[Apr 26, 2024] Latest JN0-351 Exam with Accurate Enterprise Routing and Switching, Specialist (JNCIS-ENT) PDF Questions
Practice To JN0-351 - Prep4away Remarkable Practice On your Enterprise Routing and Switching, Specialist (JNCIS-ENT) Exam
NEW QUESTION # 23
What are two characteristics of RSTP alternate ports? (Choose two.)
- A. RSTP alternate ports block traffic while receiving superior BPDUs from a neighboring switch.
- B. RSTP alternate ports are active ports used to forward frames toward the root bridge.
- C. RSTP alternate ports provide an alternate higher cost path to the root bridge.
- D. RSTP alternate ports provide an alternate lower cost path to the root bridge.
Answer: A,C
Explanation:
A is correct because RSTP alternate ports block traffic while receiving superior BPDUs from a neighboring switch. An alternate port is a backup port for a root port, which means it receives better BPDUs from another bridge than the current root port1. However, an alternate port does not forward any traffic, as it is in a discarding state2. It only listens to BPDUs and waits for the root port to fail. If the root port fails, the alternate port can immediately transition to a forwarding state and become the new root port1.
C is correct because RSTP alternate ports provide an alternate higher cost path to the root bridge. An alternate port is selected based on the same criteria as the root port, which are the lowest bridge ID, the lowest path cost, the lowest sender port ID, and the lowest receiver port ID3. However, an alternate port receives a higher cost BPDU than the root port, otherwise it would be the root port itself1. Therefore, an alternate port provides an alternate higher cost path to the root bridge than the root port.
NEW QUESTION # 24
You need to configure a LAG between your switches. In this scenario, which two statements are correct?
(Choose two.)
- A. Member links are required to be contiguous ports.
- B. Duplex and speed settings are required to match on both participating devices.
- C. Duplex and speed settings are not required to match on both participating devices.
- D. Member links are not required to be contiguous ports.
Answer: B,D
Explanation:
B is correct because duplex and speed settings are required to match on both participating devices. According to the Juniper Networks documentation1, all the interfaces in a LAG must have the same speed and be in full-duplex mode. This ensures that the LAG can operate as a single logical link without any performance or compatibility issues.
C is correct because member links are not required to be contiguous ports. According to the Juniper Networks documentation2, you can group any Ethernet interfaces on a switch into a LAG, regardless of their physical location or slot number. This provides flexibility and scalability for configuring LAGs on switches.
NEW QUESTION # 25
Exhibit.
You have configured the four EX Series switches with RSTP, as shown in the exhibit. You discover that whenever a link between switches goes up or down, the switches take longer than expected for RSTP to converge, using the default settings.
In this scenario, which action would solve the delay in RSTP convergence?
- A. The hello-time must be increased.
- B. The bridge priority for EX-4 must be set at 4000.
- C. The force-version must be removed.
- D. The max-age must be increased to 20
Answer: C
Explanation:
The exhibit shows the configuration of RSTP on EX-4, which has the command force-version stp. This command forces the switch to use the legacy STP protocol instead of RSTP, even though the switch supports RSTP1. This means that EX-4 will not be able to take advantage of the faster convergence and enhanced features of RSTP, such as edge ports, link type, and proposal/agreement sequence2.
The other switches in the network are likely to be running RSTP, as it is the default protocol for EX Series switches3. Therefore, there will be a compatibility issue between EX-4 and the other switches, which will result in longer convergence times and suboptimal performance. The switch will also generate a warning message that says "Warning: STP version mismatch with neighbor" when it receives a BPDU from a RSTP neighbor1.
To solve this problem, the force-version command must be removed from EX-4, so that it can run RSTP natively and interoperate with the other switches in the network. This will enable faster convergence and better stability for the network topology. To remove the command, you can use the delete protocols rstp force-version command in configuration mode1.
NEW QUESTION # 26
What is the default keepalive time for BGP?
- A. 10 seconds
- B. 60 seconds
- C. 90 seconds
- D. 30 seconds
Answer: B
Explanation:
Explanation
The default keepalive time for BGP is 60 seconds1. The keepalive time is the interval at which BGP sends keepalive messages to maintain the connection with its peer1. If the keepalive message is not received within the hold time, the connection is considered lost1. By default, the hold time is three times the keepalive time, which is 180 seconds1.
