Juniper JN0-643
Enterprise Routing and Switching, Professional(JNCIP-ENT)
Version: 5.0
QUESTION NO: 1
A user complains about connectivity problems from their IP address (10.1.1.87) to a server(10.65.1.100).
Which Junos command can help verify connectivity in the network?
A. mroute B. traceoptions C. ping D. clear bgp neighbor
Answer: AExplanation:
QUESTION NO: 2
Port authentication falls back to Captive Portal.
In which two scenarios would the port authentication move back to 802.1X? (Choose two.)
A. if any MAC RADIUS request packet is received on the interface and if there are no sessions inauthenticated/authenticating state B. if Captive Portal is deactivated on the interface C. if the user gets logged out D. if the EAP packet is received on the interface and if there are no sessions inauthenticated/authenticating state
Answer: B,DExplanation:
QUESTION NO: 3
A network routes IPv4 traffic only. You want to add IPv6 to the network, but you must use a singleIGP for both IPv4 and IPv6 traffic.
Which protocol meets this requirement?
A. OSPFv2
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 2
B. BGPv4 C. ES-ISv1 D. OSPFv3
Answer: DExplanation:
QUESTION NO: 4
A Layer 2 forwarding loop occurred on your network during a scheduled maintenance period. Youmust prevent this behavior in the future.
Which protocol should you enable on the EX Series switch to address this condition in the future?
A. DVMRP B. L2TPv3 C. STP D. RSVP
Answer: DExplanation:
QUESTION NO: 5
You have implemented 802.1X authentication in your Layer 2 network and you have only a singleRADIUS server. You are asked to ensure that if the RADIUS server becomes unreachable or fails,users connected to the ge-0/0/0 port are still able to reach the Internet using a predefined guestVLAN.
Which command allows this access?
A. [edit] user@switch# set protocols dot1x authenticator interface ge-0/0/0.0 radius-fail vlan guest B. [edit] user@switch# set protocols dot1x authenticator interface ge-0/0/0.0 server-fail vlan-name guest C. [edit] user@switch# set protocols dot1x authenticator interface ge-0/0/0.0 auth-fail assign-vlan guest D. [edit] user@switch# set protocols dot1x authenticator interface ge-0/0/0.0 radius-fail assign guest
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 3
Answer: BExplanation:
QUESTION NO: 6
Which option is a valid IPv6 multicast address?
A. fe80::205:8640:471:3200/64 B. ::172.16.0.5/126 C. ff03:365:ba::23 D. ff01:cgfc:345::226:8ff:fee4:bf6f
Answer: CExplanation:
QUESTION NO: 7
A company is deploying a new 802.1X port-based security infrastructure to allow users to accessresources through wired Ethernet ports. However they recently deployed an RSA token-basedsystem for users to connect remotely. The network administrator wants to reuse the same securitydatabase for 802.1X port-based security.
Which 802.1X authentication protocol is required?
A. EAP-TLS B. LAN-PEAP C. RSA-EAP D. EAP-TTLS
Answer: DExplanation:
QUESTION NO: 8
Which protocol reachability is advertised by OSPFv2?
A. IPv4
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 4
B. IPv5 C. IPv6 D. ISO
Answer: DExplanation:
QUESTION NO: 9
You are AS 6573.
Which AS path regular expression matches only routes originated in your AS?
A. "6573.*" B. ".*" C. "{" D. "^$"
Answer: DExplanation:
QUESTION NO: 10
Voice traffic is coming in on UDP port 17689. This traffic must be classified into the expedited-forwarding forwarding class.
Which type of classifier is needed?
A. code point alias B. rewrite marker C. multifield D. behavior aggregate
Answer: CExplanation:
QUESTION NO: 11
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 5
Which three attributes must a BGP update contain? (Choose three.)
A. next-hop B. MED C. origin D. AS-path E. local preference
Answer: A,C,DExplanation:
QUESTION NO: 12
You must configure your access switch with more than 3000 VLANs and you want the ability toload-balance across them.
Which spanning-tree approach has the least impact on control-plane performance?
A. Configure your access switch with a load-balancing policy and apply it under [edit protocolsrstp]. B. Configure your access switch for Rapid-PVST+. C. Configure your access switch for MSTP, incorporating the use of MSTIs. D. Configure your access switch for both VSTP and RSTP.
Answer: CExplanation:
QUESTION NO: 13
You are implementing MSTP in your network.
Which three values must match on all switches within the MST region? (Choose three)
A. Context identifier B. Region name C. VLANs D. Revision E. Configuration manifest
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 6
Answer: B,C,DExplanation:
QUESTION NO: 14
You have been asked to implement a private VLAN with two community VLANs. This privateVLAN will be confined to a single switch in your Layer 2 network. This private VLAN, along withother VLANs configured on the switch, will require gateway services provided through a connectedrouter.
Which statement about this deployment is true?
A. All isolated ports must be configured as trunk ports. B. A minimum of one promiscuous trunk port is required. C. Both community VLANs must have an assigned VLAN IDs. D. A minimum of one private VLAN trunk port is required.
Answer: BExplanation:
QUESTION NO: 15
During the BGP route-resolution process, the Junos OS must calculate the appropriate next-hopbased on the BGP protocol next-hop attribute.
Which two routing tables are checked during this process in a default Junos configuration?(Choose two.)
A. inet.0 B. inet.1 C. inet.2 D. inet.3
Answer: A,DExplanation:
QUESTION NO: 16
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 7
You have a requirement for a device to provide 20 W of power over Ethernet.
What meets this requirement?
A. Bond two standard PoE ports together to achieve 30.8 W of power. B. Install an external redundant power supply in the switch to increase the total power load. C. Select a switch that has PoE+ support. D. Enable LLDP-MED to transfer power from other switches.
Answer: CExplanation:
QUESTION NO: 17
R1 has an OSPF adjacency with R2 over a point-to-point link.
Which three statements about the advertisements for this link in the Type 1 (Router) LSAgenerated by R1 are true? (Choose three.)
A. It has a value in the link ID field with R2's interface IP address. B. It has a value in the link ID field with R2's router ID. C. It has a link-type of point-to-point (Type 1). D. It has a link-type of Transit (Type 2). E. It has a link-type of stub (Type 3).
Answer: B,D,EExplanation:
QUESTION NO: 18
What is the significance of the multicast address range 224.0.0.1 through 224.0.0.254?
A. They have link-local scope. B. They have administrative region scope. C. They are reserved for future use. D. They have a scope of two or more hops from a router.
Answer: AExplanation:
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 8
ENRIQUEResaltado
ENRIQUEResaltado
ENRIQUEResaltado
QUESTION NO: 19
You must prioritize VoIP packets on your network.
Which feature will accomplish this goal?
A. RSVP B. Multicast Routing C. VPLS D. Class of Service
Answer: CExplanation:
QUESTION NO: 20
You notice that a number of IGMP leave group messages are passing through a BMA network andare impacting the network's performance.
What would you do to resolve this issue without affecting multicast traffic?
A. Apply an import policy to control leave group messages. B. Suppress group-specific queries. C. Suppress generic IGMP queries. D. Enable promiscuous-mode in IGMP.
Answer: BExplanation:
QUESTION NO: 21
A network administrator is configuring CoS on a switch and assigns forwarding classes call-sigand critical to the same queue number per the configuration below:
class-of-service {
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 9
ENRIQUEResaltado
forwarding-classes {
class best-effort queue-num 0;
class bulk-data queue-num 1;
class critical queue-num 3;
class voice queue-num 6;
class call-sig queue-num 3;
}
}
Based on the configuration, which option prioritizes call-sig traffic over critical traffic?
A. Assign call-sig and critical to different schedulers. B. Assign call-sig and critical to different scheduler maps. C. Assign a loss priority of high to the packets in the critical forwarding class and configure dropprofiles in the scheduler configuration. D. Assign a loss priority of high to the packets in the critical forwarding class and set priority highin the scheduler configuration.
Answer: CExplanation:
QUESTION NO: 22
A Layer 2 transparent firewall separates two OSPFv3 routers.
For the two OSPFv3 routers to form an adjacency, which protocol must be permitted on thefirewall?
A. IPv4 protocol 89 B. IPv6 protocol 89 C. TCP port 89 D. UDP port 89
Answer: BExplanation:
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 10
QUESTION NO: 23
In MSTP, which two factors determine the root bridge in each region? (Choose two.)
A. The switch with the higher priority becomes the root bridge. B. The switch with the lower priority becomes the root bridge. C. The switch with the lower MAC address becomes the root bridge when priorities are tied. D. The switch with the higher MAC address becomes the root bridge when priorities are tied.
Answer: B,CExplanation:
QUESTION NO: 24
Which two LSA types are only generated by an ABR router? (Choose two.)
A. ASBR summary LSA (Type 4) B. ASBR LSA (Type 5) C. Summary LSA (Type 3) D. Router LSA (Type 1)
Answer: A,CExplanation:
QUESTION NO: 25
Which two statements about MVRP on EX Series switches are true? (Choose two.)
A. MVRP can add VLANs on access interfaces. B. MVRP can add VLANs on trunk interfaces. C. MVRP adds VLANs on MVRP-enabled interfaces by default. D. MVRP is in transparent mode on MVRP-enabled interfaces by default.
Answer: B,CExplanation:
QUESTION NO: 26
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 11
A company's security policy does not allow outside computers or smart phones into their workareas. All company-provided computers are strictly controlled using 802.1X authentication on all oftheir switches. All computers obtain DHCP IP addresses from centralized servers and all switcheshave IP spoofing enabled. However, one of the computers was able to send IP spoofed packets.
Why did the IP spoof feature fail to prevent the spoofed packets from being forwarded?
A. The IP source guard database timeout was set too low. B. The DHCP snooping feature was not enabled on any of the switches. C. IP source guard does not prevent IP spoof attacks; you need to configure the Dynamic ARPInspection feature. D. 802.1X feature was not enabled on the port that was directly connected to the infectedcomputer.
Answer: BExplanation:
QUESTION NO: 27
What is a valid router ID configuration for OSPFv3 in the Junos OS?
A. set routing-options router-id 2001:1:2::1 B. set protocols ospf3 router-id fe80:223:2887:ab31::1 C. set routing-options router-id 224.1.0.1 D. set protocols ospf3 router-id 10.8.3.9
Answer: CExplanation:
QUESTION NO: 28
You are setting up a new switch in your network that is using MSTP. You have configured allaccess ports as edge ports, and you want to make sure that the access ports can never transitionto nonedge ports.
