JN0 643

Juniper JN0-643
Enterprise Routing and Switching, Professional (JNCIP-ENT)

Version: 5.0
Juniper JN0-643 Exam QUESTION NO: 1 A user complains about connectivity problems from their IP address (10.1.1.87) to a server (10.65.1.100). Which Junos command can help verify connectivity in the network? A. mroute B. traceoptions C. ping D. clear bgp neighbor Answer: A Explanation:
QUESTION NO: 2 Port authentication falls back to Captive Portal. In which two scenarios would the port authentication move back to 802.1X? (Choose two.) A. if any MAC RADIUS request packet is received on the interface and if there are no sessions in authenticated/authenticating state B. if Captive Portal is deactivated on the interface C. if the user gets logged out D. if the EAP packet is received on the interface and if there are no sessions in authenticated/authenticating state Answer: B,D Explanation:
QUESTION NO: 3 A network routes IPv4 traffic only. You want to add IPv6 to the network, but you must use a single IGP for both IPv4 and IPv6 traffic. Which protocol meets this requirement? A. OSPFv2 "Pass Any Exam. Any Time." - www.actualtests.com 2
Juniper JN0-643 Exam B. BGPv4 C. ES-ISv1 D. OSPFv3 Answer: D Explanation:
QUESTION NO: 4 A Layer 2 forwarding loop occurred on your network during a scheduled maintenance period. You must prevent this behavior in the future. Which protocol should you enable on the EX Series switch to address this condition in the future? A. DVMRP B. L2TPv3 C. STP D. RSVP Answer: D Explanation:
QUESTION NO: 5 You have implemented 802.1X authentication in your Layer 2 network and you have only a single RADIUS server. You are asked to ensure that if the RADIUS server becomes unreachable or fails, users connected to the ge-0/0/0 port are still able to reach the Internet using a predefined guest VLAN. Which command allows this access? A. [edit] user@switch# set protocols dot1x authenticator interface ge-0/0/0.0 radius-fail vlan guest B. [edit] user@switch# set protocols dot1x authenticator interface ge-0/0/0.0 server-fail vlan-name guest C. [edit] user@switch# set protocols dot1x authenticator interface ge-0/0/0.0 auth-fail assign-vlan guest D. [edit] user@switch# set protocols dot1x authenticator interface ge-0/0/0.0 radius-fail assign guest
"Pass Any Exam. Any Time." - www.actualtests.com
Juniper JN0-643 Exam Answer: B Explanation:
QUESTION NO: 6 Which option is a valid IPv6 multicast address? A. fe80::205:8640:471:3200/64 B. ::172.16.0.5/126 C. ff03:365:ba::23 D. ff01:cgfc:345::226:8ff:fee4:bf6f Answer: C Explanation:
QUESTION NO: 7 A company is deploying a new 802.1X port-based security infrastructure to allow users to access resources through wired Ethernet ports. However they recently deployed an RSA token-based system for users to connect remotely. The network administrator wants to reuse the same security database for 802.1X port-based security. Which 802.1X authentication protocol is required? A. EAP-TLS B. LAN-PEAP C. RSA-EAP D. EAP-TTLS Answer: D Explanation:
QUESTION NO: 8 Which protocol reachability is advertised by OSPFv2? A. IPv4
Juniper JN0-643 Exam B. IPv5 C. IPv6 D. ISO Answer: D Explanation:
QUESTION NO: 9 You are AS 6573. Which AS path regular expression matches only routes originated in your AS? A. "6573.*" B. ".*" C. "{" D. "^$" Answer: D Explanation:
QUESTION NO: 10 Voice traffic is coming in on UDP port 17689. This traffic must be classified into the expeditedforwarding forwarding class. Which type of classifier is needed? A. code point alias B. rewrite marker C. multifield D. behavior aggregate Answer: C Explanation:
QUESTION NO: 11
Juniper JN0-643 Exam Which three attributes must a BGP update contain? (Choose three.) A. next-hop B. MED C. origin D. AS-path E. local preference Answer: A,C,D Explanation:
QUESTION NO: 12 You must configure your access switch with more than 3000 VLANs and you want the ability to load-balance across them. Which spanning-tree approach has the least impact on control-plane performance? A. Configure your access switch with a load-balancing policy and apply it under [edit protocols rstp]. B. Configure your access switch for Rapid-PVST+. C. Configure your access switch for MSTP, incorporating the use of MSTIs. D. Configure your access switch for both VSTP and RSTP. Answer: C Explanation:
QUESTION NO: 13 You are implementing MSTP in your network. Which three values must match on all switches within the MST region? (Choose three) A. Context identifier B. Region name C. VLANs D. Revision E. Configuration manifest
Juniper JN0-643 Exam Answer: B,C,D Explanation:
QUESTION NO: 14 You have been asked to implement a private VLAN with two community VLANs. This private VLAN will be confined to a single switch in your Layer 2 network. This private VLAN, along with other VLANs configured on the switch, will require gateway services provided through a connected router. Which statement about this deployment is true? A. All isolated ports must be configured as trunk ports. B. A minimum of one promiscuous trunk port is required. C. Both community VLANs must have an assigned VLAN IDs. D. A minimum of one private VLAN trunk port is required. Answer: B Explanation:
QUESTION NO: 15 During the BGP route-resolution process, the Junos OS must calculate the appropriate next-hop based on the BGP protocol next-hop attribute. Which two routing tables are checked during this process in a default Junos configuration? (Choose two.) A. inet.0 B. inet.1 C. inet.2 D. inet.3 Answer: A,D Explanation:
QUESTION NO: 16 "Pass Any Exam. Any Time." - www.actualtests.com 7
Juniper JN0-643 Exam You have a requirement for a device to provide 20 W of power over Ethernet. What meets this requirement? A. Bond two standard PoE ports together to achieve 30.8 W of power. B. Install an external redundant power supply in the switch to increase the total power load. C. Select a switch that has PoE+ support. D. Enable LLDP-MED to transfer power from other switches. Answer: C Explanation:
QUESTION NO: 17 R1 has an OSPF adjacency with R2 over a point-to-point link. Which three statements about the advertisements for this link in the Type 1 (Router) LSA generated by R1 are true? (Choose three.) A. It has a value in the link ID field with R2's interface IP address. B. It has a value in the link ID field with R2's router ID. C. It has a link-type of point-to-point (Type 1). D. It has a link-type of Transit (Type 2). E. It has a link-type of stub (Type 3). Answer: B,D,E Explanation:
QUESTION NO: 18 What is the significance of the multicast address range 224.0.0.1 through 224.0.0.254? A. They have link-local scope. B. They have administrative region scope. C. They are reserved for future use. D. They have a scope of two or more hops from a router. Answer: A Explanation:
Juniper JN0-643 Exam
QUESTION NO: 19 You must prioritize VoIP packets on your network. Which feature will accomplish this goal? A. RSVP B. Multicast Routing C. VPLS D. Class of Service Answer: C Explanation:
QUESTION NO: 20 You notice that a number of IGMP leave group messages are passing through a BMA network and are impacting the network's performance. What would you do to resolve this issue without affecting multicast traffic? A. Apply an import policy to control leave group messages. B. Suppress group-specific queries. C. Suppress generic IGMP queries. D. Enable promiscuous-mode in IGMP. Answer: B Explanation:
QUESTION NO: 21 A network administrator is configuring CoS on a switch and assigns forwarding classes call-sig and critical to the same queue number per the configuration below: class-of-service {
Juniper JN0-643 Exam forwarding-classes { class best-effort queue-num 0; class bulk-data queue-num 1; class critical queue-num 3; class voice queue-num 6; class call-sig queue-num 3; } } Based on the configuration, which option prioritizes call-sig traffic over critical traffic? A. Assign call-sig and critical to different schedulers. B. Assign call-sig and critical to different scheduler maps. C. Assign a loss priority of high to the packets in the critical forwarding class and configure drop profiles in the scheduler configuration. D. Assign a loss priority of high to the packets in the critical forwarding class and set priority high in the scheduler configuration. Answer: C Explanation:
QUESTION NO: 22 A Layer 2 transparent firewall separates two OSPFv3 routers. For the two OSPFv3 routers to form an adjacency, which protocol must be permitted on the firewall? A. IPv4 protocol 89 B. IPv6 protocol 89 C. TCP port 89 D. UDP port 89 Answer: B Explanation:
10
Juniper JN0-643 Exam QUESTION NO: 23 In MSTP, which two factors determine the root bridge in each region? (Choose two.) A. The switch with the higher priority becomes the root bridge. B. The switch with the lower priority becomes the root bridge. C. The switch with the lower MAC address becomes the root bridge when priorities are tied. D. The switch with the higher MAC address becomes the root bridge when priorities are tied. Answer: B,C Explanation:
QUESTION NO: 24 Which two LSA types are only generated by an ABR router? (Choose two.) A. ASBR summary LSA (Type 4) B. ASBR LSA (Type 5) C. Summary LSA (Type 3) D. Router LSA (Type 1) Answer: A,C Explanation:
QUESTION NO: 25 Which two statements about MVRP on EX Series switches are true? (Choose two.) A. MVRP can add VLANs on access interfaces. B. MVRP can add VLANs on trunk interfaces. C. MVRP adds VLANs on MVRP-enabled interfaces by default. D. MVRP is in transparent mode on MVRP-enabled interfaces by default. Answer: B,C Explanation:
QUESTION NO: 26
11
Juniper JN0-643 Exam A company's security policy does not allow outside computers or smart phones into their work areas. All company-provided computers are strictly controlled using 802.1X authentication on all of their switches. All computers obtain DHCP IP addresses from centralized servers and all switches have IP spoofing enabled. However, one of the computers was able to send IP spoofed packets. Why did the IP spoof feature fail to prevent the spoofed packets from being forwarded? A. The IP source guard database timeout was set too low. B. The DHCP snooping feature was not enabled on any of the switches. C. IP source guard does not prevent IP spoof attacks; you need to configure the Dynamic ARP Inspection feature. D. 802.1X feature was not enabled on the port that was directly connected to the infected computer. Answer: B Explanation:
QUESTION NO: 27 What is a valid router ID configuration for OSPFv3 in the Junos OS? A. set routing-options router-id 2001:1:2::1 B. set protocols ospf3 router-id fe80:223:2887:ab31::1 C. set routing-options router-id 224.1.0.1 D. set protocols ospf3 router-id 10.8.3.9 Answer: C Explanation:
QUESTION NO: 28 You are setting up a new switch in your network that is using MSTP. You have configured all access ports as edge ports, and you want to make sure that the access ports can never transition to nonedge ports. How can you meet this requirement? A. Configure the interfaces as shared. B. Configure the hello-time option as zero.
12
Juniper JN0-643 Exam C. Configure the interfaces as a no-root-port. D. Configure bpdu-block-on-edge. Answer: D Explanation:
QUESTION NO: 29 When using PIM-SM in ASM mode, which two events trigger the creation of a shortest-path tree? (Choose two.) A. Multicast traffic received at the receiver's designated router (DR). B. PIM join received at the receiver's designated router (DR). C. PIM join received at the source designated router (DR). D. PIM registers received by the rendezvous point (RP). Answer: A,D Explanation:
