Jn0 649 Jncip Ent Valid

Download as pdf or txt
Download as pdf or txt
You are on page 1of 65

- Expert Veri+ed, Online, Free.

 Custom View Settings

Topic 1 - Exam A
Question #1 Topic 1

Click the Exhibit button.


You are troubleshooting a BGP connection.
Referring to the exhibit, which two statements are correct? (Choose two.)

A. Packet fragmentation is preventing the session from establishing.

B. The 192.168.1.5 peer has a miscon+gured MD5 key.

C. The ge-0/0/1 interface is disabled.

D. The 192.168.1.4 peer has a miscon+gured autonomous system number.

Correct Answer: AC

Community vote distribution


BD (100%)

  CiscoTest Highly Voted  2 months, 3 weeks ago


It is B and D.
upvoted 7 times

  JoeSun Most Recent  2 months ago


Selected Answer: BD
B and D. The log message show it.
upvoted 2 times

  dragossky 2 months, 2 weeks ago


B&D obviously ...
upvoted 2 times

  mohdema 2 months, 2 weeks ago


Selected Answer: BD
You just have to read the output to figure out it's B&D, can an admin correct this please ?
upvoted 2 times

Question #2 Topic 1

Click the Exhibit button.


Referring to the exhibit, anycast RP is implemented to ensure multicast service availability. The source is currently sending multicast tra]c using
group 239.1.1.1 and R3 is receiving PIM register messages, but R2 does not have active source information.
In this scenario, what are two methods to receive the active source information on R2? (Choose two.)

A. Con+gure an RP set in PIM on R1, allowing R1 to forward PIM register messages to R2 and R3 in the set.

B. Con+gure an MSDP protocol between R2 and R3.

C. Con+gure an RP set in PIM on R2 and R3, allowing the RPs to forward PIM register messages to the other RPs in the set.

D. Con+gure an MSDP protocol between R1 and R2.

Correct Answer: AC

Community vote distribution


BC (100%)

  sanalainen 2 months ago


Selected Answer: BC
MSDP or anycast-PIM with rp-set should be configured on all anycast RP routers.

https://www.juniper.net/documentation/us/en/software/junos/multicast/topics/topic-map/mcast-pim-anycast-rp.html
upvoted 2 times

  penguin02007 2 months, 2 weeks ago


Should be B and C.
upvoted 2 times

  mohdema 2 months, 2 weeks ago


Configure a set of rendezvous point (RP) addresses for anycast RP. You can configure up to 15 RPs.
The remaining statements are explained separately. See CLI Explorer.
https://www.juniper.net/documentation/us/en/software/junos/multicast/topics/ref/statement/rp-set-edit-protocols-pim.html
upvoted 1 times
Question #3 Topic 1

You are asked to establish interface level authentication for users connecting to your network. You must ensure that only corporate devices,
identi+ed by MAC addresses, are allowed to connect and authenticate. Authentication must be handled by a centralized server to increase
scalability.
Which authentication method would satisfy this requirement?

A. MAC RADIUS

B. captive portal

C. 802.1X with single-secure supplicant mode

D. 802.1X with multiple supplicant mode

Correct Answer: A

Community vote distribution


A (100%)

  mohdema 2 months, 2 weeks ago


Selected Answer: A
https://www.juniper.net/documentation/us/en/software/junos/user-access/topics/topic-map/mac-radius-authentication-switching-devices.html

You can configure MAC RADIUS authentication on an interface that also allows 802.1X authentication, or you can configure either
authentication method alone.

If both MAC RADIUS and 802.1X authentication are enabled on the interface, the switch first sends the host three EAPoL requests to the host.
If there is no response from the host, the switch sends the host’s MAC address to the RADIUS server to check whether it is a permitted MAC
address. If the MAC address is configured as permitted on the RADIUS server, the RADIUS server sends a message to the switch that the
MAC address is a permitted address, and the switch opens LAN access to the nonresponsive host on the interface to which it is connected.
upvoted 2 times

  penguin02007 2 months, 2 weeks ago


A is correct.

https://www.juniper.net/documentation/us/en/software/junos/user-access/topics/topic-map/mac-radius-authentication-switching-devices.html
upvoted 1 times

Question #4 Topic 1

Click the Exhibit button.


Referring to the exhibit, which LSA type is used to advertise 192.168.1.0/24 to R5?
A. Type 5

B. Type 4

C. Type 3

D. Type 7

Correct Answer: B

Community vote distribution


A (100%)
  carlitox Highly Voted  2 months, 3 weeks ago
Should it be type 5 instead?
upvoted 7 times

  dragossky Most Recent  1 month, 3 weeks ago


OSPF AS SCOPE link state database
Type ID Adv Rtr Seq Age Opt Cksum Len
Extern 10.10.10.10 10.10.10.2 0x80000001 1591 0x22 0xcb7c 36
Extern 10.10.10.11 10.10.10.2 0x80000001 1591 0x22 0xb790 36
Extern 192.168.1.0 10.10.10.2 0x80000001 1591 0x22 0xd234 36
upvoted 1 times

  dragossky 1 month, 3 weeks ago


Extern 192.168.1.0 10.10.10.2 0x80000001 1224 0x22 0xd234 36
mask 255.255.255.0
Topology default (ID 0)
Type: 2, Metric: 2, Fwd addr: 10.10.10.1, Tag: 0.0.0.0
Aging timer 00:39:35
Installed 00:20:22 ago, expires in 00:39:36, sent 00:20:22 ago
Last changed 00:20:22 ago, Change count: 1
Question #5 1 times
upvoted Topic 1

  dragossky 2 months, 2 weeks ago


You enable the MultipleLSA
ASBR Summary VLAN Registration
(Type Protocolby(MVRP)
4) is generated to automate
ABR (Area the creation
Border Router) and management
to inform of virtual
its areas about how LANs.
to reach the ASBR (Autonomous
System
Which Border
statement Router).
is correct ASBR
in this Summary LSA (Type 4) includes ASBR’s Router ID.
scenario?
upvoted 2 times

 A.
 The
mohdema 2 months,
forbidden 2 weeks
mode does notago
register or declare VLANs.
Selected Answer: A
B. When enabled, MVRP affects all interfaces.
Area-1 has no external connections. However, Area-1 has static route (172.16.31.0/24) that are not internal OSPF route. You can limit the
external
C. Timers route
dictateadvertisements
when link stateto the area
changes areand advertise the static routes by designating the area an NSSA. In an NSSA, the ASBR (vMX1)
propagated.
generates NSSA external (Type 7) LSAs and floods them into the NSSA, where they are contained.
D. MVRP works with RSTP and VSTP.
Type-7 LSAs allow an NSSA to support the presence of ASBR and their corresponding external routing information. The ABR (vMX2) converts
Type-7 LSAs into Type-5 External LSAs and leaks them to the other areas, but external routes from other areas are not advertised within the
NSSA.
Correct Answer: B
An adminvote
Community should check this and change it
distribution
A (100%)
https://www.packetswitch.co.uk/configuring-junos-ospf-stub-and-nssa-areas/

https://www.juniper.net/documentation/us/en/software/junos/ospf/topics/ref/statement/nssa-edit-protocols-ospf.html
upvoted 4 times

  carlitox 2 months, 3 weeks ago


Each of the NSSA external LSAs advertised by the ASBR router is translated by the ABR into
an AS external LSA. These Type 5 LSAs are then advertised to the rest of the network using a
domain-flooding scope. These “new” Type 5 LSAs, in addition to the appropriate ASBR summary LSA, are seen on the router in area 2
upvoted 3 times
  Rudy6969 1 month, 2 weeks ago
A all the way
upvoted 1 times

  dragossky 2 months, 2 weeks ago


Selected Answer: A
A for sure
upvoted 1 times

  mohdema 2 months, 2 weeks ago


Selected Answer: A
A. The forbidden mode does not register or declare VLANs.
You can change the registration mode of a specific interface to forbidden. An interface in forbidden registration mode does not participate in
MVRP even if MVRP is enabled on the switch.

B. When enabled, MVRP affects all interfaces.


NOTE: Only trunk interfaces can be enabled for MVRP.