NEW QUESTION # 27
You are attempting to configure the initial two aggregated Ethernet interfaces on a router but there are no aggregated Ethernet interfaces available.
In this scenario, which configuration will enable these interfaces on this router?
- A.
- B.
- C.
- D.
Answer: B
Explanation:
Explanation
The correct answer to your question is
Option C shows the configuration of the statement, which defines the properties of the router chassis, such as the number of aggregated Ethernet interfaces, the number of FPCs, and the number of PICs1.
To enable aggregated Ethernet interfaces on a router, you need to specify the aggregated-devices statement under the chassis parameter to the desired number of interfaces2. For example, to enable two aggregated Ethernet interfaces, you can use the following configuration:
chassis { aggregated-devices { ethernet { device-count 2; } } }
Option C shows this configuration with the device-count set to 2, which will enable two aggregated Ethernet interfaces on the router. The other options do not show this configuration and will not enable any aggregated Ethernet interfaces on the router.
Therefore, option C is the correct answer to your question.
NEW QUESTION # 28
You are concerned about spoofed MAC addresses on your LAN.
Which two Layer 2 security features should you enable to minimize this concern? (Choose two.)
- A. IP source guard
- B. DHCP snooping
- C. static ARP
- D. dynamic ARP inspection
Answer: B,D
Explanation:
A is correct because dynamic ARP inspection (DAI) is a Layer 2 security feature that prevents ARP spoofing attacks. ARP spoofing is a technique that allows an attacker to send fake ARP messages to associate a spoofed MAC address with a legitimate IP address. This can result in traffic redirection, man-in-the-middle attacks, or denial-of-service attacks. DAI validates ARP packets by checking the source MAC address and IP address against a trusted database, which is usually built by DHCP snooping1. DAI discards any ARP packets that do not match the database or have invalid formats1.
C is correct because DHCP snooping is a Layer 2 security feature that prevents DHCP spoofing attacks.
DHCP spoofing is a technique that allows an attacker to act as a rogue DHCP server and offer fake IP addresses and other network parameters to unsuspecting clients. This can result in traffic redirection, man-in-the-middle attacks, or denial-of-service attacks. DHCP snooping filters DHCP messages by classifying switch ports as trusted or untrusted. Trusted ports are allowed to send and receive any DHCP messages, while untrusted ports are allowed to send only DHCP requests and receive only valid DHCP replies from trusted ports2. DHCP snooping also builds a database of MAC addresses, IP addresses, lease times, and binding types for each client2.
NEW QUESTION # 29
Which two mechanisms are part of building and maintaining a Layer 2 bridge table? (Choose two.)
- A. learning
- B. flooding
- C. listening
- D. blocking
Answer: A,B
Explanation:
Option B is correct. Flooding is a mechanism used in Layer 2 bridging where the switch sends incoming packets to all its ports except for the port where the packet originated1. This is done when the switch doesn't know the destination MAC address or when the packet is a broadcast or multicast1.
Option C is correct. Learning is another mechanism used in Layer 2 bridging where the switch learns the source MAC addresses of incoming packets and associates them with the port on which they were received23. This information is stored in a MAC address table, also known as a bridge table23.
Option A is incorrect. Blocking is a state in Spanning Tree Protocol (STP) used to prevent loops in a network2. It's not a mechanism used in building and maintaining a Layer 2 bridge table2.
Option D is incorrect. Listening is also a state in Spanning Tree Protocol (STP) where the switch listens for BPDUs to make sure no loops occur in the network before transitioning to the learning state2. It's not a mechanism used in building and maintaining a Layer 2 bridge table2.
NEW QUESTION # 30
In RSTP, which three port roles are associated with the discarding state? (Choose three.)
- A. root
- B. disabled
- C. designated
- D. alternate
- E. backup
Answer: B,D,E
Explanation:
Explanation
In Rapid Spanning Tree Protocol (RSTP), there are several port roles that determine the behavior of the port in the spanning tree123. The roles include root, designated, alternate, backup, and disabled123.
The discarding state is associated with the backup, alternate, and disabled roles123. In a stable topology with consistent port roles throughout the network, RSTP ensures that every root port and designated port immediately transition to the forwarding state while all alternate and backup ports are always in the discarding state2. Disabled ports are also in the discarding state3.