QUESTION NO: 30 A coffee shop offering free Internet service to customers wants to implement the following security policies: 1. Every customer must agree to a set of terms and conditions before accessing the Internet. 2. Log out customers that are logged in for more than one hour. 3. Log out customers that are idle for more than 5 minutes. 4. Authenticate employee desktop computers with known hardware addresses in the office of the coffee shop to access the Internet without the above restrictions. The following configuration has been applied to the switch: set access radius-server 172.16.14.26 port 1812 set access radius-server 172.16.14.26 secret Am@zingC00f33 set access profile dot1x authentication-order radius set access profile dot1x radius authentication-server 172.27.14.226
What would you add to implement these policies?
13
Juniper JN0-643 Exam A. set protocols dot1x authenticator interface ge-0/0/12.0 supplicant multiple set protocols dot1x authenticator interface ge-0/0/12.0 mac-radius set protocols dot1x authenticator authentication-profile-name dot1x set services captive-portal authentication-profile-name dot1x set services captive-portal interface ge-0/0/12.0 set services captive-portal secure-authentication https set services captive-portal custom-options header-message Welcome to Our Coffee Shop set services captive-portal custom-options banner-message Terms and Conditions of Use" B. set protocols dot1x authenticator interface ge-0/0/12.0 supplicant multiple set protocols dot1x authenticator authentication-profile-name dot1x set services captive-portal authentication-profile-name dot1x set services captive-portal interface ge-0/0/12.0 set services captive-portal secure-authentication https set services captive-portal custom-options header-message Welcome to Our Coffee Shop set services captive-portal custom-options banner-message Terms and Conditions of Use" C. set protocols dot1x authenticator interface ge-0/0/12.0 supplicant multiple set protocols dot1x authenticator interface ge-0/0/12.0 mac-radius set protocols dot1x authenticator authentication-profile-name dot1x set services captive-portal authentication-profile-name dot1x set services captive-portal interface ge-0/0/12.0 set services captive-portal interface ge-0/0/12.0 idle-timeout 300 set services captive-portal interface ge-0/0/12.0 user-timeout 3600 set services captive-portal secure-authentication https set services captive-portal custom-options header-message Welcome to Our Coffee Shop set services captive-portal custom-options banner-message Terms and Conditions of Use" D. set protocols dot1x authenticator interface ge-0/0/12.0 supplicant multiple set protocols dot1x authenticator interface ge-0/0/12.0 mac-radius set protocols dot1x authenticator interface ge-0/0/12.0 idle-timeout 300 set protocols dot1x authenticator interface ge-0/0/12.0 user-timeout 3600 set protocols dot1x authenticator authentication-profile-name dot1x set services captive-portal authentication-profile-name dot1x set services captive-portal interface ge-0/0/12.0 set services captive-portal secure-authentication https set services captive-portal custom-options header-message Welcome to Our Coffee Shop set services captive-portal custom-options banner-message Terms and Conditions of Use" Answer: A Explanation:
QUESTION NO: 31 What is an IP multicast routing protocol? A. RSVP "Pass Any Exam. Any Time." - www.actualtests.com 14
Juniper JN0-643 Exam B. OSPF C. PIM D. CDP Answer: A Explanation:
QUESTION NO: 32 Which version of BGP would an enterprise use to peer with an ISP? A. Confederation BGP B. External BGP C. Internal BGP D. Labeled-Unicast Answer: C Explanation:
QUESTION NO: 33 You are setting up a new switch in your network that is using MSTP. You want to make sure that any port connected to a host starts forwarding traffic immediately. How can you meet this requirement? A. Configure the interfaces as point-to-point. B. Configure the interfaces as edge. C. Configure the forward-delay option as zero. D. Configure the interfaces as shared. Answer: B Explanation:
QUESTION NO: 34 You have been asked to implement 802.1X in your network and to ensure that all authorized users continue to be permitted should the RADIUS server fail. "Pass Any Exam. Any Time." - www.actualtests.com 15
Juniper JN0-643 Exam Which solution will satisfy this requirement? A. Implement the persistent MAC feature with the override option. B. Implement the server fail fallback feature with the use-cache option. C. Implement the persistent MAC feature with the use-cache option. D. Implement the server fail fallback feature with the override option. Answer: B Explanation:
QUESTION NO: 35 How does an administrator block IGMP reports for the 239.0.0.0/8 group range? A. Create a routing policy and apply it to IGMP using the group-policy feature. B. Create a routing policy and apply it to IGMP using the report-policy feature. C. Create a routing policy and apply it to IGMP as export. D. Create a routing policy and apply it to IGMP as import. Answer: A Explanation:
QUESTION NO: 36 You have been asked to implement a private VLAN with two community VLANs. This private VLAN must span multiple switches in your Layer 2 network. Which two statements about this deployment are true? (Choose two.) A. All isolated ports must be configured as trunk ports. B. A minimum of one promiscuous trunk port is required. C. Both community VLANs must have assigned VLAN IDs. D. A minimum of one private VLAN trunk port is required. Answer: C,D Explanation:
16
Juniper JN0-643 Exam QUESTION NO: 37 Which configuration parameter causes a router to ignore router ID and peer ID from the BGP route selection algorithm? A. multihop B. as-path loops C. multipath D. next-hop self Answer: C Explanation:
QUESTION NO: 38 If your WAN-edge router is multihomed to different ISPs, which two BGP attributes would you modify to affect outbound traffic? (Choose two.) A. MED B. origin C. local preference D. community Answer: B,C Explanation:
QUESTION NO: 39 A medium-sized enterprise has some devices that are 802.1X capable and some that are not. Any device that fails authentication must be provided limited access through a VLAN called NONAUTH. How do you provide this access? A. Configure NONAUTH VLAN as the guest VLAN. B. Configure NONAUTH VLAN as the server-reject VLAN. C. Configure NONAUTH VLAN as the guest VLAN and the server-reject VLAN. D. Configure a separate VLAN for each type of user: 802.1X and non-802.1X. Answer: C "Pass Any Exam. Any Time." - www.actualtests.com 17
Juniper JN0-643 Exam Explanation:
QUESTION NO: 40 When using PIM-SM in SSM mode, which event triggers the creation of a shortest-path tree? A. Multicast traffic received at the receiver's designated router (DR). B. An IGMPv3 report received at the receiver's designated router (DR). C. Multicast traffic received at the rendezvous point (RP). D. An IGMPv3 report received at the source's designated router (DR). Answer: B Explanation:
QUESTION NO: 41 Which statement regarding LLDP update messages is correct? A. Updates can be secured using the MD5 algorithm. B. Updates are advertised every 60 seconds by default. C. Updates require bidirectional communication. D. Updates can be triggered by local changes. Answer: D Explanation:
QUESTION NO: 42 When 802.1X, MAC-RADIUS, and Captive Portal are enabled on an interface, which authentication sequence occurs? A. The authentication sequence is based on the order of the configuration. B. If MAC-RADIUS is rejected, Captive Portal will start. If Captive portal is timed out, 802.1X will start. C. If 802.1X times out, then MAC-RADIUS will start. If MAC-RADIUS is timed out by the RADIUS server, then Captive Portal will start. D. If 802.1X times out, then MAC-RADIUS will start. If MAC-RADIUS is rejected by the RADIUS server, then Captive Portal will start. "Pass Any Exam. Any Time." - www.actualtests.com 18
Juniper JN0-643 Exam Answer: D Explanation:
QUESTION NO: 43 You are troubleshooting a problem on interface ge-0/0/3. Which command shows statistics in real time? A. show interfaces statistics B. monitor interface statistics ge-0/0/3 C. monitor interface traffic D. monitor traffic interface ge-0/0/3 Answer: C Explanation:
QUESTION NO: 44 Which CoS component helps with TCP global synchronization problems? A. WRR with rewrite rules B. WRED with drop profiles C. tail drop profiles with a behavior aggregate classifier D. exact term with a scheduler Answer: B Explanation:
QUESTION NO: 45 You want to control bursts of HTTP traffic entering your SRX Series Gateway. To support varying requirements, interfaces ge-0/0/0 through ge-0/0/3 should each be rate-limited separately, using the same parameters. What is the correct way to meet these requirements?
19
Juniper JN0-643 Exam A. Configure a single policer and apply it directly on the appropriate interfaces. B. Configure four policers and apply each one directly on the appropriate interface. C. Configure a policer and reference it in a firewall filter that uses the interface-specific option; apply the filter to the appropriate interfaces. D. Configure four policers and reference them all in a firewall filter; apply the filter to the appropriate interfaces. Answer: C Explanation:
QUESTION NO: 46 You are configuring BGP peering with a neighboring AS. Multiple physical links exist between your edge router and the neighboring edge router, and you want a configuration that supports the highest degree of redundancy. How can you implement this scenario? A. Configure multiple peerings between the routers physical interfaces. B. Use the multipath feature. C. Configure multiple peerings between the routers logical interfaces. D. Use the multihop feature. Answer: D Explanation:
QUESTION NO: 47 An OSPF router is an ABR but not an ASBR. Which three types of LSAs would you expect this router to generate? (Choose three.) A. Type 1 LSA B. Type 3 LSA C. Type 4 LSA D. Type 5 LSA E. Type 6 LSA Answer: A,B,C Explanation: "Pass Any Exam. Any Time." - www.actualtests.com 20
QUESTION NO: 48 -- Exhibit -user@R1> show configuration protocols pim rp local { address 192.168.3.1; } auto-rp discovery; static { address 192.168.5.1; } user@R1> show route 192.168.0.0/16 inet.0: 18 destinations, 21 routes (18 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.2.1/32 *[Direct/0] 3w4d 04:58:14 > via lo0.0 192.168.5.1/32 *[OSPF/10] 00:52:25, metric 1 > via lt-0/0/0.0 192.168.10.1/32 *[OSPF/10] 00:48:06, metric 1 > via lt-0/0/0.2 192.168.50.1/32 *[OSPF/10] 00:48:06, metric 1 > via lt-0/0/0.4 -- Exhibit -Click the Exhibit button. "Pass Any Exam. Any Time." - www.actualtests.com 21
Juniper JN0-643 Exam Router R1 in the exhibit is receiving auto-RP announce messages specifying an RP of 192.168.10.1 and BSR messages specifying an RP-set with an RP of 192.168.50.1. Which address will R1 use as the RP for traffic destined to the 224.1.1.1 multicast group? A. 192.168.3.1 B. 192.168.5.1 C. 192.168.10.1 D. 192.168.50.1 Answer: D Explanation:
QUESTION NO: 49 -- Exhibit
-- Exhibit --
22
Juniper JN0-643 Exam Click the Exhibit button. In the exhibit, customers connected to Area 3 must have access to external prefixes received from the data center connected to the router in Area 1. These configurations are currently applied to the routers in Area 1: {master:0}[edit] user@Area-1-ABR# show protocols ospf no-nssa-abr; area 0.0.0.1 { nssa; interface ge-1/1/1.100; } {master:0}[edit] user@Area-1-External# show protocols ospf area 0.0.0.1 { stub no-summaries; interface ge-1/1/1.100; } What must you change for these configurations to work? A. Configure the ABR router in Area 1 to support a virtual link. B. Delete no-summary-lsa from the ABR router in Area 1. C. Configure the external router in Area 1 for NSSA. D. Configure the ABR in Area 1 for a default LSA with a default-metric of 10 and no-summaries. Answer: C Explanation:
QUESTION NO: 50 -- Exhibit -"Pass Any Exam. Any Time." - www.actualtests.com 23