How can you meet this requirement?
A. Configure the interfaces as shared. B. Configure the hello-time option as zero.
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 12
--
-
-
C. Configure the interfaces as a no-root-port. D. Configure bpdu-block-on-edge.
Answer: DExplanation:
QUESTION NO: 29
When using PIM-SM in ASM mode, which two events trigger the creation of a shortest-path tree?(Choose two.)
A. Multicast traffic received at the receiver's designated router (DR). B. PIM join received at the receiver's designated router (DR). C. PIM join received at the source designated router (DR). D. PIM registers received by the rendezvous point (RP).
Answer: A,DExplanation:
QUESTION NO: 30
A coffee shop offering free Internet service to customers wants to implement the following securitypolicies:
1. Every customer must agree to a set of terms and conditions before accessing the Internet.
2. Log out customers that are logged in for more than one hour.
3. Log out customers that are idle for more than 5 minutes.
4. Authenticate employee desktop computers with known hardware addresses in the office of thecoffee shop to access the Internet without the above restrictions.
The following configuration has been applied to the switch:
set access radius-server 172.16.14.26 port 1812 set access radius-server 172.16.14.26 secret Am@zingC00f33 set access profile dot1x authentication-order radius set access profile dot1x radius authentication-server 172.27.14.226
What would you add to implement these policies?
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 13
A. set protocols dot1x authenticator interface ge-0/0/12.0 supplicant multiple set protocols dot1x authenticator interface ge-0/0/12.0 mac-radius set protocols dot1x authenticator authentication-profile-name dot1x set services captive-portal authentication-profile-name dot1x set services captive-portal interface ge-0/0/12.0 set services captive-portal secure-authentication https set services captive-portal custom-options header-message Welcome to Our Coffee Shop set services captive-portal custom-options banner-message Terms and Conditions of Use" B. set protocols dot1x authenticator interface ge-0/0/12.0 supplicant multiple set protocols dot1x authenticator authentication-profile-name dot1x set services captive-portal authentication-profile-name dot1x set services captive-portal interface ge-0/0/12.0 set services captive-portal secure-authentication https set services captive-portal custom-options header-message Welcome to Our Coffee Shop set services captive-portal custom-options banner-message Terms and Conditions of Use" C. set protocols dot1x authenticator interface ge-0/0/12.0 supplicant multiple set protocols dot1x authenticator interface ge-0/0/12.0 mac-radius set protocols dot1x authenticator authentication-profile-name dot1x set services captive-portal authentication-profile-name dot1x set services captive-portal interface ge-0/0/12.0 set services captive-portal interface ge-0/0/12.0 idle-timeout 300 set services captive-portal interface ge-0/0/12.0 user-timeout 3600 set services captive-portal secure-authentication https set services captive-portal custom-options header-message Welcome to Our Coffee Shop set services captive-portal custom-options banner-message Terms and Conditions of Use" D. set protocols dot1x authenticator interface ge-0/0/12.0 supplicant multiple set protocols dot1x authenticator interface ge-0/0/12.0 mac-radius set protocols dot1x authenticator interface ge-0/0/12.0 idle-timeout 300 set protocols dot1x authenticator interface ge-0/0/12.0 user-timeout 3600 set protocols dot1x authenticator authentication-profile-name dot1x set services captive-portal authentication-profile-name dot1x set services captive-portal interface ge-0/0/12.0 set services captive-portal secure-authentication https set services captive-portal custom-options header-message Welcome to Our Coffee Shop set services captive-portal custom-options banner-message Terms and Conditions of Use"
Answer: AExplanation:
QUESTION NO: 31
What is an IP multicast routing protocol?
A. RSVP
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 14
B. OSPF C. PIM D. CDP
Answer: AExplanation:
QUESTION NO: 32
Which version of BGP would an enterprise use to peer with an ISP?
A. Confederation BGP B. External BGP C. Internal BGP D. Labeled-Unicast
Answer: CExplanation:
QUESTION NO: 33
You are setting up a new switch in your network that is using MSTP. You want to make sure thatany port connected to a host starts forwarding traffic immediately.
How can you meet this requirement?
A. Configure the interfaces as point-to-point. B. Configure the interfaces as edge. C. Configure the forward-delay option as zero. D. Configure the interfaces as shared.
Answer: BExplanation:
QUESTION NO: 34
You have been asked to implement 802.1X in your network and to ensure that all authorized userscontinue to be permitted should the RADIUS server fail.
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 15
ENRIQUEResaltado
ENRIQUEResaltado
ENRIQUEResaltado
ENRIQUEResaltado
Which solution will satisfy this requirement?
A. Implement the persistent MAC feature with the override option. B. Implement the server fail fallback feature with the use-cache option. C. Implement the persistent MAC feature with the use-cache option. D. Implement the server fail fallback feature with the override option.
Answer: BExplanation:
QUESTION NO: 35
How does an administrator block IGMP reports for the 239.0.0.0/8 group range?
A. Create a routing policy and apply it to IGMP using the group-policy feature. B. Create a routing policy and apply it to IGMP using the report-policy feature. C. Create a routing policy and apply it to IGMP as export. D. Create a routing policy and apply it to IGMP as import.
Answer: AExplanation:
QUESTION NO: 36
You have been asked to implement a private VLAN with two community VLANs. This privateVLAN must span multiple switches in your Layer 2 network.
Which two statements about this deployment are true? (Choose two.)
A. All isolated ports must be configured as trunk ports. B. A minimum of one promiscuous trunk port is required. C. Both community VLANs must have assigned VLAN IDs. D. A minimum of one private VLAN trunk port is required.
Answer: C,DExplanation:
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 16
ENRIQUEResaltado
ENRIQUEResaltado
QUESTION NO: 37
Which configuration parameter causes a router to ignore router ID and peer ID from the BGP routeselection algorithm?
A. multihop B. as-path loops C. multipath D. next-hop self
Answer: CExplanation:
QUESTION NO: 38
If your WAN-edge router is multihomed to different ISPs, which two BGP attributes would youmodify to affect outbound traffic? (Choose two.)
A. MED B. origin C. local preference D. community
Answer: B,CExplanation:
QUESTION NO: 39
A medium-sized enterprise has some devices that are 802.1X capable and some that are not. Anydevice that fails authentication must be provided limited access through a VLAN calledNONAUTH.
How do you provide this access?
A. Configure NONAUTH VLAN as the guest VLAN. B. Configure NONAUTH VLAN as the server-reject VLAN. C. Configure NONAUTH VLAN as the guest VLAN and the server-reject VLAN. D. Configure a separate VLAN for each type of user: 802.1X and non-802.1X.
Answer: C
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 17
Explanation:
QUESTION NO: 40
When using PIM-SM in SSM mode, which event triggers the creation of a shortest-path tree?
A. Multicast traffic received at the receiver's designated router (DR). B. An IGMPv3 report received at the receiver's designated router (DR). C. Multicast traffic received at the rendezvous point (RP). D. An IGMPv3 report received at the source's designated router (DR).
Answer: BExplanation:
QUESTION NO: 41
Which statement regarding LLDP update messages is correct?
A. Updates can be secured using the MD5 algorithm. B. Updates are advertised every 60 seconds by default. C. Updates require bidirectional communication. D. Updates can be triggered by local changes.
Answer: DExplanation:
QUESTION NO: 42
When 802.1X, MAC-RADIUS, and Captive Portal are enabled on an interface, whichauthentication sequence occurs?
A. The authentication sequence is based on the order of the configuration. B. If MAC-RADIUS is rejected, Captive Portal will start. If Captive portal is timed out, 802.1X willstart. C. If 802.1X times out, then MAC-RADIUS will start. If MAC-RADIUS is timed out by the RADIUSserver, then Captive Portal will start. D. If 802.1X times out, then MAC-RADIUS will start. If MAC-RADIUS is rejected by the RADIUSserver, then Captive Portal will start.
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 18
Answer: DExplanation:
QUESTION NO: 43
You are troubleshooting a problem on interface ge-0/0/3.
Which command shows statistics in real time?
A. show interfaces statistics B. monitor interface statistics ge-0/0/3 C. monitor interface traffic D. monitor traffic interface ge-0/0/3
Answer: CExplanation:
QUESTION NO: 44
Which CoS component helps with TCP global synchronization problems?
A. WRR with rewrite rules B. WRED with drop profiles C. tail drop profiles with a behavior aggregate classifier D. exact term with a scheduler
Answer: BExplanation:
QUESTION NO: 45
You want to control bursts of HTTP traffic entering your SRX Series Gateway. To support varyingrequirements, interfaces ge-0/0/0 through ge-0/0/3 should each be rate-limited separately, usingthe same parameters.
What is the correct way to meet these requirements?
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 19
A. Configure a single policer and apply it directly on the appropriate interfaces. B. Configure four policers and apply each one directly on the appropriate interface. C. Configure a policer and reference it in a firewall filter that uses the interface-specific option;apply the filter to the appropriate interfaces. D. Configure four policers and reference them all in a firewall filter; apply the filter to theappropriate interfaces.
Answer: CExplanation:
QUESTION NO: 46
You are configuring BGP peering with a neighboring AS. Multiple physical links exist betweenyour edge router and the neighboring edge router, and you want a configuration that supports thehighest degree of redundancy.
How can you implement this scenario?
A. Configure multiple peerings between the routers physical interfaces. B. Use the multipath feature. C. Configure multiple peerings between the routers logical interfaces. D. Use the multihop feature.
Answer: DExplanation:
QUESTION NO: 47
An OSPF router is an ABR but not an ASBR.
Which three types of LSAs would you expect this router to generate? (Choose three.)
A. Type 1 LSA B. Type 3 LSA C. Type 4 LSA D. Type 5 LSA E. Type 6 LSA
Answer: A,B,CExplanation:
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 20
QUESTION NO: 48
-- Exhibit --
user@R1> show configuration protocols pim rp
local {
address 192.168.3.1;
}
auto-rp discovery;
static {
address 192.168.5.1;
}
user@R1> show route 192.168.0.0/16
inet.0: 18 destinations, 21 routes (18 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
192.168.2.1/32 *[Direct/0] 3w4d 04:58:14
> via lo0.0
192.168.5.1/32 *[OSPF/10] 00:52:25, metric 1
> via lt-0/0/0.0
192.168.10.1/32 *[OSPF/10] 00:48:06, metric 1
> via lt-0/0/0.2
192.168.50.1/32 *[OSPF/10] 00:48:06, metric 1
> via lt-0/0/0.4
-- Exhibit --
Click the Exhibit button.
