Cisco Certified Network Associate (CCNA)

Exam 200-125
Cisco Certified Network Associate
(CCNA) v3.0
Multiple Choice Question (2019-08-28 Updated)
QUESTION 1
Where does routing occur within the DoD TCP/IP reference model?
A. Application
B. Internet
C. Network
D. Transport

Correct Answer: B

QUESTION 2
Which two statements about UDP are true? (Choose two)
A. It can transmit data at a rate higher than the path capacity
B. It uses a three-way handshake to ensure that traffic is transmitted properly
C. It guarantees packet delivery
D. it includes protection against duplicate packets
E. it can be used for multicast and broadcast traffic

Correct Answer: A, E

QUESTION 3
What are two reasons to use multicast to deliver video traffic, instead of unicast or broadcast?
(Choose two)
A. it provides reliable TCP transport
B. it enables multiple clients to receive the video stream simultaneously
C. it enables multiple servers to send video streams simultaneously
D. it enables multiple clients to send video streams simultaneously
E. it supports distributed applications

Correct Answer: B, E

QUESTION 4
Which two cable specifications can support 1-Gbps Ethernet? (Choose two)
A. Category 5e
B. RG11
C. RG-6
D. Category 6
E. Category 3

Correct Answer: A, D
QUESTION 5
Which two statements about UTP cables are true? (Choose two)
A. Category 6 Ethernet cables are appropriate for installations of up to 200m
B. Category 6a Ethernet cable can transmit up to 10Gbps
C. All Ethernet cable types from Category 1 through Category 6 are suitable for transmitting data on
the appropriate environments
D. Category 5 Ethernet cables support speeds up to 1000Mbps beyond 100m.
E. Category 5e Ethernet cables support speeds up to 1000Mbps

Correct Answer: B, E

QUESTION 6
Which two statements about 1000BASE-T UTP cable are true? (Choose two)
A. It use four wires
B. It is most appropriate for installations up to 1000 feet in length
C. It uses four wire pairs
D. It is most appropriate for installations up to 1000 meters in length
E. Both ends of the cable can transmit and receive simultaneously

Correct Answer: C, E

QUESTION 7
What are two benefits that the UDP protocol provides for application traffic? (Choose two)
A. UDP traffic has lower overhead than TCP traffic
B. UDP provides a built-in recovery mechanism to retransmit lost packets.
C. The CTL field in the UDP packet header enables a three-way handshake to establish the
connection
D. UDP maintains the connection state to provide more stable connections than TCP.
E. The application can use checksums to verify the integrity of application data

Correct Answer: A, E

QUESTION 8
Which switching method checks for CRC errors?
A. store-and-forward
B. cut-through
C. fragment-free
D. Layer 3

Correct Answer: A
QUESTION 9

Which of the following statements describe the network shown in the graphic? (Choose two.)
A. There are two broadcast domains in the network.
B. There are four broadcast domains in the network.
C. There are six broadcast domains in the network.
D. There are four collision domains in the network.
E. There are five collision domains in the network.
F. There are seven collision domains in the network.

Correct Answer: A, F

QUESTION 10

Refer to the exhibit. A new subnet with 60 hosts has been added to the network. Which subnet
address should this network use to provide enough usable addresses while wasting the fewest
addresses?
A. 192.168.1.56/27
B. 192.168.1.64/26
C. 192.168.1.64/27
D. 192.168.1.56/26

Correct Answer: B
QUESTION 11
For which two reasons was RFC 1918 address space define (Choose two)
A. to preserve public IPv4 address space
B. to reduce the occurrence of overlapping IP addresses
C. to preserve public IPv6 address space
D. reduce the size of ISP routing tables
E. to support the NAT protocol

Correct Answer: A, B

QUESTION 12
Which two statements about RFC 1918 addresses are true? (Choose two.)
A. They have reserved address space for Class A and Class B networks only.
B. They increase network performance.
C. They require Network Address Translation or Port Address Translation to access the Internet
D. They must be registered.
E. They provide security to end users when the users access the Internet