Juniper JN0-643 Exam 20.0.0.0/8 *[BGP/170] 01:10:38, localpref 100, from 10.0.0.1 AS path: 100 I > to 15.0.0.2 via ge-0/0/0.0 [BGP/170] 00:00:59, localpref 100 AS path: 100 ? > to 35.0.0.2 via ge-0/0/1.0 -- Exhibit -Click the Exhibit button. Referring to the output in the exhibit, why does the router prefer the path toward interface ge0/0/0.0 for the 20.0.0.0/8 route? A. The origin is IGP. B. The origin is unknown. C. The AS path is longer. D. Multihop is enabled. Answer: A Explanation:
QUESTION NO: 51 -- Exhibit -Group: 239.1.1.1 Source: 10.255.70.15 Flags: sparse,spt Upstream interface: so-1/0/0.0 Upstream neighbor: 10.111.10.2 Upstream state: Local RP, Join to Source Keepalive timeout: 344 Downstream neighbors: "Pass Any Exam. Any Time." - www.actualtests.com 24
Juniper JN0-643 Exam Interface: Pseudo-GMP fe-0/0/0.0 fe-0/0/1.0 fe-0/0/3.0 Interface: so-1/0/0.0 (pruned) 10.111.10.2 State: Prune Flags: SR Timeout: 174 Interface: mt-1/1/0.32768 10.10.47.100 State: Join Flags: S Timeout: Infinity -- Exhibit -Click the Exhibit button. Referring to the exhibit, which two statements are true? (Choose two.) A. The router has pruned the RPT. B. The router has pruned the SPT only. C. The router has pruned the RPT only. D. The router has pruned the SPT. Answer: A,D Explanation:
QUESTION NO: 52 -- Exhibit -user@switch# run show spanning-tree statistics interface ge-0/0/0 STP interface statistics for VLAN 10 Interface BPDUs sent BPDUs received Next BPDU transmission ge-0/0/0.0 170 3 0 STP interface statistics for VLAN 20 Interface BPDUs sent BPDUs received Next BPDU
25
Juniper JN0-643 Exam transmission ge-0/0/0.0 171 3 0 -- Exhibit -Click the Exhibit button. Based on the exhibit, which spanning-tree protocol is running on ge-0/0/0? A. VSTP B. MSTP C. RSTP D. PVST Answer: A Explanation:
-- Exhibit -Click the Exhibit button. Given the topology in the exhibit, which two statements related to the Q-in-Q tunneling implementation are true? (Choose two.) A. The ge-0/0/0 interface on Provider Bridge A must be configured as an access port. B. The ge-0/0/0 interface on Provider Bridge A must be configured as a trunk port. "Pass Any Exam. Any Time." - www.actualtests.com 26
Juniper JN0-643 Exam C. Provider Bridge B will make forwarding decisions using a MAC table associated with VLAN ID 100. D. Provider Bridge B will make forwarding decisions using a MAC table associated with VLAN ID 200. Answer: A,D Explanation:
-- Exhibit -Click the Exhibit button. You are implementing Q-in-Q tunneling to connect R1 and R2 using the configurations shown in the exhibit. What must be changed on Switch_A to allow both Dot1q-tunneling VLANs and non-Dot1qtunneling VLANs on the same trunk interface? A. Change the Dot1q-tunneling Ethertype to 0x9100.
27
Juniper JN0-643 Exam B. Change the Dot1q-tunneling Ethertype to 0x88a8. C. Change the Dot1q-tunneling Ethertype to 0x8100. D. Change the Dot1q-tunneling Ethertype to 0x98a8. Answer: C Explanation:
-- Exhibit -Click the Exhibit button. In the exhibit, Host2 is the only host currently joining group 231.1.1.1, but S1 is still flooding the traffic to all hosts on VLAN 100. What feature can be configured on S1 to limit the multicast flooding of traffic to only interested hosts on VLAN 100? A. Multicast scoping B. IGMP snooping C. Multicast VLAN registration D. IGMP immediate leave Answer: B Explanation:
28
QUESTION NO: 56 -- Exhibit -{master:0}[edit] user@switch# show protocols vstp vlan 100; {master:0}[edit] user@switch# run show spanning-tree bridge STP bridge parameters Context ID : 1 Enabled protocol : RSTP STP bridge parameters for VLAN 100 Root ID : 32868.50:c5:8d:ae:94:80 Hello time : 2 seconds Maximum age : 20 seconds Forward delay : 15 seconds Message age : 0 Number of topology changes : 0 Local parameters Bridge ID : 32868.50:c5:8d:ae:94:80 Extended system ID : 1 Internal instance ID : 0 {master:0}[edit] user@switch# run show spanning-tree interface
29
Juniper JN0-643 Exam {master:0}[edit] user@switch# -- Exhibit -Click the Exhibit button. Based on the output shown in the exhibit, why is VSTP not working for VLAN 100? A. No interfaces are assigned to VLAN 100. B. Your MSTI is misconfigured. C. RSTP is configured in addition to VSTP. D. No native VLAN is configured. Answer: A Explanation:
-- Exhibit --
30
Juniper JN0-643 Exam Click the Exhibit button. Referring to the exhibit, what is the correct RPF path toward the multicast source from R6? A. R6-R5 B. R6-R7-R4-R5 C. R6-R4-R5 D. R6-R4-R3-R2-R5 Answer: A Explanation:
QUESTION NO: 58 -- Exhibit -{master:0}[edit] user@switch# show ethernet-switching-options voip interface ge-0/0/16.0 { vlan phones; } {master:0}[edit] user@switch# show interfaces ge-0/0/16 unit 0 { family ethernet-switching { port-mode access; vlan { members internet; } } }
31
Juniper JN0-643 Exam {master:0}[edit] user@switch# show vlans hr { vlan-id 513; } internet { vlan-id 15; } phones { vlan-id 25; } servers { vlan-id 30; } {master:0}[edit] user@switch# show interfaces ge-0/0/23 description uplink; unit 0 { family ethernet-switching { port-mode trunk; vlan { members [ hr internet ]; } } } -- Exhibit --
32
Juniper JN0-643 Exam Click the Exhibit button. You have recently implemented a Layer 2 network designed to support VoIP. Users have reported that they cannot use their IP phones to make calls. Based on the switch configuration shown in the exhibit, which command will resolve this issue? A. set interfaces ge-0/0/23 unit 0 family ethernet-switching vlan members phones B. set interfaces ge-0/0/16 unit 0 family ethernet-switching port-mode trunk C. set ethernet-switching-options voip interface ge-0/0/23 vlan phones D. set vlans phones vlan-id 513 Answer: A Explanation:
-- Exhibit -Click the Exhibit button. Based on the SPF calculation in the exhibit, what is the shortest path to reach R3 from R1? A. R2-R3 B. R2-R5-R4 "Pass Any Exam. Any Time." - www.actualtests.com 33
Juniper JN0-643 Exam C. R3 D. R2-R4 Answer: C Explanation:
QUESTION NO: 60 -- Exhibit -Mar 16 18:39:15.800390 BGP RECV 172.14.10.2+57785 -> 172.14.10.1+179 Mar 16 18:39:15.800932 BGP RECV message type 1 (Open) length 59 Mar 16 18:39:15.800995 BGP RECV version 4 as 2 holdtime 90 id 192.168.5.1 parmlen 30 Mar 16 18:39:15.801064 BGP RECV MP capability AFI=2, SAFI=1 Mar 16 18:39:15.801112 BGP RECV Refresh capability, code=128 Mar 16 18:39:15.801172 BGP RECV Refresh capability, code=2 Mar 16 18:39:15.801224 BGP RECV Restart capability, code=64, time=120, flags= Mar 16 18:39:15.801289 BGP RECV 4 Byte AS-Path capability (65), as_num 2 Mar 16 18:39:15.801705 advertising receiving-speaker only capabilty to neighbor 172.14.10.2 (External AS 2) Mar 16 18:39:15.801787 bgp_send. sending 59 bytes to 172.14.10.2 (External AS 2) Mar 16 18:39:15.801845 Mar 16 18:39:15.801845 BGP SEND 172.14.10.1+179 -> 172.14.10.2+57785 Mar 16 18:39:15.801933 BGP SEND message type 1 (Open) length 59 Mar 16 18:39:15.801991 BGP SEND version 4 as 1 holdtime 90 id 192.168.2.1 parmlen 30 Mar 16 18:39:15.802054 BGP SEND MP capability AFI=1, SAFI=1 Mar 16 18:39:15.802115 BGP SEND Refresh capability, code=128 Mar 16 18:39:15.802176 BGP SEND Refresh capability, code=2 Mar 16 18:39:15.802227 BGP SEND Restart capability, code=64, time=120, flags= Mar 16 18:39:15.802292 BGP SEND 4 Byte AS-Path capability (65), as_num 1
34
Juniper JN0-643 Exam Mar 16 18:39:15.802615 bgp_process_caps: mismatch NLRI with 172.14.10.2 (External AS 2): peer: <inet6-unicast>(16) us: <inet-unicast>(1) Mar 16 18:39:15.802763 bgp_process_caps:2561: NOTIFICATION sent to 172.14.10.2 (External AS 2): code 2 (Open Message Error) subcode 7 (unsupported capability) value 1 Mar 16 18:39:15.802913 bgp_sens: sending 23 bytes to 172.14.10.2 (External AS 2) Mar 16 18:39:15.802969 Mar 16 18:39:15.802969 BGP SEND 172.14.10.1+179 -> 172.14.10.2+57785 Mar 16 18:39:15.803057 BGP SEND message type 3 (Notification) length 23 Mar 16 18:39:15.803113 BGP SEND Notification code 2 (Open Message Error) subcode 7 (unsupported capability) Mar 16 18:39:15.803179 BGP SEND Data (2 bytes): 00 01 -- Exhibit -Click the Exhibit button. Looking at the traceoptions output in the exhibit, why is the BGP neighbor not in Established state? A. BGP refresh is not supported. B. There is a router ID mismatch. C. IPv6 is not supported on the local peer. D. The peer AS number is misconfigured. Answer: C Explanation:
35
-- Exhibit -Click the Exhibit button. In the exhibit, which statement about the ABR between Area 8 and Area 2 is true? A. The router has connectivity to all areas. B. The router has connectivity to Area 8 only. C. The router has connectivity to Area 2 only. D. The router has connectivity to all routers in Area 8 and Area 2. Answer: D Explanation:
QUESTION NO: 62 -- Exhibit -user@router> show class-of-service scheduler-map two Scheduler map: two, Index: 56974 "Pass Any Exam. Any Time." - www.actualtests.com 36
Juniper JN0-643 Exam Scheduler: sch-best-effort, Forwarding class: best-effort, Index: 26057 Transmit rate: 1 percent, Rate Limit: exact, Buffer size: remainder, Buffer Limit: exact, Priority: low Excess Priority: unspecified Drop profiles: Loss priority Protocol Index Name Low any 1 <default-drop-profile> Medium low any 1 <default-drop-profile>
Medium high any 1 <default-drop-profile> High any 1 <default-drop-profile>
Scheduler: sch-expedited-forwarding, Forwarding class: expedited-forwarding, Index: 10026 Transmit rate: 1 percent, Rate Limit: none, Buffer size: 1 percent, Buffer Limit: none, Priority: high Excess Priority: unspecified Drop profiles: Loss priority Protocol Index Name Low any 1 <default-drop-profile> Medium low any 1 <default-drop-profile>
Medium high any 1 <default-drop-profile> High any 1 <default-drop-profile>
user@router> show interfaces ge-0/0/1 extensive | find "CoS Information" CoS information: "Pass Any Exam. Any Time." - www.actualtests.com 37
Juniper JN0-643 Exam Direction : Output CoS transmit queue Bandwidth Buffer Priority Limit % bps % usec 0 best-effort 1 10000000 r 0 low exact 1 expedited-forwarding 1 10000000 1 0 high none Logical interface ge-0/0/1.823 (Index 74) (SNMP ifIndex 506) (Generation 139) Flags: SNMP-Traps 0x4000 VLAN-Tag [ 0x8100.823 ] Encapsulation: ENET2 Traffic statistics: Input bytes : 1820224529 Output bytes : 6505980 Input packets: 1436371 Output packets: 75905 (... output truncated ...) user@router> show interfaces ge-0/0/1 extensive | find "Queue Counters" Queue counters: Queued packets Transmitted packets Dropped packets 0 best-effort 1343970 1343970 7105 1 expedited-fo 53987 53987 0 2 assured-forw 0 0 0 3 network-cont 0 0 0 "Pass Any Exam. Any Time." - www.actualtests.com 38
Juniper JN0-643 Exam Queue number: Mapped forwarding classes 0 best-effort 1 expedited-forwarding 2 assured-forwarding 3 network-control Active alarms : None Active defects : None (... output truncated ...) -- Exhibit -Click the Exhibit button. Based on the configuration in the exhibit, why are you seeing drops in the best-effort queue on the SRX Series platform? A. The drop-profile fill level is set too low. B. Packets are dropped by a firewall policy. C. The best-effort queue is being shaped. D. The scheduler is not being applied correctly. Answer: C Explanation:
QUESTION NO: 63 -- Exhibit -[edit protocols bgp] user@router# show group ext-peer2 { type external; peer-as 1;
39
Juniper JN0-643 Exam neighbor 192.168.2.1; } [edit protocols bgp] user@router# run show route 192.168.2.1 inet.0: 9 destinations, 10 routes (7 active, 0 holddown, 2 hidden) + = Active Route, - = Last Active, * = Both 192.168.2.1/32 *[Static/5] 00:01:56 > to 172.14.10.1 via ge-0/0/1.0 [edit protocols bgp] user@router# run show bgp summary Groups: 1 Peers: 1 Down peers: 1 Table Tot Paths Act Paths Suppressed History Damp State Pending inet.0 0 0 0 0 0 0 inet6.0 0 0 0 0 0 0 Peer AS InPkt OutPkt OutQ Flaps Last Up/Dwn State|#Active/Received/Accepted/Damped... 192.168.2.1 1 0 0 0 0 14 Idle -- Exhibit -Click the Exhibit button. Looking at the output in the exhibit, why is the BGP neighbor not in Established state? A. BGP Refresh is not supported. B. Multihop is not configured. C. The peer address is not reachable. D. Authentication is configured. Answer: B Explanation:
