JN0-343 563q

JN0-343.examcollection.premium.exam.
563q
Number: JN0-343
Passing Score: 800
Time Limit: 120 min
File Version: 9.0
JN0-343
Juniper Networks Certified Internet Specialist (JNCIS-ENT)
Version 9.0
Sections
1. Volume A
2. Volume B
3. Volume C
4. Volume D
5. Volume E
Exam A
QUESTION 1
How much overhead does the GRE header add to an IPv4 packet?
A.
B.
C.
D.
24 bytes
32 bytes
48 bytes
64 bytes
Correct Answer: A
Section: Volume A
Explanation
Explanation/Reference:
QUESTION 2
Based on the exhibit, in which spanning-tree state would the indicated port be?
A.
B.
C.
D.
listening
learning
forwarding
blocking
Correct Answer: C
Section: Volume A
Explanation
QUESTION 3
Which OSPF area type can contain Type 7 LSAs?
A.
B.
C.
D.
backbone
not-so-stubby
stub
totally stubby
Correct Answer: B
Section: Volume A
Explanation
QUESTION 4
Which two pieces of information are communicated by IS-IS TLVs? (Choose two.)
A.
B.
C.
D.
network protocols supported

designated router priority
authentication key
PDU Length
Correct Answer: AC
Section: Volume A
Explanation
QUESTION 5
Which configuration disables a port when more than 30,000 Kbps of broadcast traffic is received over an aggregated Ethernet interface with two member links?
A.
B.
C.
D.
Option A
Option B
Option C
Option D
Correct Answer: C
Section: Volume A
Explanation
QUESTION 6
Given the following output, what has been configured for the 192.168.3.0/24 prefix?
A.
B.
C.
D.
per-flow load balancing

a floating static route
per-packet load balancing
a qualified next hop
Correct Answer: A
Section: Volume A
Explanation
QUESTION 7
Which two of the following are functions of the BGP update message? (Choose two.)
A.
B.
C.
D.
It withdraws routes that are no longer valid.

It notes that an unsupported option is detected from the open message.
It transports routing information between BGP peers.
It readvertises routes that have already been sent and acknowledged.
Correct Answer: AC
Section: Volume A
Explanation
QUESTION 8
Which routing-instance type allows the sharing of interface routes and the support features used in source-based routing?
A.
B.
C.
D.
virtual-router
vrf
forwarding
multi-instance
Correct Answer: C
Section: Volume A
Explanation
QUESTION 9
What is the minimum configuration necessary to create two VLANs and two operational RVIs?
A. Option A
B. Option B
C. Option C
D. Option D
Correct Answer: B
Section: Volume A
Explanation
QUESTION 10
Which statement describes the default Junos OS behavior for OSPF?
A.
B.
C.
D.
External LSAs are advertised in a stub area.

An ABR does not announce a default route into a stub area.
Stub area internal routers generate a default route.
Only totally stubby areas need a default route.
Correct Answer: B
Section: Volume A
Explanation
QUESTION 11
What are two valid BPDU types? (Choose two.)
A.
B.
C.
D.
topology change notification

configuration change
configuration
root bridge
Correct Answer: AC
Section: Volume A
Explanation
QUESTION 12
Which of the following is enabled by default on an EX Series switch?
A. MAC move limiting
B. storm control
C. IP source guard
D. dynamic ARP inspection
Correct Answer: B
Section: Volume A
Explanation
QUESTION 13
Which three statements correctly describe the default BGP advertisement behavior in the Junos OS? (Choose three.)
A.
B.
C.
D.
E.
Routes learned through EBGP are advertised to IBGP peers.

Routes learned through EBGP are advertised to other EBGP peers.
Routes learned through IBGP are advertised to other IBGP peers.
Routes learned through IBGP will be advertised to EBGP peers.
Routes learned through an IGP are automatically advertised to EBGP peers.
Correct Answer: ABD

Section: Volume A
Explanation
QUESTION 14
When loop protection is enabled on an interface, what happens when the port stops receiving BPDUs?
A.
B.
C.
D.
The port is placed in a loop-inconsistent role.

The port is placed into listening mode.
The port is transitioned into a forwarding state.
The interface is disabled.
Correct Answer: A
Section: Volume A
Explanation
QUESTION 15
Which OSPF LSA type is sent by all routers in an area to advertise its connected subnets?
A. router
B. network
C. external
D. summary
Correct Answer: A
Section: Volume A
Explanation
QUESTION 16
Which command correctly assigns AS 65432 as the local router's autonomous system?
A.
B.
C.
D.
set protocols bgp local-as 65432

set routing-options local-as 65432
set protocols bgp autonomous-system 65432
set routing-options autonomous-system 65432
Correct Answer: D
Section: Volume A
Explanation
QUESTION 17
Which statements are true about graceful Routing Engines switchover (GRES)?
A.
B.
C.
D.
Configuration on both Routing Engines must be synchronized.

The backup Routing Engine cannot be managed through IP address because RPD does not run on backup the Routing Engine.
Different hostnames must be configured on both Routing-Engines.
Both Routing-Engines are managed through a single out-of-band-management IP address.
Correct Answer: A
Section: Volume A
Explanation
QUESTION 18
Configuring bpdu-timeout-action enables which protection mechanism?
A. root protection
B. BPDU protection
C. loop protection
D. RSTP protection
Correct Answer: C
Section: Volume A
Explanation
QUESTION 19
Which Junos command correctly configures the ge-0/0/0.0 interface to operate only for IS-IS Level 2?
A.
B.
C.
D.
set interfaces ge-0/0/0.0 family iso level 2 enable

set interfaces ge-0/0/0.0 family iso level 1 disable
set protocols isis interface ge-0/0/0.0 level 2 enable
set protocols isis interface ge-0/0/0.0 level 1 disable
Correct Answer: D
Section: Volume A
Explanation
QUESTION 20
Which two OSPF LSA types can be used to advertise routes between areas? (Choose two.)
A.
B.
C.
D.
router
network
external
summary
Correct Answer: CD
Section: Volume A
Explanation
QUESTION 21
An administrator finds that traffic from a large file download over an HTTP session is not load-balanced across multiple links in a LAG. What is the possible cause?
A. Per-packet load-balancing is not configured.
B. The redundant path has a different IGP metric.

C. The hash key is not configured in the forwarding-options stanza.
D. This is the expected behavior.
Correct Answer: D
Section: Volume A
Explanation
QUESTION 22
In the following output, what does the asterisk indicate?
A.
B.
C.
D.
The interface is configured as a trunk.

The interface is configured for spanning-tree protocol.
The interface is active.
The interface is inactive.
Correct Answer: C
Section: Volume A
Explanation
QUESTION 23
What is the default behavior of a trunk port when it receives transit traffic without a VLAN tag?
A. It drops the traffic.
B. It forwards the traffic.
C. It tags the transit traffic with lowest VLAN ID permitted on the trunk.
D. It tags the transit traffic with highest VLAN ID permitted on the trunk.
Correct Answer: A
Section: Volume A
Explanation
QUESTION 24
Which configuration correctly sets interface ge-0/0/4 in trunk mode, carrying VLANs v10 and v20?
A. ge-0/0/4 {
unit 0 {
family ethernet-switching {
vlan {
members [ v10 v20 ];
}
}
}
}
B. ge-0/0/4 {
unit 0 {
port-mode trunk;
vlan {
}
}
}
}
C. ge-0/0/4 {
vlan-tagging;
unit 0 {
port-mode trunk;
vlan {
}
}
}
}
D. ge-0/0/4 {
unit 10 {
family ethernet-switching;
}
unit 20 {
}
}
Correct Answer: B
Section: Volume A
Explanation
QUESTION 25
Which configuration summarizes external routes in the 172.16.0.0/22 range into a single prefix on an ABR for Area 1?
A. protocols {
ospf {
area 0.0.0.1 {
nssa {
default-lsa {
default-metric 1;
metric-type 1;
}
}
area-range 172.16.0.0/22;
}
}
}
B. protocols {
ospf {
area 0.0.0.1 {
nssa {
area-range 172.16.0.0/22;
}
}
}
}
C. protocols {
ospf {
area 0.0.0.1 {
stub summaries;
}
}
}
D. protocols {
ospf {
area 0.0.0.1 {
nssa;
area-range 172.16.0.0/22 restrict;
}
}
}
Correct Answer: B
Section: Volume A
Explanation
QUESTION 26
What is the correct sequence of OSPF adjacency formation?
A.
B.
C.
D.
Down, Init, ExStart, 2way, Loading, Exchange, Full

Down, 2way, Init, ExStart, Exchange, Loading, Full
Down, Init, 2way, ExStart, Exchange, Loading, Full
Down, Init, 2way, Loading, ExStart, Exchange, Full
Correct Answer: C
Section: Volume A
Explanation
QUESTION 27
Which BGP attributes are listed in the correct route selection order?
A.
B.
C.
D.
local preference, AS path, origin, MED

local preference, MED, AS path, origin
AS path, local preference, origin, MED
MED, origin, local preference, AS path
Correct Answer: A
Section: Volume A
Explanation
QUESTION 28
When processing inbound Ethernet frames, which firewall filter is evaluated first by an EX Series switch?
A. port filter
B. VLAN filter
C. trunk filter
D. route filter
Correct Answer: A
Section: Volume A
Explanation
QUESTION 29
Which of the following can be used for both security and loop prevention?
A.
B.
C.
D.
firewall filters
DHCP snooping
dynamic ARP inspection
MAC move limiting
Correct Answer: D
Section: Volume A
Explanation
QUESTION 30
Which protocol is an IGP?
A.
B.
C.
D.
LACP
STP
OSPF
PAGP
Correct Answer: C
Section: Volume A
Explanation
QUESTION 31
What is the default OSPF designated router (DR) priority?
A. 0
B. 64
C. 128
D. 255
Correct Answer: C
Section: Volume A
Explanation
QUESTION 32
Which instance type is used when configuring filter-based forwarding?
A.
B.
C.
D.
vrf
forwarding
virtual-router
fbf
Correct Answer: B
Section: Volume A
Explanation
QUESTION 33
What are three states for RSTP? (Choose three.)
A.
B.
C.
D.
E.
discarding
blocking
listening
learning
forwarding
Correct Answer: ADE

Section: Volume A
Explanation
QUESTION 34
Which statement regarding redundant trunk groups (RTGs) is true?
A. STP and RTG can be configured on the same interface.
B. An aggregated interface can be a member of an RTG.

C. Members of an RTG can carry different VLANs.
D. An RTG can contain up to 16 member links.
Correct Answer: B
Section: Volume A
Explanation
QUESTION 35
When the DF bit is set, which two actions will a router perform by default on a packet that is larger than the MTU of the interface? (Choose two.)
A.
B.
C.
D.
The router drops the packet.

The router sends an ICMP MTU exceeded message to the source.
The router fragments and forwards the packet.
The router generates a syslog message indicating that a packet was dropped due to the exceeded MTU.
Correct Answer: AB
Section: Volume A
Explanation
QUESTION 36
Which two commands can be used to show the content of a bridge table? (Choose two.)
A.
B.
C.
D.
show ethernet-switching table

show route forwarding-table family ethernet-switching
show bridging table
show forwarding table
Correct Answer: AB
Section: Volume A
Explanation
QUESTION 37
During OSPF neighbor adjacency formation, in which state is the initial database descriptor sequence number chosen?
A. 2Way
B. ExStart
C. Exchange
D. Loading
Correct Answer: B
Section: Volume A
Explanation
QUESTION 38
A network with five switches has been configured to run Rapid Spanning Tree Protocol (RSTP) with default settings. How many seconds does it take to detect a failure
between two neighboring switches?
A.
B.
C.
D.
2 seconds
3 seconds
6 seconds
15 seconds
Correct Answer: C
Section: Volume A
Explanation
Reference: Page 3-14 of the JNCIS-ENT Routing Study Guide - "As previously mentioned, STP uses BPDUs to elect a root bridge, identify root ports for each switch,
identify designated ports for each physical LAN segment, prune specific redundant links to create a loop-free tree topology, and report and acknowledge topology
changes. RSTP configuration BPDUs also function as keepalives. All RSTP bridges send configuration BPDUs every 2 seconds by default. You can alter this value, if
necessary."
QUESTION 39
Which side of the OSPF router initiates the database description exchange?
A.
B.
C.
D.
the side with the higher IP address

the side with the higher router ID
the side with the higher priority
the side with the higher uptime
Correct Answer: B
Section: Volume A
Explanation
QUESTION 40
Two routers functioning as DR other on a broadcast link will establish which kind of OSPF neighbor state with each other?
A.
B.
C.
D.
Exchange
2Way
ExStart
Full
Correct Answer: B
Section: Volume A
Explanation
QUESTION 41
Which statement regarding the benefits of using GRE instead of IP-IP tunneling is true?
A.
B.
C.
D.
GRE supports both IP traffic and non-IP traffic.

GRE supports encryption.
GRE supports private IP addresses over the Internet.
GRE supports authentication.
Correct Answer: A
Section: Volume A
Explanation
QUESTION 42
Given that ge-0/1/1 is set up as a trunk port, which command set will NOT successfully set the trunk to carry VLANs 10 and 11?
A.
B.
C.
D.
set interfaces ge-0/1/1.0 family ethernet-switching vlan members [Vlan10 Vlan11]

set interfaces ge-0/1/1.0 family ethernet-switching vlan members Vlan10 members Vlan11
set interfaces ge-0/1/1.0 family ethernet-switching vlan members Vlan10,Vlan11
set interfaces ge-0/1/1.0 family ethernet-switching vlan members Vlan10set interfaces ge-0/1/1.0 family ethernet-switching vlan members Vlan11
Correct Answer: C
Section: Volume A
Explanation
QUESTION 43
Which two statements are true regarding a designated intermediate system (DIS) in an IS-IS network? (Choose two.)
A.
B.
C.
D.
It performs a similar role to the designated router (DR) in OSPF.

It is not allowed to send any PDUs on a designated intermediate system (DIS).
A backup DIS is not elected.
DIS selection uses the router's IP address as a tiebreaker.
Correct Answer: AC
Section: Volume A
Explanation
QUESTION 44
Which operational command can verify load balancing?
A.
B.
C.
D.
show route details

show route table inet.0 extensive
show route forwarding-table family inet
show configuration forwarding-options
Correct Answer: C
Section: Volume A
Explanation
QUESTION 45
By default, how is the best IGP path determined when there are multiple equal-cost paths to a destination?
A.
B.
C.
D.
first one learned

most recent one learned
random choice
highest next-hop IP address
Correct Answer: C
Section: Volume A
Explanation
QUESTION 46
Which STP protection feature should you use to prevent an inadvertent change in topology caused by the receipt of a superior BPDU on an access interface?
A.
B.
C.
D.
BPDU protection
loop protection
root protection
topology protection
Correct Answer: C
Section: Volume A
Explanation
QUESTION 47
Which Junos operational mode command displays all BGP routes sent to the 172.16.1.1 peer?
A.
B.
C.
D.
show route sent-routes bgp 172.16.1.1

show route send-protocol bgp 172.16.1.1
show route advertised-routes bgp 172.16.1.1
show route advertising-protocol bgp 172.16.1.1
Correct Answer: D
Section: Volume A
Explanation
QUESTION 48
Which option shows the configuration syntax for a routed VLAN interface on an EX Series switch?
A. interfaces {
vlan {
unit 10 {
family inet {
address 1.1.1.1/24;
}
}
}
}
vlans {
VLAN10 {
vlan-id 10;
routing-interface vlan.10;
}
}
B. interfaces {
vlan {
unit 10 {
family inet {
address 1.1.1.1/24;
}
}
}
}
vlans {
VLAN10 {
vlan-id 10;
l3-interface vlan.10;
}
}
C. vlans {
VLAN10 {
vlan-id 10;
family inet {
address 1.1.1.1/24;
}
}
}
D. interfaces {
vlan {
unit 10 {
family inet {
address 1.1.1.1/24;
}
}
}
}
vlans {
VLAN10 {
vlan-id 10;
}
}
Correct Answer: B
Section: Volume A
Explanation
QUESTION 49
Which of the following is a spanning tree option in EX Series switches?
A.
B.
C.
D.
MAC move limiting

root protection
root guard
BPDU source guard
Correct Answer: B
Section: Volume A
Explanation
QUESTION 50
Which type of route is shown in the following output?
A.
B.
C.
D.
generate
aggregate
static
floating static
Correct Answer: A
Section: Volume A
Explanation
QUESTION 51
You have connected a spanning-tree-enabled device to your spanning-tree-enabled switch, but the switch port does not forward traffic, even after you remove the device.
Which command do you use to re-enable forwarding?
A. clear interface status
B. clear spanning-tree blocking

C. clear ethernet-switching bpdu-error
D. clear ethernet-switching port-error
Correct Answer: C
Section: Volume A
Explanation
QUESTION 52
Which BGP attribute can modify only an adjacent AS's optimal entry point into the local AS?
A.
B.
C.
D.
MED
local preference
AS path
community
Correct Answer: A
Section: Volume A
Explanation
QUESTION 53
A generated route is used to create a route of last resort when BGP routes from the 10.0.0.0/23 block are present. Given the following output, which next hop will be used
as the forwarding next hop for the generated route?
A.
B.
C.
D.
172.16.0.2
172.16.0.6
172.16.0.10
172.16.0.14
Correct Answer: A
Section: Volume A
Explanation
QUESTION 54
What is the default interval for a VRRP advertisement?
A.
B.
C.
D.
1 second
2 seconds
10 seconds
30 seconds
Correct Answer: A
Section: Volume A
Explanation
QUESTION 55
Which statement about LACP is true?
A.
B.
C.
D.
LACP is enabled by default on aggregated Ethernet interfaces.

LACP is enabled by default on redundant trunk groups.
The default mode of operation of an LACP interface is passive.
At least one side of an LACP session must be configured as passive.
Correct Answer: C
Section: Volume A
Explanation
QUESTION 56
Under which hierarchy do you configure BGP neighbors?
A.
B.
C.
D.
*[edit protocols bgp]*

*[edit interfaces]*
*[edit routing-options]*
*[edit policy-options]*
Correct Answer: A
Section: Volume A
Explanation
QUESTION 57
What is one benefit of a switched LAN?
A.
B.
C.
D.
It enables the LAN to forward non-IP traffic.

It ensures that all hosts can reach each other by flooding all traffic to all ports.
It limits memory use by eliminating the need for a bridging table.
It limits the collision domain.
Correct Answer: D
Section: Volume A
Explanation
QUESTION 58
What are two mandatory BGP attributes? (Choose two.)
A.
B.
C.
D.
route preference
origin
AS path
originator
Correct Answer: BC
Section: Volume A
Explanation
QUESTION 59
By default, what is the IP time-to-live (TTL) value for an EBGP session?
A.
B.
C.
D.
1
63
128
255
Correct Answer: A
Section: Volume A
Explanation
QUESTION 60
Which OSPF LSA type has a domain flooding scope?
A.
B.
C.
D.
router
network
external
summary
Correct Answer: C
Section: Volume A
Explanation
QUESTION 61
On a broadcast, multi access network, which two criteria are used for electing a designated intermediate system? (Choose two.)
A.
B.
C.
D.
E.
router priority
sub network point of attachment
pseudo node ID
interface IP address
IS-IS TLV 3
Correct Answer: AB
Section: Volume A
Explanation
QUESTION 62
Which command verifies that graceful Routing Engine switchover (GRES) is operational?
A.
B.
C.
D.
show system switchover on the master RE

show system switchover on the backup RE
show task replication on the master RE
show task replication on the backup RE
Correct Answer: B
Section: Volume A
Explanation
QUESTION 63
Which command on an EX Series switch allows for the configuration of the duplex setting on multiple interfaces at the same time?
A.
B.
C.
D.
interface-range
apply-path
interface-group
port-range
Correct Answer: A
Section: Volume A
Explanation
QUESTION 64
You have two ABRs in the same NSSA area. What translates Type 7 LSAs to Type 5 LSAs?
A.
B.
C.
D.
The ABR with the highest RID.

The ABR with the lowest RID.
Both ABRs will translate.
The ABR configured with the area-range statement.
Correct Answer: A
Section: Volume A
Explanation
QUESTION 65
What is the default value of the TTL in a VRRP advertisement?
A.
B.
C.
D.
0 TTL
1 TTL
64 TTL
255 TTL
Correct Answer: D
Section: Volume A
Explanation
QUESTION 66
Which port is selected as the designated port if a designated bridge has multiple ports connected to a LAN segment?
A.
B.
C.
D.
The port with the highest port ID

The port with the highest MAC address
The port with the lowest port ID
The port with the lowest MAC address
Correct Answer: C
Section: Volume A
Explanation
QUESTION 67
Which communication protocol does IS-IS use?
A.
B.
C.
D.
CLNP
LACP
STP
L2TP
Correct Answer: A
Section: Volume A
Explanation
QUESTION 68
Filter-based forwarding requires a match filter, a routing instance, and which of the following?
A.
B.
C.
D.
a route map
a RIB group
a next hop
a policy map
Correct Answer: B
Section: Volume A
Explanation
QUESTION 69
Which command can be used to verify whether a BGP prefix is being advertised to a specific neighbor?
A.
B.
C.
D.
show route protocol bgp <neighbor>

show bgp summary <neighbor>
show bgp neighbor <prefix>
show route advertising-protocol bgp <neighbor>
Correct Answer: D
Section: Volume A
Explanation
QUESTION 70
Which two statements are true regarding an RVI? (Choose two.)
A.
B.
C.
D.
An RVI must be in an EX Series switch to enable routing between VLAN segments.

An RVI does not require an IP address.
An RVI is a Layer 3 logical interface.
An RVI cannot coexist in an interface configuration if the switch performs Layer 2 operations.
Correct Answer: AC
Section: Volume A
Explanation
QUESTION 71
Which two BGP message types are valid? (Choose two.)
A.
B.
C.
D.
refresh
acknowledge
keepalive
withdraw
Correct Answer: AC
Section: Volume A
Explanation
QUESTION 72
Which virtual interface is used to configure a GRE tunnel?
A.
B.
C.
D.
gre-0/0/0
ip-0/0/0
vt-0/0/0
gr-0/0/0
Correct Answer: D
Section: Volume A
Explanation
QUESTION 73
Which configuration is used for IP6-over-IP4 tunnels?
A. set interfaces gr-0/0/0 encapsulation inetv6
set interfaces gr-0/0/0 unit 0 tunnel source 10.0.1.1
set interfaces gr-0/0/0 unit 0 tunnel destination 10.0.0.1
set interfaces gr-0/0/0 unit 0 family inet address fec0:0:1006::1/126
B. set interfaces gr-0/0/0 unit 0 tunnel source 10.0.1.1
set interfaces gr-0/0/0 unit 0 family inetv6 address fec0:0:1006::1/126
C. set interfaces gr-0/0/0 unit 0 tunnel source fec0:0:1006::1/126
set interfaces gr-0/0/0 unit 0 tunnel destination fec0:0:2006::1/126
set interfaces gr-0/0/0 unit 0 family inet address 10.0.0.1
D. set interfaces gr-0/0/0 unit 0 tunnel source 10.0.1.1
set interfaces gr-0/0/0 unit 0 family inet6 address fec0:0:1006::1/126
Correct Answer: D
Section: Volume A
Explanation
QUESTION 74
How does a Level 1 IS-IS router reach destinations outside its own area?
A.
B.
C.
D.
through the closest Level 1 router

along the best path to the destination
through the closest Level 1/2 router
through the closest designated intermediate system (DIS)
Correct Answer: C
Section: Volume A
Explanation
QUESTION 75
What is the primary purpose of the LLDP-MED?

A.
B.
C.
D.
It learns the MAC address of the peer device.

It communicates the provisioned VLAN ID to the peer device.
It eliminates the need for a spanning tree.
It authenticates the peer device.
Correct Answer: B
Section: Volume A
Explanation
QUESTION 76
Which protocol is an EGP?
A.
B.
C.
D.
OSPF
TCP
BGP
STP
Correct Answer: C
Section: Volume A
Explanation
QUESTION 77
Using standard metrics, what is the maximum path cost in IS-IS?
A.
B.
C.
D.
15
16
63
1023
Correct Answer: D
Section: Volume A
Explanation
QUESTION 78
Which statement is true about IS-IS PDUs?

A.
B.
C.
D.
CSNPs are exchanged only during initial adjacency establishment when a complete LSDB is being built.
PSNPs contain header information for all link-state PDUs in the IS-IS database.
Both the DIS and the backup DIS broadcast CSNPs over a broadcast link.
Separate CSNP and PSNP types exist for Level 1 and Level 2 systems.
Correct Answer: D
Section: Volume A
Explanation
QUESTION 79
Which type of protocol is OSPF?
A.
B.
C.
D.
link-state protocol
distance-vector protocol
path-vector protocol
modified distance-vector protocol
Correct Answer: A
Section: Volume A
Explanation
QUESTION 80
Click on the Exhibit button.
Based on the exhibit, which step in the BGP route-selection process causes the router to choose the selected path?
A.
B.
C.
D.
MED
metric to next hop
local preference
neighbor ID
Correct Answer: A
Section: Volume A
Explanation
QUESTION 81
Which two fields in an OSPF hello packet must match before OSPF neighbors can form an adjacency? (Choose two.)
A.
B.
C.
D.
dead interval
neighbor
options
router priority
Correct Answer: AC
Section: Volume A
Explanation
QUESTION 82
Which statement regarding internal BGP sessions is true?
A.
B.
C.
D.
Routers advertise all BGP-learned routes to all internal BGP neighbors.

The TTL of BGP control packets is set to 255.
Peering sessions only use physical interface IP addresses.
Plain text authentication can be used.
Correct Answer: B
Section: Volume A
Explanation
QUESTION 83
When does a root-protected port transition back to the forwarding state?
A.
B.
C.
D.
It does not transition back.

It transitions after 20 seconds.
It transitions when cleared by the operator.
It transitions when superior BPDUs are no longer received.
Correct Answer: D
Section: Volume A
Explanation
QUESTION 84
When using the factory-default configuration, which VLAN is assigned to all interfaces on an EX Series switch?
A.
B.
C.
D.
vlan1
native
default
unnumbered
Correct Answer: C
Section: Volume A
Explanation
QUESTION 85
Which configuration provides connectivity from the test routing instance to the 192.168.3.0/24 subnet in inet.0?
A. routing-options {
static {
rib-group master2test.inet.0;
route 192.168.3.0/24 next-hop 10.0.0.2;
}
rib-groups {
master2test.inet.0 {
import-rib [ inet.0 test.inet.0 ];
import-policy onlyStatic;
}
}
}
policy-options {
policy-statement onlyStatic {
term 1 {
from protocol static;
then accept;
}
term 2 {
then reject;
}
}
}
routing-instances {
test {
instance-type forwarding;
interface ge-0/0/0.500;
}
}
B. routing-options {
static {
route 192.168.3.0/24 next-hop 10.0.0.2;
}
rib-groups {
master2test.inet.0 {
export-rib inet.0;
import-rib [ inet.0 test.inet.0];
import-policy onlyStatic;
}
}
}
policy-options {
term 1 {
from protocol static;
then accept;
}
term 2 {
then reject;
}
}
}
routing-instances {
test {
}
}
C. routing-options {
static {
route 192.168.3.0/24 next-hop 10.0.0.2;
}
}
policy-options {
term 1 {
from {
instance master;
protocol static;
}
then accept;
}
term 2 {
then reject;
}
}
}
routing-instances {
test {
routing-options {
instance-import onlyStatic;
}
}
}
D. routing-options {
static {
route 192.168.3.0/24 next-table test.inet.0;
}
}
routing-instances {
test {
}
}
Correct Answer: A
Section: Volume A
Explanation
QUESTION 86
Which feature of the Junos OS installs routes in multiple routing tables?
A.
B.
C.
D.
RIB groups
virtual routers
forwarding table policy
routing table policy
Correct Answer: A
Section: Volume A
Explanation
QUESTION 87
Given the attached exhibit, what will happen to traffic sourced from 192.168.1.100 and destined to 172.16.1.69/32?
A.
B.
C.
D.
It will use the default route.

It will be routed to 10.17.0.1.
It will be routed to 10.32.0.1.
It will be dropped.
Correct Answer: C
Section: Volume A
Explanation
QUESTION 88
Which statement describes IS-IS operation?
A.
B.
C.
D.
Routes in a Level 2 area are advertised into Level 1 areas by default.

To advertise Level 2 routes into a Level 1 area, an export policy must be configured.
Level 1 routes are not advertised into Level 2 by default.
The Level 2 router advertises a default route into Level 1.
Correct Answer: B
Section: Volume A
Explanation
QUESTION 89
By default, how frequently does the designated intermediate system (DIS) send out its hello packets?
A.
B.
C.
D.
3 seconds
6 seconds
9 seconds
12 seconds
Correct Answer: A
Section: Volume A
Explanation
QUESTION 90
Which Junos operational command displays all operational IS-IS neighbors?
A.
B.
C.
D.
show isis interface

show isis database
show isis neighbors
show isis adjacency
Correct Answer: D
Section: Volume A
Explanation
QUESTION 91
Which two statements are true about IS-IS? (Choose two.)
A.
B.
C.
D.
All level 2 PDUs are flooded to Level 1 by default.