C. Timers dictate when link state changes are propagated.


The timers in MVRP define the amount of time an interface waits to join or leave MVRP or to send or process the MVRP information for the
router or switch after receiving an MVRP PDU

D. MVRP works with RSTP and VSTP


MVRP works with Rapid Spanning Tree Protocol (RSTP) and Multiple Spanning Tree Protocol (MSTP), but not with VLAN Spanning Tree
Protocol (VSTP).

https://www.juniper.net/documentation/us/en/software/junos/multicast-l2/topics/topic-map/mvrp.html
upvoted 1 times

  penguin02007 2 months, 2 weeks ago


Should be A.

https://www.juniper.net/documentation/us/en/software/junos/mvrp/multicast-l2/topics/concept/mvrp-mx-series-understanding.html
upvoted 1 times

  CiscoTest 2 months, 3 weeks ago


Wrong answer. Correct answer is A
MVRP is disabled by default on the switches and, when enabled, affects only trunk interfaces. Once you enable MVRP, all VLAN interfaces on
the switch belong to MVRP (the default normal registration mode) and those interfaces accept PDU messages and send their own PDU
messages.
forbidden—The interface does not register or declare VLANS (except statically configured VLANs).
upvoted 3 times
Question #6 Topic 1

Which address range is used for source-speci+c multicast?

A. 239.0.0.0/8

B. 233.0.0.0/8

C. 232.0.0.0/8

D. 224.2.0.0/16

Correct Answer: C

Community vote distribution


C (100%)

  mohdema 2 months, 2 weeks ago


Selected Answer: C
PIM SSM introduces new terms for many of the concepts in PIM sparse mode. PIM SSM can technically be used in the entire 224/4 multicast
address range, although PIM SSM operation is guaranteed only in the 232/8 range (232.0.0/24 is reserved). The new SSM terms are
appropriate for Internet video applications and are summarized in Table 1.

https://www.juniper.net/documentation/us/en/software/junos/multicast/topics/concept/multicast-pim-ssm.html
upvoted 2 times

Question #7 Topic 1

Which three con+guration parameters must match on all switches within the same MSTP region? (Choose three.)

A. VLAN to instance mapping

B. revision level

C. con+guration name

D. bridge priority

E. region name

Correct Answer: BCE

Community vote distribution


ABE (60%) ABC (40%)
  dragossky 2 months, 2 weeks ago
Selected Answer: ABC
ABC valid answers
upvoted 2 times

  dragossky 2 months, 2 weeks ago


edit protocols mstp

set Configuration-name region1

set revision-level 1

set msti 1 vlan [1-4094]

set protocols mstp interface all


upvoted 1 times

  mohdema 2 months, 2 weeks ago


Selected Answer: ABE
I think it's ABE
When enabling MSTP, you define one or more MSTP regions. An MSTP region defines a logical domain where multiple spanning-tree instances
(MSTIs) can be administered independently of MSTIs in other regions, setting the boundary for bridge protocol data units (BPDUs) sent by one
MSTI. An MSTP region is a group of switches that is defined by three parameters:

Region name—User-defined alphanumeric name for the region.

Revision level—User-defined value that identifies the region.

Mapping table—Numerical digest of VLAN-to-instance mappings.


https://www.juniper.net/documentation/us/en/software/junos/stp-l2/topics/topic-map/spanning-tree-configuring-mstp.html
upvoted 3 times

  JoeSun 2 months ago


Relate the juniper doc which you shared, in the MSTP CLI

[edit ... protocols mstp]


user@switch# set configuration-name configuration-name

Therefore if we said the CLI should be "configuration-name". However, Maybe the name of this parameters call "region name"?
upvoted 1 times

  penguin02007 2 months, 2 weeks ago


https://www.juniper.net/documentation/us/en/software/junos/stp-l2/topics/topic-map/spanning-tree-configuring-mstp.html#id-understanding-
mstp__d14870e90
upvoted 1 times

  CiscoTest 2 months, 3 weeks ago


Wrong. Correct answer ABE
An MSTP region is a group of switches that is defined by three parameters:
Region name—User-defined alphanumeric name for the region.
Revision level—User-defined value that identifies the region.
Mapping table—Numerical digest of VLAN-to-instance mappings.
upvoted 2 times

Question #8 Topic 1

Which two statements are correct about the deployment of EVPN-VXLAN on QFX Series devices? (Choose two.)

A. Type 1 route advertisements always have the single-active gag set to 1.

B. Junos OS supports underlay replication for BUM tra]c forwarding.


C. Junos OS supports ingress replication for BUM tra]c forwarding.

D. Type 1 route advertisements always have the single-active gag set to 0.

Correct Answer: BC

Community vote distribution


CD (67%) BC (33%)

  JoeSun 2 months ago


Selected Answer: CD
EVPN is a overlay protocol most likely not change the underlay tag.

single-active represented by binary 1 or active-active represented by binary 0.


upvoted 2 times

  mohdema 2 months, 2 weeks ago


BUM Traffic Forwarding
Junos devices that use MPLS encapsulation for EVPNs can only use ingress replication at this time.
Ingress replication means, to flood traffic to remote PE routers, the traffic has to be replicated, once for each remote PE router.
The EVPN label for this BUM traffic is learned per PE router from the route type 3, inclusive multicast Ethernet tag route.
This table shows the format of the inclusive multicast Ethernet tag route.

All-Active Redundancy (4)


This diagram shows the format of the type 1 route, A-D route per ES. The split horizon label is advertised as part of an extended community
attached to the type 1 route. The split horizon label is also called the ESI label. The extended community also indicates what type of
redundancy mode is used for this given ESI: single-active represented by binary 1 or active-active represented by binary 0.
upvoted 1 times

  mohdema 2 months, 2 weeks ago


Selected Answer: BC
See my comments below
upvoted 1 times

  mohdema 2 months, 2 weeks ago


Answer is actually CD I mistyped
upvoted 1 times

  mohdema 2 months, 2 weeks ago


Single-Active Mode: When a device or a network is multi-homed to two
or more PEs and when only a single PE in such redundancy group can
forward traffic to/from the multi-homed device or network for a given
VLAN, then such multi-homing or redundancy is referred to as "Single-
Active".
All-Active: When a device is multi-homed to two or more PEs and when
all PEs in such redundancy group can forward traffic to/from the
multi-homed device for a given VLAN, then such multi-homing or
redundancy is referred to as "All-Active".
If "Single-Active" flag in "ESI Label Extended
Community" is set, the ES is operating in Single-Active redundancy
mode. Otherwise, it is operating in All-Active redundancy mode. The
Ethernet A-D per EVI route can be used for Aliasing and Backup-Path,
aliasing is used for all-active mode, backup-path is for singleactive
mode.
upvoted 1 times

  mohdema 2 months, 2 weeks ago


The bit in the active-standby flag field in the ESI label extended community is used for signaling the active-standby mode (bit set).
upvoted 1 times

  mohdema 2 months, 2 weeks ago


In active-standby mode, the designated forwarder (DF) advertises the autodiscovery route per Ethernet segment with an ESI MPLS label
extended community that has the standby bit set to 1. The autodiscovery route is advertised per ESI, and the ESI label is set to 0 when
active-standby mode is in operation.
upvoted 1 times
  penguin02007 2 months, 2 weeks ago
C and D is correct. QFX only support active-active forwarding so flag is always set to zero.
upvoted 2 times

  CiscoTest 2 months, 3 weeks ago


C and D is correct
BUM traffic handling is given to the overlay network by configuring VXLAN ingress-node-replication instead of multicast overlay
In an EVPN-VXLAN environment, EVPN multihoming active-active mode is used instead of MC-LAG for redundant connectivity between hosts
and leaf devices.
In active-active mode, each of the multihomed PE device advertises a mandatory autodiscovery route per Ethernet segment as in the active-
standby state. However, in the active-active state, the autodiscovery route per Ethernet segment is modified such that the active-standby bit
carried in the MPLS extended community is cleared to indicate that the active-active mode is in operation.
upvoted 4 times

Question #9 Topic 1

Your enterprise network is running BGP VPNs to support multitenancy. Some of the devices with which you peer BGP do not support the VPN
NLRI. You must ensure that you do not send BGP VPN routes to the remote peer.
Which two con+guration steps will satisfy this requirement? (Choose two.)

A. Con+gure an import policy on the remote peer to reject the routes when they are received.

B. Con+gure an export policy on the local BGP peer to reject the VPN routes being sent to the remote peer.

C. Con+gure a route regector for the VPN NLRI.

D. Con+gure the apply-vpn-export feature on the local BGP peer.

Correct Answer: BD

Community vote distribution


BD (100%)

  mohdema 2 months, 2 weeks ago


Selected Answer: BD
pply both the VRF export and BGP group or neighbor export policies (VRF first, then BGP) before routes from the vrf or l2vpn routing tables
are advertised to other PE routers.
upvoted 3 times

  mohdema 2 months, 2 weeks ago


https://www.juniper.net/documentation/us/en/software/junos/bgp/topics/ref/statement/vpn-apply-export-edit-protocols-bgp-vp.html
upvoted 1 times
Question #10 Topic 1

You want to create an OSPF area that only contains intra-area route information in the form of Type 1 and Type 2 LSAs.
In this scenario, which area is needed to accomplish this task?