40
QUESTION NO: 64 -- Exhibit -user@SwitchA# show protocols dot1x authenticator { authentication-profile-name dot1x; interface { ge-0/0/0.0 { supplicant single; } ge-0/0/1.0 { supplicant single-secure; } ge-0/0/2.0 { supplicant multiple; } } } {master:0}[edit] user@SwitchA# show access radius-server { 172.27.14.226 { port 1812; secret "$9$vqs8xd24Zk.5bs.5QFAtM8X"; ## SECRET-DATA } } "Pass Any Exam. Any Time." - www.actualtests.com 41
Juniper JN0-643 Exam profile dot1x { authentication-order radius; radius { authentication-server 172.27.14.226; accounting-server 172.27.14.226; } accounting { order radius; immediate-update; } } {master:0}[edit] user@SwitchA# -- Exhibit -Click the Exhibit button. Referring to the exhibit, which three statements describe correct behavior of Switch A? (Choose three.) A. Switch A allows complete access to all users connected to port ge-0/0/2 that log in with their correct user credentials. B. Switch A allows complete access to all users connected to port ge-0/0/0 that log in with their correct user credentials. C. Switch A allows complete access to the second user that connects to port ge-0/0/1 with its correct credentials only after the first user logs out. D. Switch A allows complete access to all users connected to port ge-0/0/0 without authentication after the first user has logged in with its correct user credentials. E. Switch A allows complete access to all users connected to port ge-0/0/1 that securely log in using HTTPS with their correct user credentials. Answer: A,C,D Explanation:
42
QUESTION NO: 65 -- Exhibit -Mar 16 17:48:06.145257 OSPF periodic xmit from 172.14.10.1 to 224.0.0.5 (IFL 69 area 0.0.0.1) Mar 16 17:48:12.404986 ospf_trigger_build_telink_lsas : No peer found Mar 16 17:48:13.013420 ospf_trigger_build_telink_lsas : No peer found Mar 16 17:48:13.013555 ospf_set_lsdb_state: Router LSA 192.168.2.1 adv-rtr 192.168.2.1 state QUIET->GEN_PENDING Mar 16 17:48:13.013661 OSPF trigger router LSA 0x156d0f0 build for area 0.0.0.1 lsa-id 192.168.2.1 Mar 16 17:48:13.017494 ospf_set_lsdb_state: Router LSA 192.168.2.1 adv-rtr 192.168.2.1 state GEN_PENDING->QUIET Mar 16 17:48:13.017636 OSPF built router LSA, area 0.0.0.1, link count 2 Mar 16 17:48:13.017954 OSPF sent Hello 172.14.10.1 -> 224.0.0.5 (ge-0/0/1.0 IFL 69 area 0.0.0.1) Mar 16 17:48:13.018023 Version 2, length 44, ID 192.168.2.1, area 0.0.0.1 Mar 16 17:48:13.018111 mask 255.255.255.0, hello_ivl 10, opts 0x2, prio 128 Mar 16 17:48:13.018162 dead_ivl 40, DR 172.14.10.1, BDR 0.0.0.0 Mar 16 17:48:13.018613 OSPF DR is 192.168.2.1, BDR is 0.0.0.0 Mar 16 17:48:13.018900 OSPF sent Hello 172.14.10.1 -> 224.0.0.5 (ge-0/0/1.0 IFL 69 area 0.0.0.1) Mar 16 17:48:13.018968 Version 2, length 44, ID 192.168.2.1, area 0.0.0.1 Mar 16 17:48:13.019032 mask 255.255.255.0, hello_ivl 10, opts 0x2, prio 128 Mar 16 17:48:13.019118 dead_ivl 40, DR 172.14.10.1, BDR 0.0.0.0 Mar 16 17:48:13.028426 OSPF DR is 192.168.2.1, BDR is 0.0.0.0 Mar 16 17:48:13.432025 OSPF packet ignoreD. area mismatch (0.0.0.0) from 172.14.10.2 on intf ge-0/0/1.0 area 0.0.0.1 Mar 16 17:48:13.432135 OSPF rcvd Hello 172.14.10.2 -> 224.0.0.5 (ge-0/0/1.0 IFL 69 area 0.0.0.1)
43
Juniper JN0-643 Exam Mar 16 17:48:13.432189 Version 2, length 44, ID 192.168.5.1, area 0.0.0.0 Mar 16 17:48:13.432274 checksum 0x8065, authtype 0 Mar 16 17:48:13.432346 mask 255.255.255.0, hello_ivl 10, opts 0x2, prio 128 Mar 16 17:48:13.432398 dead_ivl 40, DR 172.14.10.2, BDR 0.0.0.0 commit complete -- Exhibit -Click the Exhibit button. Looking at the traceoptions output in the exhibit, why are the OSPF routers stuck in Init state? A. There is an MTU mismatch. B. There is a network mask mismatch. C. The routers are in different areas. D. No BDR has been elected. Answer: C Explanation:
QUESTION NO: 66 -- Exhibit --- Exhibit -Click the Exhibit button. A customer is trying to configure a router to peer using EBGP to a neighbor. As shown in the exhibit, two links are being used for this configuration. The goal of this configuration is to loadbalance traffic across both EBGP links. Which configuration accomplishes this goal? A. {master:0}[edit] user@router# show protocols bgp group External { multihop; local-address 192.168.2.1; peer-as 65532; "Pass Any Exam. Any Time." - www.actualtests.com 44
Juniper JN0-643 Exam neighbor 10.10.2.2; neighbor 10.20.2.2; } {master:0}[edit] user@router# show routing-options static { route 192.168.5.1/32 next-hop 192.168.2.1; } autonomous-system 65432; B. {master:0}[edit] user@router# show protocols bgp group External { multihop; local-address 192.168.2.1; peer-as 65532; neighbor 192.168.5.1; } {master:0}[edit] user@router# show routing-options static { route 192.168.5.1/32 next-hop [ 10.10.2.2 10.20.2.2 ]; } autonomous-system 65432; forwarding-table { export load-balance; } {master:0}[edit] user@router# show policy-options policy-statement load-balance term balance { then { load-balance per-packet; accept; } } C. {master:0}[edit] user@router# show protocols bgp group External { multi-path; local-address 192.168.2.1; peer-as 65532; neighbor 192.168.5.1; } {master:0}[edit] user@router# show routing-options static { route 192.168.5.1/32 next-hop [ 10.10.2.2 10.20.2.2 ]; } "Pass Any Exam. Any Time." - www.actualtests.com 45
Juniper JN0-643 Exam autonomous-system 65432; D. {master:0}[edit] user@router# show protocols bgp group External { multipath; local-address 192.168.2.1; peer-as 65532; neighbor 10.10.2.2; neighbor 10.20.2.2; } {master:0}[edit] user@router# show routing-options static { route 192.168.5.1/32 next-hop 192.168.2.1; } autonomous-system 65432; Answer: B Explanation:
-- Exhibit -Click the Exhibit button. In the exhibit, R5 is receiving five 200.1.1.x routes from the RIP router, and is advertising them into "Pass Any Exam. Any Time." - www.actualtests.com 46
Juniper JN0-643 Exam Area 1 using an export policy. You do not want any of the RIP routes to be in the routing table of R1. Which two solutions meet this requirement? (Choose two.) A. On R1, configure an export policy to reject the routes. B. On R1, configure an import policy to reject the routes. C. On R1, configure each address as a martian route. D. On R1, configure the no-nssa-abr option. Answer: B,C Explanation:
-- Exhibit -Click the Exhibit button. In the exhibit, a customer wants to configure an EBGP connection to two different routers in a neighboring autonomous system. The goal of this configuration is to use per-prefix load balancing across both EBGP links. Which configuration accomplishes this goal?
47
Juniper JN0-643 Exam A. {master:0}[edit] user@router# show protocols bgp group External { multihop; peer-as 65532; neighbor 10.10.2.2; neighbor 10.20.2.2; } B. {master:0}[edit] user@router# show protocols bgp group External { multipath; peer-as 65532; neighbor 10.10.2.2; neighbor 10.20.2.2; } C. {master:0}[edit] user@router# show protocols bgp group External { multihop; local-address 192.168.2.1; peer-as 65532; neighbor 10.10.2.2; neighbor 10.20.2.2; } user@router# show routing-options static { route 0.0.0.0 next-hop [ 10.10.2.2 10.20.2.2 ]; } autonomous-system 65432; D. {master:0}[edit] user@router# show protocols bgp group External { multihop; local-address 192.168.2.1; peer-as 65532; multipath; neighbor 10.10.2.2; neighbor 10.20.2.2; } user@router# show routing-options static { route 0.0.0.0 next-hop [ 10.10.2.2 10.20.2.2 ]; } autonomous-system 65432; Answer: B "Pass Any Exam. Any Time." - www.actualtests.com 48
Juniper JN0-643 Exam Explanation:
-- Exhibit -Click the Exhibit button. Referring to the exhibit, R4 in AS 100 is sending routes 20.0.0.0/8 and 10.0.0.0/8. R3 sees the routes but R5 does not. What must be configured on the R3 router for the R5 router to install the routes? A. a next-hop self policy B. as-override toward the R5 router C. as-loops 2 D. local-as 100 Answer: B Explanation:
QUESTION NO: 70 -- Exhibit "Pass Any Exam. Any Time." - www.actualtests.com 49
-- Exhibit -Click the Exhibit button. You are asked to configure an OSPF virtual link that connects remote Area 4 to the backbone. Referring to the exhibit, what are two requirements for an OSPF virtual link to operate correctly? (Choose two.) A. A virtual link configuration on the ABR between Areas 0 and 1 must include transit area 1. B. The interface of the transit area must be of type vt. C. A virtual link configuration on the ABR between Areas 0 and 1 must be the interface address of the neighbor on the far end. D. A virtual link configuration on the ABR between Areas 0 and 1 must be the router ID (RID) of the neighbor on the far end. Answer: A,D Explanation:
50
Juniper JN0-643 Exam QUESTION NO: 71 -- Exhibit
-- Exhibit -Click the Exhibit button. In the exhibit, R5 is receiving five 200.1.1.x routes from the RIP router, and is advertising them into Area 1 using an export policy. You want to summarize the RIP routes into Area 0 with the most specific prefix. Which configuration will accomplish goal? A. [edit protocols] user@R1# show ospf { area 0.0.0.0 { area-range 200.1.1.0/29; interface ge-0/0/1.0; interface ge-0/0/2.0; interface lo0.0; } area 0.0.0.1 { nssa { default-lsa type-7; } interface ge-0/0/3.0; } } "Pass Any Exam. Any Time." - www.actualtests.com 51
Juniper JN0-643 Exam B. [edit protocols] user@R1# show ospf { area 0.0.0.0 { interface ge-0/0/1.0; interface ge-0/0/2.0; interface lo0.0; } area 0.0.0.1 { nssa { default-lsa type-7; area-range 200.1.1.0/28; } interface ge-0/0/3.0; } } C. [edit protocols] user@R1# show ospf { area 0.0.0.0 { interface ge-0/0/1.0; interface ge-0/0/2.0; interface lo0.0; } area 0.0.0.1 { nssa { default-lsa type-7; area-range 200.1.1.0/29; } interface ge-0/0/3.0; } } D. [edit protocols] user@R1# show ospf { area 0.0.0.0 { area-range 200.1.1.0/28; interface ge-0/0/1.0; interface ge-0/0/2.0; interface lo0.0; } area 0.0.0.1 { nssa { default-lsa type-7; } interface ge-0/0/3.0; } "Pass Any Exam. Any Time." - www.actualtests.com 52
Juniper JN0-643 Exam } Answer: C Explanation:
QUESTION NO: 72 -- Exhibit -user@router> show bgp summary Groups: 3 Peers: 3 Down peers: 0 Table Tot Paths Act Paths Suppressed History Damp State Pending inet.0 10 8 0 0 0 0 inet6.0 4 3 0 0 0 0 Peer AS InPkt OutPkt OutQ Flaps Last Up/Dwn State|#Active/Received/Accepted/Damped... 10.0.3.5 65550 41 52 0 2 17:45 5/5/5/0 0/0/0/0 172.16.0.6 65010 52 42 0 2 31 Establ inet.0: 3/5/5/0 inet6.0: 3/4/4/0 2001:ffff::3:5 65550 43 44 0 4 17:53 Establ inet6.0: 0/0/0/0 user@router> -- Exhibit -Click the Exhibit button. Examine the output of the show bgp summary command shown in the exhibit. From which BGP peer is the router receiving IPv6 routes? A. 10.0.3.5
53
Juniper JN0-643 Exam B. 172.16.0.6 C. 2001:ffff::3:5 D. 2001:ffff:3:5 Answer: B Explanation:
QUESTION NO: 73 -- Exhibit -user@SwitchA> show dot1x interface detail ge-0/0/2.0 ge-0/0/2.0 Role: Authenticator Administrative state: Auto Supplicant mode: Multiple Number of retries: 3 Quiet period. 60 seconds Transmit period. 30 seconds Mac Radius: Enabled Mac Radius Restrict: Enabled Reauthentication: Enabled Configured Reauthentication interval: 3600 seconds Supplicant timeout: 30 seconds Server timeout: 30 seconds Maximum EAPOL requests: 2 Guest VLAN member: <not configured> Number of connected supplicants: 2 user@SwitchA> -- Exhibit -"Pass Any Exam. Any Time." - www.actualtests.com 54
