100% Accurate Answers! Jan-2024 JN0-351 Actual Real Exam Questions
Best Value Available! 2024 Realistic Verified Free JN0-351 Exam Questions
Juniper JN0-351 Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
| Topic 4 |
|
NEW QUESTION # 26
You have two OSPF routers forming an adjacency. R1 has a priority of 32 and a router ID of 192.168.1.2. R2 has a priority of 64 and a router ID of 192.168.1.1. The routers were started at the same time and all other OSPF settings are the default settings.
Which statement is correct in this scenario?
- A. Router IDs must match for an adjacency to form.
- B. R1 will be the BDR.
- C. At least three routers are required for a DR/BDR election
- D. R2 will be the BDR.
Answer: B
Explanation:
Explanation
In OSPF, the Designated Router (DR) and Backup Designated Router (BDR) are elected based on the priority of the routers1. The router with the highest priority becomes the DR, and the router with the second highest priority becomes the BDR1. If there is a tie in priority, then the router with the highest Router ID is chosen1.
In this scenario, R2 has a higher priority (64) than R1 (32), so R2 will become the DR1. Since R1 has the second highest priority, it will become the BDR1. Therefore, option D is correct.
NEW QUESTION # 27
Which two statements are correct about using firewall filters on EX Series switches? (Choose two.)
- A. You can deploy both stateless and stateful firewall filters on an EX Series switch.
- B. You can deploy only stateless firewall filters on an EX Series switch.
- C. You can apply firewall filters to both Layer 2 and Layer 3 traffic on an EX Series switch.
- D. You can only apply firewall filters to Layer 2 traffic on an EX Series switch.
Answer: B,C
Explanation:
A is correct because you can deploy only stateless firewall filters on an EX Series switch. A stateless firewall filter is a filter that evaluates each packet individually based on the header information, such as source and destination addresses, protocol, and port numbers1. A stateless firewall filter does not keep track of the state or context of a packet flow, such as the sequence number, flags, or sessioninformation1. EX Series switches support only stateless firewall filters, which are also called access control lists (ACLs) or packet filters2.
C is correct because you can apply firewall filters to both Layer 2 and Layer 3 traffic on an EX Series switch. Layer 2 traffic is traffic that is switched within a VLAN or a bridge domain, while Layer 3 traffic is traffic that is routed between VLANs or networks3. EX Series switches support three types of firewall filters: port (Layer 2) firewall filters, VLAN firewall filters, and router (Layer 3) firewall filters4. You can apply these filters to different interfaces and directions to control the traffic entering or exiting the switch.
NEW QUESTION # 28
You deployed a new EX Series switch with DHCP snooping enabled and you do not see any entries in the snooping databases for an interface. Which two Juniper configurations for that interface caused this issue?
(Choose two.)
- A. The interface is configured as a trunk port.
- B. Dynamic ARP inspection is enabled on the interface.
- C. MAC limiting is enabled on the interface.
- D. The interface is configured as a disabled port.
Answer: A,D
Explanation:
A is correct because the interface is configured as a disabled port. A disabled port does not forward any traffic, including DHCP packets. Therefore, DHCP snooping cannot learn any MAC addresses or lease information from a disabled port1.
C is correct because the interface is configured as a trunk port. By default, all trunk ports on the switch are trusted for DHCP snooping2. This means that DHCP snooping does not inspect or filter any DHCP packets received on a trunk port. Therefore, DHCP snooping does not add any entries to the snooping database for a trunk port2.
NEW QUESTION # 29
You are troubleshooting a BGP routing issue between your network and a customer router and are reviewing the BGP routing policies. Which two statements are correct in this scenario? (Choose two.)
- A. Export policies are applied to routes in the RIB-ln table.
- B. Export policies are applied after the RIB-Local table.
- C. Import policies are applied after the RIB-ln table.
- D. Import policies are applied to routes in the RIB-Local table.
Answer: B,C
Explanation:
Explanation
In BGP, routing policies are used to control the flow of routing information between BGP peers1.
Option C suggests that import policies are applied after the RIB-In table. This is correct because import policies in BGP are applied to routes that are received from a BGP peer, before they are installed in the local BGP Routing Information Base (RIB-In)1. The RIB-In is a database that stores all the routes that are received from all peers1.
Option D suggests that export policies are applied after the RIB-Local table. This is correct because export policies in BGP are applied to routes that are being advertised to a BGP peer, after they have been selected from the local BGP Routing Information Base (RIB-Local)1. The RIB-Local is a database that stores all the routes that the local router is using1.
Therefore, options C and D are correct.
NEW QUESTION # 30
You are asked to connect an IP phone and a user computer using the same interface on an EX Series switch.