A. totally non-to-stubby area

B. totally stubby area

C. stub area

D. non-to-stubby area

Correct Answer: B

  mohdema 2 months, 2 weeks ago


A totally stubby area (TSA) is a stub area in which summary link-state advertisement (type 3 LSAs) are not sent. A default summary LSA, with a
prefix of 0.0. 0.0/0 is originated into the stub area by an ABR, so that devices in the area can forward all traffic for which a specific route is not
known, via ABR.
upvoted 1 times

  carlitox 2 months, 3 weeks ago


B should be correct
upvoted 1 times

Question #11 Topic 1

You are implementing the route summarization feature of OSPF.


Which two results do you achieve in this scenario? (Choose two.)

A. It helps in migrating to future multi-area OSPF network designs.

B. It reduced the routing table size, enabling devices to store and process less information.

C. It reduces the impact of topology changes on a device.

D. It provides optimal routing in the network.

Correct Answer: BC

Community vote distribution


BC (100%)

  mohdema 2 months, 2 weeks ago


Selected Answer: BC
OSPF inter-area route summarization reduces the routing information exchanged between areas and the size of routing tables, and improves
routing performance. OSPF inter-area route summarization enables an ABR to summarize contiguous networks into a single network and
advertise the network to other areas.
upvoted 2 times
Question #12 Topic 1

Your organization has recently acquired another company. You must carry all of the company’s existing VLANs across the corporate backbone to
the existing branch locations without changing addressing and with minimal con+guration.
Which technology will accomplish this task?

A. Q-in-Q all-in-one bundling

B. PVLAN isolated VLAN

C. MVRP registration normal

D. EVPN-VXLAN anycast gateway

Correct Answer: A

Community vote distribution


A (100%)

  carlitox 2 months, 3 weeks ago


Selected Answer: A
A looks correct
upvoted 4 times

Question #13 Topic 1

Your enterprise network uses routing instances to support multitenancy. Your Junos devices use BGP to peer to multiple BGP devices. You must
ensure that load balancing is achieved within the routing instance.
Which two statements would accomplish this task? (Choose two.)

A. Con+gure the multipath option at the [edit protocols bgp group <group-name> neighbor] hierarchy.

B. Con+gure the multipath option at the [edit protocols bgp group] hierarchy.

C. Con+gure a load-balance per-packet policy and apply it at the [edit routing-options forwarding-table] hierarchy.

D. Con+gure the multipath option at the [edit routing-instances <instance-name> routing-options] hierarchy.

Correct Answer: BD

Community vote distribution


CD (50%) BC (50%)
  dragossky 1 month, 2 weeks ago
Selected Answer: CD
i was wrong, actually is CD:
To enable these features on a Layer 3 VPN routing instance, include the vpn-unequal-cost equal-external-internal statement at the [edit
routing-instances routing-instance-name routing-options multipath] hierarchy level and the vrf-table-label statement at the [edit routing-
instances routing-instance-name] hierarchy level.
upvoted 1 times

  dragossky 1 month, 3 weeks ago


B,C
[edit protocols bgp group external]
user@R1# set multipath
[edit policy-options policy-statement loadbal]
user@R1# set from route-filter 10.0.0.0/16 orlonger
user@R1# set then load-balance per-packet
Apply the load-balancing policy.

content_copy zoom_out_map
[edit routing-options]
user@R1# set forwarding-table export loadbal
upvoted 1 times

  DarkSpirit 2 months ago


Selected Answer: CD
I think should be C and D, because of using multipath inside L3VPN
https://www.juniper.net/documentation/us/en/software/junos/vpn-l3/topics/ref/statement/multipath-edit-routing-options.html
upvoted 1 times

  penguin02007 2 months, 2 weeks ago


Should be B and C.
upvoted 1 times

  mohdema 2 months, 2 weeks ago


Selected Answer: BC
Fortunately, the Juniper Networks BGP implementation supports the notion of a bandwidth community. This extended community encodes the
bandwidth of a given next hop, and when combined with multipath, the load-balancing algorithm distributes flows across the set of next hops
proportional to their relative bandwidths. Put another way, if you have a 10-Mbps and a 1-Mbps next hop, on average nine flows will map to
the high-speed next hop for every one that uses the low speed.

Use of BGP bandwidth community is supported only with per-packet load balancing.

The configuration task has two parts:

Configure the external BGP (EBGP) peering sessions, enable multipath, and define an import policy to tag routes with a bandwidth community
that reflects link speed.

Enable per-packet (really per-flow) load balancing for optimal distribution of traffic.
https://www.juniper.net/documentation/us/en/software/junos/bgp/topics/topic-map/load-balancing-bgp-session.html
upvoted 2 times
Question #14 Topic 1

You are asked to enforce user authentication using a captive portal before users access the corporate network.
Which statement is correct in this scenario?

A. HTTPS is the default protocol for a captive portal.

B. A captive portal can be bypassed using an allowlist command containing a device’s IP address.

C. When enabled, a captive portal must be applied to each individual interface.

D. All Web browser requests are redirected to the captive portal until authentication is successful.

Correct Answer: D

Community vote distribution


D (100%)

  mohdema 2 months, 2 weeks ago


Selected Answer: D
You can set up captive portal authentication on your switch to redirect all Web browser requests to a login page that requires users to input a
username and password before they are allowed access. Upon successful authentication, users are allowed access to the network and
redirected to the original page requested.

Junos OS provides a customizable template for the captive portal window that allows you to easily design and modify the look of the captive
portal login page. You can modify the design elements of the template to change the look of your captive portal login page and to add
instructions or information to the page. You can also modify any of the design elements of a captive portal login page.

The first screen displayed before the captive login page requires the user to read the terms and conditions of use. By clicking the Agree
button, the user can access the captive portal login page.
https://www.juniper.net/documentation/us/en/software/junos/user-access/topics/topic-map/user-authentication-captive-portal.html
upvoted 1 times
Question #15 Topic 1

Click the Exhibition button.


Referring to the exhibit, ServerA sends a single IP packet destined to 10.0.0.127.
Which two statements correctly describe the behavior of the resulting outbound VXLAN packets that contain the original packet destined to
10.0.0.127? (Choose two.)

A. Router E will replicate and send a copy of the received VXLAN packet to router D.

B. Router C will send a VXLAN packet destined only to router D and router E.

C. Router D will not replicate and send a copy of the received VXLAN packet to router E.

D. Router C will send a single VXLAN packet to one remote VTEP.

Correct Answer: AD

Community vote distribution


BC (100%)

  JoeSun 2 months ago


Selected Answer: BC
It is about how EVPN handle BUM traffic. The source leaf will send the unknown unicast traffic to all leaf that with same VLAN/VTEP.
upvoted 3 times

Question #16 Topic 1

Click the Exhibition button.


A BGP network has been designed to provide resiliency and redundancy to a multihomed customer network.
Which two statements are correct in this scenario? (Choose two.)
Which two statements are correct in this scenario? (Choose two.)

A. Both the next hops will be used to forward tra]c to R2.

B. A routing policy will be required to forward tra]c to both next hops.

C. The TTL value of 1 is set to limit the scope of the EBGP session.

D. The ttl statement must be con+gured to accommodate peering to a loopback address of a directly connected peer.

Correct Answer: BD

Community vote distribution


BC (100%)

  DarkSpirit 2 months ago


Selected Answer: BC
B - because only one next hop in forwarding table
C- becuse TTL=1 limiting bgp connection to be established only over loopbacks interface
https://www.juniper.net/documentation/us/en/software/junos/bgp/topics/topic-map/multihop-sessions.html
Use the multihop statement to alter the default use of the neighbor's physical address. In addition, you can also specify a time-to-live (TTL)
value in the BGP packets to control how far they propagate. We use a TTL value of 1 to ensure that the session cannot be established across
any other backdoor links in the network.
upvoted 3 times
Question #17 Topic 1

Click the Exhibition button.


You are asked to troubleshoot voice quality issues on your newly implement VoIP network. You notice that the voice packets are being dropped.
You have veri+ed that the packets are correctly marked for expedited forwarding queue.
Referring to the exhibit, what must you con+gure to solve the problem?
A. You must con+gure a multi+eld classi+er to put the VoIP tra]c in the correct queue.

B. You must con+gure a rewrite rule to ensure that the tra]c is scheduled properly in the device.

C. You must con+gure a scheduler to allocate bandwidth to the expedited forwarding queue.

D. You must con+gure a policer to ensure that the queue is not being starved.

Correct Answer: C
Question #18 Topic 1

Click the Exhibit button.