Juniper JN0-643 Exam Click the Exhibit button. Host 1, Host 2, and Host 3 are connected to Switch A on interface ge-0/0/2. Host 1 and Host 2 do not support 802.1X. They can authenticate and connect to the Internet. Host 3 was added and it supports 802.1X; however, it is unable to authenticate. Referring to the exhibit, how do you allow Host 3 to authenticate to the network but maintain secure access? A. Enable fallback authentication for 802.1X. B. Disable MAC RADIUS Restrict option on ge-0/0/2. C. Disable MAC RADIUS option on ge-0/0/2. D. Enable Administrative mode for 802.1X. Answer: B Explanation:
QUESTION NO: 74 -- Exhibit -user@RP> show pim join extensive Instance: PIM.master Family: INET R = Rendezvous Point Tree, S = Sparse, W = Wildcard Group: 224.1.1.1 Source: * RP: 192.168.1.1 Flags: sparse,rptree,wildcard Upstream interface: Local Upstream neighbor: Local Upstream state: Local RP Downstream neighbors: Interface: so-0/0/0.0
55
Juniper JN0-643 Exam 10.0.1.2 State: Join Flags: SRW Timeout: 176 Group: 224.1.1.1 Source: 10.0.5.2 Flags: sparse,spt Upstream interface: unknown (no nexthop) Upstream neighbor: unknown Upstream state: Local RP Keepalive timeout: 106 Downstream neighbors: Interface: so-0/0/0.0 10.0.1.2 State: Join Flags: S Timeout: 176 Instance: PIM.master Family: INET6 R = Rendezvous Point Tree, S = Sparse, W = Wildcard -- Exhibit -Click the Exhibit button. The CLI output shown in the exhibit was taken from the RP in a PIM-SM network. Which statement explains the output shown in the exhibit? A. No tunnel PIC is installed on the RP router. B. 192.168.1.1 is not a local IP address on the RP router. C. Multicast traffic is arriving on the so-0/0/0.0 interface. D. The router does not have a unicast route to 10.0.5.2. Answer: D Explanation:
QUESTION NO: 75
56
Juniper JN0-643 Exam -- Exhibit -OSPF database, Area 0.0.0.0 Type ID Adv Rtr Seq Age Opt Cksum Len Router *10.0.3.4 10.0.3.4 0x8000000d 30 0x22 0x8d11 132 bits 0x0, link count 9 id 10.1.1.0, data 255.255.255.0, Type Stub (3) Topology count: 0, Default metric. 1 id 10.0.4.8, data 255.255.255.252, Type Stub (3) Topology count: 0, Default metric. 1 id 10.0.2.10, data 10.0.2.10, Type Transit (2) Topology count: 0, Default metric. 1 id 172.16.0.6, data 172.16.0.5, Type Transit (2) Topology count: 0, Default metric. 1 id 10.0.3.4, data 255.255.255.255, Type Stub (3) Topology count: 0, Default metric. 0 id 10.0.9.7, data 10.0.2.18, Type PointToPoint (1) Topology count: 0, Default metric. 65 id 10.0.2.16, data 255.255.255.252, Type Stub (3) Topology count: 0, Default metric. 65 id 10.0.3.3, data 10.0.2.6, Type PointToPoint (1) Topology count: 0, Default metric. 2 id 10.0.2.4, data 255.255.255.252, Type Stub (3) Topology count: 0, Default metric. 2 Topology default (ID 0) Type: PointToPoint, Node ID. 10.0.3.3 MetriC. 2, Bidirectional
57
Juniper JN0-643 Exam Type: PointToPoint, Node ID. 10.0.9.7 MetriC. 65, Bidirectional Type: Transit, Node ID. 172.16.0.6 MetriC. 1, Bidirectional Type: Transit, Node ID. 10.0.2.10 MetriC. 1, Bidirectional -- Exhibit -Click the Exhibit button. The exhibit shows the output of an OSPF router LSA. Which interface ID represents the router's loopback address? A. ID 10.1.1.0 B. ID 10.0.3.4 C. ID 10.0.3.3 D. ID 10.0.2.4 Answer: B Explanation:
QUESTION NO: 76 -- Exhibit -{master:0}[edit] user@router# show class-of-service classifiers { inet-precedence normal-traffic { forwarding-class best-effort { loss-priority low code-points [ my1 my2 ]; } "Pass Any Exam. Any Time." - www.actualtests.com 58
Juniper JN0-643 Exam } } code-point-aliases { inet-precedence { my1 000; my2 001; cs1 010; cs2 011; cs3 100; cs4 101; cs5 111; cs6 111; } } -- Exhibit -Click the Exhibit button. In the exhibit, you see a configuration for CoS. Incoming traffic with specific IP precedence bits should be mapped to a forwarding class named best-effort. A classifier named normal-traffic is defined. What must you add to complete this configuration? A. Include the option q-pic-large-buffer under the chassis hierarchy to accommodate the new code points. B. Apply classifier normal traffic to the interface hierarchy under the class-of-service stanza. C. Configure a rewrite marker on the ingress Gigabit Ethernet interface. D. Add code point values for the expedited-forwarding forwarding class as well as the best-effort forwarding class. Answer: B Explanation:
59
QUESTION NO: 77 -- Exhibit -user@router> show configuration routing-options autonomous-system 65550; user@router> show configuration protocols bgp group ibgp { type internal; neighbor 10.0.3.5; } group ibgpv6 { type internal; local-address 2001:ffff::3:4; neighbor 2001:ffff::3:5; } group as65010 { family inet { unicast; } family inet6 { unicast; } export as65010-out; peer-as 65010; neighbor 172.16.0.6; } "Pass Any Exam. Any Time." - www.actualtests.com 60
Juniper JN0-643 Exam user@router> show configuration policy-options policy-statement as65010-out { term locally-originated { from as-path local-only; then { metric 7000; } } term from-as65222 { from as-path as65222-orig; then as-path-prepend "65550 65550 65550 65550"; } term transit-as701 { from as-path transit-as701; then { metric 6; } } then accept; } as-path local-only "(.*)"; as-path as65222-orig ".* 65222"; as-path transit-as701 ".* 701 .*"; user@router> show route advertising-protocol bgp 172.16.0.6 inet.0: 43 destinations, 47 routes (43 active, 0 holddown, 0 hidden) Prefix Nexthop MED Lclpref AS path
61
Juniper JN0-643 Exam * 10.0.2.0/30 Self 7000 I * 10.0.2.4/30 Self 7000 I * 10.0.2.8/30 Self 7000 I * 10.0.2.16/30 Self 7000 I * 10.0.3.3/32 Self 7000 I * 10.0.3.4/32 Self 7000 I * 10.0.3.5/32 Self 7000 I * 10.0.4.8/30 Self 7000 I * 10.0.8.8/30 Self 7000 I * 10.0.9.9/32 Self 7000 I * 10.255.255.1/32 Self 7000 I * 64.142.88.0/24 Self 7000 I * 130.130.0.0/16 Self 6 65222 46375 701 14203 I * 131.131.131.0/24 Self 6 65222 46375 701 14203 I * 132.132.0.0/25 Self 6 65222 46375 701 32934 I * 133.133.0.0/25 Self 6 65222 46375 701 32934 I * 134.134.0.0/25 Self 65222 46375 14203 I * 135.135.0.0/25 Self 65222 46375 14203 14203 I * 172.16.0.4/30 Self 7000 I * 172.16.0.12/30 Self 7000 I * 172.16.200.0/30 172.16.0.6 7000 I * 192.0.2.0/24 172.16.0.6 7000 I * 192.168.50.0/24 Self 7000 I * 192.168.253.0/24 Self 7000 I * 200.200.0.0/16 172.16.0.6 7000 I * 200.200.0.1/32 172.16.0.6 7000 I * 200.200.1.1/32 172.16.0.6 7000 I "Pass Any Exam. Any Time." - www.actualtests.com 62
Juniper JN0-643 Exam * 200.200.200.200/32 172.16.0.6 7000 I inet6.0: 23 destinations, 28 routes (23 active, 0 holddown, 0 hidden) Prefix Nexthop MED Lclpref AS path * ::172.16.0.4/126 Self 7000 I * 2001:1:1::/64 Self 7000 I * 2001:1:2::/64 Self 7000 I * 2001:ffff::3:3/128 Self 7000 I * 2001:ffff::3:4/128 Self 7000 I * 2001:ffff::3:5/128 Self 7000 I * 2001:ffff::9:7/128 Self 7000 I user@router> -- Exhibit -Click the Exhibit button. You are configuring an EBGP peer in a transit environment. You must advertise routes learned from other EBGP peers in your AS. Any routes originated from within your AS should have a MED of 7000 set. Any routes that originate in AS65222 should be prepended four times. Any routes that transit AS701 should have a MED set to 6. This scenario results in the unintended advertisement of internal 10.0.0.0/8 networks to your peer. What caused the accidental advertisement of internal networks to your EBGP peer? A. Your AS number of 65550 is a private AS number. B. The BGP group as65010 is configured for both family inet unicast and family inet6 unicast protocol families. C. The export policy as65010-out is misconfigured. D. The as-path local-only includes a misconfigured regular expression. Answer: C Explanation:
63
Juniper JN0-643 Exam QUESTION NO: 78 -- Exhibit -[edit] user@router# run show ospf database external lsa-id 71.23.48.0 extensive OSPF AS SCOPE link state database Type ID Adv Rtr Seq Age Opt Cksum Len Extern 71.23.48.0 67.176.255.5 0x80000001 114 0x22 0x171b 36 mask 255.255.248.0 Topology default (ID 0) Type: 2, MetriC. 0, Fwd addr: 0.0.0.0, Tag: 0.0.0.0 Aging timer 00:58:06 Installed 00:01:53 ago, expires in 00:58:06, sent 00:01:53 ago Last changed 00:01:53 ago, Change count: 1 Extern 71.23.48.0 67.176.255.7 0x8000005a 487 0x22 0x587e 36 mask 255.255.248.0 Topology default (ID 0) Type: 2, MetriC. 0, Fwd addr: 0.0.0.0, Tag: 0.0.0.0 Aging timer 00:51:52 Installed 00:08:01 ago, expires in 00:51:53, sent 00:07:59 ago Last changed 2d 19:33:58 ago, Change count: 1 Extern 71.23.48.0 67.176.255.8 0x8000005c 540 0x22 0xf73e 36 mask 255.255.248.0 Topology default (ID 0) Type: 1, MetriC. 30, Fwd addr: 0.0.0.0, Tag: 0.0.0.0 Aging timer 00:51:00 Installed 00:08:59 ago, expires in 00:51:00, sent 00:08:59 ago
64
Juniper JN0-643 Exam Last changed 00:08:59 ago, Change count: 3 -- Exhibit -Click the Exhibit button. As shown in the exhibit, a router is receiving three external LSAs for the prefix 71.23.48.0. Which path is preferred? A. The path through 67.176.255.5 is preferred. B. The path through 67.176.255.7 is preferred. C. The path through 67.176.255.8 is preferred. D. The paths through 67.176.255.7 and 67.176.255.8 become active to allow load-balancing. Answer: C Explanation:
65
-- Exhibit -Click the Exhibit button. In the exhibit, the 10.100/16 prefix is introduced at autonomous system 1 (AS1) and propagated through to AS3. Router A in AS3 receives two different paths to these prefixes, one through AS2 and the other through AS4. No BGP attributes have been altered. Which path would router A prefer for the 10.100/16 prefix? A. The route with the lowest interface address for the EBGP peering session B. The route with the lowest local preference C. The route to the EBGP peer that has the lowest RID D. The route from the EBGP peer that arrived first Answer: D Explanation:
66
QUESTION NO: 80 -- Exhibit -[edit] user@R1# show routing-options router-id router-id 1.1.1.1; [edit] user@R1# show protocols ospf area 0.0.0.0 { interface ge-0/0/7.0; } [edit] user@R2# show routing-options router-id router-id 2.2.2.2; [edit] user@R2# show protocols ospf area 0.0.0.0 { interface ge-0/0/8.0 { priority 200; } } [edit] user@R3# show routing-options router-id router-id 222.255.255.255;
67
Juniper JN0-643 Exam [edit] user@R3# show protocols ospf area 0.0.0.0 { interface ge-0/0/8.0; } [edit] user@R4# show routing-options router-id router-id 239.255.255.255; [edit] user@R4# show protocols ospf area 0.0.0.0 { interface ge-0/0/6.0 { priority 0; } } -- Exhibit -Click the Exhibit button. All four routers in the exhibit are in the same broadcast domain. The routers were powered on at the same time. Based on the configurations, which devices are the DR and the BDR? A. R4 is the DR and R2 is the BDR. B. R2 is the DR and R3 is the BDR. C. R2 is the DR and R1 is the BDR. D. R3 is the DR and R2 is the BDR. Answer: B Explanation:
68
QUESTION NO: 81 -- Exhibit -user@router> show interfaces ge-0/0/0 extensive | find "Queue counters" Queue counters: Queued packets Transmitted packets Dropped packets 0 best-effort 35244 35244 0 1 expedited-fo 258963 59852 199111 2 assured-forw 0 0 0 3 network-cont 1625847 1625847 0 -- Exhibit -Click the Exhibit button. You recently deployed an SRX Series Gateway in your network. It uses the default class of service configuration. Based on the output in the exhibit, what reason explains the packet drops in Queue 1? A. Interface ge-0/0/0 should be used only for management network operations. B. Queue 0 has higher priority than Queue 1. C. A policer is reclassifying all traffic into Queue 1. D. No bandwidth reservation exists on Queue 1. Answer: D Explanation:
QUESTION NO: 82 -- Exhibit -Mar 16 19:12:58.291474 BGP RECV 172.14.10.2+51230 -> 172.14.10.1+179
69