All level 1 PDUs are flooded to Level 2 by default.
Both Level 1 and Level 2 adjacencies can exist on the same interface.
Level 2 external routes are always available in Level 1.
Correct Answer: BC
Section: Volume A
Explanation
QUESTION 92
In which state is an interface placed if root-protect is enabled and a superior BPDU is received?
A.
B.
C.
D.
root
blocking
forwarding
alternate
Correct Answer: B
Section: Volume A
Explanation
QUESTION 93
What does the OSPF LSA Type 3 summarize?
A.
B.
C.
D.
the interfaces and neighbors of routers

the router IDs of routers from other areas
an Ethernet segment
topology information from other areas
Correct Answer: D
Section: Volume A
Explanation
QUESTION 94
Which two LSA types are only generated by area border routers? (Choose two.)
A.
B.
C.
D.
Type 2
Type 3
Type 4
Type 5
Correct Answer: BC
Section: Volume A
Explanation
QUESTION 95
Which configuration correctly assigns the deny-telnet firewall filter as an input filter to all ports in VLAN 200?
A. user@switch> show configuration vlans
v200 {
vlan-id 200;
vlan-filter input deny-telnet;
}
B. user@switch> show configuration vlans
v200 {
vlan-id 200;
filter {
input deny-telnet;
}
}
C. user@switch> show configuration interface ge-0/0/10.0
vlan {
members v200;
vlan-filter input deny-telnet;

}
}
D. user@switch> show configuration interface ge-0/0/10.0
vlan {
members v200;
}
filter {
input deny-telnet;
}
}
Correct Answer: B
Section: Volume A
Explanation
QUESTION 96
Which step in the configuration of filter-based forwarding controls the selection of tables that will share interface routes?
A.
B.
C.
D.
configuration of the RIB group

configuration of the routing instance
configuration of the filter match terms
configuration of member interfaces
Correct Answer: A
Section: Volume A
Explanation
QUESTION 97
Which two of the following are contained in an OSPF hello packet? (Choose two.)
A.
B.
C.
D.
hello interval
dead interval
ex-start
link-state update
Correct Answer: AB
Section: Volume A
Explanation
QUESTION 98
What is the default value of the link-state advertisement (LSA) refresh timer in the Junos OS?
A.
B.
C.
D.
10 minutes
30 minutes
50 minutes
60 minutes
Correct Answer: C
Section: Volume A
Explanation
QUESTION 99
Which of the following is true of external LSAs in the Junos OS?
A.
B.
C.
D.
External LSAs are of Type 4.

Type 2 external LSAs do not consider internal reachability metrics.
The route preferences for Type 1 and Type 2 External LSA is 150 and 155, respectively.
Type 7 LSAs are never allowed in not-so-stubby areas.
Correct Answer: B
Section: Volume A
Explanation
QUESTION 100
A new switch is added to an existing network with three switches already in place. Which attribute must be configured within the spanning-tree protocol to ensure the new
switch is the root bridge?
A.
B.
C.
D.
root-id
port-id
bridge priority
system MAC address
Correct Answer: C
Section: Volume A
Explanation
QUESTION 101
At which configuration hierarchy level is a static bridge table entry configured?
A.
B.
C.
D.
[ interfaces interface-name ]
[ protocols ]
[ ethernet-switching-options ]
[ forwarding-options ]
Correct Answer: C
Section: Volume B
Explanation
QUESTION 102
BGP is best described as what type of routing protocol?
A.
B.
C.
D.
link state
distance vector
path state
path vector
Correct Answer: D
Section: Volume B
Explanation
QUESTION 103
Which statement is correct about this configuration snippet?
A.
B.
C.
D.
Both voice and data traffic are tagged on ge-0/0/0.

Voice traffic is tagged on ge-0/0/0, but data traffic is not.
Data traffic is tagged on ge-0/0/0, but voice traffic is not.
Neither voice nor data traffic is tagged on ge-0/0/0.
Correct Answer: A
Section: Volume B
Explanation
Both VLAN's were tagged on the interface but done 2 different ways. The first adds the interface ge-0.0.0 to the VOIP vlan from the ethernet-switching-options voip
hierarchy, and the second adds the data vlan from the interface configuration hierarchy
QUESTION 104
What can cause a route learned through IBGP to be marked as hidden?
A.
B.
C.
D.
unreachable next hop

local preference
AS path loop
route preference
Correct Answer: A
Section: Volume B
Explanation
QUESTION 105
Which three parameters are used by the Junos OS to distinguish traffic flows for load balancing with load-balance per-packet configured? (Choose three).
A.
B.
C.
D.
E.
incoming interface
destination address
destination port
source address
source port
Correct Answer: ABD

Section: Volume B
Explanation
QUESTION 106
A switch port is sending both tagged and untagged traffic. What is its possible configuration?
A. {master:0}[edit interfaces ge-0/0/0]
user@switch# show
unit 0 {
port-mode access;
vlan {
members data;
}
}
}
B. {master:0}[edit interfaces ge-0/0/0]
user@switch# show
unit 0 {
port-mode trunk;
vlan {
members data;
}
}
}
C. {master:0}[edit interfaces ge-0/0/0]
user@switch# show
unit 0 {
port-mode access;
vlan {
members data;
}
native-vlan-id data;
}
}
D. [edit ethernet-switching-options]
user@switch# show
voip {
interface all;
vlan voiceVLAN;
forwarding-class expedited-forwarding;
}
}
[edit vlans]
user@switch# show
voiceVLAN {
vlan-id 3;
}
}
[edit interfaces]
user@switch# show
ge-0/1/1 {
unit 0 {
port-mode access;
}
}
}
Correct Answer: D
Section: Volume B
Explanation
QUESTION 107
Which feature will cause the port to transition into a blocking state when BPDUs are no longer being received?
A.
B.
C.
D.
RSTP
BPDU protection
loop protection
root protection
Correct Answer: C
Section: Volume B
Explanation
QUESTION 108
In the Junos OS, which attribute is used before the AS path in the BGP selection algorithm?
A.
B.
C.
D.
highest local preference

lowest local preference
lowest MED
weight
Correct Answer: A
Section: Volume B
Explanation
QUESTION 109
How many untagged VLANs can be configured on an EX Series switch port?
A.
B.
C.
D.
0
1
4095
4096
Correct Answer: B
Section: Volume B
Explanation
QUESTION 110
Which status for VRRP routers is NOT valid?
A.
B.
C.
D.
master
backup
transition
preempt
Correct Answer: D
Section: Volume B
Explanation
QUESTION 111
Which misconfiguration would cause an OSPF neighbor ship to be stuck in an ExStart state?
A.
B.
C.
D.
authentication mismatch
timer mismatch
subnet mismatch
MTU mismatch
Correct Answer: D
Section: Volume B
Explanation
QUESTION 112
Which configuration is used to send and receive untagged packets through a trunk port?
A.
B.
C.
D.
Option A
Option B
Option C
Option D
Correct Answer: B
Section: Volume B
Explanation
QUESTION 113
What is a requirement for link aggregation?

A.
B.
C.
D.
Member links must be on continuous ports.

Member links must be on the same switch in a Virtual Chassis.
The speed of the member links must be the same.
LACP must be configured.
Correct Answer: C
Section: Volume B
Explanation
QUESTION 114
Router D is advertising a path for the 10.0.0.0/8 network through BGP and AS 2 is advertising this path to AS 1. By default, what is the next hop for this path from router
A's perspective?
A.
B.
C.
D.
router D's loopback address

router B's loopback address
router B's interface address for the external BGP session from router B to router C
router C's interface address for the external BGP session from router B to router C
Correct Answer: D
Section: Volume B
Explanation
QUESTION 115
In a switched network with redundant paths, which frame does not require the implementation of a spanning tree to prevent a loop?
A.
B.
C.
D.
broadcast
unknown MAC address
known MAC address
ARP request
Correct Answer: C
Section: Volume B
Explanation
QUESTION 116
Which two statements are true regarding the default VLAN in EX Series switches?
(Choose two.)
A.
B.
C.
D.
All switch ports not specifically assigned to a user-defined VLAN belong to the default VLAN.
An administrator can change the VLAN ID of the default VLAN.
An interface that is part of the default VLAN cannot carry tagged traffic.
The show interface-command shows an asterisk (*) after the interface name if the interface is part of default VLAN.
Correct Answer: AB
Section: Volume B
Explanation
QUESTION 117
An operator can use the show vlans command with no options to determine which two of the following? (Choose two.)
A.
B.
C.
D.
Interfaces belonging to a VLAN

Link up or down status of an interface belonging to a VLAN
Known MAC addresses associated with a VLAN
IP address of the RVI associated with a VLAN
Correct Answer: AB
Section: Volume B
Explanation
QUESTION 118
Which two statements about GRE tunnels are true? (Choose two.)
A.
B.
C.
D.
GRE can be used to tunnel non-IP protocols, such as IPX.

GRE can provide encrypted communication.
GRE adds overhead of 16 bytes per packet.
GRE can be used to tunnel IPv6 traffic.
Correct Answer: AD
Section: Volume B
Explanation
QUESTION 119
Which BGP configuration option is required when peering with an IBGP neighbor using loopback addresses?
A.
B.
C.
D.
local-address
local-interface
update-source
source-address
Correct Answer: A
Section: Volume B
Explanation
QUESTION 120
Which BGP attribute is used to influence inbound traffic when two peering sessions to the same AS exist?
A.
B.
C.
D.
weight
local preference
router ID
MED
Correct Answer: D
Section: Volume B
Explanation
QUESTION 121
Which approach can you use to implement IPv6-over-IPv4 tunneling?
A.
B.
C.
D.
IPv4-compatible addressing
dual-stack implementations
IPsec
6PE
Correct Answer: C
Section: Volume B
Explanation
QUESTION 122
When two OSPF routers on a broadcast network are ready to exchange database descriptor packets, which router is responsible for setting the initial sequence number?
A.
B.
C.
D.
the DR
the BDR
the router with the higher RID
the router with the lower RID
Correct Answer: C
Section: Volume B
Explanation
QUESTION 123
Which feature is used to route traffic to a specified ISP based on the source address?
A.
B.
C.
D.
filter-based forwarding
BGP outbound policy
local preference
IP source routing
Correct Answer: A
Section: Volume B
Explanation
QUESTION 124
Which two forms of spanning-tree protection are offered by EX Series switches? (Choose two.)
A.
B.
C.
D.
BPDU protection
broadcast protection
core protection
root protection
Correct Answer: AD
Section: Volume B
Explanation
QUESTION 125
Which Junos OS operational mode command provides a high-level view of all configured BGP peers?
A.
B.
C.
D.
show bgp group

show bgp neighbor
show bgp summary
show bgp adjacency
Correct Answer: C
Section: Volume B
Explanation
QUESTION 126
Which configuration provides dynamic ARP inspection on access port ge-0/0/0?
A. secure-access-port {
interface ge-0/0/0.0 {
dhcp-trusted;
}
vlan vlan10 {
arp-inspection;
examine-dhcp;
}
}
B. secure-access-port {
dhcp-trusted;
}
vlan vlan10 {
dynamic-arp-inspection;
}
}
C. secure-access-port {
no-dhcp-trusted;
}
vlan vlan10 {
dynamic-arp-inspection;
examine-dhcp;
}
}
D. secure-access-port {
static-ip 255.255.255.255
}
vlan vlan10 {
arp-inspection;
}
}
Correct Answer: A
Section: Volume B
Explanation
QUESTION 127
Which command can you use to view the link-state PDUs?
A.
B.
C.
D.
show isis database detail

show isis route detail
show isis adjacency
show isis spf results
Correct Answer: A
Section: Volume B
Explanation
QUESTION 128
Which statement is true about IS-IS hello (IIH) PDUs?
A.
B.
C.
D.
The same IIH PDU is used for both point-to-point and broadcast networks.
IIH PDUs maintain the link-state database synchronization.
IIH PDUs provide the priority value used in DIS election.
IIH PDUs are transmitted only at the beginning of adjacency establishment.
Correct Answer: C
Section: Volume B
Explanation
QUESTION 129
An OSPF broadcast segment has four OSPF-speaking routers. One router is in the DR state, one is in the BDR state, and two are in DR other states. How many 2Way
OSPF sessions does a router in the DR other state have?
A.
B.
C.
D.
1 session
2 sessions
3 sessions
4 sessions
Correct Answer: B
Section: Volume B
Explanation
Reference: JNCIS-ENT Routing Study Guide, Chapter 310 - Open Shortest Path First
QUESTION 130
Which two statements are true about NSR? (Choose two.)
A.
B.
C.
D.
Graceful Routing Engine switchover must be configured for NSR to function properly.
NSR and graceful restart can be enabled at the same time.
NSR relies on helper support on neighboring routers.
When NSR is enabled, RPD runs on the backup Routing Engine.
Correct Answer: AD
Section: Volume B
Explanation
QUESTION 131
Which two link-state advertisement (LSA) types are allowed in a stub area? (Choose two.)
A.
B.
C.
D.
LSA Type 1
LSA Type 2
LSA Type 4
LSA Type 5
Correct Answer: AB
Section: Volume B
Explanation
QUESTION 132
An ABR is connected to an NSSA, but it also functions as an ASBR. Which configuration disables the exporting of Type 7 LSAs into the connected NSSA?
A.
B.
C.
D.
no-type7
nssa
area-range
no-nssa-abr
Correct Answer: D
Section: Volume B
Explanation
QUESTION 133
What is a benefit of the 802.3ad standard?
A.
B.
C.
D.
loop detection
security
higher bandwidth
strict queuing
Correct Answer: C
Section: Volume B
Explanation
QUESTION 134
BGP uses which underlying protocol to establish connection to peers?
A.
B.
C.
D.
IP protocol 89
IP protocol 6
IP protocol 17
IP protocol 47
Correct Answer: B
Section: Volume B
Explanation
QUESTION 135
On an edge router, you want to create a default route with a next hop to an external connection. The route should be available only when you are receiving routes from the
external provider. Which type of route would you configure on your device to accomplish this objective?
A.
B.
C.
D.
an aggregate route
a generated route
a primary contributing route
a static route
Correct Answer: B
Section: Volume B
Explanation
QUESTION 136
Which configuration command would you use to add an IPv6 static route to your Junos device?
A.
B.
C.
D.
set routing-options static route 0::/0 next-hop fec0:0:2003::2

set routing-options static route inet6 0::/0 next-hop fec0:0:2003::2
set routing-options static route ipv6 0::/0 next-hop fec0:0:2003::2
set routing-options rib inet6.0 static route 0::/0 next-hop fec0:0:2003::2
Correct Answer: D
Section: Volume B
Explanation
QUESTION 137
You configured an aggregate route of 192.168.8.0/21 and committed the updated configuration. Using an operational show command, you notice that the newly
configured route is not present in the output. What would explain this behavior?
A.
B.
C.
D.
The next hop is not resolvable.

The next hop is not reachable.
There are no active contributing routes.
An aggregate route will not show up in the local table; it will be shared only with BGP neighbors.
Correct Answer: C
Section: Volume B
Explanation
QUESTION 138
In the output shown in the exhibit, which protocol does the route display?
A.
B.
C.
D.
static
aggregate
generate
BGP
Correct Answer: C
Section: Volume B
Explanation
QUESTION 139
You want several different subnets within your enterprise network to be reachable from outside the enterprise network. Your edge router must share a single route
advertisement about these subnets with external devices. If one of the subnets is unavailable, your edge router should drop any traffic destined to that subnet. Which type
of route, configured on the edge device with default behavior, accomplishes these objectives?
A. an aggregate route
B. a generated route
C. a primary contributing route
D. an OSPF route
Correct Answer: A
Section: Volume B
Explanation
QUESTION 140
You run the operational-mode command show ospf neighbor and notice that an expected OSPF neighbor on a broadcast link is not detected. Which three issues cause
this behavior? (Choose three.)
A.
B.
C.
D.
E.
A problem exists with the physical link or Data Link Layer connectivity.
The router IDs on the two devices do not match.
The IP subnet mask does not match on each end of the link.
The area type does not match on each end of the link.
The AS number on the two devices do not match.
Correct Answer: ACD

Section: Volume B
Explanation
QUESTION 141
You execute the operational-mode command show ospf neighbor and notice that one neighbor relationship remains in the exStart state. What causes this behavior?
A.
B.
C.
D.
The area IDs do not match on each end of the link.

The authentication parameters do not match on each end of the link.
The dead interval does not match on each end of the link.
The MTU does not match on each end of the link.
Correct Answer: D
Section: Volume B
Explanation
QUESTION 142
You are viewing the Ethernet switching table and notice that a previous entry is no longer listed. What is a valid reason for an entry to be removed from the table?
A. The learning limit is exceeded.
B. The filtering threshold is exceeded.

C. The MAC aging timer expired.
D. The ARP aging timer expired.
Correct Answer: C
Section: Volume B
Explanation
QUESTION 143
Which mechanism keeps a switch from forwarding Layer 2 traffic from one broadcast domain to another?
A.
B.
C.
D.
filtering
BPDU guard
aging
learning
Correct Answer: A
Section: Volume B
Explanation
QUESTION 144
An EX Series switch receives an Ethernet frame with a destination MAC address that is not in the bridging table. How does the Junos OS handle the received frame?
A.
B.
C.
D.
The Junos OS learns the source MAC address and drops the frame.
The Junos OS learns the source MAC address and floods discovery BPDUs.
The Junos OS learns the source MAC address forwards the frame towards the root bridge.
The Junos OS learns the source MAC address and floods the frame.
Correct Answer: D
Section: Volume B
Explanation
QUESTION 145
Which three actions are valid methods to clear all entries from the Ethernet switching table on an EX Series switch? (Choose three.)
A. Restart the eswd process.
B.
C.
D.
E.
Issue the clear arp operational-mode command.

Reboot the switch.
Issue the clear ethernet-switching table operational-mode command.
Restart the rpd process.
Correct Answer: ACD

Section: Volume B
Explanation
QUESTION 146
You are viewing the output of the operational-mode command show interfaces ge-0/0/4 on an EX Series switch in which no ether-options are configured for the ge-0/0/4
interface. Which two default settings are listed in the output? (Choose two.)
A.
B.
C.
D.
SpeeD. Auto
SpeeD. 1000mpbs
Duplex: Auto
Duplex: Full-Duplex
Correct Answer: AC
Section: Volume B
Explanation
QUESTION 147
You must route both IPv4 and IPv6 packets in your environment. Which configuration should you add at the [edit protocols] level to allow you to accomplish this objective?
A. ospf {
area 0.0.0.0 {
interface all;
}
}
B. ospf {
area 0.0.0.0 {
interface all;
family inet6;
}
}
C. ospf3 {
area 0.0.0.0 {
interface all;
}
}
D. ospf3 {
area 0.0.0.0 {
interface all;
allow ipv4;
}
}
Correct Answer: C
Section: Volume B
Explanation
QUESTION 148
In the exhibit, you run the command show ospf neighbor on R3 and notice that an adjacency with R5 remains in the 2-Way state. Which statement is true?
A.
B.
C.
D.
A problem exists with the physical link or Data Link Layer connectivity.
The area type does not match on each end of the link.
The IP MTU does not match on each end of the link.
This output is normal in this configuration.
Correct Answer: D
Section: Volume B
Explanation
QUESTION 149
You see a route in your local routing table that was learned using OSPF. Which command allows you to determine where the route originated?
A.
B.
C.
D.
show ospf route

show route protocol ospf
show ospf database
show ospf log
Correct Answer: C
Section: Volume B
Explanation
QUESTION 150
Which two events trigger an IS-IS LSP to be sent to a neighboring IS? (Choose two)
A.
B.
C.
D.
When a new IS-IS neighbor is detected.

When the cost of a link to an existing IS-IS neighbor has changed.
When a CSNP requests missing information.
When a device does not receive an expected IIH PDU.
Correct Answer: AB
Section: Volume B
Explanation
QUESTION 151
What does the attach bit in an IS-IS PDU indicate?
A.
B.
C.
D.
The L1/L2 router is exporting a default route into the area.

The L1/L2 router has reachability information to another IS-IS area.
The L1/L2 router is sending information from Level 2 towards Level 1.
The L1/L2 router is sending information from Level 1 towards Level 2.
Correct Answer: B
Section: Volume B
Explanation
QUESTION 152
On a broadcast network, which three statements are true about IS-IS adjacencies? (Choose three.)
A.
B.
C.
D.
E.
Peers send full copies of databases at regular intervals.

IIH PDUs are used as a keep alive mechanism.
Peers can request missing link-state information.
An elected DIS retains its status as long as the device remains up.
Peers acknowledge receipt of link-state updates.
Correct Answer: BCE

Section: Volume B
Explanation
QUESTION 153
Which two prerequisites does IS-IS need to operate? (Choose two.)
A.
B.
C.
D.
IS-IS must be able to communicate between devices using IP.

IS-IS must be able to communicate using CLNS.
IS-IS must have a valid IP address configured on the loopback.
IS-IS must have a valid CLNS address.
Correct Answer: BD
Section: Volume B
Explanation
QUESTION 154
You configure a metric of 200 on an IS-IS enabled interface on Router-1. When you examine the routing table entry for that link on another IS-IS device, you see a metric
of 67. What would explain this behavior?
A.
B.
C.
D.
Router-1 is sending both standard and wide metrics.

Router-1 is sending only wide metrics.
Router-1 has a metric multiplier set.
Router-1 has a configured reference bandwidth.
Correct Answer: A
Section: Volume B
Explanation
QUESTION 155
On Switch-1, all configured interfaces belong to the default VLAN. Based on the topology and bridge table shown in the exhibit, which two operations will Switch-1 perform
if it receives a frame sent by User A with a destination MAC address of 00:26:88:02:74:89? (Choose two.)
A.
B.
C.
D.
Switch-1 will flood the frame out all switch ports that belong to the default VLAN.
Switch-1 will flood the frame out all switch ports except ge-0/0/6.0.
Switch-1 will forward the frame out ge-0/0/9.0.
Switch-1 will update its bridge table with a new MAC entry for the device associated with User
Correct Answer: BD
Section: Volume B
Explanation
QUESTION 156
A switch has just come online and currently has no learned unicast entries in its bridge table. Which two statements regarding this switch and its operations are true?
(Choose two.)
A.
B.
C.
D.
All frames received through a switch port will be flooded out all other switch ports belonging to the same VLAN.
All broadcast frames received through a switch port will be flooded out all switch ports, regardless of the VLAN.
The switch will dynamically add MAC entries to the bridge table for the destination MAC address listed in received frames.
The switch will dynamically add MAC entries to the bridge table for the source MAC address listed in received frames.
Correct Answer: AD
Section: Volume B
Explanation
QUESTION 157
You are deploying a Virtual Chassis consisting of four EX4200s. You have powered on all four switches at the same time with the settings shown in the exhibit. Which
Virtual Chassis member will become the master?
A.
B.
C.
D.
Switch-1
Switch-2
Switch-3
Switch-4
Correct Answer: D
Section: Volume B
Explanation
QUESTION 158
The exhibit shows the Ethernet bridge table on an EX Series switch. What does the asterisk (*) in the output indicate?
A.
B.
C.
D.
The asterisk (*) indicates a multicast MAC address.

The asterisk (*) indicates an invalid MAC address.
The asterisk (*) indicates the flood entry for all VLANs.
The asterisk (*) indicates all valid destination MAC addresses.
Correct Answer: D
Section: Volume B
Explanation
QUESTION 159
VLANs provide separation for which type of domains?
A.
B.
C.
D.
collision domains
multicast domains
broadcast domains
virtual domains
Correct Answer: C
Section: Volume B
Explanation
QUESTION 160
What are two switch port default settings on EX Series switches? (Choose two.)
A. Set as trunk mode.
B. Set with VLAN ID 0.

C. Set with the native VLAN.
D. Set as access mode.
Correct Answer: BD
Section: Volume B
Explanation
QUESTION 161
Which two configurations are valid methods for associating a VLAN with an interface on EX Series switches? (Choose two.)
A. {master:0}[edit interfaces]
user@ex# show
ge-0/0/4 {
unit 0 {
vlan {
members v100;
}
}
}
}
user@ex# show
unit 0 {
vlan v100;
}
}
user@ex# show
vlan-tagging;
unit 0 {
vlan v100;
}
}
D. {master:0}[edit vlans]
user@ex# show
v100 {
vlan-id 100;
interface {
ge-0/0/4.0;
}
}
Correct Answer: AD
Section: Volume B
Explanation
QUESTION 162
No user-defined configuration exists for the default VLAN. Which configuration is valid on EX Series switches?
A. {master:0}[edit interfaces ge-0/0/4]
user@ex# show
unit 0 {
port-mode trunk;
vlan {
members [ v4 v3 ];
}
native-vlan-id default;
}
}
user@ex# show
unit 0 {
port-mode trunk;
vlan {
members [ v4 default ];
}
}
}
user@ex# show
unit 0 {
port-mode access;
vlan {
members [ v4 default ];
}
}
}
D. {master:0}[edit interfaces ge-0/0/4]
user@ex# show
unit 0 {
port-mode access;
vlan {
members [ v4 Voice ];
}
}
}
Correct Answer: A
Section: Volume B
Explanation
QUESTION 163
By default, which VLAN ID value is associated with the default VLAN on EX Series switches?
A.
B.
C.
D.
0
1
32
255
Correct Answer: A
Section: Volume B
Explanation
QUESTION 164
On which interface would an IP address be configured for a routed VLAN interface?
A.
B.
C.
D.
ge-0/0/20.100
vlan.100
rvi.100
l3-interface.100
Correct Answer: B
Section: Volume B
Explanation
QUESTION 165
Which operational-mode command displays the IP address of all routed VLAN interfaces (RVIs)?
A. show interfaces terse vlan
B. show interfaces terse rvi

C. show interfaces terse ge-*
D. show vlans terse
Correct Answer: A
Section: Volume B
Explanation
QUESTION 166
Which three configurations are required for an operational routed VLAN interface (RVI)? (Choose three.)
A. {master:0}[edit]
user@ex# show ethernet-switching vlan-map
vlan-id 10;
interface {
ge-0/0/1.0;
}
B. {master:0}[edit]
user@ex# show interfaces ge-0/0/1
unit 0 {
}
C. {master:0}[edit]
user@ex# show interfaces vlan.10
family inet {
address 192.168.10.1/24;
}
D. {master:0}[edit]
user@ex# show interfaces rvi.1
interface {
ge-0/0/1.0;
}
E. {master:0}[edit]
user@ex# show vlans v10
vlan-id 10;
interface {
ge-0/0/1.0;
} l3-interface vlan.10;
Correct Answer: BCE
Section: Volume B
Explanation
QUESTION 167
Which function(s) does STP serve in a Layer 2 network?
A.
B.
C.
D.
It detects and stops broadcast storms.

It distributes VLAN information between switches when a VLAN spans more than one switch.
It detects and eliminates loops.
It manages aggregated Ethernet bundles that span more than one switch.
Correct Answer: C
Section: Volume B
Explanation
QUESTION 168
Which protocol or feature detects and eliminates Layer 2 loops in a network?
A.
B.
C.
D.
RTG
STP
LACP
GVRP
Correct Answer: B
Section: Volume B
Explanation
QUESTION 169
Which two statements are true regarding BPDUs of spanning tree protocols? (Choose two.)
A.
B.
C.
D.
Configuration BPDUs function as keepalives in STP and RSTP.

BPDUs are sent by the designated bridge but not the backup bridge on shared segments.
Configuration BPDUs are sent by both switches on point-to-point connections.
Configuration BPDUs are not sent out interfaces configured as edge ports.
Correct Answer: CD
Section: Volume B
Explanation
QUESTION 170
You just implemented a Layer 2 network that uses RSTP. Which two statements are true? (Choose two.)
A.
B.
C.
D.
All operational switch ports configured for edge mode will immediately transition to the forwarding state.
All operational switch ports configured for full-duplex operation will function in point-to-point mode.
You must manually specify the interfaces you want to operate in point-to-point mode.
Edge ports automatically discard received BPDUs.
Correct Answer: AB
Section: Volume B
Explanation
QUESTION 171
You just implemented RSTP in your Layer 2 network. Which two statements are true? (Choose two.)
A. Switch ports in the alternate port role operating in indirect-recovery mode can immediately transition to the root port role and forwarding state when a failure occurs
without waiting for the timer to expire.
B. Switch ports in the alternate port role operating in shared mode can immediately transition to the root port role and forwarding state when a failure occurs without
waiting for the timer to expire.
C. Switch ports in the alternate port role operating in point-to-point mode can immediately transition to the root port role and forwarding state when a failure occurs without
waiting for the timer to expire.
D. Switch ports operating as edge ports automatically transition to the forwarding state, even directly after a failure and recovery scenario.
Correct Answer: CD
Section: Volume B
Explanation
QUESTION 172
You just installed Switch-1 and Switch-2 in your network. Both switches are EX Series switches and are connected to each other using a Layer 2 switch port. Switch-1
must run STP, whereas Switch-2 must run RSTP. Given the scenario, which statement is true?
A.
B.
C.
D.
The two switches communicate using RSTP.

The two switches will not communicate using STP or RSTP.
The two switches communicate using STP.
The two switches run in dual-mode and communicate using STP and RSTP.
Correct Answer: C
Section: Volume B
Explanation
QUESTION 173
As shown in the exhibit, Switch-3 receives a superior BPDU from Switch-2 over the ge-0/0/10.0 interface. Which two statements are correct? (Choose two.)
A.
B.
C.
D.
Switch-2's ge-0/0/10.0 port assumes the backup role and blocking state.
Switch-3's ge-0/0/10.0 port assumes the designated role and forwarding state.
Switch-3's ge-0/0/10.0 port assumes the alternate role and blocking state.
Correct Answer: CD
Section: Volume B
Explanation
QUESTION 174
As shown in the exhibit, three switches are connected and participating in RSTP. Switch
-1 was elected the root bridge and Switch-2 has a lower-cost path to the root bridge than Switch-3. Based on the details provided, which three statements are correct?
(Choose three.)
A.
B.
C.
D.
E.
Switch-3's ge-0/0/10.0 port assumes the alternate role and blocking state.
Switch-1's ports all assume the root port role and the forwarding state.
Switch-1's ports all assume the designated port role and the forwarding state.
Correct Answer: ACE

Section: Volume B
Explanation
QUESTION 175
You recently implemented a Layer 2 network using RSTP. Which three statements are true regarding a topology change reconvergence scenario? (Choose three.)
A. Switches do not flush MAC addresses learned from edge ports.
B.
C.
D.
E.
When a port transitions to the discarding state on edge or nonedge ports, TCNs are generated and flooded.
When a port transitions to the forwarding state on nonedge ports, the local switch generates and floods TCNs.
Switches do not flush MAC addresses learned through the same port through which TCNs are received.
When a port transitions to the forwarding state on edge ports, the local switch generates and floods TCNs.
Correct Answer: ACD

Section: Volume B
Explanation
QUESTION 176
Which three statements are true regarding RSTP and its default behavior? (Choose three.)
A.
B.
C.
D.
E.
All switch ports operating in the point-to-point mode have a quicker recovery time than switch ports operating in shared mode.
All switch ports must pass through the listening and learning states before they can be placed in the forwarding state.
Edge ports are automatically placed in the forwarding state when they are operational.
Nonedge ports must receive at least one BPDU every six seconds to remain operational.
TCN BPDUs are generated and flooded when switch ports transition to the discarding state.
Correct Answer: ACD

Section: Volume B
Explanation
QUESTION 177
As shown in the exhibit, you recently installed four EX Series switches in your network. These switches are using the default RSTP configuration. Which two statements
are correct? (Choose two.)
A.
B.
C.
D.
Switch-4 selects ge-0/0/10.0 as its root port.