Remote branches connect to the corporate WAN through access switches. The access switches connect to access ports on the WAN distribution
switch, as shown in the exhibit. L2PT has previously been con+gured on the tunnel Layer 2 tra]c across the WAN. You decide to move the L2PT
tunnel endpoints to the access switches. When you apply the L2PT con+guration to the access switches, the ports that connect the access
switches to the distribution switch shut down.
Which action would solve this problem?

A. Con+gure the links between the access switches and the distribution switch as a trunk port.

B. Disable the BPDU block function on the access switches.

C. Disable the BPDU block function on the distribution switch.

D. Con+gure a GRE tunnel to encapsulate the L2PT tra]c across the WAN.

Correct Answer: A

  mohdema 2 months, 2 weeks ago


Selected Answer: A
Access interfaces in an L2PT-enabled VLAN should not receive L2PT-tunneled PDUs. If an access interface does receive L2PT-tunneled PDUs,
there might be a loop in the network, and the device will shut down the interface.
https://www.juniper.net/documentation/us/en/software/junos/multicast-l2/topics/topic-map/layer-2-protocol-tunneling.html
upvoted 2 times

  penguin02007 2 months, 2 weeks ago


A is correct.

https://www.juniper.net/documentation/us/en/software/junos/multicast-l2/topics/topic-map/layer-2-protocol-tunneling.html#d116e87
upvoted 1 times
Question #19 Topic 1

Click the Exhibit button.


You want to provide Layer 2 connectivity between campus sites using Ethernet switches through a metro Ethernet service provider who is using Q-
in-Q tagging on their network.
Referring to the exhibit, what are two design considerations in this environment? (Choose two.)

A. VXLAN could be implemented on your network across this service provider network.

B. Each campus switch shown must have a C-Tag 300 con+gured.

C. L2PT is required on the SP network to support the spanning tree protocol.

D. Each campus switch shown must have S-Tag 300 con+gured.

Correct Answer: DC

  sangki 1 month, 2 weeks ago


i think bc
s-tag is handled by SP.
upvoted 1 times

  JoeSun 2 months ago


Selected Answer: BC
VXLAN , L2PT and S-Tag(service VLAN) are handled by ISP.

C-Tag (customer VLAN) is handled by customer. In fact, in customer view, 2 campus switches are direct connected to each others so that they
have to configure same vlan info whatever it is trunk or access port.
upvoted 1 times

  mohdema 2 months, 2 weeks ago


Selected Answer: CD
https://www.juniper.net/documentation/us/en/software/junos/multicast-l2/topics/ref/statement/layer2-protocol-tunneling-edit-vlans-l2pt-ex-
series.html
upvoted 2 times
Question #20 Topic 1

You must ensure that all routes in the 10.0.0/8 address range are not advertised outside of your AS.
Which well-known BGP community should be assigned to these addresses to accomplish this task?

A. no-export

B. no-peer

C. internet

D. no-advertise

Correct Answer: A

  mohdema 2 months, 2 weeks ago


Selected Answer: A
For specifying the BGP community attribute only, you also can specify community-ids as one of the following well-known community names
defined in RFC 1997:

no-advertise—Routes containing this community name are not advertised to other BGP peers.

no-export—Routes containing this community name are not advertised outside a BGP confederation boundary.

no-export-subconfed—Routes containing this community are advertised to IBGP peers with the same AS number, but not to members of
other confederations.

llgr-stale—Adds a community to a long-lived stale route when it is readvertised.

no-llgr—Marks routes which a BGP speaker does not want to be retained by LLGR. The Notification message feature does not have any
associated configuration parameters.
https://www.juniper.net/documentation/us/en/software/junos/bgp/topics/ref/statement/community-edit-routing-options.html
upvoted 3 times

Question #21 Topic 1

Which statement is correct about IS-IS?

A. IS-IS uses areas and an autonomous system.

B. Level 1/2 routers automatically inject a default route to the nearest Level 1 router.

C. Level 2 routers must share the same area address.

D. Level 1 routers route tra]c between autonomous systems.

Correct Answer: A
  mistadave 1 month, 1 week ago
Selected Answer: B
B is your answer here
upvoted 1 times

  dragossky 1 month, 2 weeks ago


Is the other way around:
level 1 routers generate a default route to the closest level 1-2 router to reach prefixes outside of their own area.
level 1-2 routers can redistribute prefixes from level 2 to level 1 so that level 1 routes can choose the most optimal path.
upvoted 1 times

  dragossky 1 month, 3 weeks ago


A
An IS-IS network is a single autonomous system (AS), also called a routing domain, that consists of end systems and intermediate systems.
End systems are network entities that send and receive packets. Intermediate systems send and receive packets and relay (forward) packets.
(Intermediate system is the Open System Interconnection [OSI] term for a router.) ISO packets are called network PDUs.

In IS-IS, a single AS can be divided into smaller groups called areas. Routing between areas is organized hierarchically, allowing a domain to
be administratively divided into smaller areas. This organization is accomplished by configuring Level 1 and Level 2 intermediate systems.
Level 1 systems route within an area; when the destination is outside an area, they route toward a Level 2 system. Level 2 intermediate
systems route between areas and toward other ASs. No IS-IS area functions strictly as a backbone.
upvoted 1 times

  davidrsr 1 month, 3 weeks ago


Selected Answer: B
ISIS use area and level for peering, not AS. And L1/2 router generate default route to Level 1 is correct.
upvoted 1 times

  mohdema 2 months, 2 weeks ago


Selected Answer: A
Level 1/2 routers automatically inject a default route to the nearest Level 1 router.
It's the other way around
upvoted 3 times

Question #22 Topic 1

Click the Exhibit button.


The connection between DC1 and DC2 is routed as shown in the exhibit.
In this scenario, which statement is correct?
A. The border devices must be able to perform Layer 3 routing and provide IRB functionality.

B. L3VPN must be enabled to advertise reachability.

C. An IP pre+x route provides encoding for intra-subnet forwarding.

D. Type 2 and Type 5 routes will be exchanged between DC1 and DC2.

Correct Answer: A

  chicharito14 12 hours, 9 minutes ago


I think it does not need Type 2 so A is correct
upvoted 1 times

  dragossky 1 month, 2 weeks ago


Selected Answer: D
type 2 and type 5
upvoted 1 times

  penguin02007 2 months, 2 weeks ago


A is correct.
upvoted 3 times

  random_name 3 months ago


May be correct
https://www.juniper.net/documentation/us/en/software/junos/evpn-vxlan/topics/concept/evpn-route-type5-understanding.html
upvoted 4 times

Question #23 Topic 1

BGP multipath or multihop are not con+gured in your network.


BGP multipath or multihop are not con+gured in your network.
In this scenario, what is the correct sequence for BGP active route selection?

A. higher local preference


shortest AS path
lowest peer address
lowest router ID
lower origin code

B. higher local preference


shortest AS path
lower origin code
lowest router ID
lowest peer address

C. higher local preference


lowest router ID
lowest peer address
lower origin code
shortest AS path

D. higher local preference


shortest AS path
lowest router ID
lowest peer address
lower origin code

Correct Answer: D
  Rudy6969 1 month, 2 weeks ago
go with B
upvoted 1 times

  mohdema 2 months, 2 weeks ago


Selected Answer: B
BGP Path Selection process follows this order

1.Weight (Bigger is better)


2. Local preference (Bigger is better)
3. Self originated (Locally injected is better than iBGP/eBGP learned)
4. AS-Path (Smaller is better)
5. Origin
6. MED (Smaller is better)
7. External (Prefer eBGP over iBGP)
8. IGP cost (Smaller is better)
9. EBGP Peering (Older is better)
10. Router- ID
http://www.next-itsolutions.co.uk/wp-content/uploads/2015/09/CCIE-BGP-Best-Path-Selection1.png
https://www.juniper.net/documentation/us/en/software/junos/vpn-l2/bgp/topics/concept/routing-protocols-address-representation.html
upvoted 4 times

  carlitox 2 months, 3 weeks ago


seems like B:
Algorithm steps
BGP Next Hop—Protocol
Local Preference—Localpref
AS Path—AS path
Origin—AS
Multiple Exit Discriminator
EBGP vs. IBGP—Local AS
Cost to IGP peer—Metric
Cluster List
Router ID
Peer ID

Multipath ignores router and peer id I cannot find changes by multihop


upvoted 4 times

Question #24 Topic 1

Click the Exhibit button.


You are troubleshooting an EVPN-VXLAN IP fabric and observe the loop shown in the exhibit.
Which two steps would you take to further troubleshoot this problem? (Choose two.)

A. Verify that the same ESI is con+gured on the link from the host and that it matches the source.

B. Issue the show route table bgp.evpn.0 command on Leaf2 and verify that Type 4 routes are present.

C. Issue the show route table bgp.evpn.0 command on Leaf2 and verify that Type 3 routes are present.
D. Verify that the same ESI is con+gured on the two links from the source.