Juniper JN0-643 Exam Mar 16 19:12:58.291624 BGP RECV message type 1 (Open) length 59 Mar 16 19:12:58.291688 BGP RECV version 4 as 2 holdtime 90 id 192.168.2.1 parmlen 30 Mar 16 19:12:58.291752 BGP RECV MP capability AFI=1, SAFI=1 Mar 16 19:12:58.291802 BGP RECV Refresh capability, code=128 Mar 16 19:12:58.291850 BGP RECV Refresh capability, code=2 Mar 16 19:12:58.291915 BGP RECV Restart capability, code=64, time=120, flags= Mar 16 19:12:58.291969 BGP RECV 4 Byte AS-Path capability (65), as_num 2 Mar 16 19:12:58.292385 advertising receiving-speaker only capabilty to neighbor 172.14.10.2 (External AS 2) Mar 16 19:12:58.292452 bgp_send. sending 59 bytes to 172.14.10.2 (External AS 2) Mar 16 19:12:58.292522 Mar 16 19:12:58.292522 BGP SEND 172.14.10.1+179 -> 172.14.10.2+51230 Mar 16 19:12:58.292601 BGP SEND message type 1 (Open) length 59 Mar 16 19:12:58.293053 BGP SEND version 4 as 1 holdtime 90 id 192.168.2.1 parmlen 30 Mar 16 19:12:58.293124 BGP SEND MP capability AFI=1, SAFI=1 Mar 16 19:12:58.293173 BGP SEND Refresh capability, code=128 Mar 16 19:12:58.293221 BGP SEND Refresh capability, code=2 Mar 16 19:12:58.293284 BGP SEND Restart capability, code=64, time=120, flags= Mar 16 19:12:58.293336 BGP SEND 4 Byte AS-Path capability (65), as_num 1 Mar 16 19:12:58.293517 bgp_send. sending 19 bytes to 172.14.10.2 (External AS 2) Mar 16 19:12:58.293573 Mar 16 19:12:58.293573 BGP SEND 172.14.10.1+179 -> 172.14.10.2+51230 Mar 16 19:12:58.293665 BGP SEND message type 4 (KeepAlive) length 19 Mar 16 19:12:58.296781 Mar 16 19:12:58.296781 BGP RECV 172.14.10.2+51230 -> 172.14.10.1+179 Mar 16 19:12:58.296897 BGP RECV message type 4 (KeepAlive) length 19 Mar 16 19:12:58.297451 bgp_send. sending 19 bytes to 172.14.10.2 (External AS 2)
70
Juniper JN0-643 Exam Mar 16 19:12:58.297528 Mar 16 19:12:58.297528 BGP SEND 172.14.10.1+179 -> 172.14.10.2+51230 Mar 16 19:12:58.297600 BGP SEND message type 4 (KeepAlive) length 19 Mar 16 19:12:58.298102 bgp_send. sending 23 bytes to 172.14.10.2 (External AS 2) Mar 16 19:12:58.298185 Mar 16 19:12:58.298185 BGP SEND 172.14.10.1+179 -> 172.14.10.2+51230 Mar 16 19:12:58.298273 BGP SEND message type 2 (Update) length 23 Mar 16 19:12:58.298322 BGP SEND End of RIB. AFI 1 SAFI 1 Mar 16 19:12:58.301834 Mar 16 19:12:58.301834 BGP RECV 172.14.10.2+51230 -> 172.14.10.1+179 Mar 16 19:12:58.301957 BGP RECV message type 4 (KeepAlive) length 19 Mar 16 19:12:58.302034 bgp_read_v4_message: done with 172.14.10.2 (External AS 2) received 19 octets 0 updates 0 routes Mar 16 19:12:58.304594 Mar 16 19:12:58.304594 BGP RECV 172.14.10.2+51230 -> 172.14.10.1+179 Mar 16 19:12:58.304702 BGP RECV message type 2 (Update) length 23 Mar 16 19:12:58.304765 BGP RECV End of RIB. AFI 1 SAFI 1 Mar 16 19:12:58.304848 bgp_read_v4_message: done with 172.14.10.2 (External AS 2) received 23 octets 1 update 0 routes Mar 16 19:13:22.968415 bgp_send. sending 19 bytes to 172.14.10.2 (External AS 2) Mar 16 19:13:22.968586 Mar 16 19:13:22.968586 BGP SEND 172.14.10.1+179 -> 172.14.10.2+51230 Mar 16 19:13:22.968675 BGP SEND message type 4 (KeepAlive) length 19 Mar 16 19:13:26.901339 Mar 16 19:13:26.901339 BGP RECV 172.14.10.2+51230 -> 172.14.10.1+179 Mar 16 19:13:26.901464 BGP RECV message type 4 (KeepAlive) length 19 Mar 16 19:13:26.901543 bgp_read_v4_message: done with 172.14.10.2 (External AS 2) received 19 octets 0 updates 0 routes
71
Juniper JN0-643 Exam Mar 16 19:13:51.335927 bgp_send. sending 19 bytes to 172.14.10.2 (External AS 2) Mar 16 19:13:51.348180 Mar 16 19:13:51.348180 BGP SEND 172.14.10.1+179 -> 172.14.10.2+51230 Mar 16 19:13:51.348296 BGP SEND message type 4 (KeepAlive) length 19 Mar 16 19:13:53.844160 Mar 16 19:13:53.844160 BGP RECV 172.14.10.2+51230 -> 172.14.10.1+179 Mar 16 19:13:53.844329 BGP RECV message type 4 (KeepAlive) length 19 Mar 16 19:13:53.844392 bgp_read_v4_message: done with 172.14.10.2 (External AS 2) received 19 octets 0 updates 0 routes -- Exhibit -Click the Exhibit button. Looking at the traceoptions output, what is the current keepalive timer set for in BGP? A. 1 second B. 10 seconds C. 30 seconds D. 90 seconds Answer: C Explanation:
72
Juniper JN0-643 Exam -- Exhibit -Click the Exhibit button. As shown in the exhibit, a legacy IP phone is attached to Switch-1. The phone does not support LLDP-MED, but does allow configuration using DHCP. Existing network CoS policies dictate that VoIP traffic must use VLAN 10. Which two actions put VoIP traffic onto VLAN 10? (Choose two.) A. Configure protocols cdp on Switch-1. B. Manually configure the voice VLAN on the IP phone. C. Configure vlan 1 under forwarding-options bootp. D. Configure interface ge-0/0/5 under forwarding-options bootp. Answer: B,D Explanation:
73
Juniper JN0-643 Exam -- Exhibit -Click the Exhibit button. Which statement about the non-ABR router in Area 2 in the exhibit is true? A. The router has connectivity to all areas. B. The router has connectivity to Area 2 only. C. The router has connectivity to Area 2 and Area 0. D. The router has connectivity to Area 2 and Area 8. Answer: D Explanation:
-- Exhibit -Click the Exhibit button. Referring to the exhibit, you want to configure Switch-1 to allow a user on interface ge-0/0/10 to accommodate both voice and data traffic. Your phones and your switches are LLDP-MED capable. What is the minimal configuration that allows LLDP-MED to autoconfigure your phone's voice VLAN? A. set interfaces ge-0/0/10 unit 0 family ethernet-switching port-mode trunk set interfaces ge-0/0/10 unit 0 family ethernet-switching vlan members voice_vlan "Pass Any Exam. Any Time." - www.actualtests.com 74
Juniper JN0-643 Exam set interfaces ge-0/0/10 unit 0 family ethernet-switching native-vlan-id data_vlan set ethernet-switching-options voip interface ge-0/0/10.0 vlan voice_vlan set protocols lldp-med interface ge-0/0/10.0 B. set interfaces ge-0/0/10 unit 0 family ethernet-switching port-mode trunk set interfaces ge-0/0/10 unit 0 family ethernet-switching vlan members voice_vlan set interfaces ge-0/0/10 unit 0 family ethernet-switching native-vlan-id data_vlan set ethernet-switching-options voip interface ge-0/0/10.0 vlan voice_vlan set protocols lldp interface ge-0/0/10.0 C. set interfaces ge-0/0/10 unit 0 family ethernet-switching port-mode access set interfaces ge-0/0/10 unit 0 family ethernet-switching vlan members data_vlan set ethernet-switching-options voip interface ge-0/0/10.0 forwarding-class assured-forwarding set protocols lldp-med interface ge-0/0/10.0 D. set interfaces ge-0/0/10 unit 0 family ethernet-switching port-mode access set interfaces ge-0/0/10 unit 0 family ethernet-switching vlan members data_vlan set ethernet-switching-options voip interface ge-0/0/10.0 vlan voice_vlan set protocols lldp-med interface ge-0/0/10.0 Answer: D Explanation:
-- Exhibit --
75
Juniper JN0-643 Exam Click the Exhibit button. Site A is sending voice traffic marked with DSCP code EF. SRX A has the default CoS classifier. Into which forwarding class is SRX A classifying traffic? A. best-effort B. expedited-forwarding C. network-control D. assured-forwarding Answer: A Explanation:
-- Exhibit -Click the Exhibit button. In the exhibit, the routers in the network have a default PIM sparse mode configuration. R2 shows that R1 is the RPF next hop for the source, and R3 is the RPF next hop for the RP. Host1 is currently receiving multicast traffic for group 231.1.1.1. Host2 has come online and is attempting to join group 232.1.1.1. R2 has just received an IGMP message with the source and group addresses. Which step happens next so that Host2 can join the multicast group?
76
Juniper JN0-643 Exam A. R2 sends a PIM join upstream towards R3 to join the shared tree. B. R2 sends a PIM join upstream towards R3 to join the source tree. C. R2 sends a PIM join upstream towards R1 to join the shared tree. D. R2 sends a PIM join upstream towards R1 to join the source tree. Answer: D Explanation:
-- Exhibit -Click the Exhibit button. In the exhibit, the provider bridges are using Q-in-Q tunneling to tunnel VLAN 100 traffic over VLAN 200. What is the correct VLAN configuration for Q-in-Q tunneling on Provider Bridge A? A. interfaces { ge-0/0/0 { unit 0 { family ethernet-switching { port-mode access; } } } ge-0/0/10 { unit 0 { family ethernet-switching { "Pass Any Exam. Any Time." - www.actualtests.com 77
Juniper JN0-643 Exam port-mode trunk; vlan { members test; } } } } } vlans { test { vlan-id 200; interface { ge-0/0/0.0; } dot1q-tunneling { customer-vlans 100; } } } B. interfaces { ge-0/0/0 { unit 0 { family ethernet-switching { port-mode trunk; vlan { members test; } } } } ge-0/0/10 { unit 0 { family ethernet-switching { port-mode access; } } } } vlans { test { vlan-id 200; interface { ge-0/0/0.0; } dot1q-tunneling { customer-vlans 100; } "Pass Any Exam. Any Time." - www.actualtests.com 78
Juniper JN0-643 Exam } } C. interfaces { ge-0/0/0 { unit 0 { family ethernet-switching { port-mode trunk; vlan { members test; } } } } ge-0/0/10 { unit 0 { family ethernet-switching { port-mode access; } } } } vlans { test { vlan-id 200; interface { ge-0/0/10.0; } dot1q-tunneling { customer-vlans 100; } } } D. interfaces { ge-0/0/0 { unit 0 { family ethernet-switching { port-mode access; } } } ge-0/0/10 { unit 0 { family ethernet-switching { port-mode trunk; vlan { members test; } "Pass Any Exam. Any Time." - www.actualtests.com 79
Juniper JN0-643 Exam } } } } vlans { test { vlan-id 100; interface { ge-0/0/0.0; } dot1q-tunneling { customer-vlans 200; } } } Answer: A Explanation:
-- Exhibit -Click the Exhibit button.
80
Juniper JN0-643 Exam In the topology shown in the exhibit, which two BGP attributes can AS1 manipulate to influence the path that AS4 takes to reach prefixes originated by AS1? (Choose two.) A. Local Preference B. AS Path C. Origin D. MED Answer: B,C Explanation:
-- Exhibit -Click the Exhibit button. Traffic flows through your network, as shown in the exhibit. You have configured a rewrite rule on R1 to mark HTTP traffic with a specific DSCP value. What must you do to ensure that the HTTP traffic preserves its DSCP value as it leaves your CoS domain? A. Use behavior aggregate classifiers mapping the HTTP traffic to the specific DSCP value on R1 and R2.
81
Juniper JN0-643 Exam B. Use rewrite rules mapping the HTTP traffic to the specific DSCP value on R2 and R3. C. Use a rewrite rule mapping the HTTP traffic to the specific DSCP value on R3. D. Use the default settings already in place on the device. Answer: D Explanation:
-- Exhibit -Click the Exhibit button. In the exhibit, Switch A is an EX4200. VLAN10 is receiving tagged as well as untagged traffic from different ports. The administrator wants to mirror all tagged and untagged traffic entering VLAN10 to analyzer port ge-0/0/10. All VLAN tags must be preserved for traffic that is mirrored to the analyzer port. Which configuration will achieve this? A. set ethernet-switching-options analyzer vlan10_analyzer input vlan VLAN10 interface xe-1/0/0.0 set ethernet-switching-options analyzer vlan10_analyzer input vlan VLAN10 interface ge-0/0/2 set ethernet-switching-options analyzer vlan10_analyzer output interface ge-0/0/10.0 B. set ethernet-switching-options analyzer vlan10_analyzer input interface xe-1/0/0.0 set ethernet-switching-options analyzer vlan10_analyzer input interface ge-0/0/2 set ethernet-switching-options analyzer vlan10_analyzer output interface ge-0/0/10.0 "Pass Any Exam. Any Time." - www.actualtests.com 82
Juniper JN0-643 Exam C. set ethernet-switching-options analyzer vlan10_analyzer input ingress vlan VLAN10 set ethernet-switching-options analyzer vlan10_analyzer output interface ge-0/0/10.0 set vlans default interface ge-0/0/10.0 D. set ethernet-switching-options analyzer vlan10_analyzer input ingress vlan VLAN10 set ethernet-switching-options analyzer vlan10_analyzer output interface ge-0/0/10.0 set vlans VLAN10 interface ge-0/0/10.0 Answer: C Explanation:
