to the exhibit. Statements A, B, C, and D of ACL 10 have been entered in the shown order and applied to interface E0 inbound, to prevent all hosts (except those whose addresses are the first and last IP of subnet 172.21.1.128/28) from accessing the network. But as is, the ACL does not restrict anyone from the network. How can the ACL statements be re-arranged so that the system works as intended?

clip_image001
A.    ACDB
B.    BADC
C.    DBAC
D.    CDBA

Answer: D
Explanation:
Routers go line by line through an access list until a match is found and then will not look any further, even if a more specific of better match is found later on in the access list. So, it it best to begin with the most specific entries first, in this cast the two hosts in line C and D. Then, include the subnet (B) and then finally the rest of the traffic (A).

QUESTION 102
The output of the show frame-relay pvc command shows “PVC STATUS = INACTIVE”. What does this mean?

A.    The PVC is configured correctly and is operating normally, but no data packets have been detected
for more than five minutes.
B.    The PVC is configured correctly, is operating normally, and is no longer actively seeking the address
of the remote router.
C.    The PVC is configured correctly, is operating normally, and is waiting for interesting traffic to trigger
a call to the remote router.
D.    The PVC is configured correctly on the local switch, but there is a problem on the remote end of the PVC.
E.    The PVC is not configured on the local switch.

Answer: D
Explanation:
The PVC STATUS displays the status of the PVC. The DCE device creates and sends the report to the DTE devices. There are 4 statuses:
+ ACTIVE: the PVC is operational and can transmit data + INACTIVE: the connection from the local router to the switch is working, but the connection to the remote router is not available
+ DELETED: the PVC is not present and no LMI information is being received from the Frame Relay switch
+ STATIC: the Local Management Interface (LMI) mechanism on the interface is disabled (by using the “no keepalive” command). This status is rarely seen so it is ignored in some books.

QUESTION 103
Which command is used to enable CHAP authentication, with PAP as the fallback method, on a serial interface?

A.    Router(config-if)# ppp authentication chap fallback ppp
B.    Router(config-if)# ppp authentication chap pap
C.    Router(config-if)# authentication ppp chap fallback ppp
D.    Router(config-if)# authentication ppp chap pap

Answer: B
Explanation:
This command tells the router to first use CHAP and then go to PAP if CHAP isn’t available.

QUESTION 104
Which protocol is an open standard protocol framework that is commonly used in VPNs, to provide secure end-to-end communications?

A.    RSA
B.    L2TP
C.    IPsec
D.    PPTP

Answer: C
Explanation:
IPSec is a framework of open standards that provides data confidentiality, data integrity, and data authentication between participating peers at the IP layer. IPSec can be used to protect one or more data flows between IPSec peers.

QUESTION 105
At which layer of the OSI model does PPP perform?

A.    Layer 2
B.    Layer 3
C.    Layer 4
D.    Layer 5

Answer: A
Explanation:
The Point-to-Point Protocol (PPP) provides a standard method for transporting multi-protocol datagrams over point-to-point links. PPP was originally emerged as an encapsulation protocol for transporting IP traffic between two peers. It is a data link layer protocol (layer 2 in the OSI model )

QUESTION 106
The command frame-relay map ip 10.121.16.8 102 broadcast was entered on the router. Which of the following statements is true concerning this command?

A.    This command should be executed from the global configuration mode.
B.    The IP address 10.121.16.8 is the local router port used to forward data.
C.    102 is the remote DLCI that will receive the information.
D.    This command is required for all Frame Relay configurations.
E.    The broadcast option allows packets, such as RIP updates, to be forwarded across the PVC.

Answer: E
Explanation:
Broadcast is added to the configurations of the frame relay, so the PVC supports broadcast, allowing the routing protocol updates that use the broadcast update mechanism to be forwarded across itself.

QUESTION 107
Which two options are valid WAN connectivity methods? (Choose two.)

A.    PPP
B.    WAP
C.    DSL
D.    L2TPv3
E.    Ethernet

Answer: AC
Explanation:
The Point-to-Point Protocol (PPP) provides a standard method for transporting multi-protocol datagrams over point-to-point links. PPP was originally emerged as an encapsulation protocol for transporting IP traffic between two peers. It is a data link layer protocol used for WAN connections.
DSL is also considered a WAN connection, as it can be used to connect networks, typically when used with VPN technology.