Correct Answer: BC

  davidrsr 1 month, 3 weeks ago


Selected Answer: BD
EVPN type 4 routes - Ethernet Segment Routes are needed in multi-homing scenario and used for Designated Forwarder Election.
upvoted 1 times

  mohdema 2 months, 2 weeks ago


Type 2 route, MAC with IP advertisement route—Type 2 routes are per-VLAN routes, so only PEs that are part of a VNI need these routes.
EVPN allows an end host’s IP and MAC addresses to be advertised within the EVPN Network Layer reachability information (NLRI). This allows
for control plane learning of ESI MAC addresses. Because there are many Type 2 routes, a separate route-target auto-derived per VNI helps to
confine their propagation. This route type is supported by all EVPN switches and routers.
Type 5 route, IP prefix Route—An IP prefix route provides encoding for inter-subnet forwarding. In the control plane, EVPN Type 5 routes are
used to advertise IP prefixes for inter-subnet connectivity across data centers. To reach a tenant using connectivity provided by the EVPN Type
5 IP prefix route, data packets are sent as Layer 2 Ethernet frames encapsulated in the VXLAN header over the IP network across the data
centers.
upvoted 1 times

Question #25 Topic 1

Click the Exhibit button.


Referring to the outputs shown in the exhibit, which two statements are correct about the IS-IS adjacency? (Choose two.)
A. R1 is con+gured to participate in both Level 1 and Level 2.

B. R2 is con+gured to participate in both Level 1 and Level 2.

C. R1 is con+gured to participate in Level 2 only.

D. R2 is con+gured to participate in Level 2 only.

Correct Answer: BC

  Rudy6969 1 month, 2 weeks ago


A and D
upvoted 1 times

  dragossky 2 months, 1 week ago


Selected Answer: AD
CC types 2 - L2 only 3- L1/L2
upvoted 4 times

  mohdema 2 months, 2 weeks ago


Selected Answer: BC
R1 (and not R1) has circuit type 2 which means that R2 is configured to participate in Level 2 only, answer D is correct.
R2 (and not R1) has circuit type 3 which means that R1 is configured to participate in both Level 1 and Level 2, answer A is correct.
upvoted 2 times

  penguin02007 2 months, 2 weeks ago


A and D is correct.
upvoted 2 times

  Obodio 2 months, 3 weeks ago


R2 has circuit type 2 which means that R2 is configured to participate in Level 2 only, answer D is correct.
R1 has circuit type 3 which means that R1 is configured to participate in both Level 1 and Level 2, answer A is correct.
upvoted 3 times

Question #26 Topic 1

Which two multicast listener registration protocols are supported in the Junos operating system? (Choose two.)

A. MLD

B. DVMRP

C. IGMP

D. PIM

Correct Answer: AC

  mohdema 2 months, 2 weeks ago


Selected Answer: AC
nternet Group Management Protocol (IGMP) and Multicast Listener Discovery (MLD) are the Multicast Group Membership Discovery (MGMD)
protocols
upvoted 2 times
Question #27 Topic 1

Which three statements are correct about EVPN route types? (Choose three.)

A. Type 3 routes carry replication information.

B. Type 2 routes carry endpoint MAC address information.

C. Type 2 routes carry endpoint IP address information.

D. Type 5 routes carry replication information.

E. Type 1 routes carry endpoint MAC address information.

Correct Answer: BCE

  mohdema 2 months, 2 weeks ago


Selected Answer: ABC
Cisco explains it better: The EVPN control plane advertises the following types of information:

Route type 1 – This is an Ethernet Auto-Discovery (EAD) route type used to advertise Ethernet segment identifier, Ethernet Tag ID, and EVPN
instance information. EAD route advertisements may be sent for each EVPN instance or for each Ethernet segment.

Route type 2 – This advertises endpoint reachability information, including MAC and IP addresses of the endpoints or VTEPs.

Route type 3 – This performs multicast router advertisement, announcing the capability and intention to use ingress replication for specific
VNIs.

Route type 4 – This is an Ethernet Segment route used to advertise the Ethernet segment identifier, IP address length, and the originating
router's IP address.

Route type 5 – This is an IP prefix route used to advertise internal IP subnet and externally learned routes to a VXLAN network.
upvoted 2 times

  mohdema 2 months, 2 weeks ago


Selected Answer: ABC
Type 1 route, Ethernet autodiscovery route
Type 2 route, MAC with IP advertisement route
Type 3 route, inclusive multicast Ethernet tag route
The tunnel types supported in an EVPN route type 3 when BGP-EVPN MPLS is enabled are ingress replication, P2MP MLDP, and composite
tunnels
Type4 route, Ethernet segment Route
Type 5 route, IP prefix Route
upvoted 1 times

Question #28 Topic 1

Click the Exhibit button.


Referring to the exhibit, which two statements are correct? (Choose two.)
A. The host that the route is associated with is multihomed to two leaf nodes.

B. The route is a Type 1 EVPN route.

C. The route is a Type 2 EVPN route.

D. The host that the route is associated with is single-homed to one leaf node.

Correct Answer: BD

  dragossky 2 months, 2 weeks ago


type 2, it starts with 2, so no brainer here....
upvoted 1 times

  mohdema 2 months, 2 weeks ago


Selected Answer: CD
Route type is 2 if not mistaken
upvoted 2 times

  Obodio 2 months, 3 weeks ago


Answers C, D - the route is Type 2 EVPN route...
upvoted 2 times
Question #29 Topic 1

You must provide network connectivity to hosts that fail authentication.


In this scenario, what would be used in a network secured with 802.1X to satisfy this requirement?

A. Con+gure the native-vlan-id parameter on the port.

B. Use the server-reject-vlan command to specify a guest VLAN.

C. Con+gure a secondary IP address on the port for unauthenticated hosts.

D. Con+gure the port as a spanning tree edge port.

Correct Answer: B

  mohdema 2 months, 2 weeks ago


Selected Answer: B
For a device configured for 802.1X authentication, specify that when the device receives an Extensible Authentication Protocol Over LAN
(EAPoL) Access-Reject message during the authentication process between the device and the RADIUS authentication server, supplicants
attempting to access the LAN are granted access and moved to a specific bridge domain or VLAN. Any bridge domain, VLAN name or VLAN
ID sent by a RADIUS server as part of the EAPoL Access-Reject message is ignored.
upvoted 2 times

Question #30 Topic 1

A Layer 2 connection does not expend across data centers. The IP subnet in a Layer 2 domain is con+ned within a single data center.
Which EVPN route type is used to communicate pre+xes between the data centers?

A. Type 1

B. Type 2

C. Type 4

D. Type 5

Correct Answer: D

  mohdema 2 months, 2 weeks ago


Selected Answer: D
https://www.juniper.net/documentation/us/en/software/junos/evpn-vxlan/topics/concept/evpn-route-type5-
understanding.html#:~:text=In%20the%20control%20plane%2C%20EVPN,subnet%20connectivity%20across%20data%20centers.
upvoted 2 times
Question #31 Topic 1

You are asked to implement fault tolerant RPs in your multicast network.
Which two solutions would accomplish this behavior? (Choose two.)

A. Use BFD with statically de+ned RPs.

B. Use MSDP with statically de+ned RPs.

C. Use anycast PIM with statically de+ned RPs.

D. Use IGMPv3 with statically de+ned RPs.

Correct Answer: CD

  davidrsr 1 month, 3 weeks ago


Selected Answer: BC
IGMP is for join.
upvoted 1 times

  Obodio 2 months, 3 weeks ago


Answers: B, C
upvoted 4 times

Question #32 Topic 1

Click the Exhibit button.


Your network has an unmanaged switch between the hosts and your EX Series switch. After the tra]c enters the EX Series switch, each host must
be on a separate VLAN.
How would you accomplish this task?

A. Con+gure an input +rewall +lter on interface ge-0/0/3 to match the source MAC or IP address of the hosts to assign the VLANs.

B. Con+gure an output +rewall +lter on interface ge-0/0/1 to match the destination MAC or IP address of the hosts to assign the VLANs.
C. Con+gure interface ge-0/0/3 to a mode trunk to assign the VLANs.

D. Con+gure VSTP on interface ge-0/0/1 to assign the VLANs.

Correct Answer: C

  Rudy6969 1 month, 2 weeks ago


trunk interfaces dont assign vlans on their own. besides, since the switch is unmanaged, the traffic from the 3 devices will be untagged and
dropped on a trunk interface, unless you assign all the traffic to the native-vlan
upvoted 1 times

  DarkSpirit 2 months ago


Selected Answer: A
EX switches has VLAN action on ingress interfaces to forward traffic to specific VLAN.
https://www.juniper.net/documentation/us/en/software/junos/routing-policy/topics/topic-map/firewall-filter-match-condtions-and-actions-
qfx.html
vlan VLAN-name

Forward matched packets to a specific VLAN.