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 21
Router R1 in the exhibit is receiving auto-RP announce messages specifying an RP of192.168.10.1 and BSR messages specifying an RP-set with an RP of 192.168.50.1.
Which address will R1 use as the RP for traffic destined to the 224.1.1.1 multicast group?
A. 192.168.3.1 B. 192.168.5.1 C. 192.168.10.1 D. 192.168.50.1
Answer: DExplanation:
QUESTION NO: 49
-- Exhibit
-- Exhibit --
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 22
Click the Exhibit button.
In the exhibit, customers connected to Area 3 must have access to external prefixes received fromthe data center connected to the router in Area 1. These configurations are currently applied to therouters in Area 1:
{master:0}[edit]
user@Area-1-ABR# show protocols ospf
no-nssa-abr;
area 0.0.0.1 {
nssa;
interface ge-1/1/1.100;
}
{master:0}[edit]
user@Area-1-External# show protocols ospf
area 0.0.0.1 {
stub no-summaries;
interface ge-1/1/1.100;
}
What must you change for these configurations to work?
A. Configure the ABR router in Area 1 to support a virtual link. B. Delete no-summary-lsa from the ABR router in Area 1. C. Configure the external router in Area 1 for NSSA. D. Configure the ABR in Area 1 for a default LSA with a default-metric of 10 and no-summaries.
Answer: CExplanation:
QUESTION NO: 50
-- Exhibit --
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 23
20.0.0.0/8 *[BGP/170] 01:10:38, localpref 100, from 10.0.0.1
AS path: 100 I
> to 15.0.0.2 via ge-0/0/0.0
[BGP/170] 00:00:59, localpref 100
AS path: 100 ?
> to 35.0.0.2 via ge-0/0/1.0
-- Exhibit --
Click the Exhibit button.
Referring to the output in the exhibit, why does the router prefer the path toward interface ge-0/0/0.0 for the 20.0.0.0/8 route?
A. The origin is IGP. B. The origin is unknown. C. The AS path is longer. D. Multihop is enabled.
Answer: AExplanation:
QUESTION NO: 51
-- Exhibit --
Group: 239.1.1.1
Source: 10.255.70.15
Flags: sparse,spt
Upstream interface: so-1/0/0.0
Upstream neighbor: 10.111.10.2
Upstream state: Local RP, Join to Source
Keepalive timeout: 344
Downstream neighbors:
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 24
Interface: Pseudo-GMP
fe-0/0/0.0 fe-0/0/1.0 fe-0/0/3.0
Interface: so-1/0/0.0 (pruned)
10.111.10.2 State: Prune Flags: SR Timeout: 174
Interface: mt-1/1/0.32768
10.10.47.100 State: Join Flags: S Timeout: Infinity
-- Exhibit --
Click the Exhibit button.
Referring to the exhibit, which two statements are true? (Choose two.)
A. The router has pruned the RPT. B. The router has pruned the SPT only. C. The router has pruned the RPT only. D. The router has pruned the SPT.
Answer: A,DExplanation:
QUESTION NO: 52
-- Exhibit --
user@switch# run show spanning-tree statistics interface ge-0/0/0
STP interface statistics for VLAN 10
Interface BPDUs sent BPDUs received Next BPDU
transmission
ge-0/0/0.0 170 3 0
STP interface statistics for VLAN 20
Interface BPDUs sent BPDUs received Next BPDU
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 25
transmission
ge-0/0/0.0 171 3 0
-- Exhibit --
Click the Exhibit button.
Based on the exhibit, which spanning-tree protocol is running on ge-0/0/0?
A. VSTP B. MSTP C. RSTP D. PVST
Answer: AExplanation:
QUESTION NO: 53
-- Exhibit
-- Exhibit --
Click the Exhibit button.
Given the topology in the exhibit, which two statements related to the Q-in-Q tunneling implementation are true? (Choose two.)
A. The ge-0/0/0 interface on Provider Bridge A must be configured as an access port. B. The ge-0/0/0 interface on Provider Bridge A must be configured as a trunk port.
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 26
C. Provider Bridge B will make forwarding decisions using a MAC table associated with VLAN ID100. D. Provider Bridge B will make forwarding decisions using a MAC table associated with VLAN ID200.
Answer: A,DExplanation:
QUESTION NO: 54
-- Exhibit
-- Exhibit --
Click the Exhibit button.
You are implementing Q-in-Q tunneling to connect R1 and R2 using the configurations shown inthe exhibit.
What must be changed on Switch_A to allow both Dot1q-tunneling VLANs and non-Dot1q-tunneling VLANs on the same trunk interface?
A. Change the Dot1q-tunneling Ethertype to 0x9100.
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 27
B. Change the Dot1q-tunneling Ethertype to 0x88a8. C. Change the Dot1q-tunneling Ethertype to 0x8100. D. Change the Dot1q-tunneling Ethertype to 0x98a8.
Answer: CExplanation:
QUESTION NO: 55
-- Exhibit
-- Exhibit --
Click the Exhibit button.
In the exhibit, Host2 is the only host currently joining group 231.1.1.1, but S1 is still flooding thetraffic to all hosts on VLAN 100.
What feature can be configured on S1 to limit the multicast flooding of traffic to only interestedhosts on VLAN 100?
A. Multicast scoping B. IGMP snooping C. Multicast VLAN registration D. IGMP immediate leave
Answer: BExplanation:
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 28
QUESTION NO: 56
-- Exhibit --
{master:0}[edit]
user@switch# show protocols vstp
vlan 100;
{master:0}[edit]
user@switch# run show spanning-tree bridge
STP bridge parameters
Context ID : 1
Enabled protocol : RSTP
STP bridge parameters for VLAN 100
Root ID : 32868.50:c5:8d:ae:94:80
Hello time : 2 seconds
Maximum age : 20 seconds
Forward delay : 15 seconds
Message age : 0
Number of topology changes : 0
Local parameters
Bridge ID : 32868.50:c5:8d:ae:94:80
Extended system ID : 1
Internal instance ID : 0
{master:0}[edit]
user@switch# run show spanning-tree interface
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 29
{master:0}[edit]
user@switch#
-- Exhibit --
Click the Exhibit button.
Based on the output shown in the exhibit, why is VSTP not working for VLAN 100?
A. No interfaces are assigned to VLAN 100. B. Your MSTI is misconfigured. C. RSTP is configured in addition to VSTP. D. No native VLAN is configured.
Answer: AExplanation:
QUESTION NO: 57
-- Exhibit
-- Exhibit --
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 30
Click the Exhibit button.
Referring to the exhibit, what is the correct RPF path toward the multicast source from R6?
A. R6-R5 B. R6-R7-R4-R5 C. R6-R4-R5 D. R6-R4-R3-R2-R5
Answer: AExplanation:
QUESTION NO: 58
-- Exhibit --
{master:0}[edit]
user@switch# show ethernet-switching-options voip
interface ge-0/0/16.0 {
vlan phones;
}
{master:0}[edit]
user@switch# show interfaces ge-0/0/16
unit 0 {
family ethernet-switching {
port-mode access;
vlan {
members internet;
}
}
}
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 31
{master:0}[edit]
user@switch# show vlans
hr {
vlan-id 513;
}
internet {
vlan-id 15;
}
phones {
vlan-id 25;
}
servers {
vlan-id 30;
}
{master:0}[edit]
user@switch# show interfaces ge-0/0/23
description uplink;
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ hr internet ];
}
}
}
-- Exhibit --
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 32
Click the Exhibit button.
You have recently implemented a Layer 2 network designed to support VoIP. Users have reportedthat they cannot use their IP phones to make calls.
Based on the switch configuration shown in the exhibit, which command will resolve this issue?
A. set interfaces ge-0/0/23 unit 0 family ethernet-switching vlan members phones B. set interfaces ge-0/0/16 unit 0 family ethernet-switching port-mode trunk C. set ethernet-switching-options voip interface ge-0/0/23 vlan phones D. set vlans phones vlan-id 513
Answer: AExplanation:
QUESTION NO: 59
-- Exhibit
-- Exhibit --
Click the Exhibit button.
Based on the SPF calculation in the exhibit, what is the shortest path to reach R3 from R1?
A. R2-R3 B. R2-R5-R4
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 33
C. R3 D. R2-R4
Answer: CExplanation:
QUESTION NO: 60
-- Exhibit --
Mar 16 18:39:15.800390 BGP RECV 172.14.10.2+57785 -> 172.14.10.1+179
Mar 16 18:39:15.800932 BGP RECV message type 1 (Open) length 59
Mar 16 18:39:15.800995 BGP RECV version 4 as 2 holdtime 90 id 192.168.5.1 parmlen 30
Mar 16 18:39:15.801064 BGP RECV MP capability AFI=2, SAFI=1
Mar 16 18:39:15.801112 BGP RECV Refresh capability, code=128
Mar 16 18:39:15.801172 BGP RECV Refresh capability, code=2
Mar 16 18:39:15.801224 BGP RECV Restart capability, code=64, time=120, flags=
Mar 16 18:39:15.801289 BGP RECV 4 Byte AS-Path capability (65), as_num 2
Mar 16 18:39:15.801705 advertising receiving-speaker only capabilty to neighbor 172.14.10.2(External AS 2)
Mar 16 18:39:15.801787 bgp_send. sending 59 bytes to 172.14.10.2 (External AS 2)
Mar 16 18:39:15.801845
Mar 16 18:39:15.801845 BGP SEND 172.14.10.1+179 -> 172.14.10.2+57785
Mar 16 18:39:15.801933 BGP SEND message type 1 (Open) length 59
Mar 16 18:39:15.801991 BGP SEND version 4 as 1 holdtime 90 id 192.168.2.1 parmlen 30
Mar 16 18:39:15.802054 BGP SEND MP capability AFI=1, SAFI=1
Mar 16 18:39:15.802115 BGP SEND Refresh capability, code=128
Mar 16 18:39:15.802176 BGP SEND Refresh capability, code=2
Mar 16 18:39:15.802227 BGP SEND Restart capability, code=64, time=120, flags=
Mar 16 18:39:15.802292 BGP SEND 4 Byte AS-Path capability (65), as_num 1
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 34
Mar 16 18:39:15.802615 bgp_process_caps: mismatch NLRI with 172.14.10.2 (External AS 2):peer: (16) us: (1)
Mar 16 18:39:15.802763 bgp_process_caps:2561: NOTIFICATION sent to 172.14.10.2 (ExternalAS 2): code 2 (Open Message Error) subcode 7 (unsupported capability) value 1
Mar 16 18:39:15.802913 bgp_sens: sending 23 bytes to 172.14.10.2 (External AS 2)
Mar 16 18:39:15.802969
Mar 16 18:39:15.802969 BGP SEND 172.14.10.1+179 -> 172.14.10.2+57785
Mar 16 18:39:15.803057 BGP SEND message type 3 (Notification) length 23
Mar 16 18:39:15.803113 BGP SEND Notification code 2 (Open Message Error) subcode 7(unsupported capability)
Mar 16 18:39:15.803179 BGP SEND Data (2 bytes): 00 01
-- Exhibit --
Click the Exhibit button.