Switch-4 selects ge-0/0/9.0 as its root port.
Switch-4's root cost path is 4000.
Switch-4's root cost path is 40000.
Correct Answer: BD
Section: Volume B
Explanation
QUESTION 178
Based on the topology and configurations shown in the exhibit, which two statements are true? (Choose two.)
A.
B.
C.
D.
Switch-3 will be elected the root bridge.

Both of Switch-1's interfaces will assume the forwarding state.
Switch-2 will be elected the root bridge.
Both of Switch-3's interfaces will assume the forwarding state.
Correct Answer: CD
Section: Volume B
Explanation
QUESTION 179
Based on the topology and configurations shown in the exhibit, which two statements are true? (Choose two.)
A.
B.
C.
D.
Switch-2's ge-0/0/12.0 interface will assume the designated port role.

Correct Answer: AD
Section: Volume B
Explanation
QUESTION 180
Why would you configure root protection?
A. You want to protect the root bridge from receiving BPDUs on unauthorized interfaces.
B. You want to protect your network from unwanted topology changes from a rogue switch attempting to become the root bridge.
C. You want to avoid a broadcast storm that originates on the root bridge.
D. You want to prevent unwanted user authentication to the root bridge by defining an acceptable source-address list for authorized access.
Correct Answer: B
Section: Volume B
Explanation
QUESTION 181
You want to secure an interface on a switch so that a rogue switch running STP can not be plugged into this interface. What accomplishes this objective?
A.
B.
C.
D.
BPDU protection
edge protection
rogue protection
root protection
Correct Answer: A
Section: Volume B
Explanation
QUESTION 182
You want your switch to disable an edge port when it receives spanning tree communications on that port. Which feature accomplishes this objective?
A.
B.
C.
D.
RSTP edge port

BPDU protection
root protection
switch protection
Correct Answer: B
Section: Volume B
Explanation
QUESTION 183
What is one benefit of the root protection feature?
A. It guards against loops caused by unidirectional link failures.
B. It ensures downstream switches never become the root bridge.

C. It disables the port when it detects that a loop has formed over an edge port.
D. It guards against loops caused by a changed root bridge ID.
Correct Answer: B
Section: Volume B
Explanation
QUESTION 184
You have altered the factory-default storm control configuration so that interfaces on which the storm control level is exceeded are temporarily shut down for five minutes.
Which two methods can you use to monitor that the auto recovery feature is working? (Choose two.)
A.
B.
C.
D.
Issue the monitor traffic violations command.

Issue the monitor start messages command.
Issue the show storm-control violations command.
Issue the show ethernet-switching interfaces command.
Correct Answer: BD
Section: Volume B
Explanation
QUESTION 185
Which two statements accurately describe the factory-default storm control configuration? (Choose two.)
A.
B.
C.
D.
Storm control monitors traffic levels for broadcast traffic.

Storm control monitors traffic levels for multicast traffic.
Storm control drops all monitored traffic in excess of 80 percent.
Correct Answer: AC
Section: Volume B
Explanation
QUESTION 186
Which three statements accurately describe the factory-default storm control configuration? (Choose three.)
A.
B.
C.
D.
E.
Storm control monitors traffic levels for broadcast traffic.

Storm control monitors traffic levels for unknown unicast traffic.
Storm control monitors traffic levels for multicast traffic.
Storm control shuts down the interface on which the storm control level is exceeded.
Correct Answer: ABC

Section: Volume B
Explanation
QUESTION 187
You want to alter the factory-default storm control configuration so that interfaces on which the storm control level is exceeded are temporarily shut down for five minutes.
Which configuration excerpt accomplishes this objective?
A. {master:0}[edit ethernet-switching-options]
user@Switch-1# show
storm-control {
action-shutdown;
interface all;
error-disable {
disable-timeout 5;
}
}
B. {master:0}[edit ethernet-switching-options]
user@Switch-1# show
port-error-disable {
disable-timeout 300;
}
storm-control {
action-shutdown;
interface all;
}
C. {master:0}[edit ethernet-switching-options]
user@Switch-1# show
storm-control {
shutdown-action;
interface all;
error-disable {
disable-interval 5;
}
}
D. {master:0}[edit ethernet-switching-options]
user@Switch-1# show
port-error-disable {
disable-interval 300;
}
storm-control {
shutdown-action;
interface all;
}
Correct Answer: B
Section: Volume B
Explanation
QUESTION 188
What is the proper ingress processing sequence for firewall filters on an EX Series switch?
A.
B.
C.
D.
router filter, port filter, VLAN filter

port filter, VLAN filter, router filter
router filter, VLAN filter, port filter
VLAN filter, port filter, router filter
Correct Answer: B
Section: Volume B
Explanation
QUESTION 189
You just applied the Layer 2 firewall filter shown in the exhibit to a port as an input filter to block traffic from a one source MAC address. After monitoring the port, you
notice that all traffic ingressing that port has stopped flowing. What is the problem?
A.
B.
C.
D.
The traffic is being blocked on the egress port. Another Layer 2 firewall filter must be applied on the port to allow this traffic.
All other traffic is matching the default term and being discarded.
The Layer 2 firewall filters will not work at the port level. It must be applied at the VLAN level.
The from criterion must match on destination-mac-address and not source-mac-address.
Correct Answer: B
Section: Volume B
Explanation
QUESTION 190
Which three types of firewall filters are supported on EX Series switches? (Choose three.)
A.
B.
C.
D.
E.
router filters
switch filters
source filters
VLAN filters
port filters
Correct Answer: ADE

Section: Volume B
Explanation
QUESTION 191
You want to configure per-flow equal-cost multipath (ECMP) load balancing for only the OSPF routes on Router-1. Which configuration example accomplishes this?
A. protocols {
ospf {
export EMCP;
}
}
policy-options {
policy-statement ECMP {
term first {
from protocol ospf;
then {
load-balance per-packet;
}
}
}
}
export ECMP;
}
policy-options {
term first {
from protocol ospf;
then {
}
}
}
}
forwarding-table {
export ECMP;
}
}
policy-options {
term first {
from protocol ospf;
then {
}
}
}
}
forwarding-table {
export ECMP;
}
}
policy-options {
term first {
from protocol ospf;
then {
load-balance ECMP;
}
}
}
}
Correct Answer: C
Section: Volume B
Explanation
QUESTION 192
You want to configure per-flow load balancing for all routes on Router-1. Which configuration example accomplishes this?
forwarding-table {
export ECMP;
}
}
policy-options {
term first {
then {
}
}
}
}
export ECMP;
}
policy-options {
term first {
then {
}
}
}
}
forwarding-table {
export ECMP;
}
}
policy-options {
term first {
from protocol ospf;
then {
}
}
}
}
forwarding-table {
export ECMP;
}
}
policy-options {
term first {
from protocol ospf;
then {
load-balance ECMP;
}
}
}
Correct Answer: A
Section: Volume B
Explanation
QUESTION 193
Router-A has an OSPF route to destination 172.18.3.0/24 with four equal-cost paths .How will Router-A forward traffic destined to 172.18.3.5 based on Junos OS's default
behavior?
A. Traffic will be load-balanced on all four available paths.
B. Traffic will be forwarded over the one path installed in the forwarding table.
C. Traffic forwarding will be rotated across each of the four paths for 1 minute on each path.
D. Traffic forwarding behavior depends on the hardware platform.
Correct Answer: B
Section: Volume B
Explanation
QUESTION 194
Which three attributes are considered in the default configuration of per-flow load balancing for routed IPv4 traffic? (Choose three.)
A.
B.
C.
D.
E.
incoming interface
source MAC address
protocol
source IP address
destination port
Correct Answer: ACD

Section: Volume B
Explanation
QUESTION 195
You have a route in the inet.0 routing table that has four valid physical next hops assigned to it. Which event prompts an update to the information in the forwarding table
for this particular route?
A.
B.
C.
D.
When a new physical next hop is added to the next-hop set.

When any configuration change is committed on the router.
When a packet is forwarded towards the route destination.
When an additional route of the same IP address class is added to inet.0.
Correct Answer: A
Section: Volume B
Explanation
QUESTION 196
A router is configured with the configuration shown in the exhibit. Traffic arriving on fe-0/0/0.0 is not being routed to 10.1.1.1. What can you change to make the device
route traffic arriving on fe-0/0/0.0 to 10.1.1.1?
A.
B.
C.
D.
Add filter-based-forwarding enable to the configuration.

Ensure that the to-10.1.1.1 routing instance has a route to 10.1.1.1.
Add a from statement to the route-to-10.1.1.1 filter.
Explicitly configure an interface in the default route in the to-10.1.1.1 routing instance.
Correct Answer: B
Section: Volume B
Explanation
QUESTION 197
Which configuration excerpt is necessary to cause all traffic received on fe-0/0/0.0 to be routed to next-hop 10.1.1.1?
A. interfaces {
fe-0/0/0 {
unit 0 {
family inet {
policy-route route-to-10.1.1.1;
address 172.17.1.1/24;
}
}
}
}
policy-options {
policy-statement route-to-10.1.1.1 {
term 1 {
then {
next-hop 10.1.1.1;
}
}
}
}
B. interfaces {
fe-0/0/0 {
unit 0 {
family inet {
filter {
input route-to-10.1.1.1;
}
address 172.17.1.1/24;
}
}
}
}
firewall {
family inet {
filter route-to-10.1.1.1 {
term 1 {
then routing-instance to-10.1.1.1;
}
}
}
}
routing-instances {
to-10.1.1.1 {
routing-options {
static {
route 0.0.0.0/0 next-hop 10.1.1.1;

}
}
}
}
C. interfaces {
fe-0/0/0 {
unit 0 {
family inet {
filter {
input route-to-10.1.1.1;
}
address 172.17.1.1/24;
}
}
}
}
firewall {
family inet {
filter route-to-10.1.1.1 {
term 1 {
then next-hop 10.1.1.1;
}
}
}
}
D. interfaces {
fe-0/0/0 {
unit 0 {
family inet {
routing-instance to-10.1.1.1;
address 172.17.1.1/24;
}
}
}
}
routing-instances {
to-10.1.1.1 {
routing-options {
static {
route 0.0.0.0/0 next-hop 10.1.1.1;
}
}
}
}
Correct Answer: B
Section: Volume B
Explanation
QUESTION 198
What is the purpose of the configuration shown in the exhibit?

A. This configuration causes all routes for directly connected interfaces to be installed in oth the inet.0 routing table and the inet.0 routing table for the blue routing
instance.
B. This configuration causes all routes for directly connected interfaces that are assigned to the blue routing instance to be installed in both the inet.0 routing table and
the inet.0 routing table for the blue routing instance.
C. This configuration causes all routes from inet.0 to also be installed in blue.inet.0.
D. This configuration allows you to specify my-rib-group in a static route's next-table statement to cause the static route to first try to resolve the address in inet.0 and then
in blue.inet.0.
Correct Answer: A
Section: Volume B
Explanation
QUESTION 199
You want to configure filter-based forwarding. What are the three required configuration elements? (Choose three.)
A.
B.
C.
D.
E.
routing instance
firewall filter
policy statement
prefix list
RIB group
Correct Answer: ABE

Section: Volume B
Explanation
QUESTION 200
You want to ensure that interface routes appear in multiple routing instances. Which configuration accomplishes this scenario?
A.
B.
C.
D.
Configure each interface under multiple routing instances.

Add an import policy for each routing instance.
Configure the routing instance to be a forwarding type instead of a virtual-router type.
Configure a RIB group and configure the router to install interface routes in the RIB group.
Correct Answer: D
Section: Volume B
Explanation
QUESTION 201
You want to ensure that all traffic arriving on interface fe-0/0/0.0 will be routed to next-hop 10.1.1.1, regardless of the more specific routes that might appear in the routing
table. How can you accomplish this configuration?
A. Configure a default route with a next hop of 10.1.1.1 and configure the always-use flag for the route.
B. Configure and apply a firewall filter that sends all traffic to a routing instance, configure a default route in that routing instance, and configure the router to install
interface routes in that routing instance.
C. Configure a routing policy that matches all traffic and sets the next hop to 10.1.1.1, and configure a RIB group to ensure that the routing policy can resolve the next hop
to 10.1.1.1.
D. Configure a firewall filter that matches all traffic and sets the next hop to 10.1.1.1, apply the firewall filter to a RIB group, and assign the fe-0/0/0.0 interface to that RIB
group.
Correct Answer: B
Section: Volume C
Explanation
QUESTION 202
Which statement describes the operation of a stub area?
A. A stub area receives only a default route.
B. A stub area receives all routes from all other areas.
C. A stub area receives no external routes from other areas.

D. A stub area is automatically configured based on the presence of the E-bit in the hello messages sent from the ABR.
Correct Answer: C
Section: Volume C
Explanation
QUESTION 203
Which configuration allows the virtual IP address to respond to pings?
A. [edit interfaces fe-0/0/0 unit 50 family inet address 192.168.0.12/24]
user@RouterA# show
vrrp-group 50 {
virtual-address 192.168.0.1;
fast-interval 250;
preempt;
accept-data;
}
B. [edit interfaces fe-0/0/0 unit 50 family inet address 192.168.0.12/24]
user@RouterA# show
vrrp-group 50 {
fast-interval 250;
no-preempt;
no-accept-data;
}
C. [edit interfaces fe-0/0/0 unit 50 family inet address 192.168.0.12/24]
user@RouterA# show
vrrp-group 50 {
fast-interval 250;
accept-icmp;
}
D. [edit interfaces fe-0/0/0 unit 50 family inet address 192.168.0.12/24]
user@RouterA# show
vrrp-group 50 {
priority 220;
advertise-interval 10;
preempt;
accept-packets;
}
Correct Answer: A
Section: Volume C
Explanation
QUESTION 204
Why does a router create an ASBRSum (Type 4) LSA?
A.
B.
C.
D.
An ABR creates an ASBRSum (Type 4) LSA with the information contained in NSSA (Type 7) LSAs it receives from NSSAs.
An ABR creates an ASBRSum (Type 4) LSA to describe the router ID of ASBRs located in other areas.
An ASBR creates an ASBRSum (Type 4) LSA to describe its router ID so that routers in other areas can reach the external networks it advertises.
An ABR creates an ASBRSum (Type 4) LSA to summarize routes received from other areas.
Correct Answer: B
Section: Volume C
Explanation
QUESTION 205
For two OSPF neighbors to establish a full adjacency on a broadcast medium, what information in their hello packets must match? (Choose two.)
41 / 79
A.
B.
C.
D.
network mask
router priority
dead interval
the list of neighbors on the network
Correct Answer: AC
Section: Volume C
Explanation
QUESTION 206
In the exhibit, Area 2.2.2.2 is configured as a not-so-stubby area and Area 1.1.1.1 is configured as a normal area. R5 has an export policy that causes the RIP network
prefixes to be announced through OSPF. Which LSA type does R7 receive describing the RIP network prefixes?
A.
B.
C.
D.
Summary (Type 3)
ASBRSum (Type 4)
Extern (Type 5)
NSSA (Type 7)
Correct Answer: C
Section: Volume C
Explanation
QUESTION 207
What is preserved by enabling graceful Routing Engine switchover (GRES)?
A.
B.
C.
D.
control-plane state
link-state protocol adjacencies
interface and kernel information
BGP peering relationships
Correct Answer: C
Section: Volume C
Explanation
QUESTION 208
In the exhibit, Areas 1.1.1.1 and 2.2.2.2 are configured as normal areas. R5 has an export policy that causes the RIP network prefixes to be announced through OSPF.
Which three LSA types does R7 receive for the information advertised by R5? (Choose three.)
A.
B.
C.
D.
E.
Router (Type 1)
Network (Type 2)
Summary (Type 3)
ASBRSum (Type 4)
Extern (Type 5)
Correct Answer: CDE

Section: Volume C
Explanation
QUESTION 209
In the exhibit, Areas 1.1.1.1 and 2.2.2.2 are configured as normal areas. In R7's OSPF configuration, the interface on the 172.30.1.0/24 network is configured with the
passive option. In which LSA type does R5 receive the announcement for the 172.30.1.0/24 network?
A.
B.
C.
D.
Router (Type 1)
Network (Type 2)
Summary (Type 3)
Extern (Type 5)
Correct Answer: C
Section: Volume C
Explanation
QUESTION 210
You configure a network according to the topology shown in the exhibit but find that users attached to R7 are having difficulty communicating with the rest of the network.
What are two solutions to the problem? (Choose two.)
A.
B.
C.
D.
Configure Area 3.3.3.3 as a stub area.

Create a virtual link between R3 and R6.
Configure an OSPF export policy on R6 to export routes from Area 2.2.2.2 to Area 3.3.3.3 and from Area 3.3.3.3 to Area 2.2.2.2.
Connect R6 to Area 0.0.0.0.
Correct Answer: BD
Section: Volume C
Explanation
QUESTION 211
In the exhibit, R5 is exporting the RIP network prefixes into OSPF. You want to limit the number of LSAs sent to Area 2.2.2.2, but you want to ensure that all routers in
other are as will have routes to all networks contained in the LSAs sent by the routers in Area 2.2.2.2. Which configuration change will enable this scenario?
A.
B.
C.
D.
Configure Area 2.2.2.2 as a stub area.

Configure Area 2.2.2.2 as a not-so-stubby area.
Configure an area range on R3.
Configure an export filter for OSPF on R3.
Correct Answer: B
Section: Volume C
Explanation
QUESTION 212
You attach six routers (R1, R2, R3, R4, R5, and R6) to a single Ethernet LAN and configure the routers with addresses in the same subnet. You do not modify the default
priority of any router. R1 is chosen as the designated router and R2 is chosen as the backup designated router. How many full adjacencies does R3 have?
A.
B.
C.
D.
0
1
2
5
Correct Answer: C
Section: Volume C
Explanation
QUESTION 213
In the exhibit, four routers (R1, R2, R3, and R4) are attached to a single Ethernet LAN and configured with addresses in the same subnet. All devices boot at the same
time. Which router or routers will send a Network (Type 2) LSA for the network?
A.
B.
C.
D.
R2
R4
R1 and R2
R3 and R4
Correct Answer: B
Section: Volume C
Explanation
QUESTION 214
In the exhibit, six routers (R1, R2, R3, R4, R5, and R6) are attached to a single Ethernet
LAN and configured with addresses in the same subnet. All devices boot at the same time. Which router will become the designated router (DR), and which router will
become the backup designated router (BDR)?
A. DR:R3
BDR: R4
B. DR: R4
BDR: R3
C. DR: R6
BDR: R1
D. DR: R6
BDR: R2
Correct Answer: D
Section: Volume C
Explanation
QUESTION 215
Five routers (R1, R2, R3, R4, and R5) are attached to a single Ethernet LAN and configured with addresses in the same subnet. R1 is chosen as the designated router
(DR) and R2 is chosen as the backup designated router (BDR). You add R6 and configure it as shown in the exhibit. Which routers are now the DR and BDR?
A. DR:R1
BDR: R2
B. DR: R6
BDR: R1
C. DR: R6
BDR: R2
D. DR: R1
BDR: R6
Correct Answer: A
Section: Volume C
Explanation
QUESTION 216
You must configure an OSPF area that must not contain any ASBRs and that must not receive any Extern (Type 5) LSAs. This area should be aware of the entire OSPF
network, but it should not be aware of routes external to OSPF. Which area type meets these requirements?
A.
B.
C.
D.
not-so-stubby area
totally stubby area
stub area
backbone area
Correct Answer: C
Section: Volume C
Explanation
QUESTION 217
Which statement describes an OSPF area for which no-summaries is configured?
A.
B.
C.
D.
The ABR does not generate any Summary (Type 3) LSAs towards the backbone.
The ABR does not generate any Summary (Type 3) LSAs for other OSPF areas.
The area does not summarize external routes generated within its area.
The area does not accept or create summaries of any kind.
Correct Answer: B
Section: Volume C
Explanation
QUESTION 218
Which type of OSPF area restricts external routes from other areas but allows external routes to be flooded by ASBRs within its own area?
A.
B.
C.
D.
not-so-stubby area
backbone area
stub area with no-summaries configured
stub area
Correct Answer: A
Section: Volume C
Explanation
QUESTION 219
Which two statements are true of OSPF stub areas? (Choose two.)
A.
B.
C.
D.
Stub areas might contain ASBRs and can receive external Extern (Type 5) LSAs from other areas.
Stub areas cannot be crossed in the creation of a virtual link.
Stub areas cannot receive any Summary (Type 3) LSAs.
Stub areas cannot contain an ASBR.
Correct Answer: BD
Section: Volume C
Explanation
QUESTION 220
Router A is configured as the VRRP master and Router B is configured as the backup. Router A has lost the mastership and has become the backup router and you need
to find out why. Which two commands should you use to determine why Router A is no longer the VRRP master? (Choose two.)
A.
B.
C.
D.
show vrrp
show vrrp summary
show vrrp detail
show vrrp track
Correct Answer: CD
Section: Volume C
Explanation
QUESTION 221
Which two statements are true of IS-IS? (Choose two.)
A. When configured on a broadcast segment, IS-IS elects a designated intermediate system that establishes adjacencies with all IS-IS enabled nodes on the segment.
B. When configured on a broadcast segment, IS-IS forms a full mesh of adjacencies called a mesh group; unlike OSPF, no designated device exists to represent the
segment.
C. When configured on a broadcast segment, IS-IS elects a backup designated intermediate system.
D. When configured on a broadcast segment, the network itself is called a pseudo-node
Correct Answer: AD
Section: Volume C
Explanation
QUESTION 222
Which two statements are true regarding the election process of the DIS in IS-IS? (Choose two.)
A. In the event of a priority tie, the DIS is the router with the lowest configured IP address.
B. In the event of a priority tie, the DIS is the router with the highest MAC address.
C. A user can configure a priority for DIS election from 0 to 255.
D. The default DIS election priority is 64 for Level 1 and Level 2.

Correct Answer: BD
Section: Volume C
Explanation
QUESTION 223
With which type of IS-IS router can an IS-IS Level 1-only router form an adjacency?
A.
B.
C.
D.
any IS-IS Level 1 router of any area

any IS-IS Level 2 router of any area
any properly configured IS-IS router
any IS-IS Level 1 router of the same area
Correct Answer: D
Section: Volume C
Explanation
QUESTION 224
Refer to the router configuration shown in the exhibit. To which IS-IS level(s) does this router belong?
A.
B.
C.
D.
Level 2 only
Level 1 and Level 2
Level 1 only
Level 3 only
Correct Answer: A
Section: Volume C
Explanation
QUESTION 225
With which type of IS-IS router can an IS-IS Level 2-only router form an adjacency?
A.
B.
C.
D.
only other IS-IS Level 2 routers of the same area

any IS-IS router
any other IS-IS Level 2 router
IS-IS Level 1 routers of the same area
Correct Answer: C
Section: Volume C
Explanation
QUESTION 226
Refer to the router configuration shown in the exhibit. To which IS-IS area does this router belong?
A.
B.
C.
D.
Area 49
Area 0100
Area 49.2020
Area 49.2020.0100.1001.0001
Correct Answer: C
Section: Volume C
Explanation
QUESTION 227
In the exhibit, how many Level 1 adjacencies does Montreal have?

A.
B.
C.
D.
2
3
4
5
Correct Answer: B
Section: Volume C
Explanation
QUESTION 228
The exhibit shows a BGP multihomed network connecting to ISP A and ISP B. The secondary link is to be used only in a failover scenario in which the primary link is not
usable. Which BGP attribute should you use to influence inbound traffic to use the primary link t hat is sourced from ISP C?
A.
B.
C.
D.
multiple exit discriminator (MED)

local preference
AS path
origin
Correct Answer: C
Section: Volume C
Explanation
QUESTION 229
In the configuration shown in the exhibit, you want to form an EBGP peering relationship to the loopback address of a router administered by your ISP, but the session will
not establish. What is causing the problem?
A.
B.
C.
D.
EBGP cannot peer to a virtual address.

The EBGP session needs to be explicitly configured with multihop.
The EBGP session needs to be explicitly configured as type external.
The autonomous system information needs to be configured under [protocols bgp].
Correct Answer: B
Section: Volume C
Explanation
QUESTION 230
A new BGP session has been configured. Upon monitoring the session state, you notice that the session has just transitioned from connect state to active state. What
does the active state indicate for this BGP session?
A.
B.
C.
D.
Something is wrong with your configuration. You must check your configuration and try again.
This is the expected behavior. You should wait longer for the BGP session to establish.
The OPEN messages collided. One BGP peer must be configured with the passive option.
No route exists to the neighbors peering address. Check the IGP for reachability.
Correct Answer: B
Section: Volume C
Explanation
QUESTION 231
In the exhibit, the 172.32.1.0/24 prefix is being sent from Router A to Router B through BGP. When the BGP announcement for 172.23.1.0/24 is sent from Router B and
received by Router C, which two attributes will be changed by default? (Choose two.)
A.
B.
C.
D.
AS path
origin
multiple exit discriminator (MED)
next hop
Correct Answer: AD
Section: Volume C
Explanation
QUESTION 232
How do two BGP peers signal their capabilities to each other?
A.
B.
C.
D.
They include their capabilities in OPEN messages.

They send UPDATE messages with their capabilities after the session is established.
They send CAPABILITIES messages before they send OPEN messages.
The network operator must manually configure the capabilities on both BGP peers.
Correct Answer: A
Section: Volume C
Explanation
QUESTION 233
Router 2 is peered using EBGP to Router 3's physical interface. A route is announced from Router 3 to Router 2. Router 2 then announces this route to Router 1 using
IBGP. No routing policies are configured on any of the three routers. What will the BGP next-hop attribute of this route be when examined on Router 1?
A.
B.
C.
D.
172.17.5.5
10.10.10.1
10.10.10.2
192.168.5.50
Correct Answer: B
Section: Volume C
Explanation
QUESTION 234
In the exhibit, Router A and Router B have a VRRP relationship through Switch A. Router A is the VRRP master and Router B's VRRP priority is set to the default. Based
on the configuration for Router A shown in the exhibit, which two interfaces must go down for Router B to become the VRRP master? (Choose two.)
A.
B.
C.
D.
ge-0/0/0
ge-0/0/2
ge-0/0/3
ge-0/0/7
Correct Answer: AB
Section: Volume C
Explanation
QUESTION 235
Which statement is true of BGP communities?
A. Communities are used to identify BGP routes based on the originating route's attributes, whether it is an internal route, an external route, or unknown.
B. Communities are added by route reflectors. A route reflector appends its own IP address and the autonomous system number separated by a colon in the community
field each time a route traverses it.
C. Communities are used to determine preference within a network; lower community values are more preferable than higher values.
D. Communities are used as a tool for sorting and categorizing routes based on user-defined criteria.
Correct Answer: D
Section: Volume C
Explanation
QUESTION 236
In the exhibit, the route 66.129.237.5 belongs to a Web server within AS 344.
If you view the AS-path attribute of this route on a router in AS 9021, what will it be?
A.
B.
C.
D.
344 11 221 6044

221 6044 11 344
9021 221 6044 11 344
221 6044 11 344 9021
Correct Answer: B
Section: Volume C
Explanation
QUESTION 237
Company A wants to control how BGP traffic reaches the Internet.

What should you configure to ensure that traffic exits the network by way of Router 1 toward ISP 1?
A. You should change the underlying IGP metric to make Router 1 more preferable.
B. You should configure Router 1 to have a community with an IBGP export policy, which makes its routes more preferable.
C. You should configure Router 1 to have a higher local-preference value with an EBGP import policy to make its routes more preferable.
D. You should set Router 2's MED to a higher value using an IBGP export policy to make its routes less preferable.
Correct Answer: C
Section: Volume C
Explanation
QUESTION 238
Refer to the command-line output shown in the exhibit. How many routes has this router received from the BGP peer at 10.10.10.1?
A.
B.
C.
D.
0 routes
2 routes
3 routes
57 routes
Correct Answer: C
Section: Volume C
Explanation
QUESTION 239
Refer to the command-line output shown in the exhibit. How many routes received from the BGP peer at 192.168.1.2 are active for this router?
A. 3 routes
B. 4 routes
C. 46 routes
D. 53 routes
Correct Answer: C
Section: Volume C
Explanation
QUESTION 240
You want to change the BGP next hop to ensure that internal routers have reachability to networks learned from external peers. Which configuration excerpt applied on
the perimeter router achieves this objective?
A. protocols {
bgp {
group internal {
type internal;
local-address 10.10.10.1;
neighbor 10.10.20.1 next-hop-self;
}
}
}
B. protocols {
bgp {
group internal {
type internal;
export change-next-hop;
neighbor 10.10.20.1;
}
}
}
policy-options {
policy-statement change-next-hop {
term 1 {
from {
protocol bgp;
external;
}
then {
next-hop self;
}
}
}
}
C. protocols {
bgp {
group internal {
type internal;
}
}
}
policy-options {
term 1 {
from {
protocol bgp;
route-type external;
}
then {
next-hop self;
}
}
}
}
D. protocols {
bgp {
group ext {
type external;
peer-as 111;
}
}
}
policy-options {
term 1 {
from {
protocol bgp;
}
then {
next-hop self;
}
}
}
}
Correct Answer: C
Section: Volume C
Explanation
QUESTION 241
Router-A and Router-B shown in the exhibit are peering between their loopback interfaces. Which operational command on Router-A do you use to display all the BGP
routes received from Router-B?
A.
B.
C.
D.
show route receive-protocol bgp 10.10.10.2 all

show route receive-protocol bgp 10.10.10.1 all
show bgp rib-in neighbor 10.10.10.1
show bgp receive-protocol bgp 10.10.10.2
Correct Answer: A
Section: Volume C
Explanation
QUESTION 242
Router-A and Router-B shown in the exhibit are peering between their loopback interfaces. Which operational-mode command on Router-B do you use to display the BGP
routes advertised to Router-A?
A.
B.
C.
D.

show bgp rib-out neighbor 10.10.10.1
show bgp neighbor 10.10.10.1 advertised-routes
Correct Answer: B
Section: Volume C
Explanation
QUESTION 243
Which two statements describe nonstop routing? (Choose two.)
A.
B.
C.
D.
RPD is running on the backup RE.