Therefore, options B, C, and D are correct.
NEW QUESTION # 31
Which statement about aggregate routes is correct?
- A. Aggregate routes are always preferred over more specific routes, even when the specific routes have a better path.
- B. Aggregate routes can only be used for static routing but not for dynamic routing protocols.
- C. Aggregate routes are used for advertising summarized network prefixes.
- D. Aggregate routes are automatically generated for all of the subnets in a routing table.
Answer: C
Explanation:
Explanation
Aggregate routes are used for advertising summarized network prefixes12. They help minimize the number of routing tables in an IP network by consolidating selected multiple routes into a single route advertisement1. This approach is in contrast to non-aggregation routing, in which every routing table contains a unique entry for each route1.
Therefore, option D is correct. Options A, B, and C are not correct because:
Aggregate routes can be used with both static routing and dynamic routing protocols1.
Aggregate routes are not automatically generated for all of the subnets in a routing table. They need to be manually configured1.
Aggregate routes are not always preferred over more specific routes. The route selection process in Junos OS considers several factors, including route preference and metric, before determining the active route1.
NEW QUESTION # 32
You have two OSPF routers forming an adjacency. R1 has a priority of 32 and a router ID of 192.168.1.2. R2 has a priority of 64 and a router ID of 192.168.1.1. The routers were started at the same time and all other OSPF settings are the default settings.
Which statement is correct in this scenario?
- A. R1 will be the BDR.
- B. Router IDs must match for an adjacency to form.
- C. R2 will be the BDR.
- D. At least three routers are required for a DR/BDR election
Answer: A
Explanation:
Explanation
In OSPF, the Designated Router (DR) and Backup Designated Router (BDR) are elected based on the priority of the routers1. The router with the highest priority becomes the DR, and the router with the second highest priority becomes the BDR1. If there is a tie in priority, then the router with the highest Router ID is chosen1.
In this scenario, R2 has a higher priority (64) than R1 (32), so R2 will become the DR1. Since R1 has the second highest priority, it will become the BDR1. Therefore, option D is correct.
NEW QUESTION # 33
Exhibit.
Why is this OSPF adjacency remaining in this state?
- A. An MTU mismatch exists between the OSPF neighbors.
- B. A hello interval mismatch exists between the OSPF neighbors.
- C. A subnet mask mismatch exists between the OSPF neighbors.
- D. An area ID mismatch exists between the OSPF neighbors
Answer: A
Explanation:
The exhibit shows the output of the command , which displays information about the OSPF neighbors on a router1.
The output shows that the OSPF neighbor with the address 172.26.1.1 and the interface ge-0/0/3.0 is in the Exstart state1.
The Exstart state is the fourth state in the OSPF neighbor formation process, after Down, Init, and
2-Way states2. In this state, the OSPF neighbors establish a master-slave relationship and exchange database description (DBD) packets, which contain summaries of their link-state databases2.
The most common reason for OSPF neighbors to be stuck in the Exstart state is an MTU mismatch between the interfaces3. MTU stands for maximum transmission unit, which is the largest size of a packet that can be transmitted on a network segment4. If the MTU values of two OSPF neighbors are different, theymay not be able to exchange DBD packets successfully, as some packets may be dropped or fragmented due to their size exceeding the MTU limit3.
To solve this problem, you need to ensure that the MTU values of both OSPF neighbors are the same or compatible. You can use the command show interfaces to display the MTU value of an interface5. You can also use the command ping with the do-not-fragment option to test the MTU size between two routers. You can change the MTU value of an interface by using the command set interfaces interface-name mtu mtu-value in configuration mode5.
NEW QUESTION # 34
Exhibit
You are a network operator troubleshooting BGP connectivity.
Which two statements are correct about the output shown in the exhibit? (Choose two.)
- A. Peer 10.32.1.2 is configured for AS 63645.
- B. The BGP session is not established.
- C. The routers are exchanging IPv4 routes.
- D. The R1 is configured for AS 65400.
Answer: B,D
Explanation:
Explanation
Option B suggests that the BGP session is not established. This is correct because in the output, the state of the BGP session is shown as "Idle". In BGP, an "Idle" state means that the BGP session is not currently established1.
