Jn0 649 Jncip Ent Valid
Jn0 649 Jncip Ent Valid
Jn0 649 Jncip Ent Valid
Topic 1 - Exam A
Question #1 Topic 1
Correct Answer: AC
Question #2 Topic 1
A. Con+gure an RP set in PIM on R1, allowing R1 to forward PIM register messages to R2 and R3 in the set.
C. Con+gure an RP set in PIM on R2 and R3, allowing the RPs to forward PIM register messages to the other RPs in the set.
Correct Answer: AC
https://www.juniper.net/documentation/us/en/software/junos/multicast/topics/topic-map/mcast-pim-anycast-rp.html
upvoted 2 times
You are asked to establish interface level authentication for users connecting to your network. You must ensure that only corporate devices,
identi+ed by MAC addresses, are allowed to connect and authenticate. Authentication must be handled by a centralized server to increase
scalability.
Which authentication method would satisfy this requirement?
A. MAC RADIUS
B. captive portal
Correct Answer: A
You can configure MAC RADIUS authentication on an interface that also allows 802.1X authentication, or you can configure either
authentication method alone.
If both MAC RADIUS and 802.1X authentication are enabled on the interface, the switch first sends the host three EAPoL requests to the host.
If there is no response from the host, the switch sends the host’s MAC address to the RADIUS server to check whether it is a permitted MAC
address. If the MAC address is configured as permitted on the RADIUS server, the RADIUS server sends a message to the switch that the
MAC address is a permitted address, and the switch opens LAN access to the nonresponsive host on the interface to which it is connected.
upvoted 2 times
https://www.juniper.net/documentation/us/en/software/junos/user-access/topics/topic-map/mac-radius-authentication-switching-devices.html
upvoted 1 times
Question #4 Topic 1
B. Type 4
C. Type 3
D. Type 7
Correct Answer: B
A.
The
mohdema 2 months,
forbidden 2 weeks
mode does notago
register or declare VLANs.
Selected Answer: A
B. When enabled, MVRP affects all interfaces.
Area-1 has no external connections. However, Area-1 has static route (172.16.31.0/24) that are not internal OSPF route. You can limit the
external
C. Timers route
dictateadvertisements
when link stateto the area
changes areand advertise the static routes by designating the area an NSSA. In an NSSA, the ASBR (vMX1)
propagated.
generates NSSA external (Type 7) LSAs and floods them into the NSSA, where they are contained.
D. MVRP works with RSTP and VSTP.
Type-7 LSAs allow an NSSA to support the presence of ASBR and their corresponding external routing information. The ABR (vMX2) converts
Type-7 LSAs into Type-5 External LSAs and leaks them to the other areas, but external routes from other areas are not advertised within the
NSSA.
Correct Answer: B
An adminvote
Community should check this and change it
distribution
A (100%)
https://www.packetswitch.co.uk/configuring-junos-ospf-stub-and-nssa-areas/
https://www.juniper.net/documentation/us/en/software/junos/ospf/topics/ref/statement/nssa-edit-protocols-ospf.html
upvoted 4 times
https://www.juniper.net/documentation/us/en/software/junos/multicast-l2/topics/topic-map/mvrp.html
upvoted 1 times
https://www.juniper.net/documentation/us/en/software/junos/mvrp/multicast-l2/topics/concept/mvrp-mx-series-understanding.html
upvoted 1 times
A. 239.0.0.0/8
B. 233.0.0.0/8
C. 232.0.0.0/8
D. 224.2.0.0/16
Correct Answer: C
https://www.juniper.net/documentation/us/en/software/junos/multicast/topics/concept/multicast-pim-ssm.html
upvoted 2 times
Question #7 Topic 1
Which three con+guration parameters must match on all switches within the same MSTP region? (Choose three.)
B. revision level
C. con+guration name
D. bridge priority
E. region name
set revision-level 1
Therefore if we said the CLI should be "configuration-name". However, Maybe the name of this parameters call "region name"?
upvoted 1 times
Question #8 Topic 1
Which two statements are correct about the deployment of EVPN-VXLAN on QFX Series devices? (Choose two.)
Correct Answer: BC
Question #9 Topic 1
Your enterprise network is running BGP VPNs to support multitenancy. Some of the devices with which you peer BGP do not support the VPN
NLRI. You must ensure that you do not send BGP VPN routes to the remote peer.
Which two con+guration steps will satisfy this requirement? (Choose two.)