Correct Answer: C, E

QUESTION 13
In which two circumstances are private IPv4 addresses appropriate? (Choose two)
A. on internal hosts that stream data solely to external resources
B. on hosts that communicates only with other internal hosts
C. on the public-facing interface of a firewall
D. on hosts that require minimal access to external resources
E. to allow hosts inside an enterprise to communicate in both directions with hosts outside the
enterprise

Correct Answer: B, D

QUESTION 14
Which two address spaces are valid Class B IPv4 ranges that are non-routable to the internet?
(Choose two)
A. 10.0.0.0 through 10.0.255.255
B. 169.254.0.0 through 169.254.255.255
C. 172.16.0.0 through 172.31.255.255
D. 172.16.0.0 through 172.32.255.255
E. 192.168.0.0 through 192.168.255.255

Correct Answer: B, C
QUESTION 15
A national retail chain needs to design an IP addressing scheme to support a nationwide network. The
company needs a minimum of 300 sub-networks and a maximum of 50 host addresses per subnet.
Working with only one Class B address, which of the following subnet masks will support an
appropriate addressing scheme? (Choose two.)
A. 255.255.255.0
B. 255.255.255.128
C. 255.255.252.0
D. 255.255.255.224
E. 255.255.255.192
F. 255.255.248.0

Correct Answer: B, E

QUESTION 16
Which value is included in the initial TCP SYN message?
A. a session ID
B. sequence number
C. a TTL number
D. an acknowledgment number

Correct Answer: B

QUESTION 17
Which three elements are fields in a basic Ethernet data frame? (Choose three)
A. Length/Type
B. Frame Check Sequence
C. Version
D. Preamble
E. Time to Live
F. Header Checksum

Correct Answer: A, B, D

QUESTION 18
Which MAC protocol sets a random timer to reattempt communication?
A. RARP
B. CSMA/CA
C. CSMA/CD
D. IEEE 802.1x

Correct Answer: C
QUESTION 19
Which algorithm is used for the frame check sequence in an Ethernet frame?
A. MD5
B. AES-256
C. CRC
D. SHA-1

Correct Answer: C

QUESTION 20
Which two statements about an Ethernet frame source address are true? (Choose two.)
A. The address is 4 bits long.
B. The leftmost bit is always 0.
C. The address is 6 bytes long.
D. The leftmost bit is always 1.
E. The address is 4 bytes long

Correct Answer: B, C

QUESTION 21
What happens when you add a switch running an earlier IOS version to a StackWise configuration
running a later version?
A. The stack ignores the switch until you update the IOS version on the switch.
B. The switch software downgrades the IOS version on the stack to match the version on the switch
C. The switch software upgrades the IOS version on the switch to match the version on the stack
D. The switch keeps its version of IOS and runs normally as part of the stack

Correct Answer: C

QUESTION 22
Which two benefits can you get by stacking Cisco switches? (Choose two)
A. Each switch in the stack handles the MAC table independently from the others
B. You can add or remove switches without taking the stack down.
C. Each switch in the stack can use a different IOS image
D. The stack enables any active member to take over as the master switch if the existing master
fails.
E. You can license the entire stack with a single master license

Correct Answer: B, D
QUESTION 23
Which two operational modes are supported on the members of a StackWise switch stack? (Choose
two)
A. power-sharing
B. passive
C. active
D. redundant
E. standby

Correct Answer: C, E

QUESTION 24
Which technology provides chassis redundancy in a VSS environment?
A. BFD
B. multichassis EtherChannels
C. VRRP
D. StackWise

Correct Answer: B

QUESTION 25
Which two technologies can combine multiple physical switches into one logical switch? (Choose two)
A. HSRP
B. GLBP
C. StackWise
D. VRRP
E. VSS