Graceful restart is required for nonstop routing to function.
Peer nodes are not alerted of RE mastership changes.
COSD is running on the backup RE.
Correct Answer: AC
Section: Volume C
Explanation
QUESTION 244
Router 2 is receiving a route to 10.0.0.0/8 from Router 4 and Router 5. What will Router 2 do with the routes shown in the exhibit?
A.
B.
C.
D.
Router 2 will mark both routes active if the next hops are reachable.
Router 2 will prefer the route received from Router 4 because of a lower origin code value.
Router 2 will prefer the route that arrived first because neither route is necessarily preferable over the other.
Router 2 will prefer the route received from Router 5 because it has a shorter AS path.
Correct Answer: D
Section: Volume C
Explanation
QUESTION 245
Router 2 is receiving a route to 10.0.0.0/8 from Router 4 and Router 5. What will Router 2 do with the routes shown in the exhibit?
A.
B.
C.
D.
Router 2 will mark both routes active if both next hops are reachable.
Router 2 will prefer the route received from Router 4 because of a lower origin code value.
Router 2 will prefer the route that arrived first because neither route is necessarily preferable over the other.
Router 2 will prefer the route received from Router 5 because it has a lower MED value.
Correct Answer: B
Section: Volume C
Explanation
QUESTION 246
Router 2 is receiving two announcements of a route to 10.0.0.0/8. Router 2 learned one version of the route from ISP-2; this announcement of the route was received first.
The second announcement of the route was received from Router 1 using IBGP. What will Router 2 do with the routes shown in the exhibit?
A.
B.
C.
D.
Router 2 will choose to forward traffic toward ISP 2 because this route was learned first.
Router 2 will choose to forward traffic toward Router 1 because newer routes are preferable.
Router 2 will choose to forward traffic toward ISP 2 because EBGP-learned routes are preferred over IBGP-learned routes.
Router 2 will choose to forward traffic toward Router 1 because IBGP-learned routes are preferred over EBGP-learned routes.
Correct Answer: C
Section: Volume C
Explanation
QUESTION 247
Which two statements are true of GRE? (Choose two.)
A. GRE can encapsulate and transport protocols other than IP across an IP network.
B. GRE can create a point-to-point link between two devices separated by multiple hops
C. GRE encrypts the data it transports to ensure data integrity.

D. GRE maintains state at Layer 5 of the OSI reference model.
Correct Answer: AB
Section: Volume C
Explanation
QUESTION 248
Which field of the IP header is modified on a payload packet when using GRE?
A.
B.
C.
D.
time to live
source address
protocol
fragment offset
Correct Answer: A
Section: Volume C
Explanation
QUESTION 249
You must create an IP-IP tunnel between two routers on your network. These two devices are separated by 10 hops. The tunnel appears to be established, but no traffic is
traversing the tunnel. What causes this behavior?
A.
B.
C.
D.
The tunnel's TTL has not been modified from the default value of 8.
Traffic is being dropped along the path because a configured MTU is greater than the tunnel's MTU.
A route that directs traffic into the tunnel is not present.
BGP has not been enabled between tunnel end-points.
Correct Answer: C
Section: Volume C
Explanation
QUESTION 250
Which three statements are true about tunnels? (Choose three.)
A. By default, GRE tunnels copy the ToS bits of the inner packet's IP header to the GRE header.
B.
C.
D.
E.
By default, GRE allows fragmentation of packets traversing nodes whose MTU is lower than the de-encapsulating devices.
IP-IP tunnels transport only IP traffic.
GRE and IP-IP tunnels are configured by defining a logical unit for a tunnel interface.
GRE encapsulations and IP-IP encapsulations both add additional overhead to a packet.
Correct Answer: CDE

Section: Volume C
Explanation
QUESTION 251
You want traffic destined for the 66.142.1.0/24 network to traverse an IP-IP tunnel. You notice traffic being sent to any address in that subnet is not being received. Upon
reviewing the output shown in the exhibit, what is the problem?
A.
B.
C.
D.
The route is in the wrong routing table.

The route is a static route; a dynamic routing protocol must be used.
The route is not active in the inet.2 routing table.
The route does not point to the IP-IP tunnel.
Correct Answer: D
Section: Volume C
Explanation
QUESTION 252
An IP-IP tunnel must meet which two requirements to function correctly? (Choose two.)
A.
B.
C.
D.
The tunnel end points must have a valid route to each other.
The tunnel end points must be distributed inside the IGP.
A GRE tunnel must be established first to carry the IP-IP tunnel.
All devices in between the tunnel end points must have a valid route to the tunnel end points.
Correct Answer: AD
Section: Volume C
Explanation
QUESTION 253
A GRE tunnel is established between two routers. When a user on one end sends traffic with a large packet size to a user on the remote end, the packet never arrives.
However, the problem does not exist for smaller packets. What is the problem?
A.
B.
C.
D.
The tunnel is down on the remote end.

The don't-fragment bit is set on the traffic.
GRE tunnels do not support IP traffic.
No dynamic routing protocol exists to handle the traffic.
Correct Answer: B
Section: Volume C
Explanation
QUESTION 254
You have created an IP-IP tunnel which will traverse interface at-0/1/0 and you would like to make sure that the tunnel is operational. Which operational-mode command
should you use to verify that the IP-IP tunnel interface is up?
A.
B.
C.
D.
show ip tunnels interfaces

show interfaces at-0/1/0 terse
show interfaces ip-0/0/0 terse
show ip-0/0/0 interfaces terse
Correct Answer: C
Section: Volume C
Explanation
QUESTION 255
Devices S1 and S2 have the interface configurations as shown in the exhibit. You attach ge-0/0/0 on S1 to ge-0/0/0 on S2. You attach ge-0/0/1 on S1 to ge-1/0/20 on S2.
However, the ae0 interface remains down on both S1 and S2. What should you change to cause the ae0 interface to come up?
A.
B.
C.
D.
You should use consecutive interfaces on S2.

You should use interfaces on S2 that are on the same member of the Virtual Chassis.
You should configure at least one switch to run LACP in active mode.
You should make the list of VLANs on the ae0 interfaces on S1 and S2 match.
Correct Answer: C
Section: Volume C
Explanation
QUESTION 256
You want to configure a redundant trunk group on a switch. You want ge-0/0/0.0 to be the default link; however, if ge-0/0/0.0 fails and the switch begins using ge-0/0/1.0,
you want the switch to continue using ge-0/0/1.0 until ge-0/0/1.0 fails. Which configuration will accomplish this scenario?
A. redundant-trunk-group {
primary;
}
primary;
}
}
B. redundant-trunk-group {
no-preempt;
}
C. redundant-trunk-group {
primary;
}
}
D. redundant-trunk-group {
}
Correct Answer: D
Section: Volume C
Explanation
QUESTION 257
Which three steps must you complete for an aggregated Ethernet configuration on a switch? (Choose three.)
A.
B.
C.
D.
E.
Define the aggregated Ethernet interface under the [edit chassis] stanza.
Configure the interface under the [edit protocols lacp] stanza.
Configure the aggregated Ethernet interface.
Assign physical interfaces to the aggregated Ethernet interface.
Configure the minimum number of links required for the bundle to be operational.
Correct Answer: ACD
Section: Volume C
Explanation
QUESTION 258
You are using redundant trunk groups (RTG) on your network.
Which two statements accurately describe RTG? (Choose two.)
A.
B.
C.
D.
RTG interfaces pass BPDU packets.

Aggregate Ethernet (AE) interfaces cannot be part of an RTG.
RTG is used as an alternative to STP/RSTP.
RTG connects an access switch to two aggregation switches.
Correct Answer: CD
Section: Volume C
Explanation
QUESTION 259
Which two packet types are handled solely by the RE within an EX4200? (Choose two.)
A.
B.
C.
D.
OSPF hellos
DHCP relay
STP BPDUs
IP multicast traffic
Correct Answer: AC
Section: Volume C
Explanation
QUESTION 260
Which statement is correct regarding the VLAN factory-default configuration on an EX Series switch?
A.
B.
C.
D.
The default configuration assigns the default VLAN to use ID 0.

The default configuration assigns the default VLAN to use ID 10.
The default configuration assigns all switch ports to the default VLAN.
The default configuration assigns the management port only to the default VLAN.
Correct Answer: C
Section: Volume C
Explanation
QUESTION 261
Under which hierarchy do you configure OSPF?
A.
B.
C.
D.
[edit protocols ospf]

[edit routing-options]
[edit routing-protocols]
[edit protocols igp]
Correct Answer: A
Section: Volume C
Explanation
1C.JPR.Parma-VC.001.A1> show configuration protocols ospf
inactivE. traceoptions {
file ospf.txt;
flag state;
flag route;
flag general;
flag event detail;
}
traffic-engineering;
export ospf-redistribution;
area 0.0.0.0 {
interface ae0.0 {
interface-type p2p;
hello-interval 3;
authentication {
md5 1 key OMMITTED
}
}
interface lo0.0 {
passive;
}
}
QUESTION 262
You add a GRE tunnel to transport packets between two routers. After implementing this, you notice an increase in the number of dropped packets. While looking at
packet captures, you notice that the do-not-fragment (DF) bit is set in the IP header of all the dropped packets.
What would cause this changed behavior?

A.
B.
C.
D.
The GRE tunnel has a lower MTU than the physical interface.
GRE tunnels do not support fragmentation.
GRE tunnels do not support the DF bit.
The GRE tunnel has a higher MTU than the physical interface.
Correct Answer: A
Section: Volume C
Explanation
QUESTION 263
Which three statements are correct about a Junos firewall filter? (Choose three.)
A.
B.
C.
D.
E.
It examines each packet individually.

It tracks connections and allows you to specify an action to take on all packets within a flow.
It requires you to configure the Junos operating system to explicitly allow traffic in both directions for each connection that you want to permit.
It permits the initial connection and then automatically permits bidirectional communications for this connection.
It is stateless in nature and is used by the software to control traffic passing through the device.
Correct Answer: ACE

Section: Volume C
Explanation
QUESTION 264
Which type of port must be an 802.1Q tagged port?
A.
B.
C.
D.
access
LAG
LACP
trunk
Correct Answer: D
Section: Volume C
Explanation
QUESTION 265
You want to allow RIP routes to be redistributed by an ASBR into the connected OSPF area, but you do not want to recieve external routes from other OSPF areas.
Which OSPF area type would be used to satisfy the requirement?
A.
B.
C.
D.
transit area
stub area
totally stubby area
not-so-stubby area
Correct Answer: D
Section: Volume C
Explanation
QUESTION 266
What is a difference between a generated route and an aggregated route?
A.
B.
C.
D.
Generated routes have a higher preference by default.

Generated routes use a next hop of discard.
Generated routes have a lower preference by default.
Generated routes use a next hop of a contributing route.
Correct Answer: D
Section: Volume C
Explanation
QUESTION 267
Two routers have established a peering using EBGP over a single T1 link.
How often will the routing table be synchronized between the two routers?
A.
B.
C.
D.
every 30 minutes
when an update message is received
every 30 seconds
when a notification message is received
Correct Answer: B
Section: Volume C
Explanation
QUESTION 268
You have enabled VRRP. You want to prevent preemptive behavior.
Which two actions must you perform? (Choose two.)
A.
B.
C.
D.
Use an IP address that is not assigned to a router interface.

Use the IP address of one of the routers as the virtual address.
Disable preemption with the no-preempt command.
Set both routers to the same priority value.
Correct Answer: AC
Section: Volume C
Explanation
QUESTION 269
Which two statements describe STP and RSTP interoperability? (Choose two.)
A.
B.
C.
D.
STP protocol discards any RSTP BPDUs it receives.

STP protocol accepts RSTP BPDUs but will not respond.
RSTP accepts STP BPDUs and responds with STP BPDUs.
RSTP discards STP BPDUs.
Correct Answer: AC
Section: Volume C
Explanation
QUESTION 270
Which feature allows you to drop unknown unicast traffic when exceeding a specified level?
A.
B.
C.
D.
MAC limiting
IP source guard
storm control
broadcast control
Correct Answer: C
Section: Volume C
Explanation
QUESTION 271
You are configuring DHCP snooping to improve security on your network.
Which configuration enables DHCP snooping on the VLAN?
A. ethernet-switching-options {
secure-access-port {
vlan default {
examine-dhcp;
}
}
}
B. ethernet-switching-options {
vlan default {
no-examine-dhcp;
}
}
}
C. ethernet-switching-options {
vlan default {
no-dhcp-trusted;
}
}
}
D. ethernet-switching-options {
vlan default {
dhcp-trusted;
}
}
}
Correct Answer: A
Section: Volume C
Explanation
QUESTION 272
Layer 2 interfaces can be assigned to operate in which two modes? (Choose two.)
A.
B.
C.
D.
route
access
trunk
distribution
Correct Answer: BC
Section: Volume C
Explanation
QUESTION 273
Which three types of firewall filters are supported by Juniper Networks EX Series Ethernet switches? (Choose three.)
A.
B.
C.
D.
E.
a VLAN-based firewall filter applied to Layer 3 in the ingress and egress directions
a router-based firewall filter applied to Layer 2 routed interfaces in the ingress and egress directions
a router-based firewall filter applied to Layer 3 routed interfaces in the ingress and egress directions
a port-based firewall applied to Layer 2 switch ports in the ingress and egress direction
a VLAN-based firewall applied to Layer 2 VLANs in the ingress and egress directions
Correct Answer: CDE

Section: Volume C
Explanation
QUESTION 274
Your customer wants to connect a VoIP phone to interface ge-0/0/5 on an EX4200 switch in VLAN 20 and connect a PC to the VoIP phone. The PC should be part of
VLAN 30.
Which two commands will implement this solution? (Choose two.)
A.
B.
C.
D.
set interface ge-0/0/5.0 family ethernet-switching vlan members vlan-30

set ethernet-switching-options voip interface ge-0/0/5.0 vlan 20
set interface ge-0/0/5.0 family ethernet-switching vlan members vlan-20
set ethernet-switching-options voip interface ge-0/0/5.0 vlan 30
Correct Answer: AB
Section: Volume C
Explanation
QUESTION 275
You review the current LSA database and you suspect that your LSA database contains stale or invalid database entries. You need to verify that your router is receiving
LSAs from other routers in your network.
Which action would you take to correct this problem?
A.
B.
C.
D.
Purge the LSDB.

Increase the max-age attribute for the LSDB.
Decrease the max-age attribute for the LSDB.
Disable and enable the interfaces.
Correct Answer: A
Section: Volume C
Explanation
QUESTION 276
Which three statements are correct about the processing order of firewall filters on a Junos device? (Choose three.)
A.
B.
C.
D.
E.
A router-based firewall filter applied to an RVI applies to switched packets in the same VLAN.
A port-based firewall filter applied to an RVI does not apply to switched packets in the same VLAN.
A router-based firewall filter applied to an RVI does not apply to switched packets in the same VLAN.
The egress processing order is router, VLAN, port.
The ingress processing order is port, VLAN, router.
Correct Answer: CDE

Section: Volume C
Explanation
QUESTION 277
Which Junos platform provides Ethernet switching services?
A.
B.
C.
D.
M Series
T Series
EX Series
MAG Series
Correct Answer: C
Section: Volume C
Explanation
QUESTION 278
You are setting up EX4200 switches in a Virtual Chassis configuration to deliver high availability.
Which two actions would improve availability? (Choose two.)
A.
B.
C.
D.
Enable graceful Routing Engine switchover.

Set the mastership priority value of all switches to 255.
Distribute all uplink ports across the REs.
Distribute uplink ports across the various line cards in the VC.
Correct Answer: AD
Section: Volume C
Explanation
QUESTION 279
Which command shows the state of OSPF adjacencies?
A.
B.
C.
D.
show protocol ospf

show interfaces ospf neighbor
show ospf neighbor
show port ospf neighbor
Correct Answer: C
Section: Volume C
Explanation
QUESTION 280
Which three statements are correct about an AE interface? (Choose three.)
A. It can be configured as either active or passive.
B. It always load balances traffic equally.
C. It can support LACP.
D. It is referred to as a LAG.
E. It can be configured as active only.
Correct Answer: ACD
Section: Volume C
Explanation
QUESTION 281
Router R2 is having adjacency problems with Router R1. Router R2 is stuck in ExStart state.
What is causing the problem?
A.
B.
C.
D.
There is a physical and data link layer problem between R1 and R2.
There is a misconfigured IP address on the R2 interface.
The hello and dead intervals on R2 do not match R1.
The interface MTU setting on R2 does not match R1.
Correct Answer: D
Section: Volume C
Explanation
QUESTION 282
You want to configure a tunnel between two routers, and run the IS-IS routing protocol through the tunnel.
Which tunnel meets this requirement?
A.
B.
C.
D.
GRE
IP-IP
IPsec
NGMVPN
Correct Answer: A
Section: Volume C
Explanation
QUESTION 283
Which two requirements are needed to load balance traffic per flow? (Choose two.)
A.
B.
C.
D.
a destination with equal cost paths

a properly applied policy with an action to load-balance per-packet
a properly applied policy with an action to load-balance per-flow
a destination with multiple active routes
Correct Answer: AB
Section: Volume C
Explanation
QUESTION 284
Which two statements are correct about the voice VLAN feature? (Choose two.)
A.
B.
C.
D.
The voice VLAN feature enables access ports to accept both tagged and untagged traffic.
The voice VLAN feature requires access ports to accept untagged traffic only.
The voice VLAN feature always uses the same VLAN as the data VLAN
The voice VLAN feature is used with CoS to differentiate traffic.
Correct Answer: AD
Section: Volume C
Explanation
QUESTION 285
You are analyzing packet captures on your network. You observe an OSPF Type 7 LSA.
In which area type did this packet originate?
A.
B.
C.
D.
backbone
stub
totally stubby
not-so-stubby area
Correct Answer: D
Section: Volume C
Explanation
QUESTION 286
Router A and Router B are on the same network segment and in the same OSPF area. Router A receives an LSA header from Router B that is not currently in its own
database.
Which OSPF packet type does Router A send to Router B?
A.
B.
C.
D.
Type 1
Type 2
Type 3
Type 4
Correct Answer: C
Section: Volume C
Explanation
QUESTION 287
Which three statements are true of GRE tunnels? (Choose three.)
A.
B.
C.
D.
E.
The local tunnel endpoint must have a valid route to the remote endpoint.
GRE tunnels must authenticate at both ends of the tunnel.
Tunnel endpoints must have a route that directs traffic into a tunnel.
The "gr" interface can only route packets that are IP protocol packets.
All intermediary devices must have a route to the tunnel endpoints.
Correct Answer: ACE

Section: Volume C
Explanation
QUESTION 288
You have a traditional 3-tier network design.
What are two functions of the aggregation layer? (Choose two.)
A.
B.
C.
D.
It functions as the gateway to the WAN edge.

It connects access layer switches.
It provides inter-VLAN routing.
It facilitates device access.
Correct Answer: BC
Section: Volume C
Explanation
QUESTION 289
What is the default next-hop behavior for aggregate routes?
A.
B.
C.
D.
discard
resolve
reject
direct
Correct Answer: C
Section: Volume C
Explanation
QUESTION 290
Which configuration will cause IPv4 interface routes from inet.0 to appear in the myinstance routing instance?
interface-routes {
rib-group inet myribgroup;
}
rib-groups {
myribgroup {
import-rib [ inet.0 myinstance.inet.0 ];
}
}
}
interface-routes {
rib-group inet myribgroup;
}
rib-groups {
myribgroup {
export-rib inet.0;
import-rib myinstance.inet.0;
}
}
}
interface-routes {
import into myinstance.inet.0;

}
}
rib-groups {
interface-routes {
import-rib [ inet.0 myinstance.inet.0 ];
}
}
}
Correct Answer: A
Section: Volume C
Explanation
QUESTION 291
Which statement is true regarding the minimum-interval configuration shown below?
user@router# show ospf
area 0.0.0.0 {
bfd-liveness-detection {
minimum-interval 300;
}
}
}
A.
B.
C.
D.
It is the minimum hold time before BFD informs OSPF that the BFD session has been torn down.
It enables minimum transmit and receive intervals for 300 ms.
It enables minimum transmit and receive intervals for 300 seconds.
It is the minimum amount of time that the BFD session must remain alive before changing state.
Correct Answer: B
Section: Volume C
Explanation
QUESTION 292
Which three networks are default Martian addresses? (Choose three.)
A. 172.16.0.0/12 orlonger
B. 127.0.0.0/8 orlonger
C. 192.0.0.0/24 orlonger
D. 10.0.0.0/8 orlonger
E. 0.0.0.0/8 orlonger
Correct Answer: BCE
Section: Volume C
Explanation
QUESTION 293
What is the purpose of MAC limiting?
A.
B.
C.
D.
MAC limiting limits the size of the CAM table and accelerates the aging of MAC addresses.
MAC limiting sets a maximum rate on addresses learned over a period of time to minimize possible congestion caused by flooding.
MAC limiting limits the number of source MAC addresses that may be learned on an interface and protects it from MAC spoofing.
MAC limiting on a Layer 3 interface prevents a duplicate MAC address for a single IP address.
Correct Answer: C
Section: Volume C
Explanation
QUESTION 294
Which two adjacencies are allowed to form when configuring IS-IS? (Choose two.)
A.
B.
C.
D.
a Level 1 router in Area 5 connected to a Level 2 router in Area 5

Correct Answer: CD
Section: Volume C
Explanation
QUESTION 295
A router is configured to use standard metrics. The router has a single link to a Level 2 IS-IS neighbor.
What is the maximum metric for that link?
A.
B.
C.
D.
63
254
1023
65534
Correct Answer: A
Section: Volume C
Explanation
QUESTION 296
You want STP to behave similar to RSTP.
Which three configuration settings under the [edit protocols stp] hierarchy on an EX Series switch allow this? (Choose three.)
A.
B.
C.
D.
E.
max-age
bridge-priority
edge
forwarding-delay
hello-time
Correct Answer: ADE

Section: Volume C
Explanation
QUESTION 297
What describes the action of the qualified-next-hop parameter in a configuration?
A.
B.
C.
D.
It performs a recursive lookup on the destination network to confirm that the route is reachable.
It allows for the configuration of independent preferences for static routes to the same destination.
It periodically pings the next hop to validate its existence thereby assigning the static route to the forwarding table.
It verifies the maximum hop count limit before validating the static route.
Correct Answer: B
Section: Volume C
Explanation
QUESTION 298
You are configuring a firewall filter and need to select a terminating action.
What are three terminating actions? (Choose three.)
A.
B.
C.
D.
E.
reject
allow
accept
discard
drop
Correct Answer: ACD

Section: Volume C
Explanation
QUESTION 299
A company's Junos-based router has two EBGP peers and receives two BGP update messages with the following information:
Peer A - AS path [ 65001 64513 12 ] ; MED 67 ; origin value 1
Peer B - AS path [ 65002 64513 12 ] ; MED 70 ; origin value 2
Assuming default values, how will the company router react to these updates?
A.
B.
C.
D.
The path through Peer A will be preferred for all traffic to that destination.
The path through Peer B will be preferred for all traffic to that destination.
The paths will be load balanced to that destination based on a Layer 3 hash.
The company router marks the routes as hidden to that destination because the MED exceeds 63.
Correct Answer: A
Section: Volume C
Explanation
QUESTION 300
You have been asked to configure a route to 192.168.0.0/16 that will only be active under the following criteriA.
There is an active route to 192.168.100.0/24.
The 192.168.100.0/24 route came from the protocol OSPF.
Which type of route accomplishes this task?
A. static
B. generate
C. aggregate
D. null
Correct Answer: B
Section: Volume C
Explanation
QUESTION 301
What are two BGP session types? (Choose two.)
A.
B.
C.
D.
internal
inside
outside
external
Correct Answer: AD
Section: Volume D
Explanation
QUESTION 302
You are asked to configure a port to support both tagged and untagged traffic. You want to make the trunk port ge-0/0/0 and also accept untagged traffic for the data
VLAN.
Which configuration will satisfy the requirement?
A.
B.
C.
D.
set interfaces ge-0/0/0 unit 0 vlan members data

set interfaces ge-0/0/0 unit 0 untagged-vlan data
set interfaces ge-0/0/0 unit 0 native-vlan-id data
set interfaces ge-0/0/0 unit 0 default-vlan data
Correct Answer: C
Section: Volume D
Explanation
QUESTION 303
You want to enable an Ethernet Link Aggregation Group (LAG) on an EX Series switch.
Which commands enable this?

A. [edit chassis]
user@switch# set aggregated-devices ethernet device-count 1
[edit interfaces]
user@switch# set ae1 aggregated-ether-options minimum-links 1
user@switch# set ae1 aggregated-ether-options link-speed 10g
user@switch# set ae1 unit 0 family inet address 192.168.1.0/24
user@switch# set xe-0/1/0 ether-options 802.3ad ae1
B. [edit chassis]
user@switch# set chassis aggregated-devices ethernet device-count 2
[edit interfaces]
user@switch# set interface ae0 aggregated-ether-options minimum-links 1
user@switch# set interface ae0 aggregated-ether-options link-speed 10g
user@switch# set interface ae0 unit 0 family inet address 192.168.1.0/24
user@switch# set interface xe-0/1/0 ether-options 802.3ad ae0 fast
C. [edit chassis]
user@switch# set chassis aggregated-devices ethernet device-count 1
[edit interfaces]
user@switch# set interface ae0 aggregated-ether-options minimum-links 1
user@switch# set interface ae0 aggregated-ether-options link-speed 10g
user@switch# set interface ae0 unit 0 family inet address 192.168.1.0/24
D. [edit chassis]
user@switch# set aggregated-devices ethernet device-count 2
[edit interfaces]
user@switch# set ae1 aggregated-ether-options minimum-links 1
user@switch# set ae1 aggregated-ether-options link-speed 10g
user@switch# set ae1 unit 0 family inet address 192.168.1.0/24
Correct Answer: D
Section: Volume D
Explanation
QUESTION 304
Which statement describes a routing instance on a Junos device?
A. A routing instance provides separation of processing resources.
B. A routing instance provides control plane separation.
C. A routing instance virtualizes a Junos-based device, enabling it to run multiple copies of the Junos OS on the same system.
D. A routing instance is a unique collection of routing tables, interfaces, and routing protocol parameters.
Correct Answer: D
Section: Volume D
Explanation
QUESTION 305
Which statement is true regarding redundant trunk groups (RTGs)?
A.
B.
C.
D.
STP and RTG can be used on the same interface.

An aggregated interface can be a member of an RTG.
Members of an RTG must carry different VLANs.
An RTG can contain up to 16 member links.
Correct Answer: B
Section: Volume D
Explanation
QUESTION 306
You have implemented per-packet load balancing.
Which command would you use to verify that the load balancing is active?
A.
B.
C.
D.
show route | match load-balancing

show route | display forwarding-table
show route load-balancing
show route forwarding-table
Correct Answer: D
Section: Volume D
Explanation
QUESTION 307
A GRE tunnel is configured between Router1 and Router2 across the Internet. Performance on the GRE tunnel is slow and Router1 is receiving ICMP messages from
Router2.
What is the cause of this problem?

A.
B.
C.
D.
The do-not-fragment (DF) bit has not been set on Router2.

The do-not-fragment (DF) bit has not been set on Router1.
There is a duplex setting mismatch on the GRE tunnel.
The maximum segment size (MSS) setting has not been configured correctly for the GRE tunnel.
Correct Answer: D
Section: Volume D
Explanation
QUESTION 308
You would like the network attached to the ge-0/0/1.0 interface to be advertised into OSPF, but you also want to prevent OSPF adjacencies from being formed on ge0/0/1.0.
Which command will satisfy this requirement?
A. [edit protocols]
user@R1# set ospf area 1 interface ge-0/0/1.0 passive
B. [edit protocols]
user@R1# set ospf area 1 interface ge-0/0/1.0 secondary
C. [edit protocols]
user@R1# set ospf area 1 interface ge-0/0/1.0 flood-reduction
D. [edit protocols]
user@R1# set ospf area 1 interface ge-0/0/1.0 disable
Correct Answer: A
Section: Volume D
Explanation
QUESTION 309
You have an EX Series switch. You want to provide inter-VLAN routing between VLAN A and VLAN B.
Which two steps must you perform? (Choose two.)
A.
B.
C.
D.
Assign a VLAN ID to the Layer 3 VLAN interface.

Assign at least one Layer 3 address to each VLAN.
Assign interfaces configured as family Ethernet-switching to VLAN A and VLAN B.
Assign interfaces configured as family inet to VLAN A and VLAN B.
Correct Answer: BC
Section: Volume D
Explanation
QUESTION 310
Which two put ge-0/0/0 and ge-0/0/1 into the VLAN data? (Choose two.)
A. set interfaces interface-range data-ports member ge-0/0/0
set interfaces interface-range data-ports member ge-0/0/1
set interfaces interface-range data-ports unit 0 family ethernet-switching vlan members data
B. set interfaces ge-0/0/0-1 unit 0 family ethernet-switching vlan members data
C. set interfaces ge-0/0/0 to ge-0/0/1 unit 0 family ethernet-switching vlan members data
D. set interfaces ge-0/0/0 unit 0 family ethernet-switching vlan members data
set interfaces ge-0/0/1 unit 0 family ethernet-switching vlan members data
Correct Answer: AD
Section: Volume D
Explanation
QUESTION 311
Your router has formed two BGP peering relationships and received a route to 64.60.10.0/24 from each peer. The router has verified the next-hop address can be reached
for both peers.
What is the next step to determine which path is selected for the routing table?
A.
B.
C.
D.
Prefer the lowest origin value.