Looking at the traceoptions output in the exhibit, why is the BGP neighbor not in Establishedstate?
A. BGP refresh is not supported. B. There is a router ID mismatch. C. IPv6 is not supported on the local peer. D. The peer AS number is misconfigured.
Answer: CExplanation:
QUESTION NO: 61
-- Exhibit
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 35
-- Exhibit --
Click the Exhibit button.
In the exhibit, which statement about the ABR between Area 8 and Area 2 is true?
A. The router has connectivity to all areas. B. The router has connectivity to Area 8 only. C. The router has connectivity to Area 2 only. D. The router has connectivity to all routers in Area 8 and Area 2.
Answer: DExplanation:
QUESTION NO: 62
-- Exhibit --
user@router> show class-of-service scheduler-map two
Scheduler map: two, Index: 56974
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 36
Scheduler: sch-best-effort, Forwarding class: best-effort, Index: 26057
Transmit rate: 1 percent, Rate Limit: exact, Buffer size: remainder,
Buffer Limit: exact, Priority: low
Excess Priority: unspecified
Drop profiles:
Loss priority Protocol Index Name
Low any 1
Medium low any 1
Medium high any 1
High any 1
Scheduler: sch-expedited-forwarding, Forwarding class:
expedited-forwarding, Index: 10026
Transmit rate: 1 percent, Rate Limit: none, Buffer size: 1 percent,
Buffer Limit: none, Priority: high
Excess Priority: unspecified
Drop profiles:
Loss priority Protocol Index Name
Low any 1
Medium low any 1
Medium high any 1
High any 1
user@router> show interfaces ge-0/0/1 extensive | find "CoS Information"
CoS information:
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 37
Direction : Output
CoS transmit queue Bandwidth Buffer
Priority Limit
% bps % usec
0 best-effort 1 10000000 r 0
low exact
1 expedited-forwarding 1 10000000 1 0
high none
Logical interface ge-0/0/1.823 (Index 74) (SNMP ifIndex 506) (Generation
139)
Flags: SNMP-Traps 0x4000 VLAN-Tag [ 0x8100.823 ] Encapsulation: ENET2
Traffic statistics:
Input bytes : 1820224529
Output bytes : 6505980
Input packets: 1436371
Output packets: 75905
(... output truncated ...)
user@router> show interfaces ge-0/0/1 extensive | find "Queue Counters"
Queue counters: Queued packets Transmitted packets Dropped packets
0 best-effort 1343970 1343970 7105
1 expedited-fo 53987 53987
0
2 assured-forw 0 0
0
3 network-cont 0 0
0
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 38
Queue number: Mapped forwarding classes
0 best-effort
1 expedited-forwarding
2 assured-forwarding
3 network-control
Active alarms : None
Active defects : None
(... output truncated ...)
-- Exhibit --
Click the Exhibit button.
Based on the configuration in the exhibit, why are you seeing drops in the best-effort queue on theSRX Series platform?
A. The drop-profile fill level is set too low. B. Packets are dropped by a firewall policy. C. The best-effort queue is being shaped. D. The scheduler is not being applied correctly.
Answer: CExplanation:
QUESTION NO: 63
-- Exhibit --
[edit protocols bgp]
user@router# show
group ext-peer2 {
type external;
peer-as 1;
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 39
neighbor 192.168.2.1;
}
[edit protocols bgp]
user@router# run show route 192.168.2.1
inet.0: 9 destinations, 10 routes (7 active, 0 holddown, 2 hidden)
+ = Active Route, - = Last Active, * = Both
192.168.2.1/32 *[Static/5] 00:01:56
> to 172.14.10.1 via ge-0/0/1.0
[edit protocols bgp]
user@router# run show bgp summary
Groups: 1 Peers: 1 Down peers: 1
Table Tot Paths Act Paths Suppressed History Damp State Pending
inet.0 0 0 0 0 0 0
inet6.0 0 0 0 0 0 0
Peer AS InPkt OutPkt OutQ Flaps Last Up/Dwn State|#Active/Received/Accepted/Damped...
192.168.2.1 1 0 0 0 0 14 Idle
-- Exhibit --
Click the Exhibit button.
Looking at the output in the exhibit, why is the BGP neighbor not in Established state?
A. BGP Refresh is not supported. B. Multihop is not configured. C. The peer address is not reachable. D. Authentication is configured.
Answer: BExplanation:
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 40
QUESTION NO: 64
-- Exhibit --
user@SwitchA# show protocols dot1x
authenticator {
authentication-profile-name dot1x;
interface {
ge-0/0/0.0 {
supplicant single;
}
ge-0/0/1.0 {
supplicant single-secure;
}
ge-0/0/2.0 {
supplicant multiple;
}
}
}
{master:0}[edit]
user@SwitchA# show access
radius-server {
172.27.14.226 {
port 1812;
secret "$9$vqs8xd24Zk.5bs.5QFAtM8X"; ## SECRET-DATA
}
}
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 41
ENRIQUEResaltado
profile dot1x {
authentication-order radius;
radius {
authentication-server 172.27.14.226;
accounting-server 172.27.14.226;
}
accounting {
order radius;
immediate-update;
}
}
{master:0}[edit]
user@SwitchA#
-- Exhibit --
Click the Exhibit button.
Referring to the exhibit, which three statements describe correct behavior of Switch A? (Choosethree.)
A. Switch A allows complete access to all users connected to port ge-0/0/2 that log in with theircorrect user credentials. B. Switch A allows complete access to all users connected to port ge-0/0/0 that log in with theircorrect user credentials. C. Switch A allows complete access to the second user that connects to port ge-0/0/1 with itscorrect credentials only after the first user logs out. D. Switch A allows complete access to all users connected to port ge-0/0/0 without authenticationafter the first user has logged in with its correct user credentials. E. Switch A allows complete access to all users connected to port ge-0/0/1 that securely log inusing HTTPS with their correct user credentials.
Answer: A,C,DExplanation:
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 42
ENRIQUEResaltado
ENRIQUEResaltado
ENRIQUEResaltado
QUESTION NO: 65
-- Exhibit --
Mar 16 17:48:06.145257 OSPF periodic xmit from 172.14.10.1 to 224.0.0.5 (IFL 69 area 0.0.0.1)
Mar 16 17:48:12.404986 ospf_trigger_build_telink_lsas : No peer found
Mar 16 17:48:13.013420 ospf_trigger_build_telink_lsas : No peer found
Mar 16 17:48:13.013555 ospf_set_lsdb_state: Router LSA 192.168.2.1 adv-rtr 192.168.2.1 stateQUIET->GEN_PENDING
Mar 16 17:48:13.013661 OSPF trigger router LSA 0x156d0f0 build for area 0.0.0.1 lsa-id192.168.2.1
Mar 16 17:48:13.017494 ospf_set_lsdb_state: Router LSA 192.168.2.1 adv-rtr 192.168.2.1 stateGEN_PENDING->QUIET
Mar 16 17:48:13.017636 OSPF built router LSA, area 0.0.0.1, link count 2
Mar 16 17:48:13.017954 OSPF sent Hello 172.14.10.1 -> 224.0.0.5 (ge-0/0/1.0 IFL 69 area0.0.0.1)
Mar 16 17:48:13.018023 Version 2, length 44, ID 192.168.2.1, area 0.0.0.1
Mar 16 17:48:13.018111 mask 255.255.255.0, hello_ivl 10, opts 0x2, prio 128
Mar 16 17:48:13.018162 dead_ivl 40, DR 172.14.10.1, BDR 0.0.0.0
Mar 16 17:48:13.018613 OSPF DR is 192.168.2.1, BDR is 0.0.0.0
Mar 16 17:48:13.018900 OSPF sent Hello 172.14.10.1 -> 224.0.0.5 (ge-0/0/1.0 IFL 69 area0.0.0.1)
Mar 16 17:48:13.018968 Version 2, length 44, ID 192.168.2.1, area 0.0.0.1
Mar 16 17:48:13.019032 mask 255.255.255.0, hello_ivl 10, opts 0x2, prio 128
Mar 16 17:48:13.019118 dead_ivl 40, DR 172.14.10.1, BDR 0.0.0.0
Mar 16 17:48:13.028426 OSPF DR is 192.168.2.1, BDR is 0.0.0.0
Mar 16 17:48:13.432025 OSPF packet ignoreD. area mismatch (0.0.0.0) from 172.14.10.2 on intfge-0/0/1.0 area 0.0.0.1
Mar 16 17:48:13.432135 OSPF rcvd Hello 172.14.10.2 -> 224.0.0.5 (ge-0/0/1.0 IFL 69 area0.0.0.1)
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 43
Mar 16 17:48:13.432189 Version 2, length 44, ID 192.168.5.1, area 0.0.0.0
Mar 16 17:48:13.432274 checksum 0x8065, authtype 0
Mar 16 17:48:13.432346 mask 255.255.255.0, hello_ivl 10, opts 0x2, prio 128
Mar 16 17:48:13.432398 dead_ivl 40, DR 172.14.10.2, BDR 0.0.0.0 commit complete
-- Exhibit --
Click the Exhibit button.
Looking at the traceoptions output in the exhibit, why are the OSPF routers stuck in Init state?
A. There is an MTU mismatch. B. There is a network mask mismatch. C. The routers are in different areas. D. No BDR has been elected.