Correct Answer: C, E

QUESTION 26
Which two statements about stacking Cisco switches are true? (Choose two)
A. It enables the administrator to manage multiple switches from a single management interface
B. The administrator can create only one stack of switches in a network which is under the same
administrative domain
C. When a new master switch is elected, it queries the previous master for its running configuration
D. The administrator can add additional switches to the stack as demand increases
E. Each switch manages its own MAC address table

Correct Answer: A, D
QUESTION 27
For which two reasons might you choose chassis aggregation instead of stacking switches? (Choose
two)
A. to allow hot-swapping modules
B. to increase the number of devices in use
C. to avoid the use of a centralized configuration manager
D. to avoid relying solely on Ethernet interfaces
E. to increase the maximum port count

Correct Answer: A, B

QUESTION 28
Which chassis aggregation technology combines two physical switches into one virtual switch?
A. VSS
B. LACP
C. StackWise
D. VRRP

Correct Answer: A

QUESTION 29

Refer to the exhibit. The server on this network is configured with an MTU of 9216 and the two
interfaces on router R1 are configured for MTUs of 2000 and 3000 as shown. What is the largest
packet size that can pass between the workstation and the server?
A. 1500 bytes
B. 2000 bytes
C. 3000 bytes
D. 9216 bytes

Correct Answer: A
Cisco Certified Network Associate (CCNA)

Exam 200-125
Cisco Certified Network Associate
(CCNA) v3.0
Drag and Drop Question (2019-08-28 Updated)
QUESTION 2

Answer:
QUESTION 6

Answer:
QUESTION 7

Answer:
Cisco Certified Network Associate (CCNA)

Exam 200-125
Cisco Certified Network Associate
(CCNA) v3.0
Simulation Question (2019-08-28 Updated)
實驗操作題 1 - VLAN Troubleshooting
Refer to the exhibit.

Your colleague has built a Layer 2 network in your client locations. You must verify the configuration
and fix any issues identified as per customer requirements.
Customer requirements:
 Verify if switch ports are assigned correct VLANs as shown in topology. Identify and fix any
misconfiguration found in three switches
 Verify if trunk links are operational between switches and the IEEE 802.1Q trunk encapsulation
method is used. Identify and fix any misconfiguration found in trunk configuration
 You must make sure ports connected between switches are set as trunk ports

We are not sure about the details but here are the faults in this simulation:
 Native VLAN mismatch between SW1 & SW3
 Switchport mode mismatch: one in access mode while the other end in trunk mode -> need to
change from access to trunk mode
 One port in VLAN 500 while other port in VLAN 600
建議用以下指令作每一個 Switch 的設定，(紅色字眼為主要解決該 Switch 問題的關鍵指令)

SW1:
SW1# config t
SW1(config)# int e0/0
SW1(config-if)# switchport trunk encapsulation dot1q
SW1(config-if)# switchport mode trunk
SW1(config-if)# int e0/1
SW1(config-if)# switchport trunk encapsulation dot1q
SW1(config-if)# switchport mode trunk
SW1(config-if)# switchport trunk native vlan 1
SW1(config-if)# int e0/2
SW1(config-if)# switchport mode access
SW1(config-if)# switchport access vlan 500
SW1(config-if)# int e0/3
SW1(config-if)# switchport mode access
SW1(config-if)# switchport access vlan 600
SW1(config-if)# end
SW1# copy running-config startup-config

SW2:
SW2# config t
SW2(config)# int e0/0
SW2(config-if)# switchport trunk encapsulation dot1q
SW2(config-if)# switchport mode trunk
SW2(config-if)# int e0/2
SW2(config-if)# switchport mode access
SW2(config-if)# switchport access vlan 500
SW2(config-if)# int e0/3
SW2(config-if)# switchport mode access
SW2(config-if)# switchport access vlan 600
SW2(config-if)# end
SW2# copy running-config startup-config

SW3:
SW3(config)# int e0/0
SW3(config-if)# switchport trunk native vlan 1
SW3(config-if)# switchport trunk encapsulation dot1q
SW3(config-if)# switchport mode trunk
SW2(config-if)# end
SW3# copy running-config startup-config