A. Con+gure an import policy on the remote peer to reject the routes when they are received.
B. Con+gure an export policy on the local BGP peer to reject the VPN routes being sent to the remote peer.
Correct Answer: BD
You want to create an OSPF area that only contains intra-area route information in the form of Type 1 and Type 2 LSAs.
In this scenario, which area is needed to accomplish this task?
C. stub area
D. non-to-stubby area
Correct Answer: B
B. It reduced the routing table size, enabling devices to store and process less information.
Correct Answer: BC
Your organization has recently acquired another company. You must carry all of the company’s existing VLANs across the corporate backbone to
the existing branch locations without changing addressing and with minimal con+guration.
Which technology will accomplish this task?
Correct Answer: A
Your enterprise network uses routing instances to support multitenancy. Your Junos devices use BGP to peer to multiple BGP devices. You must
ensure that load balancing is achieved within the routing instance.
Which two statements would accomplish this task? (Choose two.)
A. Con+gure the multipath option at the [edit protocols bgp group <group-name> neighbor] hierarchy.
B. Con+gure the multipath option at the [edit protocols bgp group] hierarchy.
C. Con+gure a load-balance per-packet policy and apply it at the [edit routing-options forwarding-table] hierarchy.
D. Con+gure the multipath option at the [edit routing-instances <instance-name> routing-options] hierarchy.
Correct Answer: BD
content_copy zoom_out_map
[edit routing-options]
user@R1# set forwarding-table export loadbal
upvoted 1 times
Use of BGP bandwidth community is supported only with per-packet load balancing.
Configure the external BGP (EBGP) peering sessions, enable multipath, and define an import policy to tag routes with a bandwidth community
that reflects link speed.
Enable per-packet (really per-flow) load balancing for optimal distribution of traffic.
https://www.juniper.net/documentation/us/en/software/junos/bgp/topics/topic-map/load-balancing-bgp-session.html
upvoted 2 times
Question #14 Topic 1
You are asked to enforce user authentication using a captive portal before users access the corporate network.
Which statement is correct in this scenario?
B. A captive portal can be bypassed using an allowlist command containing a device’s IP address.
D. All Web browser requests are redirected to the captive portal until authentication is successful.
Correct Answer: D
Junos OS provides a customizable template for the captive portal window that allows you to easily design and modify the look of the captive
portal login page. You can modify the design elements of the template to change the look of your captive portal login page and to add
instructions or information to the page. You can also modify any of the design elements of a captive portal login page.
The first screen displayed before the captive login page requires the user to read the terms and conditions of use. By clicking the Agree
button, the user can access the captive portal login page.
https://www.juniper.net/documentation/us/en/software/junos/user-access/topics/topic-map/user-authentication-captive-portal.html
upvoted 1 times
Question #15 Topic 1
A. Router E will replicate and send a copy of the received VXLAN packet to router D.
B. Router C will send a VXLAN packet destined only to router D and router E.
C. Router D will not replicate and send a copy of the received VXLAN packet to router E.
Correct Answer: AD
C. The TTL value of 1 is set to limit the scope of the EBGP session.
D. The ttl statement must be con+gured to accommodate peering to a loopback address of a directly connected peer.
Correct Answer: BD
B. You must con+gure a rewrite rule to ensure that the tra]c is scheduled properly in the device.
C. You must con+gure a scheduler to allocate bandwidth to the expedited forwarding queue.
D. You must con+gure a policer to ensure that the queue is not being starved.
Correct Answer: C
Question #18 Topic 1
A. Con+gure the links between the access switches and the distribution switch as a trunk port.
D. Con+gure a GRE tunnel to encapsulate the L2PT tra]c across the WAN.
Correct Answer: A
https://www.juniper.net/documentation/us/en/software/junos/multicast-l2/topics/topic-map/layer-2-protocol-tunneling.html#d116e87
upvoted 1 times
Question #19 Topic 1
A. VXLAN could be implemented on your network across this service provider network.
Correct Answer: DC
C-Tag (customer VLAN) is handled by customer. In fact, in customer view, 2 campus switches are direct connected to each others so that they
have to configure same vlan info whatever it is trunk or access port.
upvoted 1 times
You must ensure that all routes in the 10.0.0/8 address range are not advertised outside of your AS.
Which well-known BGP community should be assigned to these addresses to accomplish this task?