Answer: CExplanation:
QUESTION NO: 66
-- Exhibit --
-- Exhibit --
Click the Exhibit button.
A customer is trying to configure a router to peer using EBGP to a neighbor. As shown in theexhibit, two links are being used for this configuration. The goal of this configuration is to load-balance traffic across both EBGP links.
Which configuration accomplishes this goal?
A. {master:0}[edit] user@router# show protocols bgp group External { multihop; local-address 192.168.2.1; peer-as 65532;
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 44
neighbor 10.10.2.2; neighbor 10.20.2.2; } {master:0}[edit] user@router# show routing-options static { route 192.168.5.1/32 next-hop 192.168.2.1; } autonomous-system 65432; B. {master:0}[edit] user@router# show protocols bgp group External { multihop; local-address 192.168.2.1; peer-as 65532; neighbor 192.168.5.1; } {master:0}[edit] user@router# show routing-options static { route 192.168.5.1/32 next-hop [ 10.10.2.2 10.20.2.2 ]; } autonomous-system 65432; forwarding-table { export load-balance; } {master:0}[edit] user@router# show policy-options policy-statement load-balance term balance { then { load-balance per-packet; accept; } } C. {master:0}[edit] user@router# show protocols bgp group External { multi-path; local-address 192.168.2.1; peer-as 65532; neighbor 192.168.5.1; } {master:0}[edit] user@router# show routing-options static { route 192.168.5.1/32 next-hop [ 10.10.2.2 10.20.2.2 ]; }
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 45
autonomous-system 65432; D. {master:0}[edit] user@router# show protocols bgp group External { multipath; local-address 192.168.2.1; peer-as 65532; neighbor 10.10.2.2; neighbor 10.20.2.2; } {master:0}[edit] user@router# show routing-options static { route 192.168.5.1/32 next-hop 192.168.2.1; } autonomous-system 65432;
Answer: BExplanation:
QUESTION NO: 67
-- Exhibit
-- Exhibit --
Click the Exhibit button.
In the exhibit, R5 is receiving five 200.1.1.x routes from the RIP router, and is advertising them into
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 46
Area 1 using an export policy. You do not want any of the RIP routes to be in the routing table ofR1.
Which two solutions meet this requirement? (Choose two.)
A. On R1, configure an export policy to reject the routes. B. On R1, configure an import policy to reject the routes. C. On R1, configure each address as a martian route. D. On R1, configure the no-nssa-abr option.
Answer: B,CExplanation:
QUESTION NO: 68
-- Exhibit
-- Exhibit --
Click the Exhibit button.
In the exhibit, a customer wants to configure an EBGP connection to two different routers in aneighboring autonomous system. The goal of this configuration is to use per-prefix load balancingacross both EBGP links.
Which configuration accomplishes this goal?
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 47
A. {master:0}[edit] user@router# show protocols bgp group External { multihop; peer-as 65532; neighbor 10.10.2.2; neighbor 10.20.2.2; } B. {master:0}[edit] user@router# show protocols bgp group External { multipath; peer-as 65532; neighbor 10.10.2.2; neighbor 10.20.2.2; } C. {master:0}[edit] user@router# show protocols bgp group External { multihop; local-address 192.168.2.1; peer-as 65532; neighbor 10.10.2.2; neighbor 10.20.2.2; } user@router# show routing-options static { route 0.0.0.0 next-hop [ 10.10.2.2 10.20.2.2 ]; } autonomous-system 65432; D. {master:0}[edit] user@router# show protocols bgp group External { multihop; local-address 192.168.2.1; peer-as 65532; multipath; neighbor 10.10.2.2; neighbor 10.20.2.2; } user@router# show routing-options static { route 0.0.0.0 next-hop [ 10.10.2.2 10.20.2.2 ]; } autonomous-system 65432;
Answer: B
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 48
Explanation:
QUESTION NO: 69
-- Exhibit
-- Exhibit --
Click the Exhibit button.
Referring to the exhibit, R4 in AS 100 is sending routes 20.0.0.0/8 and 10.0.0.0/8. R3 sees theroutes but R5 does not.
What must be configured on the R3 router for the R5 router to install the routes?
A. a next-hop self policy B. as-override toward the R5 router C. as-loops 2 D. local-as 100
Answer: BExplanation:
QUESTION NO: 70 -- Exhibit
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 49
-- Exhibit --
Click the Exhibit button.
You are asked to configure an OSPF virtual link that connects remote Area 4 to the backbone.
Referring to the exhibit, what are two requirements for an OSPF virtual link to operate correctly?(Choose two.)
A. A virtual link configuration on the ABR between Areas 0 and 1 must include transit area 1. B. The interface of the transit area must be of type vt. C. A virtual link configuration on the ABR between Areas 0 and 1 must be the interface address ofthe neighbor on the far end. D. A virtual link configuration on the ABR between Areas 0 and 1 must be the router ID (RID) ofthe neighbor on the far end.
Answer: A,DExplanation:
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 50
ENRIQUEResaltado
ENRIQUEResaltado
QUESTION NO: 71
-- Exhibit
-- Exhibit --
Click the Exhibit button.
In the exhibit, R5 is receiving five 200.1.1.x routes from the RIP router, and is advertising them intoArea 1 using an export policy. You want to summarize the RIP routes into Area 0 with the mostspecific prefix.
Which configuration will accomplish goal?
A. [edit protocols] user@R1# show ospf { area 0.0.0.0 { area-range 200.1.1.0/29; interface ge-0/0/1.0; interface ge-0/0/2.0; interface lo0.0; } area 0.0.0.1 { nssa { default-lsa type-7; } interface ge-0/0/3.0; } }
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 51
B. [edit protocols] user@R1# show ospf { area 0.0.0.0 { interface ge-0/0/1.0; interface ge-0/0/2.0; interface lo0.0; } area 0.0.0.1 { nssa { default-lsa type-7; area-range 200.1.1.0/28; } interface ge-0/0/3.0; } } C. [edit protocols] user@R1# show ospf { area 0.0.0.0 { interface ge-0/0/1.0; interface ge-0/0/2.0; interface lo0.0; } area 0.0.0.1 { nssa { default-lsa type-7; area-range 200.1.1.0/29; } interface ge-0/0/3.0; } } D. [edit protocols] user@R1# show ospf { area 0.0.0.0 { area-range 200.1.1.0/28; interface ge-0/0/1.0; interface ge-0/0/2.0; interface lo0.0; } area 0.0.0.1 { nssa { default-lsa type-7; } interface ge-0/0/3.0; }
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 52
}
Answer: CExplanation:
QUESTION NO: 72
-- Exhibit --
user@router> show bgp summary
Groups: 3 Peers: 3 Down peers: 0
Table Tot Paths Act Paths Suppressed History Damp State Pending
inet.0 10 8 0 0 0 0
inet6.0 4 3 0 0 0 0
Peer AS InPkt OutPkt OutQ Flaps Last Up/Dwn State|#Active/Received/Accepted/Damped...
10.0.3.5 65550 41 52 0 2 17:45 5/5/5/0 0/0/0/0
172.16.0.6 65010 52 42 0 2 31 Establ
inet.0: 3/5/5/0
inet6.0: 3/4/4/0
2001:ffff::3:5 65550 43 44 0 4 17:53 Establ
inet6.0: 0/0/0/0
user@router>
-- Exhibit --
Click the Exhibit button.
Examine the output of the show bgp summary command shown in the exhibit.
From which BGP peer is the router receiving IPv6 routes?
A. 10.0.3.5
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 53
ENRIQUEResaltado
B. 172.16.0.6 C. 2001:ffff::3:5 D. 2001:ffff:3:5
Answer: BExplanation:
QUESTION NO: 73
-- Exhibit --
user@SwitchA> show dot1x interface detail ge-0/0/2.0
ge-0/0/2.0
Role: Authenticator
Administrative state: Auto
Supplicant mode: Multiple
Number of retries: 3
Quiet period. 60 seconds
Transmit period. 30 seconds
Mac Radius: Enabled
Mac Radius Restrict: Enabled
Reauthentication: Enabled
Configured Reauthentication interval: 3600 seconds
Supplicant timeout: 30 seconds
Server timeout: 30 seconds
Maximum EAPOL requests: 2
Guest VLAN member:
Number of connected supplicants: 2
user@SwitchA>
-- Exhibit --
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 54
Click the Exhibit button.
Host 1, Host 2, and Host 3 are connected to Switch A on interface ge-0/0/2. Host 1 and Host 2 donot support 802.1X. They can authenticate and connect to the Internet. Host 3 was added and itsupports 802.1X; however, it is unable to authenticate.
Referring to the exhibit, how do you allow Host 3 to authenticate to the network but maintainsecure access?
A. Enable fallback authentication for 802.1X. B. Disable MAC RADIUS Restrict option on ge-0/0/2. C. Disable MAC RADIUS option on ge-0/0/2. D. Enable Administrative mode for 802.1X.
Answer: BExplanation:
QUESTION NO: 74
-- Exhibit --
user@RP> show pim join extensive
Instance: PIM.master Family: INET
R = Rendezvous Point Tree, S = Sparse, W = Wildcard
Group: 224.1.1.1
Source: *
RP: 192.168.1.1
Flags: sparse,rptree,wildcard
Upstream interface: Local
Upstream neighbor: Local
Upstream state: Local RP
Downstream neighbors:
Interface: so-0/0/0.0
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 55
10.0.1.2 State: Join Flags: SRW Timeout: 176
Group: 224.1.1.1
Source: 10.0.5.2
Flags: sparse,spt
Upstream interface: unknown (no nexthop)
Upstream neighbor: unknown
Upstream state: Local RP
Keepalive timeout: 106
Downstream neighbors:
Interface: so-0/0/0.0
10.0.1.2 State: Join Flags: S Timeout: 176
Instance: PIM.master Family: INET6
R = Rendezvous Point Tree, S = Sparse, W = Wildcard
-- Exhibit --
Click the Exhibit button.
The CLI output shown in the exhibit was taken from the RP in a PIM-SM network.
Which statement explains the output shown in the exhibit?
A. No tunnel PIC is installed on the RP router. B. 192.168.1.1 is not a local IP address on the RP router. C. Multicast traffic is arriving on the so-0/0/0.0 interface. D. The router does not have a unicast route to 10.0.5.2.