QUESTION 108
Which Layer 2 protocol encapsulation type supports synchronous and asynchronous circuits and has built-in security mechanisms?

A.    HDLC
B.    PPP
C.    X.25
D.    Frame Relay

Answer: B
Explanation:
PPP: Provides router-to-router and host-to-network connections over synchronous and asynchronous circuits. PPP was designed to work with several network layer protocols, including IP. PPP also has built-in security mechanisms, such as Password Authentication Protocol (PAP) and Challenge Handshake Authentication Protocol (CHAP).

QUESTION 109
Which encapsulation type is a Frame Relay encapsulation type that is supported by Cisco routers?

A.    IETF
B.    ANSI Annex D
C.    Q9333-A Annex A
D.    HDLC

Answer: A
Explanation:
Cisco supports two Frame Relay encapsulation types: the Cisco encapsulation and the IETF Frame Relay encapsulation, which is in conformance with RFC 1490 and RFC 2427. The former is often used to connect two Cisco routers while the latter is used to connect a Cisco router to a non-Cisco router. You can test with your Cisco router when typing the command Router(config-if)# encapsulation frame-relay ? on a WAN link. Below is the output of this command (notice Cisco is the default encapsulation so it is not listed here, just press Enter to use it).

clip_image001[5]
Note: Three LMI options are supported by Cisco routers are ansi, Cisco, and Q933a. They represent the ANSI Annex D, Cisco, and ITU Q933-A (Annex A) LMI types, respectively. HDLC is a WAN protocol same as Frame-Relay and PPP so it is not a Frame Relay encapsulation type.

QUESTION 110
Refer to the exhibit. What is the meaning of the term dynamic as displayed in the output of the show frame-relay map command shown?

clip_image001[7]

A.    The Serial0/0 interface is passing traffic.
B.    The DLCI 100 was dynamically allocated by the router.
C.    The Serial0/0 interface acquired the IP address of 172.16.3.1 from a DHCP server.
D.    The DLCI 100 will be dynamically changed as required to adapt to changes in the Frame Relay cloud.
E.    The mapping between DLCI 100 and the end station IP address 172.16.3.1 was learned through Inverse ARP.

Answer: E
Explanation:
Inverse Address Resolution Protocol (Inverse ARP) was developed to provide a mechanism for dynamic DLCI to Layer 3 address maps. Inverse ARP works much the same way Address Resolution Protocol (ARP) works on a LAN. However, with ARP, the device knows the Layer 3 IP address and needs to know the remote data link MAC address. With Inverse ARP, the router knows the Layer 2 address which is the DLCI, but needs to know the remote Layer 3 IP address. When using dynamic address mapping, Inverse ARP requests a next-hop protocol address for each active PVC. Once the requesting router receives an Inverse ARP response, it updates its DLCI-to-Layer 3 address mapping table. Dynamic address mapping is enabled by default for all protocols enabled on a physical interface. If the Frame Relay environment supports LMI autosensing and Inverse ARP, dynamic address mapping takes place automatically. Therefore, no static address mapping is required.

If you want to pass the Cisco 200-120 Exam sucessfully, recommend to read latestCisco 200-120 Dum full version.


2014 Latest Cisco 200-120 Dump Free Download(91-100)!

QUESTION 91
When you are troubleshooting an ACL issue on a router, which command would you use to verify which interfaces are affected by the ACL?

A.    show ip access-lists
B.    show access-lists
C.    show interface
D.    show ip interface
E.    list ip interface

Answer: D
Explanation:
Incorrect answer:
show ip access-lists does not show interfaces affected by an ACL.

QUESTION 92
Cisco Catalyst switches CAT1 and CAT2 have a connection between them using ports FA0/13. An 802.1Q trunk is configured between the two switches. On CAT1, VLAN 10 is chosen as native, but on CAT2 the native VLAN is not specified. What will happen in this scenario?

A.    802.1Q giants frames could saturate the link.
B.    VLAN 10 on CAT1 and VLAN 1 on CAT2 will send untagged frames.
C.    A native VLAN mismatch error message will appear.
D.    VLAN 10 on CAT1 and VLAN 1 on CAT2 will send tagged frames.