NOTE: The vlan action is supported on ingress interfaces only.


upvoted 2 times

  Wallsee 2 months, 1 week ago


should be C
upvoted 1 times
Question #33 Topic 1

Which three MSTP parameters must match on all switches in the same MST region? (Choose three.)

A. forwarding delay

B. bridge priority

C. revision number

D. MSTI-to-VLAN mapping

E. con+guration name

Correct Answer: BCE

  penguin02007 2 months, 2 weeks ago


C,D,E

https://www.juniper.net/documentation/us/en/software/junos/stp-l2/topics/topic-map/spanning-tree-configuring-mstp.html
upvoted 2 times

Question #34 Topic 1

Click the Exhibit button.


Referring to the exhibit, a PIM-SM network is set up to enable communication between multicast devices.
Which two statements are true? (Choose two.)

A. Before the formation of the rendezvous-point tree, a join message is sent from R1 to R3.

B. Before the formation of the rendezvous-point tree, an IGMP is sent from the Receiver to R1.
C. Before the formation of the rendezvous-point tree, an IGMP is sent from the Source to R5.

D. Before the formation of the rendezvous-point tree, a join message is sent from R1 to R5.

Correct Answer: BC

  dragossky 1 month, 3 weeks ago


Selected Answer: AB
source to RP request (*,G)
upvoted 1 times

Question #35 Topic 1

When using wide metrics, which two statements about route advertisement between IS-IS levels are correct? (Choose two.)

A. Level 1 and Level 2 routers do not advertise Level 2 routes into the Level 1 area by default.

B. Level 1 routes are advertised to Level 2 routers by default.

C. If wide-metrics-only is con+gured, Level 1 routes are not advertised to Level 2 routers by default.

D. Level 1 routes advertised as external routes into Level 1 are not advertised to any Level 2 routers by default.

Correct Answer: AC

  Wallsee 2 months ago


Support A C
upvoted 2 times
Question #36 Topic 1

What are two similarities between OSPFv2 and OSPFv3? (Choose two.)

A. virtual links

B. support for multiple instances per link

C. 32-bit router ID

D. protocol processing per link, not per subnet

Correct Answer: AC

  Wallsee 2 months ago


Support A C
upvoted 1 times
Question #37 Topic 1

Click the Exhibit button.


You recently committed a change to a router to reject OSPF routes sourced from area 10. However, you are still seeing area 10 routes in the
routing table.
Referring to the exhibit, which statement is correct?

A. The OSPF protocol is +rst matched by +nd-ospf and accepted.

B. The routes only timeout after 24 hours.

C. The routes remain in the table until the device is rebooted.

D. The routes remain in the table until the routing daemon is restarted.

Correct Answer: D

  penguin02007 2 months, 2 weeks ago


Should be A. Once a route is accepted, no other terms in the routing policy are evaluated.
upvoted 1 times
Question #38 Topic 1

Your EX Series switch has IP telephones and computers connected to a single switch port. You are considering implementing the voice VLAN
feature to help with this setup.
In this scenario, which two statements are correct? (Choose two.)

A. The voice VLAN feature must be used with LLDP-MED to associate VLAN ID and 802.1p values with the tra]c.

B. The interfaces must be con+gured as access ports.

C. Assigning the incoming voice and data tra]c to separate VLANs enables the ability to prioritize the tra]c using CoS.

D. The voice VLAN feature will enable incoming tagged data and voice tra]c to be associated with separate VLANs.

Correct Answer: BC

  dragossky 1 month, 3 weeks ago


Selected Answer: AB
EX Series switches can accommodate an IP telephone and end host connected to a single switch port. In such a scenario, voice and data
traffic must be separated into different broadcast domains, or VLANs. One method for accomplishing this is by configuring a voice VLAN,
which enables access ports to accept untagged data traffic as well as tagged voice traffic from IP phones, and associate each type of traffic
with separate and distinct VLANs. Voice traffic (tagged) can then be treated differently, generally with a higher priority than data traffic
(untagged)
upvoted 2 times

  penguin02007 2 months, 2 weeks ago


Should be A and B
upvoted 2 times
Question #39 Topic 1

You are deploying new Juniper EX Series switches in a network that currently is using Cisco’s Per-VLAN spanning tree plus (PVST+) and you must
provide compatibility with this environment.
Which spanning tree protocol do you deploy in this scenario?

A. STP

B. MSTP

C. VSTP

D. RSTP

Correct Answer: B

  dragossky 1 month, 3 weeks ago


Selected Answer: C
Benefits of VSTP
VSTP has the following benefits:

Connects devices that are not part of the network

Compatible with Cisco PVST+

VSTP and RSTP are the only spanning-tree protocols that can be configured concurrently on a device.

VSTP Restrictions
VSTP has these restrictions:

The EX Series switches EX4300, EX4600 and the QFX platforms QFX5100,QFX3500,QFX3600 support 510 Vlans on VSTP.

VSTP is not supported on the SRX platform - just STP/RSTP/MSTP are supported on SRX Series.

On EX Series (except EX9200) and QFX Series switches running Junos OS that supports ELS—VSTP can support up to 510 VLANs.

On EX9200 switches—VSTP can support up to 4000 VLANs.

On an EX Series switch running Junos OS that does not support ELS—VSTP can support up to 253 VLANs.
upvoted 1 times

  penguin02007 2 months, 2 weeks ago


Should be C.
upvoted 1 times
Question #40 Topic 1

A modi+ed de+cit round-robin scheduler is de+ned by which three variables? (Choose three.)

A. priority

B. WRED

C. transmit rate

D. Layer 3 +elds

E. buffer size

Correct Answer: ABC

  dragossky 1 month, 3 weeks ago


Selected Answer: ACE
To configure MDRR, configure a scheduler at the [edit class-of-service schedulers] hierarchy level:

content_copy zoom_out_map
[edit class-of-service schedulers]
scheduler-name {
buffer-size (seconds | percent percentage | remainder | temporal microseconds);
priority priority-level;
transmit-rate (percent percentage | rate | remainder) <exact | rate-limit>;
}
upvoted 1 times

  DarkSpirit 2 months ago


Selected Answer: ACE
https://www.juniper.net/documentation/us/en/software/junos/cos/topics/concept/cos-configuring-mdrr-on-enhanced-queuing-dpcs.html
upvoted 2 times

  Wallsee 2 months, 1 week ago


should be A, B and C
upvoted 1 times

Question #41 Topic 1

Click the Exhibit button.


Which two statements are correct regarding the behavior shown in the exhibit? (Choose two.)

A. The ge-1/1/0 interface is con+gured as secondary for Area 0.

B. The router is an ABR.

C. The router is not an ABR.

D. The ge-1/1/0 interface is con+gured as secondary for Area 100.


Correct Answer: BD

  dragossky 1 month, 2 weeks ago


root@R5> show ospf neighbor
Address Interface State ID Pri Dead
10.3.3.1 ge-0/0/3.0 Full 10.10.10.3 128 36
Area 0.0.0.0
10.5.5.1 ge-0/0/1.0 Full 10.10.10.20 128 39
Area 0.0.0.2
10.3.3.1 ge-0/0/3.0 Full 10.10.10.3 128 35
Area 0.0.0.100

root@R5> show ospf interface


Interface State Area DR ID BDR ID Nbrs
ge-0/0/3.0 DR 0.0.0.0 10.10.10.5 10.10.10.3 1
lo0.0 DR 0.0.0.0 10.10.10.5 0.0.0.0 0
ge-0/0/1.0 BDR 0.0.0.2 10.10.10.20 10.10.10.5 1
ge-0/0/3.0 PtToPt 0.0.0.100 0.0.0.0 0.0.0.0 1

root@R5>
upvoted 1 times

  dragossky 1 month, 2 weeks ago


Selected Answer: BD
ABR - area 0 and 100
set area 0.0.0.100 interface ge-1/1/0.0 secondary
upvoted 1 times
Question #42 Topic 1

Click the Exhibit button.


You are troubleshooting connectivity between an EVPN spine switch con+gured as a route regector and a leaf node with an IP address of
10.30.100.6.
Referring to the exhibit, what is the problem?

A. The neighbor 10.30.100.3 statement is missing from leaf1’s con+guration.

B. The spine node is not con+gured for the family inet NLRI.

C. The neighbor 10.30.100.6 statement is missing from spine1’s con+guration.

D. The leaf node is not con+gured for the family evpn NLRI.

Correct Answer: B

  dragossky 1 month, 2 weeks ago


Selected Answer: B
AFI 1 / SAFI 1 - ipv4
upvoted 1 times
Question #43 Topic 1

Click the Exhibit button.