Prefer the shortest AS-path length.
Prefer the lowest local-preference value.
Prefer the highest local-preference value.
Correct Answer: D
Section: Volume D
Explanation
QUESTION 312
Which two statements describe benefits of the Virtual Chassis? (Choose two.)
A.
B.
C.
D.
Virtual Chassis offers control plane redundancy, which allows the use of NSR.
Virtual Chassis is an open standard to allow cross-vendor compatibility.
Virtual Chassis can be implemented on all Junos-based devices.
Virtual Chassis allows you to manage multiple switches as a single entity and potentially eliminate using STP.
Correct Answer: AD
Section: Volume D
Explanation
QUESTION 313
Which three statements are default BGP advertisement rules? (Choose three.)
A.
B.
C.
D.
E.
IBGP peers advertise routes received from EBGP peers to other IBGP peers.
EBGP peers advertise routes learned from IBGP or EBGP peers to other EBGP peers.
IBGP peers do not advertise routes received from IBGP peers to other IBGP peers.
EBGP peers do not advertise routes learned from IBGP or EBGP peers to other EBGP peers.
IBGP peers advertise routes received from IBGP peers to other IBGP peers.
Correct Answer: ABC

Section: Volume D
Explanation
QUESTION 314
You want to limit the times a user can move their laptop from one switch port to another using MAC move limiting.
Which three statements are true? (Choose three.)
A.
B.
C.
D.
E.
You can limit movement per VLAN rather than per port.
You can send the offending MAC address to a quarantined VLAN.
The switch can lockout the offending user's Active Directory account.
You can automatically send logs of the event.
The switch can automatically shutdown a port.
Correct Answer: ADE

Section: Volume D
Explanation
QUESTION 315
A network administrator has just received a new EX Series switch to replace a router and Layer 2 switch. The network administrator has configured all of the Layer 2
parameters, however users are reporting that they can only reach devices within their own VLAN.
What would solve the problem?
A.
B.
C.
D.
The network administrator must configure inter-VLAN routing.

The network administrator must administratively enable the VLAN.
The network administrator needs to clear the ARP table.
The network administrator needs to clear the bridge table.
Correct Answer: A
Section: Volume D
Explanation
QUESTION 316
Which two new port roles does RSTP introduce? (Choose two.)
A.
B.
C.
D.
backup
forwarding
alternate
designated
Correct Answer: AC
Section: Volume D
Explanation
QUESTION 317
Your network consists of three OSPF routers as shown below:
R1 -- R2 -- R3
You run the show ospf neighbor command on R2. The output shows no data in the output for OSPF neighbors.
Which three actions will troubleshoot the adjacency problem for Router R2? (Choose three.)
A.
B.
C.
D.
Verify the physical and data link layer connectivity on Routers R1, R2, and R3.
Look for incorrect settings for MTU on Routers R1 and R3.
Look for mismatched configurations on Routers R1, R2, and R3 for IP subnet/mask, area number, and area type.
Verify Router R1 and R3 to see if they are stuck in 2-way state.
E. Look for mismatched configurations on Routers R1, R2, and R3 for authentication, hello/dead interval, and network type.
Correct Answer: ACE
Section: Volume D
Explanation
QUESTION 318
A network administrator would like to prevent certain network addresses from being part of the routing table.
Which Junos feature would be used to accomplish this task?
A.
B.
C.
D.
prefix lists
Martian addresses
route maps
static routes
Correct Answer: B
Section: Volume D
Explanation
QUESTION 319
You are analyzing a packet capture from your network running OSPF. You see a Type 2 LSA.
Which type of router originated the packet?
A.
B.
C.
D.
ABR
DR
ASBR
BDR
Correct Answer: B
Section: Volume D
Explanation
QUESTION 320
Which BGP configuration parameter allows the router to wait for the peer to initiate the open request?
A.
B.
C.
D.
hold-time
passive
accept-remote-nexthop
out-delay
Correct Answer: B
Section: Volume D
Explanation
QUESTION 321
You want to enable nonstop active routing (NSR).
Which two commands must you use? (Choose two.)
A.
B.
C.
D.
set routing-options nonstop-routing

set routing-options graceful-restart
set chassis redundancy graceful-switchover
set routing-options graceful-switchover
Correct Answer: AC
Section: Volume D
Explanation
QUESTION 322
Which protocol provides redundancy in a LAN environment through the use of master and backup routers?
A.
B.
C.
D.
BGP
BFD
VRRP
RIP
Correct Answer: C
Section: Volume D
Explanation
QUESTION 323
Which two statements describe the behavior of Dynamic ARP Inspection? (Choose two.)
A.
B.
C.
D.
Dynamic ARP Inspection is disabled by default.

Dynamic ARP Inspection is enabled on individual ports.
Dynamic ARP Inspection is enabled by default.
Dynamic ARP Inspection is enabled on individual VLANs.
Correct Answer: AD
Section: Volume D
Explanation
QUESTION 324
What are two characteristics of an OSPF link-state update? (Choose two.)
A.
B.
C.
D.
A link-state update can be sent directly after an adjacency is formed.

A link-state update can only contain a single link-state advertisement (LSA).
A link-state update is sent in response to a link-state request.
A link-state update is used to determine which router is in charge of the database exchange.
Correct Answer: AC
Section: Volume D
Explanation
QUESTION 325
Which two common scenarios will prevent an IS-IS adjacency from forming? (Choose two.)
A.
B.
C.
D.
The interface MTU value is set lower than 1492.

An IP address is not configured on the lo0 interface.
There are mismatched Level 1 areas.
There are mismatched Level 2 areas.
Correct Answer: AC
Section: Volume D
Explanation
QUESTION 326
Several routers share a common LAN segment in area 224 and have formed adjacencies using IS-IS. One router is elected as the designated intermediate system (DIS).
To which multicast address will the peers send their hello packets?
A.
B.
C.
D.
224.0.0.5
224.0.0.6
01:80:C2:00:00:14
49.0001.0224.0000.0015.00
Correct Answer: C
Section: Volume D
Explanation
QUESTION 327
You want to configure a static route to become available when the primary route fails.
Which parameter accomplishes this in the Junos OS?
A.
B.
C.
D.
secondary
qualified-next-hop
backup-route
resolve
Correct Answer: B
Section: Volume D
Explanation
QUESTION 328
You are running several EX4200 switches in a Virtual Chassis configuration. You want to determine which switch will become the master of the Virtual Chassis after the
switches are rebooted.
Which three criteria play a role in determining this? (Choose three.)
A.
B.
C.
D.
E.
switch priority
member ID
MAC address
prior master/backup status
serial number
Correct Answer: ACD

Section: Volume D
Explanation
QUESTION 329
When is MAC limiting performed on a frame from an unknown source MAC address?
A.
B.
C.
D.
when the ingress PFE sends header information to RE

when the ingress PFE performs a MAC address lookup
when the PFE adds the MAC address to the bridge table
when the RE adds the MAC address to the bridge table
Correct Answer: A
Section: Volume D
Explanation
QUESTION 330
You have just configured a static route for management traffic, however you would like to prevent the route from being redistributed into a dynamic routing protocol.
Which command should be added to accomplish this?
A.
B.
C.
D.
passive
reject
no-install
no-advertise
Correct Answer: D
Section: Volume D
Explanation
QUESTION 331
When analyzing BGP packets, you notice that specific path attributes are always present.
Which two attributes are seen in every update packet? (Choose two.)
A. AS path
B. local preference
C. origin
D. originator ID
Correct Answer: AC
Section: Volume D
Explanation
QUESTION 332
You are creating an RVI.
Which configuration is correct?
A. user@switch# show interfaces
...
vlan {
unit 100 {
family ether-switching;
}
}
user@switch# show vlans
vlan1000 {
vlan-id 100;
address 66.47.110.26/24;
}
B. user@switch# show interfaces
ge-1/0/1 {
unit 0 {
family inet {
address 66.36.10.126/24;
}
}
}
vlan1000 {
vlan-id 100;
l3-interface ge-1/0/1.0;
}
C. user@switch# show interfaces
...
vlan {
unit 1000 {
family inet {
address 66.57.100.26/24;
}
}
vlan1000 {
vlan-id 100;
}
D. user@switch# show interfaces
ge-1/0/1 {
unit 100 {
family inet {
address 66.36.10.126/24;
vlan-id 100;
}
}
}
vlan1000 {
vlan-id 100;
}
Correct Answer: C
Section: Volume D
Explanation
QUESTION 333
Which OSPF reference bandwidth setting would give a 1-Gbps link a metric of 10?
A.
B.
C.
D.
10
1000
10,000,000
10,000,000,000
Correct Answer: D
Section: Volume D
Explanation
QUESTION 334
What are two considerations for determining the master router in VRRP? (Choose two.)
A. The router with a lower priority value.
B. The router with a higher priority value.

C. The router with the lowest IP address configured in the VRRP group.
D. Any router that has the no-preempt configuration option set.
Correct Answer: BD
Section: Volume D
Explanation
QUESTION 335
Tyler and Staci are network administrators for AS1 and AS2. Which routing protocol is used for peering between autonomous systems?
A.
B.
C.
D.
OSPF
IS-IS
static routes
BGP
Correct Answer: D
Section: Volume D
Explanation
QUESTION 336
Which two commands will display the link speed of ge-0/0/0? (Choose two.)
A.
B.
C.
D.
show interfaces ge-0/0/0 | match "Speed"

show interfaces ge-0/0/0.0 statistics
show interfaces terse ge-0/0/0 extensive
show interfaces ge-0/0/0 brief
Correct Answer: AD
Section: Volume D
Explanation
QUESTION 337
What are two types of PVLAN broadcast domains? (Choose two).
A. primary VLAN
B. community VLAN
C. broadcast VLAN
D. trunk VLAN
Correct Answer: AB
Section: Volume D
Explanation
QUESTION 338
What are two purposes of MAC move limiting? (Choose two.)
A.
B.
C.
D.
to prevent users from changing switch ports without approval

to prevent Layer 2 loops
to prevent users from moving to an unauthorized VLAN
to prevent MAC spoofing
Correct Answer: AC
Section: Volume D
Explanation
QUESTION 339
-- Exhibit -[edit routing-options]
user@R1# show
static {
route 172.29.130.0/17 next-hop 172.30.25.1;
route 172.29.13.0/24 {
next-hop 172.30.25.1;
no-readvertise;
}
route 172.29.16.0/12 next-hop 172.30.25.1;
route 172.29.20.0/24 next-hop 172.30.25.1;
}
[edit protocols ospf]
user@R1# show
export Export_OSPF;
area 0.0.0.0 {
interface lo0.0;
}
[edit policy-options]
user@R1# show
policy-statement Export_OSPF {
term match-static-routes {
from {
protocol static;
route-filter 172.29.0.0/16 orlonger;
}
then accept;
}
}
-- Exhibit -Referring to the exhibit, there is an OSPF policy to redistribute static routes.
Which routes will be propagated to OSPF neighbors?
A. 172.29.130.0/17
172.29.13.0/24
172.20.16.0/12
B. 172.29.13.0/24
172.29.20.0/24
C. 172.29.130.0/17
172.29.13.0/24
D. 172.29.130.0/17
172.29.20.0/24
Correct Answer: D
Section: Volume D
Explanation
QUESTION 340
-- Exhibit -user@R1# show interfaces
ge-0/0/8 {
unit 0 {
family inet {
address 172.25.100.2/24 {
vrrp-group 10 {
priority 200;
}
}
}
}
}
-- Exhibit -Two routers, R1 and R2, are part of a VRRP master and backup design.
Referring to the exhibit, which two statements are correct about this VRRP deployment? (Choose two.)
A.
B.
C.
D.
The address 172.25.100.2 is only reachable on R1.

The address 172.25.100.1 is only reachable on R1.
The address 172.25.100.2 will only be reachable on the master of VRRP group 10.
The address 175.25.100.1 will only be reachable on the master of VRRP group 10.
Correct Answer: AD
Section: Volume D
Explanation
QUESTION 341
-- Exhibit -interfaces {
ge-1/1/0 {
unit 0 {
family inet {
address 10.200.12.1/30;
}
}
}
lo0 {
unit 0 {
family inet {
address 10.200.1.1/32;
}
}
}
}
routing-options {
static {
route 10.200.1.2/32 next-hop 10.200.12.2;
}
autonomous-system 65001;
}
protocols {
bgp {
group 65002 {
neighbor 10.200.1.2 {
peer-as 65002;
}
}
}
}
-- Exhibit -Referring to the exhibit, you are configuring an EBGP peering using the loopback address between two routers.
Which parameter is needed to complete the configuration?
A.
B.
C.
D.
Multipath
Passive
Multihop
local-as
Correct Answer: C
Section: Volume D
Explanation
QUESTION 342
-- Exhibit -user@router> show configuration | no-more
...
interfaces {
ge-0/0/0 {
unit 0 {
family inet {
address 10.210.12.131/27;
}
}
}
ge-0/0/1 {
unit 0 {
family inet {
filter {
input fbf;
}
address 10.210.14.1/24;
}
}
}
}
firewall {
filter fbf {
term 1 {
then {
routing-instance fbf;
}
}
}
}
routing-instances {
fbf {
routing-options {
static {
route 0.0.0.0/0 next-hop 10.210.12.129;
}
}
}
}
user@router> show route
inet.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
10.210.12.128/27 *[Direct/0] 3d 23:21:02
> via ge-0/0/0.0
10.210.12.131/32 *[Local/0] 3d 23:21:17
Local via ge-0/0/0.0
10.210.14.0/24 *[Direct/0] 00:00:07
> via ge-0/0/1.0
10.210.14.1/32 *[Local/0] 00:00:07
Local via ge-0/0/1.0
-- Exhibit -What is causing the behavior shown in the exhibit?
A.
B.
C.
D.
The software is ignoring the fbf routing instance because it uses a reserved name.
The software is ignoring the default route in the fbf routing instance because there is no default route in the main routing instance.
The software is not able to find an interface on the router configured with the 10.210.12.129 address.
The software is not able to resolve the next hop of the default route in the fbf routing instance.
Correct Answer: D
Section: Volume D
Explanation
QUESTION 343
The switches shown in the exhibit were just powered on.

What is required to ensure that both of Switch B's ports are in a forwarding state?
A.
B.
C.
D.
Configure the bridge priority to 4k on Switch B.

Configure Switch B's ports to all be edge ports.
Configure uplinkfast on both of Switch B's ports.
Configure uplinkfast on Switch A and Switch D.
Correct Answer: A
Section: Volume D
Explanation
QUESTION 344
-- Exhibit -Router A.
interfaces {
ge-0/0/0 {
unit 0 {
family inet {
address 192.168.1.20/24 {
vrrp-group 27 {
priority 255;
authentication-type simple;
authentication-key <juniper123>;
}
}
}
}
}
}
Router B.
interfaces {
ge-4/2/0 {
unit 0 {
family inet {
address 192.168.1.19/24 {
vrrp-group 27 {
priority 200;
authentication-type simple;
authentication-key <juniper123>;
}
}
}
}
}
}
-- Exhibit -Referring to the exhibit, Router B comes up first and preemption is not enabled. Router A assumes mastership for the virtual IP. Why does Router A assume a mastership
role for the IP?
A.
B.
C.
D.
Router A's interface IP address and the virtual IP address match.

Router A is configured with a higher priority.
Router B is configured with a lower priority.
Router B has a lower primary IP address for the interface.
Correct Answer: A
Section: Volume D
Explanation
QUESTION 345
An IP tunnel connects two routers over the Internet as shown in the exhibit.
Which two statements are correct? (Choose two.)
A.
B.
C.
D.
A tunnel interface can serve as a next hop for static routes or participate in the networks IGP.
Routing protocols will always prefer a tunnel over a physical link because the tunnel is a one-hop link with the lowest cost path.
You can ensure the IP tunnel serves as the backup path through administrative settings such as cost and route preference.
IP tunnels are subject to the same simple firewall rules as the direct link between the two routers, because the original IP header contents are open for the transit
devices to see.
Correct Answer: AC
Section: Volume D
Explanation
QUESTION 346
-- Exhibit -SITE1:
routing-options {
}
protocols {
bgp {
group 65002 {
neighbor 10.200.12.1 {
peer-as 65002;
}
}
}
}
SITE2:
routing-options {
}
protocols {
bgp {
group 65001 {
neighbor 10.200.12.2 {
peer-as 65003;
}
}
}
}
-- Exhibit -Referring to the exhibit, SITE1 is configuring an EBGP peering with SITE2. SITE2 configured the incorrect peer AS during a maintenance window and now is unable to
change the configuration until the next maintenance window.
Which configuration would you use on SITE1 to establish the EBGP peering?
A. protocols {
bgp {
group 65002 {
passive;
neighbor 10.200.12.2 {
peer-as 65002;
}
}
}
}
B. protocols {
bgp {
group 65002 {
accept-remote-nexthop;
neighbor 10.200.12.2 {
peer-as 65002;
}
}
}
}
C. protocols {
bgp {
group 65002 {
local-as 65003;
neighbor 10.200.12.2 {
peer-as 65002;
}
}
}
}
D. protocols {
bgp {
group 65002 {
as-override;
neighbor 10.200.12.2 {
peer-as 65002;
}
}
}
}
Correct Answer: C
Section: Volume D
Explanation
QUESTION 347
-- Exhibit -[edit protocols rstp]
user@switch# show
bridge-priority 32k;
max-age 20;
hello-timer 2;
forward-delay 15;
disable;
}
cost 20000;
mode point-to-point;
}
priority 128;
mode shared;
}
edge;
}
bpdu-block-on-edge;
-- Exhibit -The exhibit shows the RSTP configuration for your EX Series switch. The switch begins receiving BPDUs on a port and disables that port.
Which port is disabled?
A. ge-0/0/11.0
B. ge-0/0/12.0
C. ge-0/0/13.0
D. ge-0/0/14.0
Correct Answer: D
Section: Volume D
Explanation
QUESTION 348
Your current network is using Switch-1 and Switch-2 as a Layer 3 core pair. You change the EX series switch core into a VC and configure the links between the switches
to be a LAG.
Assuming that Switch-3 is operating at Layer 2 only, which two protocols would be removed from this portion of the network? (Choose two.)
A.
B.
C.
D.
GRES
BFD
VRRP
STP
Correct Answer: CD
Section: Volume D
Explanation
QUESTION 349
-- Exhibit -[edit protocols bgp]
user@router# show
import in-protocol-level;
export out-protocol-level;
group ISPs {
type external;
import in-group-level;
export out-group-level;
neighbor 172.25.100.1 {
import in-neighbor-level;
peer-as 65505;
}
neighbor 172.25.200.1 {
export out-neighbor-level;
peer-as 65500;
}
}
-- Exhibit -Referring to the exhibit,
which import policy is applied to routes received from neighbor 172.25.200.1?

A.
B.
C.
D.
policy in-protocol-level
policy in-group-level
policy in-neighbor-level
policy out-neighbor-level
Correct Answer: B
Section: Volume D
Explanation
QUESTION 350
-- Exhibit -{master:0}[edit interfaces]
user@switch# show
ge-0/0/6 {
unit 0 {
port-mode access;
vlan {
members vlan100;
}
}
}
}
ge-0/0/7 {
unit 0 {
port-mode access;
vlan {
members vlan100;
}
}
}
}
{master:0}[edit ethernet-swtiching-options]
user@switch#show
mac-limit 1 action drop;
}
vlan 100 {
mac-move-limit 1 action drop;
}
}
-- Exhibit -Referring to the exhibit, what will the mac-move-limit command on ge-0/0/6 do?
A. Packets will be dropped if the switch detects the same source MAC address on interface ge-0/0/6 and ge-0/0/7.
B. Packets will be dropped if the switch detects the same source MAC address on two separate interfaces in VLAN 100.
C. Packets will be dropped and the event will be logged if the switch detects the same source MAC address on two separate interfaces in VLAN 100.
D. Packets will be dropped and the event will be logged if the switch detects the same source MAC address on ge-0/0/6 and ge-0/0/7.
Correct Answer: A
Section: Volume D
Explanation
QUESTION 351
A network administrator has connected four switches as shown in the exhibit. The switches are at their factory-default configurations and the administrator powers on all of
the switches at the same time.
Which switch will become the root bridge?
A.
B.
C.
D.
Switch A
Switch B
Switch C
Switch D
Correct Answer: C
Section: Volume D
Explanation
QUESTION 352
-- Exhibit -ethernet-switching-options {
mac-limit 2 action shutdown;
no-dhcp-trusted;
}
}
storm-control {
interface all;
}
}
-- Exhibit -You have configured a MAC limit on your switch.
Referring to the exhibit, when the MAC limit is exceeded, when will the port recover?
A.
B.
C.
D.
After 30 seconds
After the administrator enters the set ethernet-switching port-error clear command
After 300 seconds
After the administrator enters the clear ethernet-switching port-error command
Correct Answer: D
Section: Volume D
Explanation
QUESTION 353
-- Exhibit -{master:0}[edit]
user@router# show interfaces
ge-0/0/1 {
unit 0 {
port-mode access;
vlan {
members data;
}
}
}
}
{master:0}[edit]
user@router# show ethernet-switching-options
voip {
vlan voice;
forwarding-class assured-forwarding;
}
}
{master:0}[edit]
user@router# show vlans
data {
vlan-id 10;
}
voice {
vlan-id 20;
}
-- Exhibit -Given the configuration in the exhibit, which VLAN or VLANs would be tagged VLANs?
A.
B.
C.
D.
The voice VLAN and the data VLAN

Only the voice VLAN
Both VLANs are untagged
The data VLAN
Correct Answer: B
Section: Volume D
Explanation
QUESTION 354
-- Exhibit -protocols {
bgp {
export exp-rt;
group int {
type internal;
neighbor 192.168.1.2;
neighbor 192.168.1.3;
}
group ext {
type external;
peer-as 65002;
}
}
}
policy-options {
policy-statement exp-rt {
term 1 {
from {
route-filter 200.200.200.0/24 orlonger;
}
then {
community add no-export;
accept;
}
}
}
}
-- Exhibit
Referring to the exhibit, route 200.200.200.0/24 is exported into BGP and the peering routers use default BGP policies.
Which statement describes the advertisement for the 200.200.200.0/24 route?
A. The route will only be advertised intra-AS.
B. The route will only be advertised inter-AS.
C. The route will be advertised both intra-AS and inter-AS.

D. The route will not be advertised both intra-AS and inter-AS.
Correct Answer: A
Section: Volume D
Explanation
QUESTION 355
Referring to the exhibit, a packet sent from User A to User B will be forwarded out interface 0/0/23 using which source MAC address?
A.
B.
C.
D.
Source MAC of user A

Source MAC of user B
Source MAC associated with IP address 10.10.10.1
Source MAC associated with IP address 10.10.20.1
Correct Answer: D
Section: Volume D
Explanation
QUESTION 356
If all OSPF routers shown in the exhibit boot at the same time, which router will be elected as the designated router?
A.
B.
C.
D.
R1
R2
R3
R4
Correct Answer: D
Section: Volume D
Explanation
QUESTION 357
Referring to the exhibit, a packet destined to 172.129.3.5 is sent from ISP X towards R1.
Which statement describes how R1 handles the packet?
A.
B.
C.
D.
It sends ICMP network unreachable messages back to the source.

It forwards the packet towards Network A.
It silently drops the packet and does not send a message back to the source.
It forwards the packet towards Network C.
Correct Answer: A
Section: Volume D
Explanation
QUESTION 358
Referring to the exhibit, note that R5 is exporting the 172.168.1.0/24 route into OSPF. Which LSA type does R2 send to R4?
A.
B.
C.
D.
Type 7
Type 5
Type 3
Type 1
Correct Answer: B
Section: Volume D
Explanation
QUESTION 359
Referring to the exhibit, R1, R2, and R3 boot at the same time. Several minutes later, R4 boots.
After R4 has been online for 40 seconds, which router will be the OSPF designated router?
A.
B.
C.
D.
R1
R2
R3
R4
Correct Answer: B
Section: Volume D
Explanation
QUESTION 360
-- Exhibit -routing-options {
router-id 10.10.1.2;
}
policy-options {
policy-statement loadbalance {
term 1 {
from {
route-filter 100.100.0.0/16 exact;
}
then {
}
}
}
}
-- Exhibit -Referring to the exhibit, you have configured a load balancing policy and the router has an equal cost path for traffic to 10.100.0.0/16.
What must you do to complete the load balancing configuration?
A.
B.
C.
D.
Apply the policy as an export policy under the [edit forwarding-options] hierarchy.
Apply the policy as an import policy under the [edit forwarding-options] hierarchy.
Apply the policy as an export policy under the [edit routing-options forwarding-table] hierarchy.
Apply the policy as an import policy under the [edit routing-options forwarding-table] hierarchy.
Correct Answer: C
Section: Volume D
Explanation
QUESTION 361
All OSPF routers shown in the exhibit booted at the same time, and the network has stabilized.
How many adjacencies does R1 have?
A.
B.
C.
D.
0
1
2
3
Correct Answer: C
Section: Volume D
Explanation
QUESTION 362
You have two routers, R1 and R2, running OSPF in area 0. Router R1 is having problems with forming and adjacency with Router R2.
Referring to the exhibit, which statement is correct about the OSPF configuration in the Router R1 trace output?
A.
B.
C.
D.
Router R1 has the wrong OSPF area configured.

Router R2 has the wrong OSPF area configured.
Router R1 has the wrong interface configured for OSPF.
Router R2 has the wrong interface configured for OSPF.
Correct Answer: B
Section: Volume D
Explanation
QUESTION 363
-- Exhibit -user@Switch-1# run show dhcp snooping binding
DHCP Snooping Information:

MAC address
IP address
00:26:88:02:74:89 172.28.1.4
00:26:88:02:74:86 172.28.1.2
00:26:88:02:74:87 172.28.1.3
-- Exhibit --
Lease (seconds) Type VLAN Interface

- static default ge-0/0/9.0
86113 dynamic default ge-0/0/6.0
86378 dynamic default ge-0/0/7.0
DHCP snooping is implemented on an EX Series switch. The results display a static MAC to IP binding on interface ge-0/0/9 as shown in the exhibit.
Which statement is correct?
A.
B.
C.
D.
MAC address 00:26:88:02:74:89 is a static MAC address configured for a host attached to interface ge-0/0/9.
MAC address 00:26:88:02:74:89 is a static MAC address to IP address binding in the DHCP server.
MAC address 00:26:88:02:74:89 is a static MAC address to IP address configured on the L3 interface ge-0/0/9.
MAC address 00:26:88:02:74:89 is a static address assigned using the command set interface ge-0/0/9.0 mac-allowed 00:26:88:02:74:89.
Correct Answer: A
Section: Volume D
Explanation
QUESTION 364
-- Exhibit -policy-statement load-balance {
from {
}
then {
}
}
-- Exhibit -Referring to the exhibit, which command or set of commands completes the configuration that will load balance packets to destinations 172.24.0.0 and 172.24.0.1?
A.
B.
C.
D.
E.
F.
Set forwarding-options load-balance

Set routing-options forwarding-table export load-balance
Set protocols ospf area 0.0.0.0 policy load-balance
Set protocols ospf area 0.0.0.0 load-balance
Set forwarding-options export policy load-balance
Set forwarding-options load-balance
Correct Answer: B
Section: Volume D
Explanation
QUESTION 365
-- Exhibit -[edit]
user@router# show routing-options
graceful-restart {
disable;
}
[edit]
user@router# show protocols bgp
graceful-restart;
group my-group {
type internal;
neighbor 192.168.1.2;
neighbor 192.168.2.2 {
graceful-restart {
disable;
}
}
}
-- Exhibit -You have configured your router as shown in the exhibit.
Which statement is true based on the graceful restart (GR) configuration?
A.
B.
C.
D.
GR has been disabled globally for all protocols including BGP.

GR is enabled for all BGP neighbors.
GR is enabled only for BGP neighbor 192.168.1.2.
GR is not supported with BGP.
Correct Answer: C
Section: Volume D
Explanation
QUESTION 366
Referring to the exhibit, you want to avoid using STP and the LAG is configured on ae0.
Which function would you use to prevent a Layer 2 loop?
A.
B.
C.
D.
VRRP
RTG
LACP
GRES
Correct Answer: B
Section: Volume D
Explanation
QUESTION 367
Referring to the exhibit, which interfaces will receive a packet sent to MAC address 00:05:85:7F:EB. 80 from the user with IP address 10.10.10.10?
A.
B.
C.
D.
0/0/3 and 0/0/22

0/0/9 and 0/0/23
0/0/3, 0/0/9, 0/0/22, and 0/0/23
0/0/1, 0/0/3, 0/0/9, 0/0/22, and 0/0/23
Correct Answer: A
Section: Volume D
Explanation
QUESTION 368
You have an Ethernet frame with an unknown destination address.
Which steps are required for the switch to process and forward the Ethernet frame?
A. 1. The frame enters the ingress port and Packet Forwarding Engine (PFE).
2. The ingress PFE performs the MAC address lookup, determines the egress PFE and port.
3. The ingress PFE forwards the frame to the egress PFE.
4. The egress PFE forwards the frame out the egress port towards the destination.
B. 1. The frame enters the ingress port and PFE.
2. The ingress PFE performs the MAC address lookup and determines the source MAC is unknown.
3. The ingress PFE sends the header information to the RE, where the MAC is added.
4. If the RE adds a new source MAC address to the bridge table, the newly added MAC entry is sent to all PFEs.
C. 1. The frame enters the ingress port and PFE.
2. The ingress PFE performs the MAC address lookup; the destination MAC belongs to the switch so the PFE performs a L3 lookup.
3. The egress PFE forwards the packet out the egress port toward the destination.
D. 1. The frame enters the ingress port and PFE.
2. The ingress PFE performs the MAC address lookup, determines no match and replicates the frame to other PFEs and local ports on same broadcast domain.
3. All other PFEs replicate the frame and forward those frames out all egress ports in the same broadcast domain.
Correct Answer: D
Section: Volume D
Explanation
QUESTION 369
What is the purpose of the native VLAN?
A. The native VLAN is used to assign the trunk's default VLAN if a global default VLAN is not configured.
B. The native VLAN is only used on VoIP interfaces to allow a separate VLAN-ID for the voice VLAN and data VLAN.
C. The native VLAN assumes VLAN 1 when no default VLAN is configured.
D. The native VLAN allows the interface to accept untagged packets.
Correct Answer: D
Section: Volume D
Explanation
QUESTION 370
Two switches are powered on at the same time on the same LAN segment.
By default, what determines which switch will become the designated bridge?
A.
B.
C.
D.
the port cost for the associated interface

the bridge ID priority
the total root cost of the switch
the priority of the associated interface
Correct Answer: B
Section: Volume D
Explanation
QUESTION 371
You must modify the default RSTP port behavior on interface ge-0/0/9 so it can transition states immediately when a host is plugged in. It is on a half-duplex link.
Which command meets this requirement?
A.
B.
C.
D.
set protocols rstp interface ge-0/0/9.0 mode edge

set protocols rstp interface ge-0/0/9.0 mode portfast
set protocols rstp interface ge-0/0/9.0 mode point-to-point
set protocols rstp interface ge-0/0/9.0 mode shared
Correct Answer: C
Section: Volume D
Explanation
QUESTION 372
Which statement describes how root protection protects your network?