Answer: C
Explanation:
A “native VLAN mismatch” error will appear by CDP if there is a native VLAN mismatch on an 802.1Q link. “VLAN mismatch” can cause traffic from one vlan to leak into another vlan.

QUESTION 93
What will happen if a private IP address is assigned to a public interface connected to an ISP?

A.    Addresses in a private range will be not be routed on the Internet backbone.
B.    Only the ISP router will have the capability to access the public network.
C.    The NAT process will be used to translate this address to a valid IP address.
D.    A conflict of IP addresses happens, because other public routers can use the same range.

Answer: A
Explanation:
Private RFC 1918 IP addresses are meant to be used by organizations locally within their own network only, and can not be used globally for Internet use.

QUESTION 94
Which router IOS commands can be used to troubleshoot LAN connectivity problems? (Choose three.)

A.    ping
B.    tracert
C.    ipconfig
D.    show ip route
E.    winipcfg
F.    show interfaces

Answer: ADF
Explanation:
Ping, show ip route, and show interfaces are all valid troubleshooting IOS commands. Tracert, ipconfig, and winipcfg are PC commands, not IOS.

QUESTION 95
In which circumstance are multiple copies of the same unicast frame likely to be transmitted in a switched LAN?

A.    during high traffic periods
B.    after broken links are re-established
C.    when upper-layer protocols require high reliability
D.    in an improperly implemented redundant topology
E.    when a dual ring topology is in use

Answer: D
Explanation:
If we connect two switches via 2 or more links and do not enable STP on these switches then a loop (which creates multiple copies of the same unicast frame) will occur. It is an example of an improperly implemented redundant topology.

QUESTION 96
VLAN 3 is not yet configured on your switch. What happens if you set the switchport access vlan 3 command in interface configuration mode?

A.    The command is rejected.
B.    The port turns amber.
C.    The command is accepted and the respective VLAN is added to vlan.dat.
D.    The command is accepted and you must configure the VLAN manually.

Answer: C
Explanation:
The “switchport access vlan 3” will put that interface as belonging to VLAN 3 while also updated the VLAN database automatically to include VLAN 3.

QUESTION 97
A network administrator is troubleshooting an EIGRP problem on a router and needs to confirm the IP addresses of the devices with which the router has established adjacency. The retransmit interval and the queue counts for the adjacent routers also need to be checked. What command will display the required information?

A.    Router# show ip eigrp adjacency
B.    Router# show ip eigrp topology
C.    Router# show ip eigrp interfaces
D.    Router# show ip eigrp neighbors

Answer: D
Explanation:
Below is an example of the show ip eigrp neighbors command. The retransmit interval (Smooth Round Trip Timer ?SRTT) and the queue counts (Q count, which shows the number of queued EIGRP packets) for the adjacent routers are listed:

clip_image001
QUESTION 98
Which port state is introduced by Rapid-PVST?

A.    learning
B.    listening
C.    discarding
D.    forwarding

Answer: C
Explanation:
PVST+ is based on IEEE802.1D Spanning Tree Protocol (STP). But PVST+ has only 3 port states (discarding, learning and forwarding) while STP has 5 port states (blocking, listening, learning, forwarding and disabled). So discarding is a new port state in PVST+.

QUESTION 99
Refer to the exhibit. The two connected ports on the switch are not turning orange or green. What would be the most effective steps to troubleshoot this physical layer problem? (Choose three.)

clip_image001[4]

A.    Ensure that the Ethernet encapsulations match on the interconnected router and switch ports.
B.    Ensure that cables A and B are straight-through cables.
C.    Ensure cable A is plugged into a trunk port.
D.    Ensure the switch has power.
E.    Reboot all of the devices.
F.    Reseat all cables.

Answer: BDF
Explanation:
The ports on the switch are not up indicating it is a layer 1 (physical) problem so we should check cable type, power and how they are plugged in.

QUESTION 100
Which statement is correct regarding the operation of DHCP?