Answer: DExplanation:
QUESTION NO: 75
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 56
ENRIQUEResaltado
-- Exhibit --
OSPF database, Area 0.0.0.0
Type ID Adv Rtr Seq Age Opt Cksum Len
Router *10.0.3.4 10.0.3.4 0x8000000d 30 0x22 0x8d11 132
bits 0x0, link count 9
id 10.1.1.0, data 255.255.255.0, Type Stub (3)
Topology count: 0, Default metric. 1
id 10.0.4.8, data 255.255.255.252, Type Stub (3)
Topology count: 0, Default metric. 1
id 10.0.2.10, data 10.0.2.10, Type Transit (2)
Topology count: 0, Default metric. 1
id 172.16.0.6, data 172.16.0.5, Type Transit (2)
Topology count: 0, Default metric. 1
id 10.0.3.4, data 255.255.255.255, Type Stub (3)
Topology count: 0, Default metric. 0
id 10.0.9.7, data 10.0.2.18, Type PointToPoint (1)
Topology count: 0, Default metric. 65
id 10.0.2.16, data 255.255.255.252, Type Stub (3)
Topology count: 0, Default metric. 65
id 10.0.3.3, data 10.0.2.6, Type PointToPoint (1)
Topology count: 0, Default metric. 2
id 10.0.2.4, data 255.255.255.252, Type Stub (3)
Topology count: 0, Default metric. 2
Topology default (ID 0)
Type: PointToPoint, Node ID. 10.0.3.3
MetriC. 2, Bidirectional
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 57
Type: PointToPoint, Node ID. 10.0.9.7
MetriC. 65, Bidirectional
Type: Transit, Node ID. 172.16.0.6
MetriC. 1, Bidirectional
Type: Transit, Node ID. 10.0.2.10
MetriC. 1, Bidirectional
-- Exhibit --
Click the Exhibit button.
The exhibit shows the output of an OSPF router LSA.
Which interface ID represents the router's loopback address?
A. ID 10.1.1.0 B. ID 10.0.3.4 C. ID 10.0.3.3 D. ID 10.0.2.4
Answer: BExplanation:
QUESTION NO: 76
-- Exhibit --
{master:0}[edit]
user@router# show class-of-service
classifiers {
inet-precedence normal-traffic {
forwarding-class best-effort {
loss-priority low code-points [ my1 my2 ];
}
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 58
ENRIQUEResaltado
}
}
code-point-aliases {
inet-precedence {
my1 000;
my2 001;
cs1 010;
cs2 011;
cs3 100;
cs4 101;
cs5 111;
cs6 111;
}
}
-- Exhibit --
Click the Exhibit button.
In the exhibit, you see a configuration for CoS. Incoming traffic with specific IP precedence bitsshould be mapped to a forwarding class named best-effort. A classifier named normal-traffic isdefined.
What must you add to complete this configuration?
A. Include the option q-pic-large-buffer under the chassis hierarchy to accommodate the new codepoints. B. Apply classifier normal traffic to the interface hierarchy under the class-of-service stanza. C. Configure a rewrite marker on the ingress Gigabit Ethernet interface. D. Add code point values for the expedited-forwarding forwarding class as well as the best-effortforwarding class.
Answer: BExplanation:
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 59
QUESTION NO: 77
-- Exhibit --
user@router> show configuration routing-options autonomous-system
65550;
user@router> show configuration protocols bgp
group ibgp {
type internal;
neighbor 10.0.3.5;
}
group ibgpv6 {
type internal;
local-address 2001:ffff::3:4;
neighbor 2001:ffff::3:5;
}
group as65010 {
family inet {
unicast;
}
family inet6 {
unicast;
}
export as65010-out;
peer-as 65010;
neighbor 172.16.0.6;
}
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 60
user@router> show configuration policy-options
policy-statement as65010-out {
term locally-originated {
from as-path local-only;
then {
metric 7000;
}
}
term from-as65222 {
from as-path as65222-orig;
then as-path-prepend "65550 65550 65550 65550";
}
term transit-as701 {
from as-path transit-as701;
then {
metric 6;
}
}
then accept;
}
as-path local-only "(.*)";
as-path as65222-orig ".* 65222";
as-path transit-as701 ".* 701 .*";
user@router> show route advertising-protocol bgp 172.16.0.6
inet.0: 43 destinations, 47 routes (43 active, 0 holddown, 0 hidden)
Prefix Nexthop MED Lclpref AS path
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 61
* 10.0.2.0/30 Self 7000 I
* 10.0.2.4/30 Self 7000 I
* 10.0.2.8/30 Self 7000 I
* 10.0.2.16/30 Self 7000 I
* 10.0.3.3/32 Self 7000 I
* 10.0.3.4/32 Self 7000 I
* 10.0.3.5/32 Self 7000 I
* 10.0.4.8/30 Self 7000 I
* 10.0.8.8/30 Self 7000 I
* 10.0.9.9/32 Self 7000 I
* 10.255.255.1/32 Self 7000 I
* 64.142.88.0/24 Self 7000 I
* 130.130.0.0/16 Self 6 65222 46375 701 14203 I
* 131.131.131.0/24 Self 6 65222 46375 701 14203 I
* 132.132.0.0/25 Self 6 65222 46375 701 32934 I
* 133.133.0.0/25 Self 6 65222 46375 701 32934 I
* 134.134.0.0/25 Self 65222 46375 14203 I
* 135.135.0.0/25 Self 65222 46375 14203 14203 I
* 172.16.0.4/30 Self 7000 I
* 172.16.0.12/30 Self 7000 I
* 172.16.200.0/30 172.16.0.6 7000 I
* 192.0.2.0/24 172.16.0.6 7000 I
* 192.168.50.0/24 Self 7000 I
* 192.168.253.0/24 Self 7000 I
* 200.200.0.0/16 172.16.0.6 7000 I
* 200.200.0.1/32 172.16.0.6 7000 I
* 200.200.1.1/32 172.16.0.6 7000 I
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 62
* 200.200.200.200/32 172.16.0.6 7000 I
inet6.0: 23 destinations, 28 routes (23 active, 0 holddown, 0 hidden)
Prefix Nexthop MED Lclpref AS path
* ::172.16.0.4/126 Self 7000 I
* 2001:1:1::/64 Self 7000 I
* 2001:1:2::/64 Self 7000 I
* 2001:ffff::3:3/128 Self 7000 I
* 2001:ffff::3:4/128 Self 7000 I
* 2001:ffff::3:5/128 Self 7000 I
* 2001:ffff::9:7/128 Self 7000 I
user@router>
-- Exhibit --
Click the Exhibit button.
You are configuring an EBGP peer in a transit environment. You must advertise routes learnedfrom other EBGP peers in your AS. Any routes originated from within your AS should have a MEDof 7000 set. Any routes that originate in AS65222 should be prepended four times. Any routes thattransit AS701 should have a MED set to 6. This scenario results in the unintended advertisementof internal 10.0.0.0/8 networks to your peer.
What caused the accidental advertisement of internal networks to your EBGP peer?
A. Your AS number of 65550 is a private AS number. B. The BGP group as65010 is configured for both family inet unicast and family inet6 unicastprotocol families. C. The export policy as65010-out is misconfigured. D. The as-path local-only includes a misconfigured regular expression.
Answer: CExplanation:
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 63
QUESTION NO: 78
-- Exhibit --
[edit]
user@router# run show ospf database external lsa-id 71.23.48.0 extensive
OSPF AS SCOPE link state database
Type ID Adv Rtr Seq Age Opt Cksum Len
Extern 71.23.48.0 67.176.255.5 0x80000001 114 0x22 0x171b 36
mask 255.255.248.0
Topology default (ID 0)
Type: 2, MetriC. 0, Fwd addr: 0.0.0.0, Tag: 0.0.0.0
Aging timer 00:58:06
Installed 00:01:53 ago, expires in 00:58:06, sent 00:01:53 ago
Last changed 00:01:53 ago, Change count: 1
Extern 71.23.48.0 67.176.255.7 0x8000005a 487 0x22 0x587e 36
mask 255.255.248.0
Topology default (ID 0)
Type: 2, MetriC. 0, Fwd addr: 0.0.0.0, Tag: 0.0.0.0
Aging timer 00:51:52
Installed 00:08:01 ago, expires in 00:51:53, sent 00:07:59 ago
Last changed 2d 19:33:58 ago, Change count: 1
Extern 71.23.48.0 67.176.255.8 0x8000005c 540 0x22 0xf73e 36
mask 255.255.248.0
Topology default (ID 0)
Type: 1, MetriC. 30, Fwd addr: 0.0.0.0, Tag: 0.0.0.0
Aging timer 00:51:00
Installed 00:08:59 ago, expires in 00:51:00, sent 00:08:59 ago
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 64
Last changed 00:08:59 ago, Change count: 3
-- Exhibit --
Click the Exhibit button.
As shown in the exhibit, a router is receiving three external LSAs for the prefix 71.23.48.0.
Which path is preferred?
A. The path through 67.176.255.5 is preferred. B. The path through 67.176.255.7 is preferred. C. The path through 67.176.255.8 is preferred. D. The paths through 67.176.255.7 and 67.176.255.8 become active to allow load-balancing.
Answer: CExplanation:
QUESTION NO: 79
-- Exhibit
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 65
-- Exhibit --
Click the Exhibit button.
In the exhibit, the 10.100/16 prefix is introduced at autonomous system 1 (AS1) and propagatedthrough to AS3. Router A in AS3 receives two different paths to these prefixes, one through AS2and the other through AS4. No BGP attributes have been altered.
Which path would router A prefer for the 10.100/16 prefix?
A. The route with the lowest interface address for the EBGP peering session B. The route with the lowest local preference C. The route to the EBGP peer that has the lowest RID D. The route from the EBGP peer that arrived first
Answer: DExplanation:
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 66
QUESTION NO: 80
-- Exhibit --
[edit]
user@R1# show routing-options router-id
router-id 1.1.1.1;
[edit]
user@R1# show protocols ospf
area 0.0.0.0 {
interface ge-0/0/7.0;
}
[edit]
user@R2# show routing-options router-id
router-id 2.2.2.2;
[edit]
user@R2# show protocols ospf
area 0.0.0.0 {
interface ge-0/0/8.0 {
priority 200;
}
}
[edit]
user@R3# show routing-options router-id
router-id 222.255.255.255;
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 67
[edit]
user@R3# show protocols ospf
area 0.0.0.0 {
interface ge-0/0/8.0;
}
[edit]
user@R4# show routing-options router-id
router-id 239.255.255.255;
[edit]
user@R4# show protocols ospf
area 0.0.0.0 {
interface ge-0/0/6.0 {
priority 0;
}
}
-- Exhibit --
Click the Exhibit button.