Option C suggests that R1 is configured for AS 65400. This is also correct because in the output, it's shown that the local AS number is 654001. The local AS number represents the Autonomous System (AS) number of the router on which you're checking the BGP session1.
NEW QUESTION # 35
Exhibit
What does the * indicate in the output shown in the exhibit?
- A. The interface is down.
- B. All interfaces have elected a root bridge.
- C. The switch ports have a router attached.
- D. The interface is active.
Answer: D
Explanation:
The exhibit shows the output of the command show vlans brief, which displays brief information about VLANs and their associated interfaces1.
The output has four columns: Routing instance, VLAN name, Interfaces, and Tagging.
The * symbol indicates that the interface is active, meaning that it is up and forwarding traffic1. This can be verified by the command , which displays the status of the interfaces2.
NEW QUESTION # 36
Exhibit
Which command displays the output shown in the exhibit?
- A. show route forwarding-table family ethernet-switching
- B. show route forwarding-table
- C. show ethernet-switching table
- D. show ethernet-switching table extensive
Answer: C
Explanation:
The output shown in the exhibit is a brief display of the Ethernet switching table, which shows the learned Layer 2 MAC addresses for each VLAN and interface1.
The command show ethernet-switching table displays the Ethernet switching table with brief information, such as the destination MAC address, the VLAN name, the forwarding state, and the interface name1.
The command show route forwarding-table displays the routing table information for each protocol family, such as inet, inet6, mpls, iso, and so on2. It does not show the Ethernet switching table or the MAC addresses.
The command show ethernet-switching table extensive displays the Ethernet switching table with extensive information, such as the destination MAC address, the VLAN name, the forwarding state, the interface name, the VLAN index, and the tag type1. It shows more details than the brief output shown in the exhibit.
The command show route forwarding-table family ethernet-switching displays the routing table information for the ethernet-switching protocol family, whichshows the destination MAC address, the next-hop MAC address, and the interface name3. It does not show the VLAN name or the forwarding state.
NEW QUESTION # 37
You have DHCP snooping enabled but no entries are automatically created in the snooping database for an interface on your EX Series switch. What are two reasons for the problem? (Choose two.)
- A. MAC limiting is enabled on the interface.
- B. The device that is connected to the interface has a static IP address.
- C. The device that is connected to the interface has performed a DHCPRELEASE.
- D. Dynamic ARP inspection is enabled on the interface.
Answer: A,B
Explanation:
Explanation
The DHCP snooping feature in Juniper Networks' EX Series switches works by building a binding database that maps the IP address, MAC address, lease time, binding type, VLAN number, and interface information1. This database is used to filter and validate DHCP messages from untrusted sources1.
However, there are certain conditions that could prevent entries from being automatically created in the snooping database for an interface:
MAC limiting: If MAC limiting is enabled on the interface, it could potentially interfere with the operation of DHCP snooping. MAC limiting restricts the number of MAC addresses that can be learned on a physical interface to prevent MAC flooding attacks1. This could inadvertently limit the number of DHCP clients that can be learned on an interface, thus preventing new entries from being added to the DHCP snooping database.
Static IP address: If the device connected to the interface is configured with a static IP address, it will not go through the DHCP process and therefore will not have an entry in the DHCP snooping database1. The DHCP snooping feature relies on monitoring DHCP messages to build its database1, so devices with static IP addresses that do not send DHCP messages will not have their information added.
Therefore, options B and C are correct. Options A and D are not correct because performing a DHCPRELEASE would simply remove an existing entry from the database1, and Dynamic ARP inspection (DAI) uses the information stored in the DHCP snooping binding database but does not prevent entries from being created1.
NEW QUESTION # 38
......
Juniper JN0-351 Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
| Topic 4 |
|
| Topic 5 |
|
| Topic 6 |
|
| Topic 7 |
|
Exam Questions and Answers for JN0-351 Study Guide Questions and Answers!: https://www.prep4away.com/Juniper-certification/braindumps.JN0-351.ete.file.html
Practice To JN0-351 - Prep4away Remarkable Practice On your Enterprise Routing and Switching, Specialist (JNCIS-ENT) Exam: https://drive.google.com/open?id=1m9aMz0XfQ2U-sTtEJSJ1wO36bv3G1AhD