A.
B.
C.
D.
It dynamically modifies the STP bridge priority to the best value in your network.
It ignores superior BPDUs from being accepted on a protected interface.
It changes protected ports to the blocking state if they receive superior BPDUs.
It is enabled on a switch and uses BPDUs to negotiate a better bridge priority than its neighbors.
Correct Answer: C
Section: Volume D
Explanation
QUESTION 373
You need additional security and are configuring IP source guard.
Which three statements accurately describe IP source guard? (Choose three.)
A.
B.
C.
D.
E.
The default setting for access ports using IP source guard is untrusted.
IP source guard does not check packets received on a trunk interface.
You can enable IP source guard on interfaces and VLANs.
Packets with an invalid IP address or MAC address are rejected.
IP source guard checks the IP/MAC address of packets received against entries stored in the DHCP snooping database.
Correct Answer: ABE

Section: Volume D
Explanation
QUESTION 374
You need to prevent people outside the 192.168.1.0/24 network from accessing your Junos device using FTP.
Which configuration, when applied to interface lo0.0, will provide the desired result?
A. firewall {
family inet {
filter protect-host {
term limit-ftp {
from {
source-address {
192.168.1.0/24 except;
0.0.0.0/0;
}
port ftp;
}
then discard;
}
}
}
}
B. firewall {
family inet {
term limit-ftp {
from {
source-address {
192.168.1.0/24 except;
0.0.0.0/0;
}
protocol tcp;
port ftp;
}
then discard;
}
term all-else {
then accept;
}
}
}
}
C. firewall {
family inet {
term limit-ftp {
from {
source-address {
192.168.1.0/24;
}
port ftp;
}
then discard;
}
}
}
}
D. firewall {
family inet {
term limit-ftp {
from {
source-address {
192.168.1.0/24;
}
protocol tcp;
port ftp;
}
then discard;
}
term all-else {
then accept;
}
}
}
}
Correct Answer: B
Section: Volume D
Explanation
QUESTION 375
Which two prefixes contribute to the aggregate route 10.1.0.0/20? (Choose two.)
A.
B.
C.
D.
10.1.14.0
10.1.15.0
10.1.16.0
10.1.17.0
Correct Answer: AB
Section: Volume D
Explanation
QUESTION 376
What is the purpose of the forwarding routing instance type?
A.
B.
C.
D.
to create multiple Layer 3 switches

to create a virtual Layer 2 switch
to forward Layer 3 VPN traffic
to implement filter-based forwarding
Correct Answer: D
Section: Volume D
Explanation
QUESTION 377
Which command statically routes to a next hop that is not directly connected?
A.
B.
C.
D.
set routing-options static route 24.16.42.0/24 qualified-next-hop 64.8.21.3

set routing-options static route 24.16.42.0/24 multihop 64.8.21.3
set routing-options static route 24.16.42.0/24 next-hop 64.8.21.3 recursive
set routing-options static route 24.16.42.0/24 next-hop 64.8.21.3 resolve
Correct Answer: D
Section: Volume D
Explanation
QUESTION 378
The area border router (ABR) between the OSPF backbone area and a not-so-stubby area (NSSA) will suppress which two LSA types for route updates into the NSSA?
(Choose two.)
A.
B.
C.
D.
Type 3
Type 4
Type 5
Type 7
Correct Answer: BC
Section: Volume D
Explanation
QUESTION 379
Which two statements describe the scenario when a router will send out a Type 4 link-state update packet to its neighbors? (Choose two.)
A.
B.
C.
D.
Type 4 link-state update packets are unicast to every neighbor on regular intervals to keep the database consistent between neighbors.
Type 4 link-state update packets are sent when the interface receives a Type 3 Link-State Request packet from a neighbor.
Type 4 link-state update packets are multicast to every neighbor on regular intervals to keep the database consistent between neighbors.
Type 4 link-state update packets are sent out to the designated router (DR) or backup designated router (BDR) when a topology change occurs.
Correct Answer: BD
Section: Volume D
Explanation
QUESTION 380
Routers R1, R2, R3, and R4 are all connected on the same OSPF network segment. While viewing the output of the show ospf neighbor command on R1, you notice that
the interface towards R2 is always in the 2Way state.
What would cause this state?
A.
B.
C.
D.
R1 is a DR device and R2 is a DROther device.

R1 and R2 are both DROther devices.
R1 and R2 are both BDR devices.
R1 is a DROther device and R2 is a DR device.
Correct Answer: B
Section: Volume D
Explanation
QUESTION 381
What does an ABR between a backbone area and a totally stubby area inject into the totally stubby area?
A.
B.
C.
D.
an LSA Type 4
an LSA Type 5
an external route
a default route
Correct Answer: D
Section: Volume D
Explanation
QUESTION 382
What are three common characteristics of OSPF and IS-IS? (Choose three.)
A.
B.
C.
D.
Both routing protocols maintain a link-state database calculated using the Dijkstra shortest path first algorithm.
Both routing protocols elect a designated router and backup designated router for a shared LAN segment.
Both routing protocols use hello packets to form and maintain adjacencies.
Both routing protocols use a SHA-1 hash for authentication purposes.
E. Both routing protocols allow for address summarization between areas.

Correct Answer: ACE
Section: Volume D
Explanation
QUESTION 383
A network administrator is configuring IS-IS on a router using interface ge-0/0/3. The router being configured should only be able to form IS-IS adjacencies with Level 1
routers in its own area.
Which command correctly accomplishes this requirement?
A.
B.
C.
D.
set protocols isis interface ge-0/0/3.0 level 1 enable

set protocols isis interface ge-0/0/3.0 level 2 disable
set interfaces interface ge-0/0/3.0 isis level 1 enable
set interfaces interface ge-0/0/3.0 isis level 2 disable
Correct Answer: B
Section: Volume D
Explanation
QUESTION 384
In which two situations will the BGP next-hop attribute point to Router A? (Choose two.)
A.
B.
C.
D.
When Router A sends routing updates to its EBGP peer Router B with multihop configured.
When Router A sends routing updates to its IBGP peer Router B when route reflectors are not used.
When Router A sends routing updates to its IBGP peer Router B when route reflectors are used.
When Router A sends routing updates to its IBGP peer after redistributing routes to BGP from an IGP.
Correct Answer: AD
Section: Volume D
Explanation
QUESTION 385
A company has four routers connected as follows:
PEER ----- (A -- B -- C -- D)
Router A has an external BGP peer. IBGP peering sessions exist between A-B, B-C, C-D, and A-D. The company is running an IGP for all internal segments and does not
use static routes. Router D cannot use BGP paths from Router A in its routing table.
What are two reasons why this is occurring? (Choose two.)
A.
B.
C.
D.
The routes have an unreachable next-hop address.

BGP synchronization is disabled by default.
Router A is not configured to use next-hop self.
The TTL exceeds 1, preventing BGP routing updates from being sent between Router A and Router D.
Correct Answer: AC
Section: Volume D
Explanation
QUESTION 386
Your router has the following configuration:
[edit]
router-id 192.168.100.1;
Given this information, what is the correct Junos configuration for an IBGP session?
A. [edit]
group lab {
type external;
neighbor 192.168.100.2;
}
B. [edit]
group lab {
type 65505;
neighbor 192.168.100.2;
}
C. [edit]
group lab {
peer-as 65503;
neighbor 192.168.100.2;
}
D. [edit]
group lab {
peer-as 65505;
neighbor 192.168.100.2;
}
Correct Answer: D
Section: Volume D
Explanation
QUESTION 387
Which command is used to confirm the status of a tunnel interface?
A.
B.
C.
D.
show tunnel interface gr-0/0/0

show tunnels
show interfaces gr-0/0/0 detail
show interfaces tunnel detail
Correct Answer: C
Section: Volume D
Explanation
QUESTION 388
You have an EX4200 in a Virtual Chassis configuration. You need to establish a console connection to the switch to troubleshoot an issue.
A.
B.
C.
D.
You must first determine which VC member is the master RE and connect to it.
You must first determine which VC member is the backup RE and connect to it.
You can connect to any member of the VC and your console session will be re-directed to the master RE.
You can connect to any member of the VC but you will be connected to a local member and from there you must connect to the master RE.
Correct Answer: C
Section: Volume D
Explanation
QUESTION 389
Which two statements accurately describe VRRP? (Choose two.)
A.
B.
C.
D.
The master VRRP router sends periodic announcements to all other VRRP routers in the group.
You can set the value of the TTL field for VRRP packets.
VRRP routers communicate using multicast address 224.0.0.5.
Each VRRP group uses a single MAC address.
Correct Answer: AD
Section: Volume D
Explanation
QUESTION 390
-- Exhibit
-- Exhibit --
A packet with a source MAC address of 00:26:88:02:74:23 enters your EX Series switch on port ge-0/0/2.
Assuming the filter in the exhibit has been applied to interface ge-0/0/2, which action will apply?
A. It discards and counts the packet.
B. It rejects and counts the packet.

C. It accepts the packet.
D. It discards the packet.
Correct Answer: A
Section: Volume D
Explanation
QUESTION 391
-- Exhibit
-- Exhibit --
Which statement describes what is happening in the exhibit?

A. A redistribution policy is defined under the [edit policy-options] hierarchy and applied to router R3 under the [edit protocols ospf] hierarchy.
B. A firewall policy is defined under the [edit policy-options] hierarchy and applied to router R3 under the [edit protocols ospf] hierarchy.
C. A redistribution policy is inherited by router R3.
D. A redistribution policy is not properly configured.

Correct Answer: A
Section: Volume D
Explanation
QUESTION 392
-- Exhibit
-- Exhibit --
Referring to the exhibit, if all four switches in the Virtual Chassis boot at the same time, which of the members will assume the master and the backup Routing Engine
roles?
A.
B.
C.
D.
Member 0 will be the master and Member 2 will be the backup based on the serial number.
Member 2 will be the master and Member 0 will be the backup based on the serial number.
Member 0 and Member 2 will participate in an election process to determine the master and the backup.
The configuration is missing a priority statement to make the determination.
Correct Answer: C
Section: Volume D
Explanation
QUESTION 393
-- Exhibit
-- Exhibit --
You have just connected and powered on four EX Series switches as shown in the exhibit. All of the switches have booted at the same time and have the default STP
configuration.
Which two statements describe the STP roles of the switches?
A.
B.
C.
D.
The port connecting Switch A to Switch B is Switch A's root port.

The port connecting Switch A to Switch C is Switch A's root port.
The port connecting Switch A to Switch C is Switch C's root port.
The port connecting Switch C to Switch B is Switch C's designated port.
Correct Answer: BD
Section: Volume D
Explanation
QUESTION 394
What is the purpose of the storm control feature on EX Series switches?
A.
B.
C.
D.
to filter traffic based on fields in the IP header

to protect against a flood of OSPF routing updates
to prevent network outages caused by broadcast storms on the LAN
to facilitate Routing Engine (RE) failover in cases where the primary RE is overloaded
Correct Answer: C
Section: Volume D
Explanation
Reference:JNCIS-ENT Switching Study Guide, Chapter 52 Device Security and Firewall Filters
QUESTION 395
Which statement describes the Spanning Tree Protocol (STP)?
A.
B.
C.
D.
A switching protocol used to carry default VLANs.

A port security feature used to limit MAC addresses on a port.
A switching protocol that prevents loops.
A high availability protocol used to gracefully restart a switch.
Correct Answer: C
Section: Volume D
Explanation
Reference:JNCIS-ENT Switching Study Guide, Spanning Tree Chapter 31
QUESTION 396
Which statement is true regarding a unified in-service software upgrade (ISSU)?
A.
B.
C.
D.
BFD must be enabled.

GRES and NSR must be enabled.
VRRP must be enabled.
OAM must be enabled.
Correct Answer: B
Section: Volume D
Explanation
Reference: JNCIS-ENT Routing Study Guide, High Availability Chapter 625
QUESTION 397
Which protocol is a link-state routing protocol?
A.
B.
C.
D.
BGP
RIP
OSPF
MPLS
Correct Answer: C
Section: Volume D
Explanation
Reference: JNCIS-ENT Routing Study Guide, Open Shortest Path First Chapter 31
QUESTION 398
Which statement correctly describes the Border Gateway Protocol (BGP)?
A.
B.
C.
D.
A switching protocol used between switches on a branch office LAN.

A routing protocol used between autonomous systems.
A redundancy protocol that assists with interface failover on the LAN side of a device at the network edge.
A security protocol that monitors traffic on a gateway device and shuts down a port based on configured thresholds.
Correct Answer: B
Section: Volume D
Explanation
Reference: JNCIS-ENT Routing Study Guide, Border Gateway Protocol Chapter 41
QUESTION 399
Which statement is correct regarding access ports on EX Series switches?
A.
B.
C.
D.
They are used for console management.

They can only be connected to routers.
They are used to establish a Virtual Chassis.
They can receive untagged traffic.
Correct Answer: D
Section: Volume D
Explanation
Reference:JNCIS-ENT Switching Study Guide, Chapter 22 Virtual Networks
QUESTION 400
-- Exhibit
-- Exhibit --
User B is sending traffic to the destination MAC address of 00:26:88:02:74:89.

Referring to the exhibit, which statement is true?
A.
B.
C.
D.
All users will receive the traffic.

Only User A will receive the traffic.
Only User D will receive the traffic.
Both Users A and D will receive the traffic.
Correct Answer: D
Section: Volume D
Explanation
QUESTION 401
Which bridging mechanism is used to obtain the MAC addresses of nodes on the network?
A.
B.
C.
D.
listening
aging
learning
filtering
Correct Answer: C
Section: Volume E
Explanation
QUESTION 402
What are two characteristics of a shared LAN? (Choose two.)
A.
B.
C.
D.
All devices are part of the same collision domain.

Each device participates in its own collision domain.
All traffic is flooded out to all devices.
Traffic is intelligently forwarded to learned destinations.
Correct Answer: AC
Section: Volume E
Explanation
QUESTION 403
What are two characteristics of a switched LAN? (Choose two.)
A.
B.
C.
D.
All devices are part of the same collision domain.

Each device participates in its own collision domain.
All traffic is flooded out to all devices.
Traffic is intelligently forwarded to learned destinations.
Correct Answer: BD
Section: Volume E
Explanation
QUESTION 404
Which three mechanisms build or maintain bridge tables in a switched LAN? (Choose three.)
A.
B.
C.
D.
E.
learning
listening
flooding
purging
aging
Correct Answer: ACE

Section: Volume E
Explanation
QUESTION 405
Which statement describes the flooding bridging mechanism when it receives traffic destined to an unknown MAC address?
A.
B.
C.
D.
The switch will discard the traffic and send a destination unreachable message.
The switch will clear the bridging table and forward traffic out all ports.
The switch will silently discard the traffic.
The switch will forward the traffic out all ports.
Correct Answer: D
Section: Volume E
Explanation
QUESTION 406
-- Exhibit
-- Exhibit --
Referring to the exhibit, which three elements must be configured to allow communication between Host A and Host B, and between Host C and Host D? (Choose three.)
A.
B.
C.
D.
E.
The ports connecting to the hosts must be configured as access ports.

The ports connecting to the hosts must be configured as trunk ports.
The ge-0/0/1 interface must be configured as a trunk port.
The ge-0/0/1 interface must be configured for a routed VLAN interface.
The ge-0/0/1 interface must be configured for a native VLAN.
Correct Answer: ACE

Section: Volume E
Explanation
QUESTION 407
You must ensure that the user connected to ge-0/0/0 can send traffic from their computer as well as their IP phone using the same physical port. The traffic coming from
the computer will not contain a VLAN tag, and traffic from the IP phone will be tagged using the . This traffic must remain separated throughout the Layer 2 network.
Which feature must be used?
A. routed VLAN interface
B. native VLAN
C. voice VLAN
D. default VLAN
Correct Answer: C
Section: Volume E
Explanation
QUESTION 408
-- Exhibit
-- Exhibit --
Referring to the exhibit, which two elements must be configured to pass both tagged voice and untagged data traffic? (Choose two.)
A.
B.
C.
D.
The ge-0/0/1 interface must be configured as a trunk port.

The ge-0/0/1 interface must be configured as an access port.
The ge-0/0/0 interface must be configured for the voice VLAN.
The ge-0/0/1 interface must be configured for the voice VLAN.
Correct Answer: BD
Section: Volume E
Explanation
QUESTION 409
-- Exhibit
-- Exhibit --
User D is trying to send traffic to User B.

Referring to the exhibit, what will happen to the traffic?
A.
B.
C.
D.
The traffic will only be sent to User B.

The traffic will be flooded to all users except User D.
The traffic will be dropped by the switch.
The traffic will only be sent to User B and User C.
Correct Answer: B
Section: Volume E
Explanation
QUESTION 410
You are asked to ensure that your trunk port transmits both tagged and untagged traffic.
A. You must use the native VLAN feature on the trunk ports.
B. You must use the voice VLAN feature on the trunk ports.
C. You must use the voice VLAN feature on the access ports.
D. You must use the 802.1Q tunneling feature on the access ports.
Correct Answer: A
Section: Volume E
Explanation
QUESTION 411
Which statement is correct regarding the default behavior of trunk ports on EX Series switches?
A.
B.
C.
D.
Trunk ports only transmit untagged traffic.

Trunk ports only transmit tagged traffic.
Trunk ports transmit both tagged and untagged traffic.
Trunk ports have 802.1Q tunneling enabled.
Correct Answer: B
Section: Volume E
Explanation
QUESTION 412
You are asked to associate the v100 and v200 VLANs with the ge-0/0/1 interface.
Which two configurations are correct? (Choose two.)
A. {master:0}[edit]
user@switch# show interfaces ge-0/0/1
unit 0 {
vlan {
}
}
}
B. {master:0}[edit]
user@switch# show interfaces ge-0/0/1
unit 0 {
port-mode trunk;
vlan {
}
}
}
C. {master:0}[edit]
v100 {
vlan-id 100;
interface {
ge-0/0/1.0;
}
}
v200 {
vlan-id 200;
interface {
ge-0/0/1.0;
}
}
D. {master:0}[edit]
v100 {
vlan-id 100;
}
v200 {
vlan-id 200;
}
Correct Answer: BC
Section: Volume E
Explanation
QUESTION 413
-- Exhibit
{master:0}
user@switch> show vlans
Name
Tag Interfaces
default
ge-0/0/1.0, ge-0/0/2.0, ge-0/0/3.0, ge-0/0/4.0,
ge-0/0/8.0*, ge-0/0/9.0*, ge-0/0/10.0*, ge-0/0/11.0*,
ge-0/0/12.0*, ge-0/0/13.0*
v10
10
ge-0/0/5.0, ge-0/0/6.0*, ge-0/0/7.0*
-- Exhibit --
You are trying to pass traffic using VLAN v10; however, traffic is not reaching the device connected to port ge-0/0/5.
Given the information shown in the exhibit, what is the problem?
A.
B.
C.
D.
The ge-0/0/5 interface is down.

The ge-0/0/5 interface is an access port.
The ge-0/0/5 interface has been deactivated.
The ge-0/0/5 interface is a trunk port.
Correct Answer: A
Section: Volume E
Explanation
QUESTION 414
Which statement is true about STP on an EX Series switch?
A.
B.
C.
D.
STP requires MSTP to also be configured.

STP automatically rebuilds the tree when the topology changes.
STP builds loop-free paths in nonredundant Layer 2 networks.
The root bridge is the switch with the highest bridge ID.
Correct Answer: B
Section: Volume E
Explanation
QUESTION 415
What are three advantages of RSTP over STP? (Choose three.)
A.
B.
C.
D.
E.
RSTP introduces the alternate port role, which provides additional bandwidth for traffic heading to the root bridge.
RSTP allows an alternate link to immediately transition to the forwarding state if the point-to-point link fails.
RSTP allows a port to be an edge port when it connects to a LAN with no other bridges.
RSTP introduces the backup port role, which allows multiple ports to pass traffic into the same LAN segment at the same time.
RSTP introduces the backup port role, which allows a second port on the shared LAN segment to act as a backup port.
Correct Answer: BCE

Section: Volume E
Explanation
QUESTION 416
Which three port states of RSTP are valid? (Choose three.)
A.
B.
C.
D.
E.
discarding
listening
flooding
learning
forwarding
Correct Answer: ADE

Section: Volume E
Explanation
QUESTION 417
What are two types of STP BPDUs? (Choose two.)
A.
B.
C.
D.
link-state
configuration
topology change notification
update
Correct Answer: BC
Section: Volume E
Explanation
QUESTION 418
-- Exhibit
-- Exhibit --
Based on the exhibit and assuming default port costs, in which RSTP port role and state is Switch C's interface connecting to Switch B?
A.
B.
C.
D.
root, forwarding
alternate, discarding
alternate, forwarding
designated, forwarding
Correct Answer: B
Section: Volume E
Explanation
QUESTION 419
Which two statements are correct about how EX Series switches support STP and RSTP interoperability? (Choose two.)
A.
B.
C.
D.
A switch running only STP accepts RSTP BPDUs and discards the RSTP-specific information.
A switch running only STP discards RSTP BPDUs.
A switch running RSTP accepts STP BPDUs and responds using STP BPDUs.
A switch running RSTP accepts STP BPDUs and responds using RSTP BPDUs.
Correct Answer: BC
Section: Volume E
Explanation
QUESTION 420
-- Exhibit
-- Exhibit --
The exhibit shows three switches interconnected using the default RSTP settings.
What is the role of Port A?
A.
B.
C.
D.
designated
root
alternate
blocking
Correct Answer: B
Section: Volume E
Explanation
QUESTION 421
-- Exhibit
-- Exhibit --
The exhibit shows three switches interconnected using RSTP.

What is the role of Port B?
A.
B.
C.
D.
designated
root
alternate
backup
Correct Answer: A
Section: Volume E
Explanation
QUESTION 422
Your network consists of four EX Series switches, configured with the following STP parameters:
S1:
S2:
S3:
S4:
Bridge address - F F:33:44:77

;
;
;
;
Bridge priority - 16k

Given this information, which device will become the root bridge?
A.
B.
C.
D.
S1
S2
S3
S4
Correct Answer: D
Section: Volume E
Explanation
QUESTION 423
Your network consists of four EX Series switches, configured with the following STP parameters:
S1:
S2:
S3:
S4:

;
;
;
;
Given this information, which device will become the root bridge?
A.
B.
C.
D.
S1
S2
S3
S4
Correct Answer: B
Section: Volume E
Explanation
QUESTION 424
-- Exhibit
-- Exhibit --
In the exhibit, the switches have all been powered on at the same time and have the factory default RSTP configuration.
Which action would ensure that Switch A becomes the root bridge?
A. On Switch A, issue the set protocols rstp bridge-priority 28k command.
B. On Switch A, issue the set protocols rstp bridge-priority 36k command.
C. On Switch C, issue the set protocols rstp bridge-priority 36k command.
D. On Switch B, issue the set protocols rstp bridge-priority 28k command.

Correct Answer: A
Section: Volume E
Explanation
QUESTION 425
You are troubleshooting a spanning tree problem and must quickly determine the cumulative cost to the root bridge.
Which CLI command should you use?
A.
B.
C.
D.
show spanning-tree bridge

show spanning-tree interface
show spanning-tree statistics interface
show protocols rstp
Correct Answer: A
Section: Volume E
Explanation
QUESTION 426
You have four interconnected switches all using default RSTP parameters. You are asked to ensure that S1 becomes the root bridge.
Which configuration will accomplish this task?
A. {master:0}[edit]
user@S1# show protocols
rstp {
hello-time 2;
cost 1;
}
cost 1;
}
}
B. {master:0}[edit]
rstp {
hello-time 2;
priority 16;
}
priority 16;
}
}
C. {master:0}[edit]
rstp {
hello-time 2;
cost 100;
}
cost 100;
}
}
D. {master:0}[edit]
rstp {
hello-time 2;
priority 16;
}
priority 16;
}
}
Correct Answer: C
Section: Volume E
Explanation
QUESTION 427
-- Exhibit
-- Exhibit --
You manage the network shown in the exhibit. All four switches have the default RSTP settings. The elected root bridge is switch-1. You must ensure that switch-4 always
prefers the connection to switch-3 to reach the root bridge.
Which two configurations will accomplish this task? (Choose two.)
{master:0}[edit]
A. user@switch-4# show protocols
rstp {
priority 64;
cost 20000;
}
}
{master:0}[edit]
B. user@switch-4# show protocols
rstp {
priority 128;
cost 20000;
}
}
{master:0}[edit]
C. user@switch-3# show protocols

rstp {
priority 240;
cost 200000;
}
}
{master:0}[edit]
D. user@switch-3# show protocols
rstp {
priority 128;
cost 2000;
}
}
Correct Answer: AD
Section: Volume E
Explanation
QUESTION 428
-- Exhibit -{master:0}
user@switch> show spanning-tree interface
Spanning tree interface parameters for instance 0
Interface Port ID Designated
Designated
Port State Role
port ID
bridge ID
Cost
ge-0/0/6.0 128:519
128:519 32768.0019e2552481 200000 FWD DESG
ge-0/0/7.0
64:520
64:520 32768.0019e2552481 20000 FWD DESG
ge-0/0/8.0
32:521
32:521 32768.0019e2552481 20000 FWD DESG
ge-0/0/9.0
32:522
32:522 32768.0019e2552481 200000 FWD DESG
ge-0/0/11.0 32:524
32:524 32768.0019e2552481
2000 FWD DESG
ge-0/0/12.0 64:525
64:525 32768.0019e2552481
2000 FWD DESG
ge-0/0/13.0 64:526
64:526 32768.0019e2552481
2000 FWD DESG
-- Exhibit --
Which three statements are correct regarding the information shown in the exhibit? (Choose three.)
A.
B.
C.
D.
ge-0/0/6 is using the default interface priority.

ge-0/0/11 is selected as the root port.
This switch is the root bridge.
This switch is not the root bridge.
E. ge-0/0/7 is using the default interface cost.

Correct Answer: ACE
Section: Volume E
Explanation
QUESTION 429
Designated
Port State Role
port ID
bridge ID
Cost
ge-0/0/1.0 142:519
142:519
0.002688027490 10000 BLK ALT (Root-Incon)
ge-0/0/2.0 142:520
142:520 4128.0019e2516580 10000 FWD DESG
ge-0/0/3.0 142:521
142:521 4128.0019e2516580 10000 FWD DESG
-- Exhibit --
Referring to the exhibit, which statement is correct about the ge-0/0/1 interface?
A.
B.
C.
D.
It has transitioned to the loop-inconsistent state.

It is root protected and has received a superior BPDU.
It has transitioned to a blocking state due to BPDU protection.
It is normally in blocking mode.
Correct Answer: B
Section: Volume E
Explanation
QUESTION 430
Designated
Port State Role
port ID
bridge ID
Cost
ge-0/0/1.0 142:519
142:519
0.002688027490 10000 FWD ROOT
ge-0/0/2.0 142:520
142:520 4128.0019e2516580 10000 FWD DESG
ge-0/0/3.0 142:521
142:521 4128.0019e2516580 10000 BLK DIS (Loop-Incon)
-- Exhibit --
Referring to the exhibit, which statement is true about the ge-0/0/3 interface?
A.
B.
C.
D.
The switch has transitioned the port to a loop-inconsistent state.

The switch received a superior BPDU on a root protected port.
The switch has transitioned to a blocking state due to BPDU protection.
The switch port is normally in blocking mode.
Correct Answer: A
Section: Volume E
Explanation
QUESTION 431
Which two statements about dynamic ARP inspection (DAI) are true? (Choose two.)
A.
B.
C.
D.
You enable DAI on each port.

Trunk ports are untrusted by default.
You can set individual ports as trusted by adding the dhcp-trusted parameter on a given port.
DAI depends on the entries found in the DHCP snooping database.
Correct Answer: CD
Section: Volume E
Explanation
QUESTION 432
Your security department has identified an increase in IP spoofing attacks.
Which feature should you enable with DHCP snooping to prevent these attacks?
A.
B.
C.
D.
ARP spoofing
DHCP option 82
MAC limiting
IP source guard
Correct Answer: D
Section: Volume E
Explanation
QUESTION 433
You are asked to ensure that an unauthorized switch running spanning tree cannot be added to any edge port on your EX Series switch. The ports must discard any
incoming spanning tree packets but the interface must continue to forward traffic.
What should you do to accomplish the behavior?
A.
B.
C.
D.
Enable BPDU protection.

Enable BPDU protection and use the drop feature.
Enable root protection and use the drop feature.
Enable root protection.
Correct Answer: B
Section: Volume E
Explanation
QUESTION 434
-- Exhibit -{master:0}[edit]
user@switch# show firewall
filter block-traffic {
term count {
from {
source-address {
10.100.0.254/32;
}
}
then count blocked-subnet;
}
term reject-traffic {
from {
source-address {
10.100.0.254/32;
}
}
then discard;
}
term accept-rest {
then accept;
}
}
}
-- Exhibit --
You have a device that is sending a malicious packet to other devices in your Layer 2 network. You are asked to ensure that packets sent from this device are not allowed
to enter your network. You must also keep track of the number of packets that are being received. The device's IP address is 10.100.0.254. You have created and applied
the firewall filter shown in the exhibit to the correct port. However, traffic is still being forwarded into the network.
What is causing the problem?
A.
B.
C.
D.
The reject-traffic term must be placed before the count term.