All four routers in the exhibit are in the same broadcast domain. The routers were powered on atthe same time.
Based on the configurations, which devices are the DR and the BDR?
A. R4 is the DR and R2 is the BDR. B. R2 is the DR and R3 is the BDR. C. R2 is the DR and R1 is the BDR. D. R3 is the DR and R2 is the BDR.
Answer: BExplanation:
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 68
QUESTION NO: 81
-- Exhibit --
user@router> show interfaces ge-0/0/0 extensive | find "Queue counters"
Queue counters: Queued packets Transmitted packets Dropped packets
0 best-effort 35244 35244 0
1 expedited-fo 258963 59852 199111
2 assured-forw 0 0 0
3 network-cont 1625847 1625847 0
-- Exhibit --
Click the Exhibit button.
You recently deployed an SRX Series Gateway in your network. It uses the default class ofservice configuration.
Based on the output in the exhibit, what reason explains the packet drops in Queue 1?
A. Interface ge-0/0/0 should be used only for management network operations. B. Queue 0 has higher priority than Queue 1. C. A policer is reclassifying all traffic into Queue 1. D. No bandwidth reservation exists on Queue 1.
Answer: DExplanation:
QUESTION NO: 82
-- Exhibit --
Mar 16 19:12:58.291474 BGP RECV 172.14.10.2+51230 -> 172.14.10.1+179
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 69
Mar 16 19:12:58.291624 BGP RECV message type 1 (Open) length 59
Mar 16 19:12:58.291688 BGP RECV version 4 as 2 holdtime 90 id 192.168.2.1 parmlen 30
Mar 16 19:12:58.291752 BGP RECV MP capability AFI=1, SAFI=1
Mar 16 19:12:58.291802 BGP RECV Refresh capability, code=128
Mar 16 19:12:58.291850 BGP RECV Refresh capability, code=2
Mar 16 19:12:58.291915 BGP RECV Restart capability, code=64, time=120, flags=
Mar 16 19:12:58.291969 BGP RECV 4 Byte AS-Path capability (65), as_num 2
Mar 16 19:12:58.292385 advertising receiving-speaker only capabilty to neighbor 172.14.10.2(External AS 2)
Mar 16 19:12:58.292452 bgp_send. sending 59 bytes to 172.14.10.2 (External AS 2)
Mar 16 19:12:58.292522
Mar 16 19:12:58.292522 BGP SEND 172.14.10.1+179 -> 172.14.10.2+51230
Mar 16 19:12:58.292601 BGP SEND message type 1 (Open) length 59
Mar 16 19:12:58.293053 BGP SEND version 4 as 1 holdtime 90 id 192.168.2.1 parmlen 30
Mar 16 19:12:58.293124 BGP SEND MP capability AFI=1, SAFI=1
Mar 16 19:12:58.293173 BGP SEND Refresh capability, code=128
Mar 16 19:12:58.293221 BGP SEND Refresh capability, code=2
Mar 16 19:12:58.293284 BGP SEND Restart capability, code=64, time=120, flags=
Mar 16 19:12:58.293336 BGP SEND 4 Byte AS-Path capability (65), as_num 1
Mar 16 19:12:58.293517 bgp_send. sending 19 bytes to 172.14.10.2 (External AS 2)
Mar 16 19:12:58.293573
Mar 16 19:12:58.293573 BGP SEND 172.14.10.1+179 -> 172.14.10.2+51230
Mar 16 19:12:58.293665 BGP SEND message type 4 (KeepAlive) length 19
Mar 16 19:12:58.296781
Mar 16 19:12:58.296781 BGP RECV 172.14.10.2+51230 -> 172.14.10.1+179
Mar 16 19:12:58.296897 BGP RECV message type 4 (KeepAlive) length 19
Mar 16 19:12:58.297451 bgp_send. sending 19 bytes to 172.14.10.2 (External AS 2)
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 70
Mar 16 19:12:58.297528
Mar 16 19:12:58.297528 BGP SEND 172.14.10.1+179 -> 172.14.10.2+51230
Mar 16 19:12:58.297600 BGP SEND message type 4 (KeepAlive) length 19
Mar 16 19:12:58.298102 bgp_send. sending 23 bytes to 172.14.10.2 (External AS 2)
Mar 16 19:12:58.298185
Mar 16 19:12:58.298185 BGP SEND 172.14.10.1+179 -> 172.14.10.2+51230
Mar 16 19:12:58.298273 BGP SEND message type 2 (Update) length 23
Mar 16 19:12:58.298322 BGP SEND End of RIB. AFI 1 SAFI 1
Mar 16 19:12:58.301834
Mar 16 19:12:58.301834 BGP RECV 172.14.10.2+51230 -> 172.14.10.1+179
Mar 16 19:12:58.301957 BGP RECV message type 4 (KeepAlive) length 19
Mar 16 19:12:58.302034 bgp_read_v4_message: done with 172.14.10.2 (External AS 2) received19 octets 0 updates 0 routes
Mar 16 19:12:58.304594
Mar 16 19:12:58.304594 BGP RECV 172.14.10.2+51230 -> 172.14.10.1+179
Mar 16 19:12:58.304702 BGP RECV message type 2 (Update) length 23
Mar 16 19:12:58.304765 BGP RECV End of RIB. AFI 1 SAFI 1
Mar 16 19:12:58.304848 bgp_read_v4_message: done with 172.14.10.2 (External AS 2) received23 octets 1 update 0 routes
Mar 16 19:13:22.968415 bgp_send. sending 19 bytes to 172.14.10.2 (External AS 2)
Mar 16 19:13:22.968586
Mar 16 19:13:22.968586 BGP SEND 172.14.10.1+179 -> 172.14.10.2+51230
Mar 16 19:13:22.968675 BGP SEND message type 4 (KeepAlive) length 19
Mar 16 19:13:26.901339
Mar 16 19:13:26.901339 BGP RECV 172.14.10.2+51230 -> 172.14.10.1+179
Mar 16 19:13:26.901464 BGP RECV message type 4 (KeepAlive) length 19
Mar 16 19:13:26.901543 bgp_read_v4_message: done with 172.14.10.2 (External AS 2) received19 octets 0 updates 0 routes
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 71
Mar 16 19:13:51.335927 bgp_send. sending 19 bytes to 172.14.10.2 (External AS 2)
Mar 16 19:13:51.348180
Mar 16 19:13:51.348180 BGP SEND 172.14.10.1+179 -> 172.14.10.2+51230
Mar 16 19:13:51.348296 BGP SEND message type 4 (KeepAlive) length 19
Mar 16 19:13:53.844160
Mar 16 19:13:53.844160 BGP RECV 172.14.10.2+51230 -> 172.14.10.1+179
Mar 16 19:13:53.844329 BGP RECV message type 4 (KeepAlive) length 19
Mar 16 19:13:53.844392 bgp_read_v4_message: done with 172.14.10.2 (External AS 2) received19 octets 0 updates 0 routes
-- Exhibit --
Click the Exhibit button.
Looking at the traceoptions output, what is the current keepalive timer set for in BGP?
A. 1 second B. 10 seconds C. 30 seconds D. 90 seconds
Answer: CExplanation:
QUESTION NO: 83
-- Exhibit
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 72
-- Exhibit --
Click the Exhibit button.
As shown in the exhibit, a legacy IP phone is attached to Switch-1. The phone does not supportLLDP-MED, but does allow configuration using DHCP. Existing network CoS policies dictate thatVoIP traffic must use VLAN 10.
Which two actions put VoIP traffic onto VLAN 10? (Choose two.)
A. Configure protocols cdp on Switch-1. B. Manually configure the voice VLAN on the IP phone. C. Configure vlan 1 under forwarding-options bootp. D. Configure interface ge-0/0/5 under forwarding-options bootp.
Answer: B,DExplanation:
QUESTION NO: 84
-- Exhibit
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 73
-- Exhibit --
Click the Exhibit button.
Which statement about the non-ABR router in Area 2 in the exhibit is true?
A. The router has connectivity to all areas. B. The router has connectivity to Area 2 only. C. The router has connectivity to Area 2 and Area 0. D. The router has connectivity to Area 2 and Area 8.
Answer: DExplanation:
QUESTION NO: 85
-- Exhibit
-- Exhibit --
Click the Exhibit button.
Referring to the exhibit, you want to configure Switch-1 to allow a user on interface ge-0/0/10 toaccommodate both voice and data traffic. Your phones and your switches are LLDP-MEDcapable.
What is the minimal configuration that allows LLDP-MED to autoconfigure your phone's voiceVLAN?
A. set interfaces ge-0/0/10 unit 0 family ethernet-switching port-mode trunk set interfaces ge-0/0/10 unit 0 family ethernet-switching vlan members voice_vlan
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 74
set interfaces ge-0/0/10 unit 0 family ethernet-switching native-vlan-id data_vlan set ethernet-switching-options voip interface ge-0/0/10.0 vlan voice_vlan set protocols lldp-med interface ge-0/0/10.0 B. set interfaces ge-0/0/10 unit 0 family ethernet-switching port-mode trunk set interfaces ge-0/0/10 unit 0 family ethernet-switching vlan members voice_vlan set interfaces ge-0/0/10 unit 0 family ethernet-switching native-vlan-id data_vlan set ethernet-switching-options voip interface ge-0/0/10.0 vlan voice_vlan set protocols lldp interface ge-0/0/10.0 C. set interfaces ge-0/0/10 unit 0 family ethernet-switching port-mode access set interfaces ge-0/0/10 unit 0 family ethernet-switching vlan members data_vlan set ethernet-switching-options voip interface ge-0/0/10.0 forwarding-class assured-forwarding set protocols lldp-med interface ge-0/0/10.0 D. set interfaces ge-0/0/10 unit 0 family ethernet-switching port-mode access set interfaces ge-0/0/10 unit 0 family ethernet-switching vlan members data_vlan set ethernet-switching-options voip interface ge-0/0/10.0 vlan voice_vlan set protocols lldp-med interface ge-0/0/10.0
Answer: DExplanation:
QUESTION NO: 86
-- Exhibit
-- Exhibit --
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 75
ENRIQUEResaltado
Click the Exhibit button.