You have scheduled maintenance operations for one of the devices in your OSPF network.
Referring to the exhibit, which three statements are correct? (Choose three.)

A. R1 does not participate in OSPF routing.

B. Any tra]c destined for networks that terminate on R1 will still be forwarded to R1.

C. The metrics for all transit interfaces on R1 is set to the maximum value of 65,535.

D. R1 participates in OSPF routing but does not send or receive transit tra]c.

E. R1 does not send or receive transit tra]c during the maintenance window even if no alternative paths exist to the given destination.

Correct Answer: BCD

Question #44 Topic 1

Click the Exhibit button.


You are running OSPF as your IGP. The interfaces connecting two routers are in the ExStart state. You notice that something is incorrect with the
con+guration.
Referring to the exhibit, which statement is correct?

A. The subnet mask is incorrect.

B. The MTU setting are incorrect.

C. The interface type is incorrect.

D. The IP addresses are incorrect.

Correct Answer: D

  dragossky 2 months, 1 week ago


Selected Answer: B
MTU...
upvoted 1 times

  Jamesthepunisher 2 months, 2 weeks ago


Should be B, MTU is different
upvoted 1 times

  penguin02007 2 months, 2 weeks ago


Should be B.
upvoted 1 times
Question #45 Topic 1

You are asked to con+gure an 802.1X solution that supports dynamic VLAN assignment.
In this scenario, which two modes support using vendor-speci+c attributes (VSAs)? (Choose two.)

A. static MAC bypass mode

B. single-secure supplicant mode

C. multiple supplicant mode

D. single supplicant mode

Correct Answer: BC

  dragossky 1 month, 2 weeks ago


Selected Answer: CD
VSAs are supported only for 802.1X single supplicant configurations and multiple supplicant configurations.
upvoted 1 times

  penguin02007 2 months, 2 weeks ago


B and D.

https://www.juniper.net/documentation/us/en/software/junos/user-access/topics/concept/dynamic-vlan-assignment-colorless-ports.html
upvoted 3 times

Question #46 Topic 1

You are using 802.1X authentication in your network to secure all ports. You have a printer that does not support 802.1X and you must ensure that
tra]c is allowed to and from this printer without authentication.
In this scenario, what will satisfy the requirement?

A. MAC +ltering

B. MACsec

C. static MAC bypass

D. MAC RADIUS

Correct Answer: C

  penguin02007 2 months, 2 weeks ago


C is correct.

https://www.juniper.net/documentation/us/en/software/junos/user-access/topics/topic-map/static-mac-bypass-mac-radius-
authentication.html
upvoted 1 times

Question #47 Topic 1

Click the Exhibit button.


Referring to the exhibit, which two statements are correct? (Choose two.)
A. The DS-2 switch will be root bridge for MSTI 2.

B. The DS-1 switch will be root bridge for MSTI 1.

C. The DS-1 switch will be root bridge for MSTI 2.

D. The DS-2 switch will be root bridge for MSTI 1.

Correct Answer: AD

  dragossky 1 month, 2 weeks ago


Selected Answer: AB
DS1 - root bridge for msti 1 (vlan 10-19) - due to bridge priority 4k
DS2 - root bridge for msti 2 (vlan 20-29) - due to bridge priority 4k
upvoted 4 times

  penguin02007 2 months, 2 weeks ago


Should be C and D. Bridge priority is to determine which bridge becomes the designated bridge.
upvoted 1 times
Question #48 Topic 1

In OSPF, how does a router ensure that LSAs advertised to a neighboring router are received?

A. LSA gooding guarantees that all routers will receive them successfully.

B. LSAs are sent over a TCP connection.

C. LSAs are acknowledged by the neighboring router.

D. LSAs are advertised with an acknowledgement bit.

Correct Answer: C

  dragossky 1 month, 2 weeks ago


Selected Answer: C
Link-state acknowledgment (LSAck)messages provide reliability to the link-state exchange process, by explicitly acknowledging receipt of a
Link State Update message. The LSA acknowledgment, explicitly acknowledged, that it have received a LSA, by mirroring it back
upvoted 1 times
Question #49 Topic 1

Click the Exhibit button.


Referring to the exhibit, which two statements are correct? (Choose two.)

A. BPDUs from the root bridge for VLAN 10 have been received on the ge-0/0/7.0 interface.

B. DS-1 is the root bridge for VLAN 10.

C. BPDUs from the root bridge for VLAN 20 have been received on the ge-0/0/7.0 interface.

D. Default VSTP bridge priority values are con+gured.

Correct Answer: AC

  sangki 1 month, 2 weeks ago


Selected Answer: BC
i think b and c
upvoted 1 times

  dragossky 1 month, 2 weeks ago


Selected Answer: BC
DS-1 port status - DESG / FWD - VLAN 10 - ROOT Bridge
DS-1 port status BLK/ALT - VLAN 20
upvoted 1 times
Question #50 Topic 1

Click the Exhibit button.


A user is attempting to watch a high-de+nition video being streamed from the media server over the network. However, the user complains that the
experienced video quality is poor. While logged on to router B, a Juniper Networks device, you notice that video packets are being dropped.
In this scenario, what would solve this problem?

A. Adjust the scheduler for the expedited-forwarding forwarding class to support a higher transmit rate.

B. Adjust the expedited-forwarding BA classi+er to router B's ge-0/0/0 interface to support a higher transmit rate.

C. Adjust the scheduler-map to support a higher transmit rate.

D. Adjust the expedited-forwarding BA classi+er on router B's ge-0/0/1 interface to support a higher transmit rate.

Correct Answer: D

  carlitox 2 months, 3 weeks ago


Selected Answer: A
transmit rate is set on the scheduler, BA and classifier do not have transmit rate. scheduler-map=maps schedulers to fwd classes
upvoted 3 times
Question #51 Topic 1

There are two BGP routes to 10.200.200.0/24 received from two external peers. Route 1 comes from a neighbor with a router ID of 10.10.100.1
and a peer IP address of 10.10.30.1, and route 2 comes from a neighbor with a router ID of 10.10.200.1 and a peer IP address of 10.10.50.1. Both
routes have the same MED value, origin value, AS path length, and local preference number.
In this scenario, which statement is correct about the active route?

A. Route 1 will be active because of the peer IP address.

B. Route 2 will be active because of the peer IP address.

C. Route 1 will be active because of the router ID.

D. Route 2 will be active because of the router ID.

Correct Answer: D

  dragossky 2 months, 1 week ago


Selected Answer: C
Lowest RID
upvoted 1 times

  carlitox 2 months, 3 weeks ago


Selected Answer: C
9. The router determines the router ID for each peer that advertised a path to the route destination. A lower router ID value is preferred over a
higher router ID value.
10. The router determines the peer ID for each peer that advertised a path to the router destination. A lower peer ID value is preferred over a
higher peer ID value. The peer ID is the
IP address of the established BGP peering session.
upvoted 2 times
Question #52 Topic 1

You are asked to con+gure 802.1X on your access ports to allow only a single device to authenticate.
In this scenario, which con+guration would you use?

A. single supplicant mode

B. multiple supplicant mode

C. single-secure supplicant mode

D. MAC authentication mode

Correct Answer: A

  dragossky 1 month, 2 weeks ago


Selected Answer: C
Single supplicant mode authenticates only the first end device that connects to an authenticator port. All other end devices connecting to the
authenticator port after the first has connected successfully, whether they are 802.1X-enabled or not, are permitted access to the port without
further authentication. If the first authenticated end device logs out, all other end devices are locked out until an end device authenticates.

Single-secure supplicant mode authenticates only one end device to connect to an authenticator port. No other end device can connect to the
authenticator port until the first logs out
upvoted 1 times

  dragossky 2 months, 1 week ago


Selected Answer: C
Single-secured mode...
upvoted 1 times

  carlitox 2 months, 3 weeks ago


Selected Answer: C
Single supplicant mode authenticates only the first end device that connects to an authenticator port. All other end devices connecting to the
authenticator port after the first has connected successfully, whether they are 802.1X-enabled or not, are permitted access to the port without
further authentication. If the first authenticated end device logs out, all other end devices are locked out until an end device authenticates.

Single-secure supplicant mode authenticates only one end device to connect to an authenticator port. No other end device can connect to the
authenticator port until the first logs out.
upvoted 3 times
Question #53 Topic 1

Click the Exhibit button.


Referring to the exhibit, which two statements are correct? (Choose two.)