A.    A DHCP client uses a ping to detect address conflicts.
B.    A DHCP server uses a gratuitous ARP to detect DHCP clients.
C.    A DHCP client uses a gratuitous ARP to detect a DHCP server.
D.    If an address conflict is detected, the address is removed from the pool and an administrator must
resolve the conflict.
E.    If an address conflict is detected, the address is removed from the pool for an amount of time configurable
by the administrator.
F.    If an address conflict is detected, the address is removed from the pool and will not be reused until the
server is rebooted.

Answer: D
Explanation:
An address conflict occurs when two hosts use the same IP address. During address assignment, DHCP checks for conflicts using ping and gratuitous ARP. If a conflict is detected, the address is removed from the pool. The address will not be assigned until the administrator resolves the conflict.
http://www.cisco.com/en/US/docs/ios/12_1/iproute/configuration/guide/1cddhcp.html

If you want to pass the Cisco 200-120 Exam sucessfully, recommend to read latestCisco 200-120 Dum full version.


2014 Latest Cisco 200-120 Dump Free Download(81-90)!

QUESTION 81
Which statement about access lists that are applied to an interface is true?

A.    You can place as many access lists as you want on any interface.
B.    You can apply only one access list on any interface.
C.    You can configure one access list, per direction, per Layer 3 protocol.
D.    You can apply multiple access lists with the same protocol or in different directions.

Answer: C
Explanation:
We can have only 1 access list per protocol, per direction and per interface. It means:
+ We can not have 2 inbound access lists on an interface + We can have 1 inbound and 1 outbound access list on an interface

QUESTION 82
Which item represents the standard IP ACL?

A.    access-list 110 permit ip any any
B.    access-list 50 deny 192.168.1.1 0.0.0.255
C.    access list 101 deny tcp any host 192.168.1.1
D.    access-list 2500 deny tcp any host 192.168.1.1 eq 22

Answer: B
Explanation:
The standard access lists are ranged from 1 to 99 and from 1300 to 1999 so only access list 50 is a standard access list.

QUESTION 83
A network administrator is configuring ACLs on a Cisco router, to allow traffic from hosts on networks 192.168.146.0, 192.168.147.0, 192.168.148.0, and 192.168.149.0 only. Which two ACL statements, when combined, would you use to accomplish this task? (Choose two.)

A.    access-list 10 permit ip 192.168.146.0 0.0.1.255
B.    access-list 10 permit ip 192.168.147.0 0.0.255.255
C.    access-list 10 permit ip 192.168.148.0 0.0.1.255
D.    access-list 10 permit ip 192.168.149.0 0.0.255.255
E.    access-list 10 permit ip 192.168.146.0 0.0.0.255
F.    access-list 10 permit ip 192.168.146.0 255.255.255.0

Answer: AC
Explanation:
access-list 10 permit ip 192.168.146.0 0.0.1.255 will include the 192.168.146.0 and 192.168.147.0 subnets, while access-list 10 permit ip 192.168.148.0 0.0.1.255 will include

QUESTION 84
What can be done to secure the virtual terminal interfaces on a router? (Choose two.)

A.    Administratively shut down the interface.
B.    Physically secure the interface.
C.    Create an access list and apply it to the virtual terminal interfaces with the access-group command.
D.    Configure a virtual terminal password and login process.
E.    Enter an access list and apply it to the virtual terminal interfaces using the access-class command.

Answer: DE
Explanation:
It is a waste to administratively shut down the interface. Moreover, someone can still access the virtual terminal interfaces via other interfaces ->
We can not physically secure a virtual interface because it is “virtual” -> To apply an access list to a virtual terminal interface we must use the “access-class” command. The “access-group” command is only used to apply an access list to a physical interface -> C is not correct.
The most simple way to secure the virtual terminal interface is to configure a username & password to prevent unauthorized login.

QUESTION 85
Which two commands correctly verify whether port security has been configured on port FastEthernet 0/12 on a switch? (Choose two.)