A. no-export
B. no-peer
C. internet
D. no-advertise
Correct Answer: A
no-advertise—Routes containing this community name are not advertised to other BGP peers.
no-export—Routes containing this community name are not advertised outside a BGP confederation boundary.
no-export-subconfed—Routes containing this community are advertised to IBGP peers with the same AS number, but not to members of
other confederations.
no-llgr—Marks routes which a BGP speaker does not want to be retained by LLGR. The Notification message feature does not have any
associated configuration parameters.
https://www.juniper.net/documentation/us/en/software/junos/bgp/topics/ref/statement/community-edit-routing-options.html
upvoted 3 times
B. Level 1/2 routers automatically inject a default route to the nearest Level 1 router.
Correct Answer: A
mistadave 1 month, 1 week ago
Selected Answer: B
B is your answer here
upvoted 1 times
In IS-IS, a single AS can be divided into smaller groups called areas. Routing between areas is organized hierarchically, allowing a domain to
be administratively divided into smaller areas. This organization is accomplished by configuring Level 1 and Level 2 intermediate systems.
Level 1 systems route within an area; when the destination is outside an area, they route toward a Level 2 system. Level 2 intermediate
systems route between areas and toward other ASs. No IS-IS area functions strictly as a backbone.
upvoted 1 times
D. Type 2 and Type 5 routes will be exchanged between DC1 and DC2.
Correct Answer: A
Correct Answer: D
Rudy6969 1 month, 2 weeks ago
go with B
upvoted 1 times
A. Verify that the same ESI is con+gured on the link from the host and that it matches the source.
B. Issue the show route table bgp.evpn.0 command on Leaf2 and verify that Type 4 routes are present.
C. Issue the show route table bgp.evpn.0 command on Leaf2 and verify that Type 3 routes are present.
D. Verify that the same ESI is con+gured on the two links from the source.
Correct Answer: BC
Correct Answer: BC
Which two multicast listener registration protocols are supported in the Junos operating system? (Choose two.)
A. MLD
B. DVMRP
C. IGMP
D. PIM
Correct Answer: AC
Which three statements are correct about EVPN route types? (Choose three.)
Route type 1 – This is an Ethernet Auto-Discovery (EAD) route type used to advertise Ethernet segment identifier, Ethernet Tag ID, and EVPN
instance information. EAD route advertisements may be sent for each EVPN instance or for each Ethernet segment.
Route type 2 – This advertises endpoint reachability information, including MAC and IP addresses of the endpoints or VTEPs.
Route type 3 – This performs multicast router advertisement, announcing the capability and intention to use ingress replication for specific
VNIs.
Route type 4 – This is an Ethernet Segment route used to advertise the Ethernet segment identifier, IP address length, and the originating
router's IP address.
Route type 5 – This is an IP prefix route used to advertise internal IP subnet and externally learned routes to a VXLAN network.
upvoted 2 times
D. The host that the route is associated with is single-homed to one leaf node.
Correct Answer: BD
Correct Answer: B
A Layer 2 connection does not expend across data centers. The IP subnet in a Layer 2 domain is con+ned within a single data center.
Which EVPN route type is used to communicate pre+xes between the data centers?
A. Type 1
B. Type 2
C. Type 4
D. Type 5
Correct Answer: D
You are asked to implement fault tolerant RPs in your multicast network.
Which two solutions would accomplish this behavior? (Choose two.)
Correct Answer: CD
A. Con+gure an input +rewall +lter on interface ge-0/0/3 to match the source MAC or IP address of the hosts to assign the VLANs.
B. Con+gure an output +rewall +lter on interface ge-0/0/1 to match the destination MAC or IP address of the hosts to assign the VLANs.
C. Con+gure interface ge-0/0/3 to a mode trunk to assign the VLANs.
Correct Answer: C
Which three MSTP parameters must match on all switches in the same MST region? (Choose three.)
A. forwarding delay
B. bridge priority
C. revision number
D. MSTI-to-VLAN mapping
E. con+guration name
https://www.juniper.net/documentation/us/en/software/junos/stp-l2/topics/topic-map/spanning-tree-configuring-mstp.html
upvoted 2 times
A. Before the formation of the rendezvous-point tree, a join message is sent from R1 to R3.
B. Before the formation of the rendezvous-point tree, an IGMP is sent from the Receiver to R1.
C. Before the formation of the rendezvous-point tree, an IGMP is sent from the Source to R5.
D. Before the formation of the rendezvous-point tree, a join message is sent from R1 to R5.
Correct Answer: BC
When using wide metrics, which two statements about route advertisement between IS-IS levels are correct? (Choose two.)