A. The maximum wattage that this switch can allocate to attached Ethernet devices is 100 watts.

B. If the total power consumption exceeds 90 watts, the ge-0/0/11 interface will continue to receive power.

C. PoE is not enabled on the ge-0/0/0 interface.

D. The ge-0/0/10 interface supports PoE+.

Correct Answer: AC

  carlitox 2 months, 3 weeks ago


Selected Answer: AD
POE is enabled in the interface ge-0/0/0 but nothing is connected to it. switch is in AT mode (poe+) and interface ge-0/0/11 supports poe+
judging by maximun wattage
upvoted 4 times
Question #54 Topic 1

Click the Exhibit button.


You are asked to establish full connectivity between all devices in the BGP network.
Referring to the exhibit, which two con+guration changes will allow BGP route advertisements? (Choose two.)

A. On R2, include the loops 2 statement at the [edit protocols bgp family inet unicast] hierarchy.

B. On R1 and R3, include the loops 2 statement at the [edit protocols bgp family inet unicast] hierarchy.

C. On R1 and R3, include the advertise-peer-as statement at the [edit protocols bgp group external] hierarchy.

D. On R2, include the advertise-peer-as statement at the [edit protocols bgp group external] hierarchy.

Correct Answer: BD

  dragossky 1 month, 2 weeks ago


Selected Answer: BD
https://www.juniper.net/documentation/us/en/software/junos/routing-policy/bgp/topics/example/bgp-advertise-peer-as.html
upvoted 1 times

  penguin02007 2 months, 2 weeks ago


B and D is correct.

https://www.juniper.net/documentation/us/en/software/junos/bgp/topics/ref/statement/advertise-peer-as-edit-protocols-bgp.html
upvoted 1 times

Question #55 Topic 1

Click the Exhibit button.


Referring to the exhibit, which two statements are correct? (Choose two.)
A. The BGP neighbor can advertise L3 VPN related routes.

B. The BGP neighbor cannot advertise EVPN related routes.

C. The BGP neighbor can advertise EVPN related routes.

D. The BGP neighbor cannot advertise L3 VPN related routes.

Correct Answer: AC
  penguin02007 2 months, 2 weeks ago
C and D. L3 VPN route exchange requires inet-vpn unicast address family.
upvoted 2 times

Question #56 Topic 1

You are deploying an 802.1X solution and must determine what would happen if clients are unable to re-authenticate to the RADIUS server.
In this scenario, which con+guration would provide access to the network if the supplicant is already authenticated?

A. move

B. permit

C. deny

D. sustain

Correct Answer: D

  dragossky 1 month, 2 weeks ago


Selected Answer: D
Permit authentication, allowing traffic to flow from the end device through the interface as if the end device were successfully authenticated by
the RADIUS server.

Deny authentication, preventing traffic from flowing from the end device through the interface. This is the default.

Move the end device to a specified VLAN. (The VLAN must already exist on the router.)

Sustain authenticated end devices that already have LAN access and deny unauthenticated end devices. If the RADIUS servers time out
during reauthentication, previously authenticated end devices are reauthenticated and new users are denied LAN access.
upvoted 1 times

  Wallsee 2 months, 1 week ago


should be D
upvoted 1 times
Question #57 Topic 1

You are deploying IP phones in your enterprise network that must receive their power through their Ethernet connection. You are using your EX
Series switch's PoE ports that support IEEE 802.3af.
In this scenario, what is the maximum amount of power allocated to each interface?

A. 10.2 W

B. 15.4 W

C. 30 W

D. 50 W

Correct Answer: B

  dragossky 1 month, 2 weeks ago


Selected Answer: B
PoE was first defined in the IEEE 802.3af standard, which supplied up to 15.4 W of power to a connected powered device. Subsequent
versions increased the amount of power that can be supplied to a powered device, as follows:
upvoted 1 times

  penguin02007 2 months, 2 weeks ago


B. 802.3af can deliver a max of 15.4W
upvoted 1 times

Question #58 Topic 1

You are deploying IP phones in your enterprise networks. When plugged in, the IP phones must be automatically provided with the correct VLAN ID
needed for sending voice tra]c to the EX Series switches.
In this scenario, which two solutions are required to accomplish this task? (Choose two.)

A. Enable LLDP-MED on appropriate access interfaces.

B. Create two VLANs and assign them as VLAN members to the appropriate access interfaces.

C. Enable the voice VLAN feature with the appropriate access interfaces and VLAN ID for voice tra]c.

D. Use LLDP on appropriate interfaces.

Correct Answer: AC

  Wallsee 2 months, 1 week ago


A and C
upvoted 1 times
Question #59 Topic 1

Click the Exhibit button.


Referring to the exhibit, how will router E quickly learn that the remote MAC addresses are no longer reachable through the router attached to the
failed link?

A. Router E receives Type 2 withdrawal messages from router D.

B. Router E receives Type 1 withdrawal messages from router D.

C. Router E receives Type 1 withdrawal messages from router C.

D. Router E receives Type 2 withdrawal messages from router C.

Correct Answer: B

  Wallsee 2 months, 1 week ago


should be B
upvoted 1 times
Question #60 Topic 1

Click the Exhibit button.


Referring to the exhibit, which statement is correct?

A. The route is learned from a multihop BGP session.

B. The route is learned from only one neighbor.

C. The route is learned from a multipath BGP session.

D. The route is learned from three different neighbors.

Correct Answer: B

  Wallsee 2 months, 1 week ago


should be B
upvoted 1 times

Question #61 Topic 1

You are deploying IP phones in your enterprise networks. When plugged in, the IP phones must automatically negotiate the power requirements for
the new connection with the EX Series switches.
In this scenario, which protocol should be used to enable this behavior?

A. CDP

B. MP-BGP

C. LLDP-MED

D. LLDP

Correct Answer: C

  Wallsee 2 months ago


should be C
upvoted 1 times
Question #62 Topic 1

Click the Exhibit button.


Referring to the exhibit, which statement is correct when a failure exists on the link between host2 and switch5 on this EVPN-VXLAN fabric?

A. The switch5 device will send a Type 2 route to all peers.

B. The switch5 device will send a Type 4 route to all peers.

C. The switch5 device will send a Type 1 route to all peers.

D. The switch5 device will send a Type 3 route to all peers.

Correct Answer: D

  dragossky 1 month, 2 weeks ago


Selected Answer: C
Type 1 routes are used for per-ES auto-discovery (A-D) to advertise EVPN multi-homing mode. Remote ToR leaf devices in the EVPN network
use the EVPN Type 1 route type functionality to learn the EVPN Type 2 MAC routes from other leaf devices. In this route type ESI and the
Ethernet Tag ID are considered to be part of the prefix in the NLRI. Upon a link failure between ToR leaf and end server VTEP withdraws
Ethernet Auto-Discovery routes (Type 1) per ES. The Juniper EVPN multi-homing Ethernet Tag value is set to the VLAN ID for ES auto-
discovery/ES route types.

Mass Withdrawal - Used for fast convergence during link failure scenarios between leaf devices to the end server using Type 1 EAD/ES routes.
upvoted 1 times

  Wallsee 2 months ago


wonder why it should not be C
upvoted 1 times

Question #63 Topic 1

Click the Exhibit button.


Referring to the exhibit, tra]c ingresses on interface ge-0/0/3 and egresses on interface ge-0/0/4.
Which queue does tra]c with the IP precedence value of 100 use?
A. network-control

B. assured-forwarding

C. best-effort

D. expedited-forwarding

Correct Answer: D
  dragossky 1 month, 2 weeks ago
Selected Answer: B
Class Selector 4 (CS4) 100000 4 - goes to AF.
upvoted 1 times

  sangki 1 month, 2 weeks ago


Question #64 Topic 1
could you explain more?
upvoted 2 times
Your network is multihomed to two ISPs. The BGP sessions are established; however, the ISP peers are not receiving any routes.
Which two statements are correct about troubleshooting your con+guration? (Choose two.)

A. Verify the import policies on your router.

B. Verify that the BGP routes are active in your routing table.

C. Verify the export policies on your router.

D. Verity that the multihop settings are con+gured on your router.

Correct Answer: CD

Currently there are no comments in this discussion, be the +rst to comment!


Question #65 Topic 1

Click the Exhibit button.


Referring to the exhibit, you have placed the cos multi+eld classi+er on all edge interfaces and con+gured the relevant CoS parameters.
In this scenario, which two statements are correct? (Choose two.)

A. SSH tra]c using the default port will be placed in the af forwarding class and accepted.

B. SSH tra]c using the default port will be placed in the best-effort forwarding class and accepted.

C. UDP tra]c using the 16000 port will be placed in the voice forwarding class and accepted.

D. UDP tra]c using the 16000 port will be placed in the best-effort forwarding class and accepted.

Correct Answer: AC

  dragossky 1 month, 2 weeks ago


Selected Answer: AC
default action is accept.
upvoted 1 times

You might also like