A.    SW1#show port-secure interface FastEthernet 0/12
B.    SW1#show switchport port-secure interface FastEthernet 0/12
C.    SW1#show running-config
D.    SW1#show port-security interface FastEthernet 0/12
E.    SW1#show switchport port-security interface FastEthernet 0/12

Answer: CD
Explanation:
We can verify whether port security has been configured by using the “show running-config” or “show port-security interface ” for more detail. An example of the output of “show port-security interface ” command is shown below:
QUESTION 86
What will be the result if the following configuration commands are implemented on a Cisco switch? Switch(config-if)# switchport port-security
Switch(config-if)# switchport port-security mac-address sticky

A.    A dynamically learned MAC address is saved in the startup-configuration file.
B.    A dynamically learned MAC address is saved in the running-configuration file.
C.    A dynamically learned MAC address is saved in the VLAN database.
D.    Statically configured MAC addresses are saved in the startup-configuration file if frames from that address
are received.
E.    Statically configured MAC addresses are saved in the running-configuration file if frames from that address
are received.

Answer: B
Explanation:
In the interface configuration mode, the command switchport port-security mac-address sticky enables sticky learning. When entering this command, the interface converts all the dynamic secure MAC addresses to sticky secure MAC addresses.

QUESTION 87
The network administrator cannot connect to Switch1 over a Telnet session, although the hosts attached to Switch1 can ping the interface Fa0/0 of the router. Given the information in the graphic and assuming that the router and Switch2 are configured properly, which of the following commands should be issued on Switch1 to correct this problem?

A.    Switch1(config)# line con0
Switch1(config-line)# password cisco
Switch1(config-line)#login
B.    Switch1(config)# interface fa0/1
Switch1(config-if)# ip address 192.168.24.3 255.255.255.0
C.    Switch1(config)# ip default-gateway 192.168.24.1
D.    Switch1(config)# interface fa0/1
Switch1(config-if)# duplex full
Switch1(config-if)# speed 100
E.    Switch1(config)# interface fa0/1
Switch1(config-if)# switchport mode trunk

Answer: C
Explanation:
Since we know hosts can reach the router through the switch, we know that connectivity, duplex. Speed, etc. are good. However, for the switch itself to reach networks outside the local one, the ip default-gateway command must be used.

QUESTION 88
A router has two Fast Ethernet interfaces and needs to connect to four VLANs in the local network. How can you accomplish this task, using the fewest physical interfaces and without decreasing network performance?

A.    Use a hub to connect the four VLANS with a Fast Ethernet interface on the router.
B.    Add a second router to handle the VLAN traffic.
C.    Add two more Fast Ethernet interfaces.
D.    Implement a router-on-a-stick configuration.

Answer: D
Explanation:
A router on a stick allows you to use sub-interfaces to create multiple logical networks on a single physical interface.

QUESTION 89
A network administrator is trying to add a new router into an established OSPF network. The networks attached to the new router do not appear in the routing tables of the other OSPF routers. Given the information in the partial configuration shown below, what configuration error is causing this problem?
Router(config)# router ospf 1
Router(config-router)# network 10.0.0.0 255.0.0.0 area 0

A.    The process id is configured improperly.
B.    The OSPF area is configured improperly.
C.    The network wildcard mask is configured improperly.
D.    The network number is configured improperly.
E.    The AS is configured improperly.
F.    The network subnet mask is configured improperly.

Answer: C
Explanation:
When configuring OSPF, the mask used for the network statement is a wildcard mask similar to an access list. In this specific example, the correct syntax would have been “network 10.0.0.0 0.0.0.255 area 0.”

QUESTION 90
Which Cisco Catalyst feature automatically disables the port in an operational PortFast upon receipt of a BPDU?

A.    BackboneFast
B.    UplinkFast
C.    Root Guard
D.    BPDU Guard
E.    BPDU Filter

Answer: D
Explanation:
We only enable PortFast feature on access ports (ports connected to end stations). But if someone does not know he can accidentally plug that port to another switch and a loop may occur when BPDUs are being transmitted and received on these ports. With BPDU Guard, when a PortFast receives a BPDU, it will be shut down to prevent a loop.

If you want to pass the Cisco 200-120 Exam sucessfully, recommend to read latestCisco 200-120 Dum full version.


2014 Latest Cisco 200-120 Dump Free Download(71-80)!

QUESTION 71
Which type of EIGRP route entry describes a feasible successor?

A.    a backup route, stored in the routing table
B.    a primary route, stored in the routing table
C.    a backup route, stored in the topology table
D.    a primary route, stored in the topology table

Answer: C
Explanation:
EIGRP uses the Neighbor Table to list adjacent routers. The Topology Table list all the learned routers to destination whilst the Routing Table contains the best route to a destination, which is known as the Successor. The Feasible Successor is a backup route to a destination which is kept in the Topology Table.