The filter family is incorrect for a port based filter.
Layer 2 firewall filters do not have visibility to the Layer 3 header information.
The count term is implicitly accepting the traffic.
Correct Answer: D
Section: Volume E
Explanation
QUESTION 435
Which two statements are true about firewall filters on an EX Series switch? (Choose two.)
A.
B.
C.
D.
The switch processes each packet through the firewall filters independently of all other packets.
You must explicitly allow traffic in both directions for each connection that you want to permit.
A router-based filter applied to an RVI applies to switched packets in the same VLAN.
Port-based and VLAN-based filters are applied under different family statements in the CLI.
Correct Answer: AB
Section: Volume E
Explanation
QUESTION 436
In your network, you have configured an EX Series switch with port-based, VLAN-based, and router-based firewall filters. The filters are applied to examine all outgoing
traffic.
In which order will they be processed by the switch?
A. router, VLAN, port
B. VLAN, router, port
C. port, VLAN, router

D. router, port, VLAN
Correct Answer: A
Section: Volume E
Explanation
QUESTION 437
You are asked to inspect your EX Series switch for MAC limit violations.
Which two CLI commands would you use? (Choose two.)
A.
B.
C.
D.
show ethernet-switching mac-notification

show ethernet-switching interfaces
show log messages | match "mac limit"
show ethernet-switching mac-learning-log
Correct Answer: BC
Section: Volume E
Explanation
QUESTION 438
You want to configure interface ge-0/0/3 to transition to an inconsistent role in the blocking state when it receives a superior BPDU.
Which command would you use?
A.
B.
C.
D.
set interfaces ge-0/0/3.0 no-root-port

set protocols rstp interface ge-0/0/3.0 root-protection
set protocols rstp interface ge-0/0/3.0 no-root-port
set interfaces ge-0/0/3.0 root-protection
Correct Answer: C
Section: Volume E
Explanation
QUESTION 439
Interface ge-0/0/3 has been disabled because a storm control limit has been exceeded.
Which two commands are valid to recover the interface? (Choose two.)
A.
B.
C.
D.
user@switch> clear ethernet-switching storm-control-error interface ge-0/0/3

user@switch# set ethernet-switching-options secure-access-port disable-timeout 30
user@switch> clear ethernet-switching port-error interface ge-0/0/3
user@switch# set ethernet-switching-options port-error-disable disable-timeout 30
Correct Answer: CD
Section: Volume E
Explanation
QUESTION 440
You are implementing a Layer 3 VPN on a Junos device.
Which routing instance type would you use?
A.
B.
C.
D.
virtual router
VRF
VPLS
forwarding
Correct Answer: B
Section: Volume E
Explanation
QUESTION 441
Which statement is true about an aggregate route?
A.
B.
C.
D.
Its default next-hop value is discard.

It has a lower route preference than a generated route.
It supports only active routes as contributing routes.
It has a default metric of 150.
Correct Answer: C
Section: Volume E
Explanation
QUESTION 442
-- Exhibit
-- Exhibit --
You are performing a file transfer from HostA to ServerB. As shown in the exhibit, R1 and R2 have four equal-cost paths.
Which statement is correct about the default behavior of the routers load-balancing this traffic?
A.
B.
C.
D.
The file transfer is balanced across all four paths.

The file transfer is balanced across interfaces ge-0/0/1 and ge-0/0/2.
The file transfer is balanced across interface ge-0/0/1.
The file transfer is sent across one path selected randomly by R2.
Correct Answer: D
Section: Volume E
Explanation
QUESTION 443
You are configuring filter-based forwarding on your Junos device.
Which three components must be configured to accomplish this task? (Choose three.)
A.
B.
C.
D.
E.
firewall filter
logical system
routing instance
routing policy
RIB group
Correct Answer: ACE

Section: Volume E
Explanation
QUESTION 444
-- Exhibit -user@router> show route 0/0 exact detail
0.0.0.0/0 (1 entry, 1 announced)
*Aggregate PreferencE. 130
Next hop typE. Router, Next hop index: 546
Next-hop reference count: 4
Next hop: 10.210.18.1 via ge-0/0/4.200, selected
StatE. <Active Int Ext>
Local AS: 65400
AgE. 4:09:46
Task: Aggregate
-- Exhibit --
Referring to the exhibit, which type of route is displayed?

A.
B.
C.
D.
OSPF
aggregate
static
generate
Correct Answer: D
Section: Volume E
Explanation
QUESTION 445
You want to share routes between your Junos device's master routing instance and another routing instance.
Which feature would be used to accomplish this task?
A.
B.
C.
D.
a static route
a RIB group
an aggregate route
Correct Answer: C
Section: Volume E
Explanation
QUESTION 446
-- Exhibit -user@R1> show route 66.129.0.0/22 exact detail
66.129.0.0/22 (1 entry, 1 announced)
*Aggregate PreferencE. 130
Next hop typE. Reject
Next-hop reference count: 2
StatE. <Active Int Ext>
AgE. 1:39:21
Task: Aggregate
Announcement bits (1): 0-KRT
AS path: I (LocalAgg)
Flags:
Depth: 0
Active
AS path list:
AS path: I Refcount: 3
Contributing Routes (3):
66.129.0.0/24 proto Direct
-- Exhibit --
In the exhibit, R1 receives a packet with a destination address of 66.129.3.1.

Which action does R1 take on the packet?
A.
B.
C.
D.
R1 rejects the packet and sends an unreachable message back to the source.
R1 forwards the packet to the next hop associated with the primary contributing route.
R1 forwards the packet to the next hop associated with the contributor with the lowest RID.
R1 silently discards the packet.
Correct Answer: A
Section: Volume E
Explanation
QUESTION 447
-- Exhibit
-- Exhibit --
You are required to configure a static route to 10.0.100.1 on R1. The traffic must flow through R3.
Referring to the exhibit, which static route configuration parameter meets this requirement?
A.
B.
C.
D.
install
retain
qualified-next-hop
resolve
Correct Answer: D
Section: Volume E
Explanation
QUESTION 448
-- Exhibit -[edit routing-options martians]
user@router# show
23.0.0.0/8 longer;
24.0.0.0/8 orlonger;
25.0.0.0/8 exact;
26.0.0.0/8 prefix-length-range /8-/16;
-- Exhibit --
Referring to the exhibit, which route is eligible for installation on the local inet.0 routing table?
A.
B.
C.
D.
23.0.0.0/8
24.0.0.0/8
25.0.0.0/8
26.0.0.0/8
Correct Answer: A
Section: Volume E
Explanation
QUESTION 449
-- Exhibit
-- Exhibit --
In the exhibit, R2 has a failure and R6 is promoted from the BDR to the DR.
Which router is elected as the new BDR?
A.
B.
C.
D.
R1
R3
R4
R5
Correct Answer: D
Section: Volume E
Explanation
QUESTION 450
You have both IPv4 and IPv6 running in your network. You are asked to migrate your IGP from IS-IS to OSPF. The network must retain OSPF connectivity between all
routers.
A.
B.
C.
D.
You must use OSPFv2 on all your routers.

IPv6 routers must continue to use IS-IS.
Correct Answer: B
Section: Volume E
Explanation
QUESTION 451
Which statement describes the role of an OSPF ABR?
A.
B.
C.
D.
It is used to inject external routes into OSPF.

It is used to export internal routes from OSPF.
It is used to connect a nonbackbone area to Area 0.
It is used to connect multiple nonbackbone areas.
Correct Answer: C
Section: Volume E
Explanation
QUESTION 452
Which statement describes the role of an OSPF ASBR?
A.
B.
C.
D.
It is used to inject external routes into OSPF.

It is used to export internal routes from OSPF.
Correct Answer: A
Section: Volume E
Explanation
QUESTION 453
Your network design currently consists of a single OSPF backbone area. You are asked to reduce the size of the OSPF link-state database.
Which two steps allow you to accomplish this task? (Choose two.)
A.
B.
C.
D.
Include LSA export summarization policies on all participating ASBRs.

Define multiple backbone areas and interconnect them using virtual links.
Define multiple nonbackbone areas and connect them to the backbone area.
Include route summarization on the ABRs participating in the configured areas.
Correct Answer: CD
Section: Volume E
Explanation
QUESTION 454
-- Exhibit -[edit]
user@router# show protocols ospf
traffic-engineering advertise-unnumbered-interfaces;
area 0.0.0.0 {
interface all;
}
[edit]
user@router# show interfaces
ge-0/0/0 {
unit 0 {
family inet {
address 172.16.12.15/24;
}
}
}
ge-1/0/0 {
unit 0 {
family inet {
address 66.129.12.1/24;
}
}
}
lo0 {
unit 0 {
family inet {
address 127.0.0.5/32;
}
}
}
[edit]
route-distinguisher-id 130.0.0.28;
-- Exhibit --
Referring to the exhibit, which address represents the RID?

A.
B.
C.
D.
66.129.12.1
172.16.12.15
127.0.0.5
130.0.0.28
Correct Answer: B
Section: Volume E
Explanation
QUESTION 455
In an OSPF hello packet, which field is evaluated only on broadcast media links?
A.
B.
C.
D.
network mask
hello interval
dead interval
options
Correct Answer: A
Section: Volume E
Explanation
QUESTION 456
Which three OSPF LSA types are allowed in an NSSA? (Choose three.)
A. Type 1
B.
C.
D.
E.
Type 2
Type 4
Type 5
Type 7
Correct Answer: ABE

Section: Volume E
Explanation
QUESTION 457
You are viewing the output of the show ospf neighbor command from your routers on a LAN segment and you notice that an interface has the state of 2way.
What would be the cause?
A.
B.
C.
D.
The two routers cannot communicate with each other.

The interface is between two DROther routers on a broadcast network.
One of the routers is waiting for an OSPF start event.
OSPF has not been configured on one of the routers.
Correct Answer: B
Section: Volume E
Explanation
QUESTION 458
What are three types of OSPF packets? (Choose three.)
A.
B.
C.
D.
E.
open
link-state acknowledgement
link-state interval
link-state request
database description
Correct Answer: BDE

Section: Volume E
Explanation
QUESTION 459
Your OSPF network consists of five Junos devices, R1 through R5, all in Area 0. You want to reset the LSDB for the entire area.
Which action accomplishes this task?
A.
B.
C.
D.
Add the overload parameter to each device's OSPF configuration.

Issue the clear ospf database purge command on R1.
Issue the clear ospf neighbor command on R2.
Configure the OSPF lsa-refresh-interval parameter to 0 on each device.
Correct Answer: B
Section: Volume E
Explanation
QUESTION 460
Your Junos device runs OSPF and BGP. You must limit the number of BGP prefixes within the 10.0.0.0/8 address block to be redistributed into OSPF.
Which parameter would help to control this potential problem?
A.
B.
C.
D.
overload, applied within the OSPF configuration

area-range 10.0.0.0/8 restrict, applied within the OSPF configuration
prefix-export-limit, applied within the OSPF configuration
prefix-limit, applied within the BGP configuration
Correct Answer: C
Section: Volume E
Explanation
QUESTION 461
-- Exhibit -user@router> show ospf overview
InstancE. master
Router ID. 10.10.10.5
Route table index: 0
Configured overload, expires in 10 seconds
Area border router
LSA refresh timE. 30 minutes
Restart: Enabled
Restart duration: 20 sec
Restart grace perioD. 40 sec
Helper modE. enabled
AreA. 0.0.0.0
Stub typE. Not Stub
Authentication TypE. None
Area border routers: 0, AS boundary routers: 0
Neighbors
Up (in full state): 1
AreA. 0.0.0.1
Stub typE. Not so Stubby Stub
Authentication TypE. Password
Area border routers: 0, AS boundary routers: 0
Neighbors
Up (in full state): 1
Topology: default (ID 0)
Prefix export count: 10
Full SPF runs: 3
SPF delay: 0.200000 sec, SPF holddown: 5 sec, SPF rapid runs: 5
Backup SPF. Not Needed
-- Exhibit --
Your Junos device is running OSPF.

Which three statements are true about the output shown in the exhibit? (Choose three.)
A.
B.
C.
D.
E.
The LSA refresh interval is at its default value.

The device is currently in OSPF overload state.
Protocol exchanges are encrypted for interfaces in Area 1.
A routing policy is applied.
Area 1 is an NSSA.
Correct Answer: BDE

Section: Volume E
Explanation
QUESTION 462
-- Exhibit -user@router> show ospf neighbor
Address
Interface
State ID
Pri Dead
66.129.12.2
ge-0/0/2.0
ExStart 66.129.12.2
128
-- Exhibit --
37
What is the reason for the adjacency state shown in the exhibit?
A.
B.
C.
D.
There is an authentication mismatch.

There is a hello interval mismatch.
There is an IP network mismatch.
There is an interface MTU mismatch.
Correct Answer: D
Section: Volume E
Explanation
QUESTION 463
-- Exhibit -user@router> show ospf database
OSPF database, Area 0.0.0.0
Type
ID
Adv Rtr
Seq
Age Opt Cksum Len
Router 5.5.5.5
5.5.5.5
0x80000007 471 0x22 0x180 60
Router *66.129.12.2
66.129.12.2
0x80000010 470 0x22 0xeb7 48
Network *66.129.12.2
66.129.12.2
0x80000006 470 0x22 0x248 32
Network *172.16.12.110 66.129.12.2
0x80000009 470 0x22 0xcb7 32
OpaqArea 1.0.0.1
5.5.5.5
0x80000003 471 0x22 0x3cc 28
-- Exhibit --
Referring to the exhibit, which two statements are true? (Choose two.)
A.
B.
C.
D.
The local router has OSPF traffic engineering enabled.

The local router is originating two database entries.
The local router is originating three database entries.
The local router has OSPF traffic engineering disabled.
Correct Answer: CD
Section: Volume E
Explanation
QUESTION 464
-- Exhibit -[edit protocols ospf]
user@R1# show
traceoptions {
file trace-ospf;
flag error;
}
area 0 {
interface all;
}
-- Exhibit --
You are using traceoptions, configured as shown in the exhibit, to monitor regular OSPF communications between R1 and R2 in real time. However, you are not seeing
the desired information.
How would you resolve this problem?
A.
B.
C.
D.
Examine the syslog file.

Issue the show log trace-ospf command.
Add an additional traceoptions configuration at the [edit system] hierarchy level.
Add more flags to the existing traceoptions configuration.
Correct Answer: D
Section: Volume E
Explanation
QUESTION 465
A link has failed in your IS-IS network.
Which type of PDU is triggered because of the failure?
A.
B.
C.
D.
CSNP PDU
PSNP PDU
link-state PDU
hello PDU
Correct Answer: C
Section: Volume E
Explanation
QUESTION 466
Which two statements are true about IS-IS router behavior? (Choose two.)
A.
B.
C.
D.
An IS-IS router attached to a broadcast, multi-access network establishes adjacencies with all of its neighbors on the network.
An IS-IS router attached to a broadcast, multi-access network establishes an adjacency only to the network's elected DIS.
If an IS-IS DIS attached to a broadcast, multi-access network fails, the backup DIS assumes the primary DIS role.
If an IS-IS DIS attached to a broadcast, multi-access network fails, a new DIS is elected.
Correct Answer: AD
Section: Volume E
Explanation
QUESTION 467
-- Exhibit
-- Exhibit --
The exhibit shows an IS-IS network where R2 has failed.

Which router becomes the new DIS?
A.
B.
C.
D.
R3
R1
R5
R4
Correct Answer: C
Section: Volume E
Explanation
QUESTION 468
-- Exhibit
-- Exhibit --
Wide metrics have not been enabled in your IS-IS network.

Referring to the exhibit, what is the IS-IS total path metric value between R1 and R2?
A. 1023
B. 63
C. 1134
D. 1197
Correct Answer: A
Section: Volume E
Explanation
QUESTION 469
-- Exhibit -user@router> show isis interface ge-0/0/2.0 detail
IS-IS interface database:
ge-0/0/2.0
Index: 71, StatE. 0x6, Circuit iD. 0x1, Circuit typE. 3
LSP interval: 100 ms, CSNP interval: 10 s
Adjacency advertisement: Advertise
...
-- Exhibit --
Referring to the exhibit, which IS-IS level is supported on the ge-0/0/2.0 interface?
A.
B.
C.
D.
Level 1
Level 2
Level 3
Level 1 and Level 2
Correct Answer: D
Section: Volume E
Explanation
QUESTION 470
-- Exhibit -user@router> show interfaces lo0.0
Logical interface lo0.0 (Index 66) (SNMP ifIndex 16)
Flags: SNMP-Traps Encapsulation: Unspecified
Input packets : 0
Output packets: 0
Security: ZonE. Null
Protocol inet, MTU: Unlimited
Flags: Sendbcast-pkt-to-re
Addresses
Local: 127.0.0.6
Protocol iso, MTU: Unlimited
Flags: None
Addresses, Flags: Is-Default Is-Primary
Local: 49.0001.0066.0129.0012.0002
-- Exhibit --
What is the area ID for the IS-IS NET address shown in the exhibit?
A.
B.
C.
D.
0012
49
0002
0001
Correct Answer: D
Section: Volume E
Explanation
QUESTION 471
You want to enable IS-IS on your Junos device, with ge-0/0/1 as a Level 2 only interface.
Which commands are necessary?
A. set interfaces lo0 unit 0 family iso address 49.0001.0921.0168.0201.00
set interfaces ge-0/0/1 unit 0 family iso
set protocols isis interface ge-0/0/1 level 1 disable
B. set protocols isis interface ge-0/0/1 enable
set interfaces lo0 unit 0 family iso address 49.0001.0921.0168.0201.00
set interfaces ge-0/0/1 unit 0 family iso level 1 disable
C. set interfaces lo0 unit 0 family iso address 49.0001.0921.0168.0201.00
set interfaces ge-0/0/1 unit 0 family iso level 2
D. set protocols isis interface ge-0/0/1 enable
set interfaces lo0 unit 0 family iso address 49.0001.0921.0168.0201.00
set interfaces ge-0/0/1 unit 0 family iso level 2
Correct Answer: A
Section: Volume E
Explanation
QUESTION 472
-- Exhibit
-- Exhibit --
R2 is receiving an EBGP route from R1. R3 is correctly receiving the route, but R4 is not.
How would you resolve this problem?
A.
B.
C.
D.
Change the R2, R3, and R4 peering session types to external.

Configure an IBGP session between R2 and R4.
Add a route reflector to AS 65501.
Configure a static route between R2 and R4.
Correct Answer: B
Section: Volume E
Explanation
QUESTION 473
-- Exhibit
-- Exhibit --
Referring to the exhibit, you must ensure that on R1 the Internet routes learned from ISP A are more preferred than Internet routes learned from ISP B.
Which statement will allow this behavior?
A.
B.
C.
D.
Use a policy to change the local preference value to be higher than 100 on routes learned from ISP B.
Use a policy to change the MED value to be higher than 0 on routes learned from ISP A.
Use a policy to change the local preference value to be higher than 100 on routes learned from ISP A.
Use a policy to change the MED value to be higher than 0 on routes learned from ISP B.
Correct Answer: C
Section: Volume E
Explanation
QUESTION 474
Your network has multiple BGP connections to your ISP's edge router. You are asked to influence which router is used by traffic entering your network without asking the
ISP to make changes in their network.
Which attribute should be used?
A.
B.
C.
D.
local preference
MED
community
aggregator
Correct Answer: B
Section: Volume E
Explanation
QUESTION 475
Your network has multiple BGP connections to your ISP's edge router. You are asked to influence which router is used by traffic entering your network without asking the
ISP to make changes in their network.
Which attribute should be used?
A.
B.
C.
D.
local preference
origin
community
aggregator
Correct Answer: B
Section: Volume E
Explanation
QUESTION 476
You have recently configured EBGP on R1 using the ge-0/0/2 interface. You notice that the EBGP-learned routes are present on R1 but these routes are not present in
the routing tables on any of the other IBGP peers. During your investigation, you notice that the routes on the other IBGP peers are hidden.
What are two solutions to this problem? (Choose two.)
A. Use an import policy on R1 to change the next hop of the EBGP-learned routes before advertising them to the IBGP peers.
B. Include the ge-0/0/2 interface as passive in R1's IGP configuration.
C. Use an export policy on R1 to change the next hop of the EBGP-learned routes before advertising them to the IBGP peers.
D. Include the IBGP-facing interfaces as passive in R1's IGP configuration.

Correct Answer: BC
Section: Volume E
Explanation
QUESTION 477
You want to establish an EBGP peering session with the loopback IP address of your peer router.
Which BGP parameter must be used to accomplish this task?
A.
B.
C.
D.
multihop
multipath
local-interface
local-as
Correct Answer: A
Section: Volume E
Explanation
QUESTION 478
You are advertising your network's assigned prefixes to two upstream ISPs using BGP. You want incoming traffic to prefer ISP-A over ISP-B.
Which action would you take to accomplish this task?
A.
B.
C.
D.
Set a higher local preference on the prefixes you announce to ISP-A.

Using a routing policy, prepend your ASN information to the AS path attribute on prefixes you announce to ISP-B.
Using a routing policy, prepend your ASN information to the AS path attribute on prefixes you announce to ISP-A.
Set the MED value lower on prefixes you announce to ISP-A.
Correct Answer: B
Section: Volume E
Explanation
QUESTION 479
Which set of BGP attributes is preferred by the Junos OS?
A. MED. 100
AS path: 65512 65512 65512
Local preferencE. 100
Origin: I
B. MED. 50
AS path: 65512 65512 65512
Origin: E
C. MED. 100
AS path: 65512 65512 65512 65512
Origin: I
D. MED. 50
AS path: 65512 65512 65512
Origin: E
Correct Answer: A
Section: Volume E
Explanation
QUESTION 480
Which three statements are true regarding BGP peers? (Choose three.)
A.
B.
C.
D.
E.
BGP peers can reside in the same AS or different ASs.

BGP peers on the same router must all use the same peer AS number.
External BGP peers have a default TTL value of 1.
External BGP peers will always accept the AS path, origin, and next-hop attributes from their neighbors.
Internal BGP routers will propagate IBGP learned routes to other IBGP peers by default.
Correct Answer: ACD

Section: Volume E
Explanation
QUESTION 481
What is the correct sequence of the BGP route selection process?
A. local preference, AS path, origin, MED, EBGP over IBGP, IGP metric cost, peer ID
B. local preference, AS path, MED, origin, EBGP over IBGP, IGP metric cost, peer ID
C. local preference, AS path, origin, MED, IGP metric cost, EBGP over IBGP, peer ID
D. local preference, origin, AS path, MED, EBGP over IBGP, IGP metric cost, peer ID
Correct Answer: A
Section: Volume E
Explanation
QUESTION 482
Your ISP reports that you are being sent a route prefix but you cannot see it in your routing table.
Which two commands will help? (Choose two.)
A.
B.
C.
D.
show route advertising-protocol bgp

show route detail
show route protocol bgp hidden
show route receive-protocol bgp
Correct Answer: CD
Section: Volume E
Explanation
QUESTION 483
-- Exhibit -[edit]
user@router# commit
[edit protocols]
'bgp'
Error in neighbor 172.27.1.4 of group ebgp:
must define local autonomous system when enabling BGP
error: configuration check-out failed
-- Exhibit --
You are configuring BGP on a new router. While attempting to commit the configuration, you receive the error shown in the exhibit.
What must be done to allow the commit to complete?
A.
B.
C.
D.
Configure the autonomous-system parameter at the [edit forwarding-options] hierarchy.

Configure the autonomous-system parameter at the [edit routing-options] hierarchy.
Configure the autonomous-system parameter at the [edit protocols bgp group ebgp] hierarchy.
Configure the autonomous-system parameter at the [edit protocols bgp] hierarchy.
Correct Answer: B
Section: Volume E
Explanation
QUESTION 484
-- Exhibit
-- Exhibit --
You recently configured a new EBGP peering from R1 to your ISP. You are asked to determine which BGP routes are being advertised from R1 to this new EBGP
neighbor.
Referring to the exhibit, which command is used to verify this information on R1?
A.
B.
C.
D.
show route export

show route receive-protocol bgp 172.27.0.2
show route protocol bgp
Correct Answer: D
Section: Volume E
Explanation
QUESTION 485
You must verify whether the prefix 172.28.102.0/24 has been advertised by BGP peer 172.18.1.1 and accepted into the routing table.
Which command would you use to accomplish this task?
A.
B.
C.
D.

show route protocol bgp 172.28.102.0/24
show route summary
Correct Answer: C
Section: Volume E
Explanation
QUESTION 486
Prefix 172.28.102.0/24 has been advertised by BGP peer 172.18.1.1. You must verify that it has been received by your Junos device before a policy has been applied.
Which command would you use?
A.
B.
C.
D.

show route protocol bgp 172.28.102.0/24
show route summary
Correct Answer: B
Section: Volume E
Explanation
QUESTION 487
You are asked to identify a tunneling solution between two remote sites and are considering GRE and IP-IP tunnels to meet the requirement.
Which two statements describe the differences between the proposed solutions? (Choose two.)
A.
B.
C.
D.
Traffic forwarded through an IP-IP tunnel includes additional overhead when compared to traffic flowing over a GRE tunnel.
Traffic forwarded through a GRE tunnel includes additional overhead when compared to traffic flowing over an IP-IP tunnel.
IP-IP tunnels support non-IP traffic.
GRE tunnels support non-IP traffic.
Correct Answer: BD
Section: Volume E
Explanation
QUESTION 488
You are asked to deploy a GRE tunnel between two remote sites.
Which two statements are correct? (Choose two.)
A.
B.
C.
D.
The tunnel endpoints must have tunnel interfaces to encapsulate the transported packets.
The tunnel endpoints must have tunnel interfaces to encrypt the transported packets.
All intermediate routers between the tunnel endpoints must have GRE transport support enabled.
All intermediate routers between the tunnel endpoints must have a route to the tunnel endpoints.
Correct Answer: AD
Section: Volume E
Explanation
QUESTION 489
You have deployed a GRE tunnel between Site A and Site B. The tunnel interfaces are up on both tunnel endpoints but traffic is not being passed between the remote
sites.
Which two reasons would cause this problem? (Choose two.)
A.
B.
C.
D.
The intermediate routers between the tunnel endpoints do not have GRE transport enabled.
The intermediate routers between the tunnel endpoints do not have routes to both tunnel endpoints.
The tunnel endpoints do not have import policies redistributing routes out of the tunnel.
The tunnel endpoints do not have the required routes directing traffic into the tunnel.
Correct Answer: BD
Section: Volume E
Explanation
QUESTION 490
You have configured a GRE tunnel between two remote sites. This tunnel will be used to pass traffic using RFC 1918 addressing over the Internet. You have verified that
the tunnel interface is up on both endpoints and see the output shown below:
user@router> show interfaces gr-0/0/0.0 terse
Interface
Admin Link Proto Local
gr-0/0/0.0
up up
Remote
Traffic between the remote sites is not being passed over this tunnel.
Which action would resolve this problem?
A.
B.
C.
D.
You must use an IP-IP tunnel to support traffic using RFC 1918 addressing.
You must use NAT to translate the private addresses to a public address.
You must enable path MTU to ensure packets are properly fragmented.
You must enable the inet protocol family on the GRE interfaces.
Correct Answer: D
Section: Volume E
Explanation
QUESTION 491
Which two statements are true about RTG? (Choose two.)
A.
B.
C.
D.
RTG can be used as a replacement for STP.

Both active and backup links forward traffic.
RTG is based on the 802.1Q standard.
You only need to configure RTG on one side of the link.
Correct Answer: AD
Section: Volume E
Explanation
QUESTION 492
Which two steps must be performed to carry out a unified ISSU on an EX Series Virtual Chassis? (Choose two.)
A.
B.
C.
D.
Enable GRES and NSR, then verify that the Routing Engines are synchronized.
Download the new software package and copy it to both Routing Engines before the upgrade.
Verify that the master and backup Routing Engines are running the same software version.
Shut down the backup Routing Engine before the upgrade.
Correct Answer: AC
Section: Volume E
Explanation
QUESTION 493
You are asked to deploy graceful restart in your OSPF network.
What are two requirements to accomplish this task? (Choose two.)
A.
B.
C.
D.
All routers must have restarting and helper modes enabled.

All routers must have redundant Routing Engines with graceful Routing Engine switchover (GRES) enabled.
All routers must be configured for nonstop routing.
All routers must support nonstop forwarding.
Correct Answer: AD
Section: Volume E
Explanation
QUESTION 494
What are two benefits of the Bidirectional Forwarding Detection (BFD) protocol? (Choose two.)
A.
B.
C.
D.
Reduces the processing overhead for protocols that support BFD.

Reduces initialization overhead for protocols that support BFD.
Provides a common method for managing timers for the supported protocols.
Provides protocols with an efficient detection method when establishing forwarding paths.
Correct Answer: AC
Section: Volume E
Explanation
QUESTION 495
You are asked to identify a high availability solution for your core routers and are debating between using GRES as a standalone solution or NSR.
What are two primary differences between the two solutions? (Choose two.)
A.
B.
C.
D.
GRES allows an RE mastership change to occur without alerting peers of the change.
NSR allows an RE mastership change to occur without alerting peers of the change.
GRES works with graceful restart.
NSR works with graceful restart.
Correct Answer: BC
Section: Volume E
Explanation
QUESTION 496
user@switch> show virtual-chassis status
Virtual Chassis ID. dd7e.1747.4783
Virtual Chassis ModE. Enabled
Mastership
Neighbor List
Member ID Status Serial No Model priority Role
ID Interface
0 (FPC 0) Prsnt BM0208105168 ex4200-24t
255 Master*
1 (FPC 1) NotPrsnt BM0208124231 ex4200-24t
Member ID for next new member: 2 (FPC 2)
-- Exhibit --
Referring to the output shown in the exhibit, which two statements are true? (Choose two.)
A.
B.
C.
D.
The GbE interfaces associated with the device would use the ge-0/0/x naming format.
The GbE interfaces associated with the device would use the ge-1/0/x naming format.
If a new member is added to this Virtual Chassis, it would assume the Routing Engine role.
If a new member is added to this Virtual Chassis, it would assume the line card role.
Correct Answer: AC
Section: Volume E
Explanation
QUESTION 497
user@switch> show virtual-chassis status
Virtual Chassis ID. dd7e.1747.4783
Virtual Chassis ModE. Enabled
Mastership
Neighbor List
Member ID Status Serial No Model priority Role
ID Interface
0 (FPC 0) Prsnt BM0208105168 ex4200-24t
255 Master*
1 (FPC 1) NotPrsnt BM0208124231 ex4200-24t
Member ID for next new member: 2 (FPC 2)
-- Exhibit --
Referring to the exhibit, which two statements are correct? (Choose two.)
A.
B.
C.
D.
This Virtual Chassis is formed through a preprovisioned configuration.

This Virtual Chassis is formed using the dynamic configuration process.
If member 1 returns to operation within this Virtual Chassis, it will retain member ID 1.
If member 1 returns to operation within this Virtual Chassis, it will receive member ID 2.
Correct Answer: BC
Section: Volume E
Explanation
QUESTION 498
-- Exhibit -[edit]
user@R1# show interfaces ge-0/0/1
unit 0 {
family inet {
address 10.10.10.1/24 {
vrrp-group 10 {
priority 254;
}
}
}
}
[edit]
user@R2# show interfaces ge-0/0/1
unit 0 {
family inet {
address 10.10.10.2/24 {
vrrp-group 10 {
priority 1;
}
}
}
}
-- Exhibit --
Using the configuration details shown in the exhibit, which two statements are true? (Choose two.)
A.
B.
C.
D.
R1 will become the master VRRP router.