Site A is sending voice traffic marked with DSCP code EF. SRX A has the default CoS classifier.
Into which forwarding class is SRX A classifying traffic?
A. best-effort B. expedited-forwarding C. network-control D. assured-forwarding
Answer: AExplanation:
QUESTION NO: 87
-- Exhibit
-- Exhibit --
Click the Exhibit button.
In the exhibit, the routers in the network have a default PIM sparse mode configuration. R2 showsthat R1 is the RPF next hop for the source, and R3 is the RPF next hop for the RP. Host1 iscurrently receiving multicast traffic for group 231.1.1.1. Host2 has come online and is attempting tojoin group 232.1.1.1. R2 has just received an IGMP message with the source and groupaddresses.
Which step happens next so that Host2 can join the multicast group?
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 76
A. R2 sends a PIM join upstream towards R3 to join the shared tree. B. R2 sends a PIM join upstream towards R3 to join the source tree. C. R2 sends a PIM join upstream towards R1 to join the shared tree. D. R2 sends a PIM join upstream towards R1 to join the source tree.
Answer: DExplanation:
QUESTION NO: 88
-- Exhibit
-- Exhibit --
Click the Exhibit button.
In the exhibit, the provider bridges are using Q-in-Q tunneling to tunnel VLAN 100 traffic overVLAN 200.
What is the correct VLAN configuration for Q-in-Q tunneling on Provider Bridge A?
A. interfaces { ge-0/0/0 { unit 0 { family ethernet-switching { port-mode access; } } } ge-0/0/10 { unit 0 { family ethernet-switching {
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 77
port-mode trunk; vlan { members test; } } } } } vlans { test { vlan-id 200; interface { ge-0/0/0.0; } dot1q-tunneling { customer-vlans 100; } } } B. interfaces { ge-0/0/0 { unit 0 { family ethernet-switching { port-mode trunk; vlan { members test; } } } } ge-0/0/10 { unit 0 { family ethernet-switching { port-mode access; } } } } vlans { test { vlan-id 200; interface { ge-0/0/0.0; } dot1q-tunneling { customer-vlans 100; }
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 78
} } C. interfaces { ge-0/0/0 { unit 0 { family ethernet-switching { port-mode trunk; vlan { members test; } } } } ge-0/0/10 { unit 0 { family ethernet-switching { port-mode access; } } } } vlans { test { vlan-id 200; interface { ge-0/0/10.0; } dot1q-tunneling { customer-vlans 100; } } } D. interfaces { ge-0/0/0 { unit 0 { family ethernet-switching { port-mode access; } } } ge-0/0/10 { unit 0 { family ethernet-switching { port-mode trunk; vlan { members test; }
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 79
} } } } vlans { test { vlan-id 100; interface { ge-0/0/0.0; } dot1q-tunneling { customer-vlans 200; } } }
Answer: AExplanation:
QUESTION NO: 89
-- Exhibit
-- Exhibit --
Click the Exhibit button.
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 80
In the topology shown in the exhibit, which two BGP attributes can AS1 manipulate to influencethe path that AS4 takes to reach prefixes originated by AS1? (Choose two.)
A. Local Preference B. AS Path C. Origin D. MED
Answer: B,CExplanation:
QUESTION NO: 90
-- Exhibit
-- Exhibit --
Click the Exhibit button.
Traffic flows through your network, as shown in the exhibit. You have configured a rewrite rule onR1 to mark HTTP traffic with a specific DSCP value.
What must you do to ensure that the HTTP traffic preserves its DSCP value as it leaves your CoSdomain?
A. Use behavior aggregate classifiers mapping the HTTP traffic to the specific DSCP value on R1and R2.
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 81
ENRIQUEResaltado
ENRIQUEResaltado
B. Use rewrite rules mapping the HTTP traffic to the specific DSCP value on R2 and R3. C. Use a rewrite rule mapping the HTTP traffic to the specific DSCP value on R3. D. Use the default settings already in place on the device.
Answer: DExplanation:
QUESTION NO: 91
-- Exhibit
-- Exhibit --
Click the Exhibit button.
In the exhibit, Switch A is an EX4200. VLAN10 is receiving tagged as well as untagged traffic fromdifferent ports. The administrator wants to mirror all tagged and untagged traffic entering VLAN10to analyzer port ge-0/0/10. All VLAN tags must be preserved for traffic that is mirrored to theanalyzer port.
Which configuration will achieve this?
A. set ethernet-switching-options analyzer vlan10_analyzer input vlan VLAN10 interface xe-1/0/0.0 set ethernet-switching-options analyzer vlan10_analyzer input vlan VLAN10 interface ge-0/0/2 set ethernet-switching-options analyzer vlan10_analyzer output interface ge-0/0/10.0 B. set ethernet-switching-options analyzer vlan10_analyzer input interface xe-1/0/0.0 set ethernet-switching-options analyzer vlan10_analyzer input interface ge-0/0/2 set ethernet-switching-options analyzer vlan10_analyzer output interface ge-0/0/10.0
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 82
C. set ethernet-switching-options analyzer vlan10_analyzer input ingress vlan VLAN10 set ethernet-switching-options analyzer vlan10_analyzer output interface ge-0/0/10.0 set vlans default interface ge-0/0/10.0 D. set ethernet-switching-options analyzer vlan10_analyzer input ingress vlan VLAN10 set ethernet-switching-options analyzer vlan10_analyzer output interface ge-0/0/10.0 set vlans VLAN10 interface ge-0/0/10.0
Answer: CExplanation:
QUESTION NO: 92
-- Exhibit --
Mar 16 17:18:28.751306 ospf_trigger_build_telink_lsas : No peer found
Mar 16 17:18:28.751729 ospf_set_lsdb_state: Network LSA 172.14.10.1 adv-rtr 192.168.2.1 stateQUIET->GEN_PENDING
Mar 16 17:18:28.751801 OSPF trigger network LSA build for interface ge-0/0/1.0 area 0.0.0.0
Mar 16 17:18:28.751874 OSPF DR is 192.168.2.1, BDR is 0.0.0.0
Mar 16 17:18:28.751931 OSPF trigger router LSA 0x156d0f0 build for area 0.0.0.0 lsa-id192.168.2.1
Mar 16 17:18:28.752044 ospf_trigger_build_telink_lsas : No peer found
Mar 16 17:18:28.752190 OSPF sent Hello 172.14.10.1 -> 224.0.0.5 (ge-0/0/1.0 IFL 69 area0.0.0.0)
Mar 16 17:18:28.752258 Version 2, length 44, ID 192.168.2.1, area 0.0.0.0
Mar 16 17:18:28.752315 mask 255.255.255.224, hello_ivl 10, opts 0x2, prio 128
Mar 16 17:18:28.752380 dead_ivl 40, DR 172.14.10.1, BDR 0.0.0.0
Mar 16 17:18:28.763796 OSPF rcvd Hello 172.14.10.2 -> 224.0.0.5 (ge-0/0/1.0 IFL 69 area0.0.0.0)
Mar 16 17:18:28.763897 Version 2, length 44, ID 192.168.5.1, area 0.0.0.0
Mar 16 17:18:28.763946 checksum 0x0, authtype 0
Mar 16 17:18:28.764140 mask 255.255.255.0, hello_ivl 10, opts 0x2, prio 128
-- Exhibit --
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 83
ENRIQUEResaltado
Click the Exhibit button.
Looking at the traceoptions output in the exhibit, why are the OSPF routers stuck in Init state?
A. There is an MTU mismatch. B. There is a network mask mismatch. C. The routers are in different areas. D. No BDR has been elected.
Answer: BExplanation:
QUESTION NO: 93
-- Exhibit
-- Exhibit --
Click the Exhibit button.
As shown in the exhibit, the 10.10/16 prefix is redistributed into OSPF through R2 and R5. R2 isadvertising the prefix with a Type 1 metric of 100 and R5 is advertising the prefix with a Type 2metric of 10.
What is the preferred path to reach 10.10/16 from R6?
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 84
A. R6-R5 B. R6-R4-R5 C. R6-R4-R5-R2 D. R6-R4-R3-R2
Answer: DExplanation:
QUESTION NO: 94
-- Exhibit
-- Exhibit --
Click the Exhibit button.
Based on the exhibit, which statement about the Layer 2 topology is true?
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 85
A. A port on switch 3 or switch 4 towards the CST root (switch 6) is blocking traffic. B. A total of 64 MST instances for MST region A and region B can be configured. C. MSTI BPDUs are exchanged between MST regions and the CST root bridge. D. IST BPDUs are exchanged only between switches 1 and 2, and between switches 6 and 7.
Answer: AExplanation:
QUESTION NO: 95
-- Exhibit --
{master:0}[edit]
user@router# run show ospf interface vl-10.20.10.2 extensive
Interface State Area DR ID BDR ID Nbrs
vl-10.20.10.2 Down 0.0.0.0 0.0.0.0 0.0.0.0 0
Type: Virtual, Address: 0.0.0.0, Mask: 0.0.0.0, MTU: 0, Cost: 1
Transit AreA. 0.0.0.1
Adj count: 0
Hello: 10, Dead. 40, ReXmit: 5, Not Stub
Auth type: None
Protection type: None, No eligible backup
Topology default (ID 0) -> Down, Cost: 0
-- Exhibit --
Click the Exhibit button.
Your company is integrating another OSPF area into your existing OSPF infrastructure. Youcreated a virtual link that spans Area 2 and connects Area 3 to the backbone area.
Based on the exhibit, what is preventing the adjacency?
A. The interface configured for the virtual link is incorrect. It should be a vt and not a vl interface. B. No designated router (DR) has been elected.
Juniper JN0-643 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 86
C. The backup route to Area 2 has not been configured. D. The wrong transit area is configured.
Answer: DExplanation:
QUESTION NO: 96
-- Exhibit
-- Exhibit --
Click the Exhibit button.
In the exhibit, an EBGP session is currently established between R1 and R2. R2 changes itsimport policy to accept 10 of the routes it previously denied from R1.
Which BGP capability must be negotiated on the BGP session for R2 to install the routes acceptedby the new policy?
A. route refresh B. AddPath C. outbound route filtering (ORF) D. multiprotocol BGP (MBGP)
Answe