QUESTION 72
Which statement describes the process of dynamically assigning IP addresses by the DHCP server?

A.    Addresses are allocated after a negotiation between the server and the host to determine the length
of the agreement.
B.    Addresses are permanently assigned so that the hosts uses the same address at all times.
C.    Addresses are assigned for a fixed period of time, at the end of the period, a new request for an address
must be made.
D.    Addresses are leased to hosts, which periodically contact the DHCP server to renew the lease.

Answer: D
Explanation:
The DHCP lifecycle consists of the following:
Release: The client may decide at any time that it no longer wishes to use the IP address it was assigned, and may terminate the lease, releasing the IP address.

QUESTION 73
What are two benefits of using NAT? (Choose two.)

A.    NAT facilitates end-to-end communication when IPsec is enabled.
B.    NAT eliminates the need to re-address all hosts that require external access.
C.    NAT conserves addresses through host MAC-level multiplexing.
D.    Dynamic NAT facilitates connections from the outside of the network.
E.    NAT accelerates the routing process because no modifications are made on the packets.
F.    NAT protects network security because private networks are not advertised.

Answer: BF
Explanation:
By not revealing the internal Ip addresses, NAT adds some security to the inside network -> F is correct.
NAT has to modify the source IP addresses in the packets -> E is not correct.
Connection from the outside of the network through a “NAT” network is more difficult than a more network because IP addresses of inside hosts are hidden -> C is not correct.
In order for IPsec to work with NAT we need to allow additional protocols, including Internet Key Exchange (IKE), Encapsulating Security Payload (ESP) and Authentication Header (AH) -> more complex -> A is not correct.
By allocating specific public IP addresses to inside hosts, NAT eliminates the need to re-address the inside hosts -> B is correct.
NAT does conserve addresses but not through host MAC-level multiplexing. It conserves addresses by allowing many private IP addresses to use the same public IP address to go to the Internet -> C is not correct.

QUESTION 74
On which options are standard access lists based?

A.    destination address and wildcard mask
B.    destination address and subnet mask
C.    source address and subnet mask
D.    source address and wildcard mask

Answer: D
Explanation:
Standard ACL’s only examine the source IP address/mask to determine if a match is made. Extended ACL’s examine the source and destination address, as well as port information.

QUESTION 75
A network engineer wants to allow a temporary entry for a remote user with a specific username and password so that the user can access the entire network over the Internet. Which ACL can be used?

A.    standard
B.    extended
C.    dynamic
D.    reflexive

Answer: C
Explanation:
We can use a dynamic access list to authenticate a remote user with a specific username and password. The authentication process is done by the router or a central access server such as a TACACS+ or RADIUS server. The configuration of dynamic ACL can be read here:
http://www.cisco.com/en/US/tech/tk583/tk822/technologies_tech_note09186a0080094524.shtml

QUESTION 76
How does a DHCP server dynamically assign IP addresses to hosts?

A.    Addresses are permanently assigned so that the host uses the same address at all times.
B.    Addresses are assigned for a fixed period of time. At the end of the period, a new request for an
address must be made, and another address is then assigned.
C.    Addresses are leased to hosts. A host will usually keep the same address by periodically contacting
the DHCP server to renew the lease.
D.    Addresses are allocated after a negotiation between the server and the host to determine the length
of the agreement.

Answer: C
Explanation:
DHCP works in a client/server mode and operates like any other client/server relationship. When a PC connects to a DHCP server, the server assigns or leases an IP address to that PC. The PC connects to the network with that leased IP address until the lease expires. The host must contact the DHCP server periodically to extend the lease. This lease mechanism ensures that hosts that move or power off do not hold onto addresses that they do not need. The DHCP server returns these addresses to the address pool and reallocates them as necessary.

QUESTION 77
When a DHCP server is configured, which two IP addresses should never be assignable to hosts? (Choose two.)