A. Level 1 and Level 2 routers do not advertise Level 2 routes into the Level 1 area by default.
C. If wide-metrics-only is con+gured, Level 1 routes are not advertised to Level 2 routers by default.
D. Level 1 routes advertised as external routes into Level 1 are not advertised to any Level 2 routers by default.
Correct Answer: AC
What are two similarities between OSPFv2 and OSPFv3? (Choose two.)
A. virtual links
C. 32-bit router ID
Correct Answer: AC
D. The routes remain in the table until the routing daemon is restarted.
Correct Answer: D
Your EX Series switch has IP telephones and computers connected to a single switch port. You are considering implementing the voice VLAN
feature to help with this setup.
In this scenario, which two statements are correct? (Choose two.)
A. The voice VLAN feature must be used with LLDP-MED to associate VLAN ID and 802.1p values with the tra]c.
C. Assigning the incoming voice and data tra]c to separate VLANs enables the ability to prioritize the tra]c using CoS.
D. The voice VLAN feature will enable incoming tagged data and voice tra]c to be associated with separate VLANs.
Correct Answer: BC
You are deploying new Juniper EX Series switches in a network that currently is using Cisco’s Per-VLAN spanning tree plus (PVST+) and you must
provide compatibility with this environment.
Which spanning tree protocol do you deploy in this scenario?
A. STP
B. MSTP
C. VSTP
D. RSTP
Correct Answer: B
VSTP and RSTP are the only spanning-tree protocols that can be configured concurrently on a device.
VSTP Restrictions
VSTP has these restrictions:
The EX Series switches EX4300, EX4600 and the QFX platforms QFX5100,QFX3500,QFX3600 support 510 Vlans on VSTP.
VSTP is not supported on the SRX platform - just STP/RSTP/MSTP are supported on SRX Series.
On EX Series (except EX9200) and QFX Series switches running Junos OS that supports ELS—VSTP can support up to 510 VLANs.
On an EX Series switch running Junos OS that does not support ELS—VSTP can support up to 253 VLANs.
upvoted 1 times
A modi+ed de+cit round-robin scheduler is de+ned by which three variables? (Choose three.)
A. priority
B. WRED
C. transmit rate
D. Layer 3 +elds
E. buffer size
content_copy zoom_out_map
[edit class-of-service schedulers]
scheduler-name {
buffer-size (seconds | percent percentage | remainder | temporal microseconds);
priority priority-level;
transmit-rate (percent percentage | rate | remainder) <exact | rate-limit>;
}
upvoted 1 times
root@R5>
upvoted 1 times
B. The spine node is not con+gured for the family inet NLRI.
D. The leaf node is not con+gured for the family evpn NLRI.
Correct Answer: B
B. Any tra]c destined for networks that terminate on R1 will still be forwarded to R1.
C. The metrics for all transit interfaces on R1 is set to the maximum value of 65,535.
D. R1 participates in OSPF routing but does not send or receive transit tra]c.
E. R1 does not send or receive transit tra]c during the maintenance window even if no alternative paths exist to the given destination.
Correct Answer: D
You are asked to con+gure an 802.1X solution that supports dynamic VLAN assignment.
In this scenario, which two modes support using vendor-speci+c attributes (VSAs)? (Choose two.)
Correct Answer: BC
https://www.juniper.net/documentation/us/en/software/junos/user-access/topics/concept/dynamic-vlan-assignment-colorless-ports.html
upvoted 3 times
You are using 802.1X authentication in your network to secure all ports. You have a printer that does not support 802.1X and you must ensure that
tra]c is allowed to and from this printer without authentication.
In this scenario, what will satisfy the requirement?
A. MAC +ltering
B. MACsec
D. MAC RADIUS
Correct Answer: C
https://www.juniper.net/documentation/us/en/software/junos/user-access/topics/topic-map/static-mac-bypass-mac-radius-
authentication.html
upvoted 1 times
Correct Answer: AD
In OSPF, how does a router ensure that LSAs advertised to a neighboring router are received?
A. LSA gooding guarantees that all routers will receive them successfully.
Correct Answer: C
A. BPDUs from the root bridge for VLAN 10 have been received on the ge-0/0/7.0 interface.
C. BPDUs from the root bridge for VLAN 20 have been received on the ge-0/0/7.0 interface.
Correct Answer: AC
A. Adjust the scheduler for the expedited-forwarding forwarding class to support a higher transmit rate.
B. Adjust the expedited-forwarding BA classi+er to router B's ge-0/0/0 interface to support a higher transmit rate.
D. Adjust the expedited-forwarding BA classi+er on router B's ge-0/0/1 interface to support a higher transmit rate.
Correct Answer: D
There are two BGP routes to 10.200.200.0/24 received from two external peers. Route 1 comes from a neighbor with a router ID of 10.10.100.1
and a peer IP address of 10.10.30.1, and route 2 comes from a neighbor with a router ID of 10.10.200.1 and a peer IP address of 10.10.50.1. Both
routes have the same MED value, origin value, AS path length, and local preference number.