R2 will become the master VRRP router.
If the elected master VRRP router fails, and then returns to an operational state, it will return to the master VRRP router role.
If the elected master VRRP router fails, and then returns to an operational state, it will assume the backup VRRP router role.
Correct Answer: AC
Section: Volume E
Explanation
QUESTION 499
Which mechanism is used to share routes between routing tables?
A.
B.
C.
D.
routing instances
forwarding instances
RIB groups
Correct Answer: AD
Section: Volume E
Explanation
QUESTION 500
Depending on the link type, OSPF sends link state update packets to which two addresses (Choose two.)
A.
B.
C.
D.
224.0.0.6
224.0.0.5
224.0.0.8
224.0.0.9
Correct Answer: AB
Section: Volume E
Explanation
QUESTION 501
The exhibit shows that Host-1 and Host-2 are attached to the switch and associated with RVI vlan.1. However, traffic sent from Host-1 to Host-2 is not blocked as
expected.
Why is this problem occurring?
A.
B.
C.
D.
Intra-VLAN traffic cannot blocked by a router-based filter.

The Block-Host-2 term does not contain the MAC address of Host-2.
The block-host filter is applied in the wrong direction of the vlan.1 interface.
Inter-VLAN traffic cannot blocked by a router-based filter.
Correct Answer: C
Section: Volume E
Explanation
QUESTION 502
Referring to the exhibit, Router-1 is receiving BGP routes from Router-2. These BGP routes should be passed from Router-1 to Router-3. However, the 172.16.20.4/30
route is not being passed on to Router-3.
Why is this problem occurring?
A.
B.
C.
D.
The 172.16.20.4/30 route has an unusable next hop on Router-1.

The keep-all statement is not configured on Router-3.
The import policy on Router-3 is configured incorrectly.
The 172.16.20.4/30 route is not active on Router-1.
Correct Answer: D
Section: Volume E
Explanation
QUESTION 503
What information is included in the DHCP snooping database? (Choose two.)
A.
B.
C.
D.
VLAN
DHCP server address
DHCP options
client MAC address
Correct Answer: AD
Section: Volume E
Explanation
QUESTION 504
Which two port security features are dependent on the DHCP snooping database? (Choose two.)
A.
B.
C.
D.
IP source guard
MAC limiting
dynamic ARP inspection
storm control
Correct Answer: AC
Section: Volume E
Explanation
QUESTION 505
Which two statements about RSTP are correct? (Choose two.)
A.
B.
C.
D.
RSTP permits multiple root bridges within a Layer 2 domain.

RSTP permits only a single root bridge within a Layer 2 domain.
RSTP is backwards compatible with STP.
RSTP is not backwards compatible with STP.
Correct Answer: BC
Section: Volume E
Explanation
QUESTION 506
Which two statements are correct regarding the default behavior of an EX Series switch? (Choose two.)
A.
B.
C.
D.
All interfaces are set as access ports.

No interfaces are assigned to a VLAN
All interfaces are set as trunk ports.
All interfaces are members of the default VLAN.
Correct Answer: BD
Section: Volume E
Explanation
QUESTION 507
A.
B.
C.
D.
aggregate
static
martian
generate
Correct Answer: A
Section: Volume E
Explanation
QUESTION 508
Which statement about IS-IS adjacencies is true?
A.
B.
C.
D.
Adjacency formation between Level 1 routers must have the same area ID.
Adjacency formation between Level 2 routers must have different area IDs.
Adjacency formation between Level 1 routers must have different area IDs.
Adjacency formation between Level 2 routers must have the same area ID.
Correct Answer: A
Section: Volume E
Explanation
QUESTION 509
You configured a GRE tunnel that traverses a path using default MTU settings. You want to ensure that packets are not dropped or fragmented.
In this scenario, what is the maximum packet size that would traverse the GRE tunnel?
A.
B.
C.
D.
1524
1500
1476
1400
Correct Answer: C
Section: Volume E
Explanation
QUESTION 510
A.
B.
C.
D.
generate
static
martian
aggregate
Correct Answer: D
Section: Volume E
Explanation
QUESTION 511
What are two methods reducing the size of an OSPF link-state database? (Choose two.)
A.
B.
C.
D.
Use identical link metrics where possible.

Use stub areas where possible.
Use unique router IDs where possible.
Use point-to-point interface types where possible.
Correct Answer: BD
Section: Volume E
Explanation
QUESTION 512
A routing table contains multiple BGP routes to the same destination prefix. The route preference is the same for each route. Referring to the exhibit, which route would be
selected?
Route
A
B
C
D
A.
B.
C.
D.
route A
route D
route B
route C
Correct Answer: C
Section: Volume E
MED
10
0
20
10
Origin Code
I
?
E
I
Local Preference
50
150
100
50
Explanation
QUESTION 513
Which states indicates that the BGP session is fully converged?
A.
B.
C.
D.
Connect
Active
Established
Up
Correct Answer: C
Section: Volume E
Explanation
QUESTION 514
What are three RSTP port states? (Choose three.)
A.
B.
C.
D.
E.
discarding
forwarding
learning
listening
blocking
Correct Answer: ABC

Section: Volume E
Explanation
QUESTION 515
Referring to exhibit, which configuration change is need for an IS-IS Level 1 adjacency between R1 and R2?
user@R1# show interfaces lo0
unit 0 {
family inet {
address 10.42.0.1/32;
}
family iso {
address 49.0002.0010.0042.0001.00;
}
}
user@R1# show protocols isis
level 2 disable;
}
interface 1o0.0;
user@R2# show interfaces lo0
unit 0 {
family inet {
address 10.42.0.2/32;
}
family iso {
address 49.0001.0010.0042.0002.00;
}
}
user@R2# top shows protocols isis
interface lo0;
A.
B.
C.
D.
Enable Level 2 on R1s ge-0/0/1 interface.

Disable Level 2 on R2s ge-0/0/1 interface.
Configure the lo0 family ISO address 49.0002.0010.0042.0002.00 on R2.
Configure the lo0 family ISO address 49.0002.0010.0042.0002.00 on R1.
Correct Answer: D
Section: Volume E
Explanation
QUESTION 516
Which two prefixes are martian routes by default? (Choose two.)
A.
B.
C.
D.
192.0.0.0/24
127.0.0.0/8
192.0.0.0/16
127.0.0.0/16
Correct Answer: AB
Section: Volume E
Explanation
QUESTION 517
Which two statements are true about STP port states? (Choose two.)
A.
B.
C.
D.
A port that has been administratively disabled under the STP protocol drops all BPDUs.
A port that has been administratively disabled under the STP protocol floods all BPDUs.
In the listening state, the port forwards all data packets.
In the listening state, the port drops all data packets.
Correct Answer: AC
Section: Volume E
Explanation
QUESTION 518
Referring to the exhibit, which router becomes the OSFP DR when all routers are powered on at the same time?
A.
B.
C.
D.
R4
R3
R2
R1
Correct Answer: C
Section: Volume E
Explanation
QUESTION 519
Which device is used to separate collision domains?
A. switch
B. router
C. hub
D. firewall
Correct Answer: A
Section: Volume E
Explanation
QUESTION 520
You notice that there are currently two MAC addresses associated with a single access port in the bridge table on one of your EX Series switches.
What are two explanations for this behavior? (Choose two.)
A.
B.
C.
D.
The access port connects to an IP phone which connects to a host device.

The native VLAN feature has been associated with the access port.
The mac-move-limit feature has been disabled on the access port.
The access port connects to multiple hosts through a rogue device.
Correct Answer: AD
Section: Volume E
Explanation
QUESTION 521
A number of reports from end-users indicate that internal and external communications are intermittent and not reliable. You verified the status of the switch ports and
have determined that that they are up and operational. You also noticed a very high level of link bandwidth utilization on those same ports.
The current topology of the affected environment is shown in the exhibit.
What would be the cause of the reported issues?
A.
B.
C.
D.
A lack of port-based ACLs filtering the traffic flows.

A misconfigured interior gateway protocol (IGP).
A lack of loop-prevention mechanism or protocol.
A malformed route-based ACL improperly filtering traffic flows.
Correct Answer: C
Section: Volume E
Explanation
QUESTION 522
Referring to the exhibit, you are asked to ensure that host-1 can communicate with host-3 while also allowing hosy-2 to communicate with host-4. What should you do to
enable this behavior?
A.
B.
C.
D.
Use the all keyword when defining the member VLANs for the ge-0/0/1 interface on both Switch-1 and Switch-2.
Configure the native-vlan-id default statement under the ge-0/0/1 port settings on both Switch-1 and Switch-2.
Use the all keyword when defining the member VLANs for the ge-0/0/1 interface on Switch-1.
Configure the native-vlan-id default statement under the ge-0/0/1 port settings on Switch-1.
Correct Answer: A
Section: Volume E
Explanation
QUESTION 523
Which two sequences correctly describe the correct processing order of firewall filters on an EX Series switch? (Choose two.)
A.
B.
C.
D.
receive packet > port filter > VLAN filter > router filter
receive packet > router filter > VLAN filter > port filter
port filter > VLAN filter > router filter > transmit packet
router filter > VLAN filter > port filter > transmit packet
Correct Answer: AC
Section: Volume E
Explanation
QUESTION 524
Which three statements are correct about the voice VLAN feature? (Choose three.)
A.
B.
C.
D.
E.
It can be used with LLDP-MED to dynamically assign the VLAN ID value to IP phones.
It must use the same VLAN ID as data traffic on a defined interface.
It allows you to apply independent CoS actions to data and voice packets.
It allows trunk ports to accept tagged voice and untagged data packets.
It allows the access port to accept tagged voice and untagged data packets.
Correct Answer: ACE

Section: Volume E
Explanation
QUESTION 525
What are three extended BGP communities? (Choose three.)
A.
B.
C.
D.
E.
target:65000:65000
domain-id:192.168.1.1:155
172.16.90.100:888
extend:454:350
origin:172.16.100.100:100
Correct Answer: ABE

Section: Volume E
Explanation
QUESTION 526
How many bytes of overhead does the GRE header and outer IP header add to a packet?
A.
B.
C.
D.
24 bytes
28 bytes
20 bytes
14 bytes
Correct Answer: B
Section: Volume E
Explanation
QUESTION 527
Based on the output shown in the exhibit, which statement is correct?
A.
B.
C.
D.
The ge-0/0/9 interface is using the default priority value.

This switch has a bridge priority of 32k.
This switch has been elected as the root bridge.
The ge-0/0/15 interface is using the default port cost.
Correct Answer: C
Section: Volume E
Explanation
QUESTION 528
What would be used to combine multiple switches into a single management platform?
A.
B.
C.
D.
redundant trunk groups

Virtual Chassis
graceful Routing Engine switchover
Virtual Router Redundancy protocol
Correct Answer: B
Section: Volume E
Explanation
QUESTION 529
Which three statements are true when determining the master VRRP router? (Choose three.)
A.
B.
C.
D.
E.
The lower priority is preferred.

The highest primary address is preferred if the priority is the same.
The router with preempt configured is the master.
The higher priority is preferred.
The router with the same primary and virtual address is the master.
Correct Answer: BCD

Section: Volume E
Explanation
QUESTION 530
What is reviewed first in the BGP route selection process?
A.
B.
C.
D.
the peer with the lowest IP address

the route with an origin of incomplete
the path with no MED value
the next-hop resolution
Correct Answer: D
Section: Volume E
Explanation
QUESTION 531
Which two statements are correct about redundant trunk groups on EX Series switches? (Choose two.)
A.
B.
C.
D.
If the active link fails, then the secondary link automatically takes over.
Layer 2 control traffic is permitted on the secondary link.
Redundant trunk groups load balance traffic across two designated uplink interfaces.
Redundant trunk groups use spanning tree to provide loop-free redundant uplinks.
Correct Answer: AB
Section: Volume E
Explanation
QUESTION 532
Which protocol prevents loops and calculates the best path through a switched network that contains redundant paths?
A.
B.
C.
D.
VRRP
STP
DHCP
IS-IS
Correct Answer: B
Section: Volume E
Explanation
QUESTION 533
In the exhibit, each IP subnet in the campus environment is associated with a unique VLAN ID.
Which action will ensure that Host C will communicate with Host A and Host B?
A.
B.
C.
D.
Configure all switch ports connecting to the host devices as access ports associated with a common VLAN.
Configure a routed VLAN interface for each VLAN and associate it with its corresponding VLAN.
Configure a port-based ACL that permits inter-VLAN routing for all configured VLANs
Configure all switch ports connecting to the host devices as trunk ports associated with all VLANs.
Correct Answer: A
Section: Volume E
Explanation
QUESTION 534
Router-1 and Router-2 need to connect through the Internet using a tunneling technology. Hosts that are connected to Router-1 and Router-2 will be sending traffic up to
1500 bytes. The maximum segment size that is supported across the path is 1520 bytes.
Which tunneling technology will allow this communication to take place?
A. IPsec VPN tunnel mode
B. IPsec VPN transport mode

C. IP-IP tunnel
D. GRE tunnel
Correct Answer: C
Section: Volume E
Explanation
QUESTION 535
Which two statements are correct about generated routes? (Choose two.)
A.
B.
C.
D.
Contributing routes must have a valid forwarding next hop on the local device.
Contributing routes must have a valid forwarding next hop other than the local device.
Generated routes require more than one contributing route.
Generated routes require at least one contributing route.
Correct Answer: BD
Section: Volume E
Explanation
QUESTION 536
Host-1 was recently added in the network and is attached to ge-0/0/10 on Switch A. Host-1 is powered on and has its interface configured with default Layer 2 settings and
an IP address on the 172.17.12.0/24 IP subnet. Host-1s MAC address is not shown in Switch-As bridging table.
What are three explanations for this state? (Choose three.)
A.
B.
C.
D.
E.
The ge-0/0/10 interface is not operationally or administratively up.

The ge-0/0/10 interface has not received any traffic from Host-1.
The ge-0/0/10 interface is configured as an access port.
The ge-0/0/10 interface is configured as a trunk port.
The ge-0/0/10 interface does not have an associated RVI.
Correct Answer: ABD

Section: Volume E
Explanation
QUESTION 537
Which two statements are true about OSPF not-so-stubby areas? (Choose two.)
A.
B.
C.
D.
The ASBR originates Type 7 LSAs for redistributed external routes.

Type 7 LSAs are translated by the ABR into Type 5 LSAs.
The ASBR originates Type 5 LSAs for redistributed external routes.
Type 5 LSAs are translated by the ABR into Type 7 LSAs.
Correct Answer: AB
Section: Volume E
Explanation
QUESTION 538
If an EX Series switch receives a frame with a known destination MAC address, what is the expected behavior?
A.
B.
C.
D.
The frame is sent out all ports assigned to all configured VLANs except the ingress port on which the frame was received.
The frame is sent out all ports assigned to the associated VLANs except the ingress port on which the frame was received.
The frame is sent out all trunk ports associated with the ingress VLANs regardless of whether a matching MAC address was found in the bridge table.
The frame is sent out the egress port with a matching destination MAC address within the bridge table associated with the ingress VLAN.
Correct Answer: D
Section: Volume E
Explanation
QUESTION 539
Referring to the exhibit, Router-1 and Router-2 are failing to form an IS-IS adjacency.
What should you do to solve problems?
[edit]
user@Router-1# show
ge-0/0/0 {
unit 0 {
family inet
address
}
}
}
ge-0/0/2 {
unit 0 {
family inet
address
}
interfaces
{
10.10.10.33/24;
{
10.1.0.254/24;
family iso {
address 49.0003.0192.0168.0113.00;
}
}
}
lo0 {
unit 0 {
family inet {
address 192.168.1.11/32;
}
family iso {
address 49.0002.0192.0168.0111.00;
}
}
}
[edit]
user@Router-1# show protocols
isis {
overload;
level 2 disable;
interface all;
}
[edit]
user@Router-2# show interfaces
ge-0/0/0 {
unit 0 {
family inet {
address 10.10.10.34/24;
}
}
}
ge-0/0/2 {
unit 0 {
family inet {
address 10.1.0.1/16;
}
family iso;
}
}
lo0 {
unit 0 {
family inet {
address 192.168.1.12/32;
}
family iso {
address 49.0001.0192.0168.0112.00;
}
}
}
[edit]
user@Router-2# show protocols
isis {
interface all;
}
A.
B.
C.
D.
Remove the overloaded statement from Router-1.

Change the IP subnet masks to match on the ge-0/0/2 interfaces of both routers.
Remove the ISO address from ge-0/0/2 on Router-1.
Change the ISO areas on the Io0 interfaces to match on both routers.
Correct Answer: D
Section: Volume E
Explanation
QUESTION 540
Which static route next-hop value indicates that the packet will be silently dropped?
A.
B.
C.
D.
resolve
discard
reject
next-table
Correct Answer: B
Section: Volume E
Explanation
QUESTION 541
What are two types of IS-IS PDUs? (Choose two.)
A.
B.
C.
D.
open PDU
VRF PDU
hello PDU
link-state PDU
Correct Answer: CD
Section: Volume E
Explanation
QUESTION 542
Given the information shown in the exhibit, what was used to determine mastership?
A.
B.
C.
D.
member uptime
highest serial number
manually assigned role
manually assigned priority
Correct Answer: C
Section: Volume E
Explanation
QUESTION 543
Referring to the exhibit, what is the problem?
user@switch> show interfaces ae0
error: device ae0 not found
user@switch> show configuration
chassis {
nssu;
}
interfaces {
ge-0/0/3 {
ether-options {
802.3ad ae0;
}
}
ge-1/0/4 {
ether-options {
802.3ad ae0;
}
}
ae0 {
unit 0 {
vlan {
members default;
}
}
}
}
}
vlans {
default {
vlan-id 1;
}
}
A.
B.
C.
D.
Aggregated interfaces must be defined under the chassis stanza.

LACP is required for LAG to work.
The LAG member interfaces are configured across different line cards.
LAG requires more than two member links.
Correct Answer: A
Section: Volume E
Explanation
QUESTION 544
An OSPF hello packet has been sent, but bidirectional communication has not been established.
What is the state of the OSPF adjacency?
A.
B.
C.
D.
Exchange
Loading
Init
Down
Correct Answer: C
Section: Volume E
Explanation
QUESTION 545
Referring to the exhibit, which two statements are true?
[edit protocols bgp]
user@router# show
export policyA;
group isp-peers {
type external;
export policyC;
local-as 7029;
neighbor 192.168.200.1 {
peer-as 709;
}
}
group ibgp-peers {
type internal;
export policyB;
cluster 1.1.1.1;
neighbor 10.0.0.2 {
export policyD;
}
neighbor 10.0.0.3 {
export policyD;
neighbor 10.0.0.4;
}
A.
B.
C.
D.
The policyB routing policy is used by neighbor 10.0.0.4

The policyD routing policy is the only policy used by neighbor 10.0.0.2
The policyA routing policy takes precedence over all other policies
No policy is used for neighbor 10.0.0.4
Correct Answer: BD
Section: Volume E
Explanation
QUESTION 546
An EBGP session sources its TCP connection from which IP address?
A.
B.
C.
D.
The IP address of the primary address assigned to the loopback interface.

The IP address assigned as the router ID.
The IP address of the interface that connects the two BGP speakers.
The IP address of the preferred address assigned to the loopback interface.
Correct Answer: C
Section: Volume E
Explanation
QUESTION 547
Which three link-specific fields must match between OSPF neighbors before they form an adjacency over a broadcast medium? (Choose three.)
A.
B.
C.
D.
E.
dead interval
options
neighbor
router priority
hello interval
Correct Answer: ABE

Section: Volume E
Explanation
QUESTION 548
What is the default keepalive time for BGP?
A. 30 seconds
B. 10 seconds
C. 90 seconds
D. 60 seconds
Correct Answer: A
Section: Volume E
Explanation
QUESTION 549
Referring to the exhibit, what does the asterisk (*) indicate?
A.
B.
C.
D.
This entry is new

This entry is stale
The router received this entry
The router originated this entry
Correct Answer: D
Section: Volume E
Explanation
QUESTION 550
You are notified that clients connected to your EX Series switch are not receiving IP addresses from the DHCP server. Based on the following diagram, what could be a
reason for this?
A.
B.
C.
D.
The DHCP servers ge-0/0/0 interface has not been configured as a trusted interface.
The dynamic ARP inspection feature needs to be enabled on the ge-0/0/0 interface.
The DHCP relay setting in the forwarding-options hierarchy has not been configured.
The location information is not being inserted into the DHCP option 82 requests.
Correct Answer: A
Section: Volume E
Explanation
QUESTION 551
Given the configuration shown in the exhibit, what will be the threshold for storm control?
user@switch# show ethernet-switching-options
storm-control {
interface all {
level 100;
}
}
A.
B.
C.
D.
100 pps (packets per second)

100% (percent of link bandwidth)
100 Mbps (megabits per second)
100 Kbps (kilobits per second)
Correct Answer: B
Section: Volume E
Explanation
QUESTION 552
Switch-1 in the exhibit receives a packet from User A with a destination MAC address of 00.26.88.02.74.47.
Which statement is correct in this scenario?
A.
B.
C.
D.
Switch-1 floods the packet out ge-0/0/7 and ge-0/0/8.

Switch-1 floods the packet out ge-0/0/6, ge-0/0/7, ge-0/0/8 and ge-0/0/9.
Switch-1 sends the packet out ge-0/0/7 only.
Switch-1 floods the packet out ge-0/0/7, ge-0/0/8 and ge-0/0/9.
Correct Answer: C
Section: Volume E
Explanation
QUESTION 553
Referring to the exhibit, which statement is correct?
{master: 0}
user@switch> show spanning-tree bridge
STP bridge parameters

Context ID
Enabled protocol
Root ID
8192.50:c5:8d:ae:db:41
Root cost
Root port
Hello time
Maximum age
Forward delay
Message age
Number of topology changes
Time since last topology change
Topology change initiator
Topology change last recvd. From
2c:6b:f5:31:06:0e
Local parameters
Bridge ID
32768.50:c5:8d:ae:bd:41
Extended system ID
Internal instance ID
A.
B.
C.
D.
: 0
: RSTP
:
:40000
:ge-0/0/14.0
:2 seconds
:40 seconds
:30 seconds
:4
:1
: 64 seconds
: ge-0/0/14.0
:
:
:0
:0
This device is the root bridge.

This spanning tree session has timed out.
The bridge priority on the root device is set to 8k.
The local bridge priority is set to 8k.
Correct Answer: D
Section: Volume E
Explanation
QUESTION 554
Based on the output shown in the exhibit, which statement is correct?
user@router> show ospf neighbor
Address
Interface
ID
Rri
Dead
172.16.248.214
xe-0/0/2.0
172.16.248.14
128
A.
B.
C.
D.
State
2-Way
39
The router is acting as the BDR.

The router is acting as the DR.
The router is not able to establish an adjacency.
The router is acting as a DROther.
Correct Answer: D
Section: Volume E
Explanation
QUESTION 555
Which protocol supports tunneling of non-IP traffic?
A.
B.
C.
D.
SSH
IPsec
IP-IP
GRE
Correct Answer: D
Section: Volume E
Explanation
QUESTION 556
What are two benefits of 802.3ad link aggregation? (Choose two.)
A.
B.
C.
D.
It ensures symmetrical paths.

It simplifies interface configuration.
It creates physical layer redundancy
In increases bandwidth
Correct Answer: CD
Section: Volume E
Explanation
QUESTION 557
Which OSPF packet type is sent when an OSPF router detects its database is stale?
A.
B.
C.
D.
link-state request
database description
hello
link-state acknowledgment
Correct Answer: A
Section: Volume E
Explanation
QUESTION 558
Which two statements are correct about DIS election in IS-IS? (Choose two.)
A.
B.
C.
D.
If there is a priority tie, the router with the lowest subnet or MAC address is selected.
The router with the highest priority is selected as the DIS
If there is a priority tie, the router with the highest subnet or MAC address is selected
The router with the lowest priority is selected as the DIS.
Correct Answer: BC
Section: Volume E
Explanation
QUESTION 559
Which two statements are true about a unified ISSU? (Choose two.)
A.
B.
C.
D.
It requires that Bidirectional Forwarding Detection be disabled.

It requires that graceful Routing Engine switchover be enabled.
It is only supported on platforms with redundant control planes.
It is only supported on platforms with redundant power supplies.
Correct Answer: BC
Section: Volume E
Explanation
QUESTION 560
Referring to the exhibit, which statement is true?
A.
B.
C.
D.
R4 is elected as the DR
R3 and R4 have and adjacency state of Full
R1 and R2 are elected as DROthers
R3 has the complete OSPF database
Correct Answer: D
Section: Volume E
Explanation
QUESTION 561
Referring to the exhibit, what does the asterisk (*)following the ge-0/0/12.0 interface indicate?
A.
B.
C.
D.
It indicates the interface is active.

It indicates the interface is not active.
It indicates the interface is a trunk port.
It indicates the interface is an access port.
Correct Answer: A
Section: Volume E
Explanation
QUESTION 562
Your router is configured to peer with your ISPs router using BGP. You can only control your BGP configuration.
user@router> show bgp neighbor 192.168.200.2
Peer: 192.168.200.2+179 AS 11685 Local:
192.168.200.1+49469 AS 7029
Type: External
State: Established
Flags:
<ImportEval Sync>
Last State: OpenConfirm Last Event:
RecvKeepAlive
Last Error: None
Options: <Preference AddreesFamily PeerAS
LocalAS Rib-Group Refresh>
Addres families configured: inet-unicast inetvpn-unicast 12-vpn-signaling
Holdtime: 90 Preference: 170 Local AS: 7029
Local System AS: 0
Number of flaps: 0
Peer ID: 10.8.241.31
Local ID: 10.8.241.30
Active Holdtime: 90
Keepalive Interval: 30
Group Index: 0
Peer Index: 0
BFD: disabled, down
Local Interface: xe-0/2/3.0
NLRI for restart configured on peer: inetunicast inet-vpn-unicast 12-vpn
NLRI advertised by peer: inet-unicast
NLRI for this session: inet-unicast
Peer supports Refresh capability (2)
State routes from peer are kept for: 300
Peer does not support Restarter functionality
NLRI that restart is negotiated for: inetunicast
NLRI of received end-of-rib markers: inetunicast
NLRI of all end-of-rib markers sent: inetunicast
Peer supports 4 byte AS extension (peer-as
11685)
Peer does not support Addpath
Table inet.0 Bit: 10000
RIB State: BGP restart is complete
Send state: in sync
Active prefixes:
0
Received prefixes:
0
Accepted prefixes:
0
Suppressed due to damping:
0
Advertised prefixes:
0
Last traffic (seconds): Received 17
Sent 17
Checked 17
Input messages: Total 2
Updates 1
Refreshes 0
Octets 42
Output messages: Total 3
Updates 0
Refreshes 0
Octets 136
Output queue[0]: 0
Which address families are negotiated between the two BGP peers shown in the exhibit?
A.
B.
C.
D.
inet-unicast inet-vpn-unicast 12vpn-signaling

inet-unicast
inet-unicast inet-vpn-unicast 12vpn
inet-vpn-unicast
Correct Answer: B
Section: Volume E
Explanation
QUESTION 563
Which two statements are true about the root bridge election process? (Choose two.)
A.
B.
C.
D.
The highest root bridge identifier is preferred over lower root bridge identifiers.
The lowest root bridge priority is preferred over higher root bridge priorities.
The lowest root bridge identifier is preferred over higher root bridge identifiers.
The higher root bridge priority is preferred over lower root bridge priorities.
Correct Answer: BC
Section: Volume E
Explanation

JN0-343 563q

Загружено:

Сведения о документе

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

JN0-343 563q

Загружено:

Авторское право:

Доступные форматы

JN0-343.examcollection.premium.exam.

network protocols supported

per-flow load balancing

It withdraws routes that are no longer valid.

External LSAs are advertised in a stub area.

topology change notification

Routes learned through EBGP are advertised to IBGP peers.

Correct Answer: ABD

The port is placed in a loop-inconsistent role.

set protocols bgp local-as 65432

Configuration on both Routing Engines must be synchronized.

set interfaces ge-0/0/0.0 family iso level 2 enable

B. The redundant path has a different IGP metric.

The interface is configured as a trunk.

Down, Init, ExStart, 2way, Loading, Exchange, Full

local preference, AS path, origin, MED

Correct Answer: ADE

B. An aggregated interface can be a member of an RTG.

The router drops the packet.

show ethernet-switching table

the side with the higher IP address

GRE supports both IP traffic and non-IP traffic.

set interfaces ge-0/1/1.0 family ethernet-switching vlan members [Vlan10 Vlan11]

It performs a similar role to the designated router (DR) in OSPF.

show route details

first one learned

show route sent-routes bgp 172.16.1.1

MAC move limiting

B. clear spanning-tree blocking

LACP is enabled by default on aggregated Ethernet interfaces.

*[edit protocols bgp]*

It enables the LAN to forward non-IP traffic.

show system switchover on the master RE

The ABR with the highest RID.

The port with the highest port ID

show route protocol bgp <neighbor>

An RVI must be in an EX Series switch to enable routing between VLAN segments.

through the closest Level 1 router

What is the primary purpose of the LLDP-MED?

It learns the MAC address of the peer device.

Which statement is true about IS-IS PDUs?

Routers advertise all BGP-learned routes to all internal BGP neighbors.

It does not transition back.

It will use the default route.

Routes in a Level 2 area are advertised into Level 1 areas by default.

show isis interface

All level 2 PDUs are flooded to Level 1 by default.

the interfaces and neighbors of routers

vlan-filter input deny-telnet;

configuration of the RIB group

External LSAs are of Type 4.

Both voice and data traffic are tagged on ge-0/0/0.

unreachable next hop

Correct Answer: ABD

highest local preference

What is a requirement for link aggregation?

Member links must be on continuous ports.

router D's loopback address

Interfaces belonging to a VLAN

GRE can be used to tunnel non-IP protocols, such as IPX.

show bgp group

show isis database detail

set routing-options static route 0::/0 next-hop fec0:0:2003::2

[edit protocols bgp]