A.    network or subnetwork IP address
B.    broadcast address on the network
C.    IP address leased to the LAN
D.    IP address used by the interfaces
E.    manually assigned address to the clients
F.    designated IP address to the DHCP server

Answer: AB
Explanation:
Network or subnetwork IP address (for example 11.0.0.0/8 or 13.1.0.0/16) and broadcast address (for example 23.2.1.255/24) should never be assignable to hosts. When try to assign these addresses to hosts, you will receive an error message saying that they can’t be assignable.

QUESTION 78
Which two statements about static NAT translations are true? (Choose two.)

A.    They allow connections to be initiated from the outside.
B.    They require no inside or outside interface markings because addresses are statically defined.
C.    They are always present in the NAT table.
D.    They can be configured with access lists, to allow two or more connections to be initiated from the outside.

Answer: AC
Explanation:
Static NAT is to map a single outside IP address to a single inside IP address. This is typically done to allow incoming connections from the outside (Internet) to the inside. Since these are static, they are always present in the NAT table even if they are not actively in use.

QUESTION 79
Which statement about access lists that are applied to an interface is true?

A.    You can place as many access lists as you want on any interface.
B.    You can apply only one access list on any interface.
C.    You can configure one access list, per direction, per Layer 3 protocol.
D.    You can apply multiple access lists with the same protocol or in different directions.

Answer: C
Explanation:
We can have only 1 access list per protocol, per direction and per interface. It means:
+ We can not have 2 inbound access lists on an interface + We can have 1 inbound and 1 outbound access list on an interface

QUESTION 80
Which item represents the standard IP ACL?

A.    access-list 110 permit ip any any
B.    access-list 50 deny 192.168.1.1 0.0.0.255
C.    access list 101 deny tcp any host 192.168.1.1
D.    access-list 2500 deny tcp any host 192.168.1.1 eq 22

Answer: B
Explanation:
The standard access lists are ranged from 1 to 99 and from 1300 to 1999 so only access list 50 is a standard access list.

If you want to pass the Cisco 200-120 Exam sucessfully, recommend to read latestCisco 200-120 Dum full version.


2014 Latest Cisco 200-120 Dump Free Download(61-70)!

QUESTION 61
What is the default administrative distance of OSPF?

A.    90
B.    100
C.    110
D.    120

Answer: C
Explanation:
Administrative distance is the feature that routers use in order to select the best path when there are two or more different routes to the same destination from two different routing protocols. Administrative distance defines the reliability of a routing protocol. Each routing protocol is prioritized in order of most to least reliable (believable) with the help of an administrative distance value.
Default Distance Value Table
This table lists the administrative distance default values of the protocols that Cisco supports:
Route Source
Default Distance Values
Connected interface
Static route
Enhanced Interior Gateway Routing Protocol (EIGRP) summary route External Border Gateway Protocol (BGP)
Internal EIGRP
IGRP
OSPF
Intermediate System-to-Intermediate System (IS-IS)
Routing Information Protocol (RIP)
Exterior Gateway Protocol (EGP)
On Demand Routing (ODR)
External EIGRP
Internal BGP
Unknown*

QUESTION 62
Which characteristics are representative of a link-state routing protocol? (Choose three.)

A.    provides common view of entire topology
B.    exchanges routing tables with neighbors
C.    calculates shortest path
D.    utilizes event-triggered updates
E.    utilizes frequent periodic updates

Answer: ACD
Explanation:
Each of routers running link-state routing protocol learns paths to all the destinations in its “area” so we can say although it is a bit unclear.
Link-state routing protocols generate routing updates only (not the whole routing table) when a change occurs in the network topology so
Link-state routing protocol like OSPF uses Dijkstra algorithm to calculate the shortest path -> . Unlike Distance vector routing protocol (which utilizes frequent periodic updates), link-state routing protocol utilizes event-triggered updates (only sends update when a change occurs) ->

QUESTION 63
Which command would you configure globally on a Cisco router that would allow you to view directly connected Cisco devices?

A.    enable cdp
B.    cdp enable
C.    cdp run
D.    run cdp

Answer: C
Explanation:
CDP is enabled on Cisco routers by default. If you prefer not to use the CDP capability, disable it with the no cdp run command. In order to reenable CDP, use the cdp run command in global configuration mode. The “cdp enable” command is an interface command, not global.

QUESTION 64
Which two locations can be configured as a source for the IOS image in the boot system command? (Choose two.)