QUESTION NO: 92 -- Exhibit -Mar 16 17:18:28.751306 ospf_trigger_build_telink_lsas : No peer found Mar 16 17:18:28.751729 ospf_set_lsdb_state: Network LSA 172.14.10.1 adv-rtr 192.168.2.1 state QUIET->GEN_PENDING Mar 16 17:18:28.751801 OSPF trigger network LSA build for interface ge-0/0/1.0 area 0.0.0.0 Mar 16 17:18:28.751874 OSPF DR is 192.168.2.1, BDR is 0.0.0.0 Mar 16 17:18:28.751931 OSPF trigger router LSA 0x156d0f0 build for area 0.0.0.0 lsa-id 192.168.2.1 Mar 16 17:18:28.752044 ospf_trigger_build_telink_lsas : No peer found Mar 16 17:18:28.752190 OSPF sent Hello 172.14.10.1 -> 224.0.0.5 (ge-0/0/1.0 IFL 69 area 0.0.0.0) Mar 16 17:18:28.752258 Version 2, length 44, ID 192.168.2.1, area 0.0.0.0 Mar 16 17:18:28.752315 mask 255.255.255.224, hello_ivl 10, opts 0x2, prio 128 Mar 16 17:18:28.752380 dead_ivl 40, DR 172.14.10.1, BDR 0.0.0.0 Mar 16 17:18:28.763796 OSPF rcvd Hello 172.14.10.2 -> 224.0.0.5 (ge-0/0/1.0 IFL 69 area 0.0.0.0) Mar 16 17:18:28.763897 Version 2, length 44, ID 192.168.5.1, area 0.0.0.0 Mar 16 17:18:28.763946 checksum 0x0, authtype 0 Mar 16 17:18:28.764140 mask 255.255.255.0, hello_ivl 10, opts 0x2, prio 128 -- Exhibit --
83
Juniper JN0-643 Exam Click the Exhibit button. Looking at the traceoptions output in the exhibit, why are the OSPF routers stuck in Init state? A. There is an MTU mismatch. B. There is a network mask mismatch. C. The routers are in different areas. D. No BDR has been elected. Answer: B Explanation:
-- Exhibit -Click the Exhibit button. As shown in the exhibit, the 10.10/16 prefix is redistributed into OSPF through R2 and R5. R2 is advertising the prefix with a Type 1 metric of 100 and R5 is advertising the prefix with a Type 2 metric of 10. What is the preferred path to reach 10.10/16 from R6?
84
Juniper JN0-643 Exam A. R6-R5 B. R6-R4-R5 C. R6-R4-R5-R2 D. R6-R4-R3-R2 Answer: D Explanation:
-- Exhibit -Click the Exhibit button. Based on the exhibit, which statement about the Layer 2 topology is true?
85
Juniper JN0-643 Exam A. A port on switch 3 or switch 4 towards the CST root (switch 6) is blocking traffic. B. A total of 64 MST instances for MST region A and region B can be configured. C. MSTI BPDUs are exchanged between MST regions and the CST root bridge. D. IST BPDUs are exchanged only between switches 1 and 2, and between switches 6 and 7. Answer: A Explanation:
QUESTION NO: 95 -- Exhibit -{master:0}[edit] user@router# run show ospf interface vl-10.20.10.2 extensive Interface State Area DR ID BDR ID Nbrs vl-10.20.10.2 Down 0.0.0.0 0.0.0.0 0.0.0.0 0 Type: Virtual, Address: 0.0.0.0, Mask: 0.0.0.0, MTU: 0, Cost: 1 Transit AreA. 0.0.0.1 Adj count: 0 Hello: 10, Dead. 40, ReXmit: 5, Not Stub Auth type: None Protection type: None, No eligible backup Topology default (ID 0) -> Down, Cost: 0 -- Exhibit -Click the Exhibit button. Your company is integrating another OSPF area into your existing OSPF infrastructure. You created a virtual link that spans Area 2 and connects Area 3 to the backbone area. Based on the exhibit, what is preventing the adjacency? A. The interface configured for the virtual link is incorrect. It should be a vt and not a vl interface. B. No designated router (DR) has been elected. "Pass Any Exam. Any Time." - www.actualtests.com 86
Juniper JN0-643 Exam C. The backup route to Area 2 has not been configured. D. The wrong transit area is configured. Answer: D Explanation:
-- Exhibit -Click the Exhibit button. In the exhibit, an EBGP session is currently established between R1 and R2. R2 changes its import policy to accept 10 of the routes it previously denied from R1. Which BGP capability must be negotiated on the BGP session for R2 to install the routes accepted by the new policy? A. route refresh B. AddPath C. outbound route filtering (ORF) D. multiprotocol BGP (MBGP) Answer: A Explanation:
QUESTION NO: 97
87
Juniper JN0-643 Exam -- Exhibit -user@router> show bgp summary Groups: 1 Peers: 3 Down peers: 0 Table Tot Paths Act Paths Suppressed History Damp State Pending inet.0 0 0 0 0 0 0 inet6.0 1 0 0 0 0 0 Peer AS InPkt OutPkt OutQ Flaps Last Up/Dwn State|#Active/Received/Accepted/Damped... 2001:ffff::3:3 65550 43 43 0 0 18:20 Establ inet6.0: 0/1/1/0 2001:ffff::3:4 65550 42 43 0 0 18:16 Establ inet6.0: 0/0/0/0 2001:ffff::9:7 65550 42 43 0 0 18:00 Establ inet6.0: 0/0/0/0 user@router> show route receive-protocol bgp 2001:ffff::3:3 inet.0: 32 destinations, 33 routes (32 active, 0 holddown, 0 hidden) __juniper_private1__.inet.0: 4 destinations, 4 routes (2 active, 0 holddown, 2 hidden) iso.0: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden) mpls.0: 3 destinations, 3 routes (3 active, 0 holddown, 0 hidden) inet6.0: 10 destinations, 14 routes (10 active, 0 holddown, 0 hidden) Prefix Nexthop MED Lclpref AS path 2001:1:2::/64 2001:ffff::3:3 100 I user@router> show route 2001:1:2:: inet6.0: 10 destinations, 14 routes (10 active, 0 holddown, 0 hidden)
88
Juniper JN0-643 Exam + = Active Route, - = Last Active, * = Both 2001:1:2::/64 *[OSPF3/10] 01:54:11, metric 201 > to fe80::217:cb03:2448:bd00 via fe-0/0/1.804 [BGP/170] 00:18:43, localpref 100, from 2001:ffff::3:3 AS path: I > to fe80::217:cb03:2448:bd00 via fe-0/0/1.804 user@router> show route advertising-protocol bgp 2001:ffff::9:7 user@router> show configuration protocols bgp group ibgpv6 { type internal; local-address 2001:ffff::3:5; cluster 10.0.3.4; neighbor 2001:ffff::3:3; neighbor 2001:ffff::3:4; neighbor 2001:ffff::9:7; } user@router> -- Exhibit -Click the Exhibit button. You are using an IBGP route reflector within your network. Your route reflector has received the 2001:1:2::/64 prefix, but it is not advertising the prefix to its cluster members. After examining the route reflector, you notice the output shown in the exhibit. Which configuration statement causes the route reflector to transmit the route to its IBGP peers? A. set protocols bgp group ibgpv6 advertise-inactive B. set protocols bgp group ibgpv6 accept-remote-nexthop "Pass Any Exam. Any Time." - www.actualtests.com 89
Juniper JN0-643 Exam C. set protocols bgp group ibgpv6 multipath D. set protocols bgp group ibgpv6 include-mp-next-hop Answer: A Explanation:
QUESTION NO: 98 -- Exhibit -{master:0}[edit] user@router# show class-of-service classifiers { inet-precedence normal-traffic { forwarding-class best-effort { loss-priority low code-points [ my1 my2 ]; } } } code-point-aliases { inet-precedence { my1 000; my2 001; } } scheduler-maps { one { forwarding-class expedited-forwarding scheduler special; forwarding-class best-effort scheduler normal; } "Pass Any Exam. Any Time." - www.actualtests.com 90
Juniper JN0-643 Exam } schedulers { special { transmit-rate percent 30; priority strict-high; } normal { transmit-rate percent 70; priority low; } } -- Exhibit -Click the Exhibit button. The configuration in the exhibit shows incoming traffic with specific IP precedence bits that should be mapped to a forwarding class named best-effort. What must you add to complete this configuration? A. defined behaviors to the interfaces stanza in the class-of-service section B. rewrite-rules for the best-effort forwarding class C. a WRED drop-profile for the best-effort scheduler D. a firewall filter that matches and discards the original code point values Answer: A Explanation:
91
-- Exhibit -Click the Exhibit button. Based on the exhibit, why is R2 marking the routes coming from AS 200 as hidden? A. R3 has an import policy filtering all routes. B. R4 is not configured with a next-hop self policy. C. R2 does not have a route to the peer ID of R4. D. AS 200 is configured with the advertise-inactive option. Answer: C Explanation:
QUESTION NO: 100 -- Exhibit -user@router> show configuration routing-options rib-groups { foo { import-rib [ inet.8 inet.2 inet.0 ]; } } "Pass Any Exam. Any Time." - www.actualtests.com 92
Juniper JN0-643 Exam user@router> show configuration protocols pim rib-group inet foo; interface all; -- Exhibit -Click the Exhibit button. Based on the configuration in the exhibit, which routing table is used for IPv4 multicast RPF checks? A. inet.0 B. inet.2 C. foo.inet.0 D. inet.8 Answer: D Explanation:
QUESTION NO: 101 -- Exhibit -Mar 16 17:54:51.930726 OSPF periodic xmit from 172.14.10.1 to 224.0.0.5 (IFL 69 area 0.0.0.0) Mar 16 17:54:55.566920 ospf_trigger_build_telink_lsas : No peer found Mar 16 17:54:56.152585 ospf_trigger_build_telink_lsas : No peer found Mar 16 17:54:56.152721 ospf_set_lsdb_state: Router LSA 192.168.2.1 adv-rtr 192.168.2.1 state QUIET->GEN_PENDING Mar 16 17:54:56.153271 OSPF trigger router LSA 0x156d0f0 build for area 0.0.0.0 lsa-id 192.168.2.1 Mar 16 17:54:56.157854 ospf_set_lsdb_state: Router LSA 192.168.2.1 adv-rtr 192.168.2.1 state GEN_PENDING->QUIET Mar 16 17:54:56.157971 OSPF built router LSA, area 0.0.0.0, link count 2 Mar 16 17:54:56.158300 OSPF sent Hello 172.14.10.1 -> 224.0.0.5 (ge-0/0/1.0 IFL 69 area 0.0.0.0)
93
Juniper JN0-643 Exam Mar 16 17:54:56.158380 Version 2, length 44, ID 192.168.2.1, area 0.0.0.0 Mar 16 17:54:56.158435 mask 255.255.255.0, hello_ivl 10, opts 0x2, prio 128 Mar 16 17:54:56.158485 dead_ivl 40, DR 172.14.10.1, BDR 0.0.0.0 Mar 16 17:54:56.158949 OSPF DR is 192.168.2.1, BDR is 0.0.0.0 Mar 16 17:54:56.159276 OSPF sent Hello 172.14.10.1 -> 224.0.0.5 (ge-0/0/1.0 IFL 69 area 0.0.0.0) Mar 16 17:54:56.159331 Version 2, length 44, ID 192.168.2.1, area 0.0.0.0 Mar 16 17:54:56.159401 mask 255.255.255.0, hello_ivl 10, opts 0x2, prio 128 Mar 16 17:54:56.159563 dead_ivl 40, DR 172.14.10.1, BDR 0.0.0.0 Mar 16 17:54:56.168108 OSPF DR is 192.168.2.1, BDR is 0.0.0.0 Mar 16 17:54:58.237416 OSPF rcvd Hello 172.14.10.2 -> 224.0.0.5 (ge-0/0/1.0 IFL 69 area 0.0.0.0) Mar 16 17:54:58.237540 Version 2, length 44, ID 192.168.2.1, area 0.0.0.0 Mar 16 17:54:58.237623 checksum 0x0, authtype 0 Mar 16 17:54:58.237698 mask 255.255.255.0, hello_ivl 10, opts 0x2, prio 128 Mar 16 17:54:58.237751 dead_ivl 40, DR 172.14.10.2, BDR 0.0.0.0 -- Exhibit -Click the Exhibit button. Looking at the traceoptions output in the exhibit, why are the OSPF routers stuck in Init state? A. There is an MTU mismatch. B. There are duplicate router IDs. C. The routers are in different areas. D. No BDR has been elected. Answer: B Explanation:
QUESTION NO: 102
94
Juniper JN0-643 Exam -- Exhibit
-- Exhibit -Click the Exhibit button. Referring to the exhibit and based on the output below from Sw-1 and Sw-2, which statement is true? Sw-1> show spanning-tree mstp configuration MSTP information Context identifier : 0 Region name : juniper Revision : 1 Configuration digest : 0x9357ebb7a8d74dd5fef4f2bab50531aa MSTI Member VLANs 0 0-9,11-19,21-4094 1 10 2 20 Sw-2# run show spanning-tree mstp configuration MSTP information Context identifier : 0 Region name : juniper Revision : 1 "Pass Any Exam. Any Time." - www.actualtests.com 95
Juniper JN0-643 Exam Configuration digest : 0x387b5f2ea2394b14e091f0921ee7b9a8 MSTI Member VLANs 0 0-9,11-14,16-19,21-4094 1 10,15 2 20 A. There will be only one MSTI 2 root bridge. B. There will be only one CST root bridge. C. Sw-1 and Sw-2 are in different MSTP regions. D. There will be only one CIST root bridge. Answer: C Explanation:
QUESTION NO: 103 -- Exhibit -Interface State Area DR ID BDR ID Nbrs em2.0 DR 0.0.0.2 10.94.164.116 10.1.1.1 1 Type: LAN, Address: 11.1.1.2, Mask: 255.255.255.252, MTU: 1500, Cost: 1 DR addr: 11.1.1.2, BDR addr: 11.1.1.1, Priority: 128 Adj count: 1 Hello: 10, DeaD. 40, ReXmit: 5, Stub Auth type: None Protection type: None Topology default (ID 0) -> Cost: 1 -- Exhibit -Click the Exhibit button. Referring to the exhibit, which statement is true? "Pass Any Exam. Any Time." - www.actualtests.com 96
Juniper JN0-643 Exam A. The OSPF cost of the interface is 128. B. The authentication type of the area is MD5. C. This interface is part of a stub area. D. This router is the BDR. Answer: C
97