In this scenario, which statement is correct about the active route?
Correct Answer: D
You are asked to con+gure 802.1X on your access ports to allow only a single device to authenticate.
In this scenario, which con+guration would you use?
Correct Answer: A
Single-secure supplicant mode authenticates only one end device to connect to an authenticator port. No other end device can connect to the
authenticator port until the first logs out
upvoted 1 times
Single-secure supplicant mode authenticates only one end device to connect to an authenticator port. No other end device can connect to the
authenticator port until the first logs out.
upvoted 3 times
Question #53 Topic 1
A. The maximum wattage that this switch can allocate to attached Ethernet devices is 100 watts.
B. If the total power consumption exceeds 90 watts, the ge-0/0/11 interface will continue to receive power.
Correct Answer: AC
A. On R2, include the loops 2 statement at the [edit protocols bgp family inet unicast] hierarchy.
B. On R1 and R3, include the loops 2 statement at the [edit protocols bgp family inet unicast] hierarchy.
C. On R1 and R3, include the advertise-peer-as statement at the [edit protocols bgp group external] hierarchy.
D. On R2, include the advertise-peer-as statement at the [edit protocols bgp group external] hierarchy.
Correct Answer: BD
https://www.juniper.net/documentation/us/en/software/junos/bgp/topics/ref/statement/advertise-peer-as-edit-protocols-bgp.html
upvoted 1 times
Correct Answer: AC
penguin02007 2 months, 2 weeks ago
C and D. L3 VPN route exchange requires inet-vpn unicast address family.
upvoted 2 times
You are deploying an 802.1X solution and must determine what would happen if clients are unable to re-authenticate to the RADIUS server.
In this scenario, which con+guration would provide access to the network if the supplicant is already authenticated?
A. move
B. permit
C. deny
D. sustain
Correct Answer: D
Deny authentication, preventing traffic from flowing from the end device through the interface. This is the default.
Move the end device to a specified VLAN. (The VLAN must already exist on the router.)
Sustain authenticated end devices that already have LAN access and deny unauthenticated end devices. If the RADIUS servers time out
during reauthentication, previously authenticated end devices are reauthenticated and new users are denied LAN access.
upvoted 1 times
You are deploying IP phones in your enterprise network that must receive their power through their Ethernet connection. You are using your EX
Series switch's PoE ports that support IEEE 802.3af.
In this scenario, what is the maximum amount of power allocated to each interface?
A. 10.2 W
B. 15.4 W
C. 30 W
D. 50 W
Correct Answer: B
You are deploying IP phones in your enterprise networks. When plugged in, the IP phones must be automatically provided with the correct VLAN ID
needed for sending voice tra]c to the EX Series switches.
In this scenario, which two solutions are required to accomplish this task? (Choose two.)
B. Create two VLANs and assign them as VLAN members to the appropriate access interfaces.
C. Enable the voice VLAN feature with the appropriate access interfaces and VLAN ID for voice tra]c.
Correct Answer: AC
Correct Answer: B
Correct Answer: B
You are deploying IP phones in your enterprise networks. When plugged in, the IP phones must automatically negotiate the power requirements for
the new connection with the EX Series switches.
In this scenario, which protocol should be used to enable this behavior?
A. CDP
B. MP-BGP
C. LLDP-MED
D. LLDP
Correct Answer: C
Correct Answer: D
Mass Withdrawal - Used for fast convergence during link failure scenarios between leaf devices to the end server using Type 1 EAD/ES routes.
upvoted 1 times
B. assured-forwarding
C. best-effort
D. expedited-forwarding
Correct Answer: D
dragossky 1 month, 2 weeks ago
Selected Answer: B
Class Selector 4 (CS4) 100000 4 - goes to AF.
upvoted 1 times
B. Verify that the BGP routes are active in your routing table.
Correct Answer: CD
A. SSH tra]c using the default port will be placed in the af forwarding class and accepted.
B. SSH tra]c using the default port will be placed in the best-effort forwarding class and accepted.
C. UDP tra]c using the 16000 port will be placed in the voice forwarding class and accepted.
D. UDP tra]c using the 16000 port will be placed in the best-effort forwarding class and accepted.
Correct Answer: AC