A.    RAM
B.    NVRAM
C.    flash memory
D.    HTTP server
E.    TFTP server
F.    Telnet server

Answer: CE
Explanation:
The following locations can be configured as a source for the IOS image:
1. + Flash (the default location)
2. + TFTP server
3. + ROM (used if no other source is found)

QUESTION 65
Which two statements describe the process identifier that is used in the command to configure OSPF on a router? (Choose two.)
Router(config)# router ospf 1

A.    All OSPF routers in an area must have the same process ID
B.    Only one process number can be used on the same router.
C.    Different process identifiers can be used to run multiple OSPF processes
D.    The process number can be any number from 1 to 65,535.
E.    Hello packets are sent to each neighbor to determine the processor identifier.

Answer: CD
Explanation:
Multiple OSPF processes can be configured on a router using multiple process ID’s.
The valid process ID’s are shown below:
Edge-B(config)#router ospf ?
<1-65535> Process ID

QUESTION 66
Which three elements must be used when you configure a router interface for VLAN trunking? (Choose three.)

A.    one physical interface for each subinterface
B.    one IP network or subnetwork for each subinterface
C.    a management domain for each subinterface
D.    subinterface encapsulation identifiers that match VLAN tags
E.    one subinterface per VLAN
F.    subinterface numbering that matches VLAN tags

Answer: BDE
Explanation:
This scenario is commonly called a router on a stick. A short, well written article on this operation can be found here:
http://www.thebryantadvantage.com/RouterOnAStickCCNACertificationExamTutorial.htm

QUESTION 67
Which commands are required to properly configure a router to run OSPF and to add network 192.168.16.0/24 to OSPF area 0? (Choose two.)

A.    Router(config)# router ospf 0
B.    Router(config)# router ospf 1
C.    Router(config)# router ospf area 0
D.    Router(config-router)# network 192.168.16.0 0.0.0.255 0
E.    Router(config-router)# network 192.168.16.0 0.0.0.255 area 0
F.    Router(config-router)# network 192.168.16.0 255.255.255.0 area 0

Answer: BE
Explanation:
In the router ospf
command, the ranges from 1 to 65535 so o is an invalid number -> but To configure OSPF, we need a wildcard in the “network” statement, not a subnet mask. We also need to assgin an area to this process -> .

QUESTION 68
A router receives information about network 192.168.10.0/24 from multiple sources. What will the router consider the most reliable information about the path to that network?

A.    a directly connected interface with an address of 192.168.10.254/24
B.    a static route to network 192.168.10.0/24
C.    a RIP update for network 192.168.10.0/24
D.    an OSPF update for network 192.168.0.0/16
E.    a default route with a next hop address of 192.168.10.1
F.    a static route to network 192.168.10.0/24 with a local serial interface configured as the next hop

Answer: A
Explanation:
When there is more than one way to reach a destination, it will choose the best one based on a couple of things. First, it will choose the route that has the longest match; meaning the most specific route. So, in this case the /24 routes will be chosen over the /16 routes. Next, from all the /24 routes it will choose the one with the lowest administrative distance. Directly connected routes have an AD of 1 so this will be the route chosen.

QUESTION 69
What is the default maximum number of equal-cost paths that can be placed into the routing table of a Cisco OSPF router?

A.    2
B.    4
C.    16
D.    unlimited

Answer: B
Explanation:
maximum-paths (OSPF)
To control the maximum number of parallel routes that Open Shortest Path First (OSPF) can support, use the maximum-paths command.
Syntax Description
maximum
Maximum number of parallel routes that OSPF can install in a routing table. The range is from 1 to 16 routes.
Command Default
8 paths

QUESTION 70
Which command shows your active Telnet connections?

A.    show cdp neigbors
B.    show session
C.    show users
D.    show vty logins

Answer: B
Explanation:
The “show users” shows telnet/ssh connections to your router while “show sessions” shows telnet/ssh connections from your router (to other devices). The question asks about “your active Telnet connections”, meaning connections from your router so the answer should be A.

If you want to pass the Cisco 200-120 Exam sucessfully, recommend to read latestCisco 200-120 Dum full version.


Pages: 1 2 ... 269 270 271 272 273 274 275 276