(Trunk 兩邊介面的 Native VLAN 必需相同，否則會造成 Native VLAN mismatch 的問題，可用 show int trunk 指令確認。)
7RSRORJ\
6:VKRZUXQ

 9/$1
LQWHUIDFH(WKHUQHW
&RQVROH
VZLWFKSRUWWUXQNHQFDSVXODWLRQGRWT
6: VZLWFKSRUWPRGHWUXQN
 3&
(
LQWHUIDFH(WKHUQHW
VZLWFKSRUWDFFHVVYODQ
VZLWFKSRUWPRGHDFFHVV
 ⓷柴
( LQWHUIDFH(WKHUQHW
( ṳ朊 9/$1姕⭂↢
VZLWFKSRUWDFFHVVYODQ
VZLWFKSRUWPRGHDFFHVV 拗炻ㅱ娚㗗 9/$1
( 6:
6:
( (

( (
( (

&RQVROH &RQVROH

3& 3&

6HUYHU 6HUYHU

9/$1 9/$1 9/$1 9/$1

7RSRORJ\

9/$1
&RQVROH ᾖ㓡ṳ朊㬋䡢䘬 VLAN 䶐嘇
6:
3&
(
6:FRQILJ W
6:FRQILJ LQWH
6:FRQILJLI VZLWFKSRUWPRGHDFFHVV
( 6:FRQILJLI VZLWFKSRUWDFFHVVYODQ

( 6:
6:
( (

( (
( (

&RQVROH &RQVROH

3& 3&

6HUYHU 6HUYHU

9/$1 9/$1 9/$1 9/$1

7RSRORJ\
6:VKRZUXQ

9/$1
LQWHUIDFH(WKHUQHW
VZLWFKSRUWPRGHDFFHVV
&RQVROH 
6: LQWHUIDFH(WKHUQHW ⓷柴
(
3&
VZLWFKSRUWDFFHVVYODQ 6:䘬 (ṳ朊ᶵ
VZLWFKSRUWPRGHDFFHVV

㗗 7UXQN0RGH
LQWHUIDFH(WKHUQHW
VZLWFKSRUWDFFHVVYODQ
( VZLWFKSRUWPRGHDFFHVV

( 6:
6:
( (

( (
( (

&RQVROH &RQVROH

3& 3&

6HUYHU 6HUYHU

9/$1 9/$1 9/$1 9/$1

7RSRORJ\

姕⭂ṳ朊䘬
9/$1 Encapsulation ␴
&RQVROH 姕⭂ㆸ䁢 Trunk mode
6:
3&
(
6:FRQILJLQW H
6:FRQILJLIVZLWFKSRUWWUXQNHQFDSVXODWLRQGRWT
(
6:FRQILJLI VZLWFKSRUWPRGHWUXQN

( 6:
6:
( (

( (
( (

&RQVROH &RQVROH

3& 3&

6HUYHU 6HUYHU

9/$1 9/$1 9/$1 9/$1

7RSRORJ\

9/$1
&RQVROH
6:
3&
(

(
6:
&'31$7,9(B9/$1B0,60$7&+1DWLYH9/$1PLVPDWFKGLVFRYHUHG
( 6:
RQ(WKHUQHWZLWK6:(WKHUQHW
6:
( (
&'31$7,9(B9/$1B0,60$7&+1DWLYH9/$1PLVPDWFKGLVFRYHUHG
RQ(WKHUQHWZLWK6:(WKHUQHW
( (
&'31$7,9(B9/$1B0,60$7&+1DWLYH9/$1PLVPDWFKGLVFRYHUHG
( ( RQ(WKHUQHWZLWK6:(WKHUQHW

&RQVROH &RQVROH

3& 栗䣢 “Native VLAN mismatch”