JN0 643

Загружено:

Сведения о документе

Исходное описание:

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

JN0 643

Загружено:

Авторское право:

Доступные форматы

Juniper JN0-643

Enterprise Routing and Switching, Professional (JNCIP-ENT)

Juniper JN0-643 Exam B. BGPv4 C. ES-ISv1 D. OSPFv3 Answer: D Explanation:

"Pass Any Exam. Any Time." - www.actualtests.com

Juniper JN0-643 Exam Answer: B Explanation:

QUESTION NO: 8 Which protocol reachability is advertised by OSPFv2? A. IPv4

"Pass Any Exam. Any Time." - www.actualtests.com

Juniper JN0-643 Exam B. IPv5 C. IPv6 D. ISO Answer: D Explanation:

"Pass Any Exam. Any Time." - www.actualtests.com

"Pass Any Exam. Any Time." - www.actualtests.com

Juniper JN0-643 Exam Answer: B,C,D Explanation:

QUESTION NO: 16 "Pass Any Exam. Any Time." - www.actualtests.com 7

"Pass Any Exam. Any Time." - www.actualtests.com

Juniper JN0-643 Exam

"Pass Any Exam. Any Time." - www.actualtests.com

"Pass Any Exam. Any Time." - www.actualtests.com

"Pass Any Exam. Any Time." - www.actualtests.com

"Pass Any Exam. Any Time." - www.actualtests.com

What would you add to implement these policies?

"Pass Any Exam. Any Time." - www.actualtests.com

Juniper JN0-643 Exam B. OSPF C. PIM D. CDP Answer: A Explanation:

"Pass Any Exam. Any Time." - www.actualtests.com

Juniper JN0-643 Exam Explanation:

Juniper JN0-643 Exam Answer: D Explanation:

"Pass Any Exam. Any Time." - www.actualtests.com

Juniper JN0-643 Exam

QUESTION NO: 49 -- Exhibit

"Pass Any Exam. Any Time." - www.actualtests.com

QUESTION NO: 50 -- Exhibit -"Pass Any Exam. Any Time." - www.actualtests.com 23

"Pass Any Exam. Any Time." - www.actualtests.com

QUESTION NO: 53 -- Exhibit

QUESTION NO: 54 -- Exhibit

"Pass Any Exam. Any Time." - www.actualtests.com

QUESTION NO: 55 -- Exhibit

"Pass Any Exam. Any Time." - www.actualtests.com

Juniper JN0-643 Exam

"Pass Any Exam. Any Time." - www.actualtests.com

QUESTION NO: 57 -- Exhibit

"Pass Any Exam. Any Time." - www.actualtests.com

"Pass Any Exam. Any Time." - www.actualtests.com

"Pass Any Exam. Any Time." - www.actualtests.com

QUESTION NO: 59 -- Exhibit

Juniper JN0-643 Exam C. R3 D. R2-R4 Answer: C Explanation:

"Pass Any Exam. Any Time." - www.actualtests.com

QUESTION NO: 61 -- Exhibit

"Pass Any Exam. Any Time." - www.actualtests.com

Juniper JN0-643 Exam

Medium high any 1 <default-drop-profile> High any 1 <default-drop-profile>

Medium high any 1 <default-drop-profile> High any 1 <default-drop-profile>

"Pass Any Exam. Any Time." - www.actualtests.com

"Pass Any Exam. Any Time." - www.actualtests.com

Juniper JN0-643 Exam

"Pass Any Exam. Any Time." - www.actualtests.com

Juniper JN0-643 Exam

"Pass Any Exam. Any Time." - www.actualtests.com

QUESTION NO: 67 -- Exhibit

QUESTION NO: 68 -- Exhibit

"Pass Any Exam. Any Time." - www.actualtests.com

Juniper JN0-643 Exam Explanation:

QUESTION NO: 69 -- Exhibit

QUESTION NO: 70 -- Exhibit "Pass Any Exam. Any Time." - www.actualtests.com 49

Juniper JN0-643 Exam