3&

䘬拗婌妲〗
6HUYHU 6HUYHU

9/$1 9/$1 9/$1 9/$1

7RSRORJ\

9/$1
&RQVROH
6:
3&
(

(
6:VKRZUXQ

( LQWHUIDFH(WKHUQHW 6:
6: VZLWFKSRUWWUXQNQDWLYHYODQ
( (
VZLWFKSRUWWUXQNHQFDSVXODWLRQGRWT
VZLWFKSRUWPRGHWUXQN

LQWHUIDFH(WKHUQHW ( ⓷柴 (
( ( VZLWFKSRUWDFFHVVYODQ 6:䘬 1DWLYH9/$1䶐
VZLWFKSRUWPRGHDFFHVV

嘇␴⎎ᶨ怲 6:ᶵ䚠⎴
&RQVROH &RQVROH
LQWHUIDFH(WKHUQHW

LQWHUIDFH(WKHUQHW
 3& 3&

6HUYHU 6HUYHU

9/$1 9/$1 9/$1 9/$1

7RSRORJ\

9/$1
&RQVROH
6:
3&
(

(
6:FRQILJ W
( 6:FRQILJLQW H
6: 6:FRQILJVZLWFKSRUWWUXQNQDWLYHYODQ
(

( (
( (
ᾖ㓡暁㕡ᶨ㧋䘬 Native VLAN
&RQVROH &RQVROH

3& 3&

6HUYHU 6HUYHU

9/$1 9/$1 9/$1 9/$1

實驗操作題 3 : ACL Troubleshooting

用滑鼠 click “Console” 電腦以

開啟 “Corp1” router 的 Terminal

切換或隱藏右圖的按
鈕：Hide Topology 或
Show Topology

考試題目要求：
A corporation wants to add security to its network. The requirements are:
- Host B should be able to use a web browser (HTTP) to access the Finance Web Server.
- Other types of access from host B to the Finance Web Server should be blocked.
- All access from hosts in the Core or local LAN to the Finance Web Server should be blocked.
- All hosts in the Core and on local LAN should be to access the Public Web Server.

You have been tasked to create and apply a numbered access list to a single outbound interface.
They can contain no more than three statements that meet these requirements.
Access to the router CLI can be gained by clicking on the appropriate host.
All passwords have been temporarily set to "cisco".
 輸入 “enable” 指令進入 Privileged Mode，密碼為 “cisco”，然後進入 Configure Mode 設定 Access
List。(注意每組 Access List 所設定的指令不可多過 3 行

目的地: Finance
Extended Access List 來源地: Host B Port # 80: HTTP
Web Server
編號 100-199

“deny” 攔截
最後容許其他
“ip” All traffic
Packet 通過 “any” 來源地: (任何電腦)
“host 172.22.188.25” 目的地:
選擇 f0/1 介面 “out” 的 (Finance Web Server)
方向執行 Access List

 輸入 “show ip int f0/1” 指令查看 Access List 是否在此介面執行。

- Outgoing access list is 100
 用滑鼠 click 向 Host B，畫面便會出現一個網頁瀏覽器 (Browser)，然後輸入
“http://172.22.188.25” 測試 “Host B” 是否成功連接到 “Finance Web Server”，成到的話會顯示
以下訊息 “You have successfully connected to Finance Web Server.”。

 然後再 click 向 Host A、Host C、Host D、打開網頁瀏覽器 (Browser) 測試其餘這三部電腦是否

成功被所設定的 Access List 攔截到 “Finance Web Server”，成到攔截的話會顯示以下訊息 “There
was an error connecting to the host you specified. Please check your network setting and
try again.”。

 最後返回 Router 用 “copy run start” 指令複製所有設定至 NVRAM，輸入 “exit” 離開。

注意!! 在考試時題目內的 Router 名、IP Address、甚至要求可通過 Access List 連接 Finance Web

Server 的電腦 (Host) 也有機會改變，有時 Host A, 有時 Host B, Host C …..到時留意試題便可。