The traffic from the computer does not use a VLAN tag, whereas the traffic from the IP phone uses a VLAN tag.
Which feature enables the interface to receive both types of traffic?
- A. MAC limiting
- B. DHCP snooping
- C. voice VLAN
- D. native VLAN
Answer: C
Explanation:
Explanation
The feature that enables an interface on an EX Series switch to receive both untagged traffic (from the computer) and tagged traffic (from the IP phone) is the voice VLAN12.
The voice VLAN feature in EX-series switches enables access ports to accept both data (untagged) and voice (tagged) traffic and separate that traffic into different VLANs12. This allows the switch to differentiate between voice and data traffic, ensuring that voice traffic can be treated with a higher priority12. Therefore, option D is correct.
NEW QUESTION # 31
Exhibit
Referring to the exhibit, which statement is correct?
- A. The local device is using a bridge priority of 4k.
- B. The root bridge is using a bridge priority of 4k.
- C. The root bridge has not been elected for this RSTP topology.
- D. The local device is the root bridge for this RSTP topology.
Answer: D
Explanation:
Explanation
In a Rapid Spanning Tree Protocol (RSTP) topology, the root bridge is determined by the switch with the lowest bridge priority value12. If all switches have the same priority, then the root bridge is assigned to the switch whose MAC address's hex value is the lowest2. The default bridge priority value is 3276832. However, without the actual exhibit, it's difficult to definitively determine which device is the root bridge. But based on the options provided, if we assume that the local device has a lower bridge priority or a lower MAC address than other devices in the network, then it could be considered as the root bridge for this RSTP topology45.
NEW QUESTION # 32
Which two statements about redundant trunk groups on EX Series switches are correct? (Choose two.)
- A. Layer 2 control traffic is permitted on the secondary link
- B. Redundant trunk groups load-balance traffic across two designated uplink interfaces.
- C. If the active link fails, then the secondary link automatically takes over.
- D. Redundant trunk groups must be connected to the same aggregation switch.
Answer: C,D
Explanation:
Explanation
Redundant Trunk Groups (RTGs) on EX Series switches provide a simple solution for network recovery when a trunk port on a switch goes down1. They are configured on the access switch and contain two links: a primary or active link, and a secondary link1. Therefore, option B is correct because if the active link fails, the secondary link automatically starts forwarding data traffic without waiting for normal spanning-tree protocol convergence1.
Option D is also correct. In a typical enterprise network composed of distribution and access layers, RTGs are used where one Access switch is connected to two different uplink switches2. This implies that RTGs must be connected to the same aggregation switch2.
NEW QUESTION # 33
Which statement is correct about IP-IP tunnels?
- A. IP-IP tunnels only support encapsulating non-IP traffic.
- B. IP-IP tunnels only support encapsulating IP traffic.
- C. There are 24 bytes of overhead with IP-IP encapsulation.
- D. The TTL in the inner packet is decremented during transit to the tunnel endpoint.
Answer: B
Explanation:
Explanation
IP-IP tunnels are a type of tunnels that use IP as both the encapsulating and encapsulated protocol. IP-IP tunnels are simple and easy to configure, but they do not provide any security or authentication features. IP-IP tunnels only support encapsulating IP traffic, which means that the payload of the inner packet must be an IP packet. IP-IP tunnels cannot encapsulate non-IP traffic, such as Ethernet frames or MPLS labels1.
Option A is correct, because IP-IP tunnels only support encapsulating IP traffic. Option B is incorrect, because IP-IP tunnels only support encapsulating non-IP traffic. Option C is incorrect, because the TTL in the inner packet is not decremented during transit to the tunnel endpoint. The TTL in the outer packet is decremented by each router along the path, but the TTL in the inner packet is preserved until it reaches the tunnel endpoint2.
Option D is incorrect, because there are 20 bytes of overhead with IP-IP encapsulation. The overhead consists of the header of the outer packet, which has a fixed size of 20 bytes for IPv43.
References:
1: IP-IP Tunneling 2: What is tunneling? | Tunneling in networking 3: IPv4 - Header
NEW QUESTION # 34
You need to configure a LAG between your switches. In this scenario, which two statements are correct?
(Choose two.)
- A. Member links are not required to be contiguous ports.
- B. Duplex and speed settings are not required to match on both participating devices.
- C. Duplex and speed settings are required to match on both participating devices.
- D. Member links are required to be contiguous ports.
Answer: A,C
Explanation:
B is correct because duplex and speed settings are required to match on both participating devices. According to the Juniper Networks documentation1, all the interfaces in a LAG must have the same speed and be in full-duplex mode. This ensures that the LAG can operate as a single logical link without any performance or compatibility issues.
C is correct because member links are not required to be contiguous ports. According to the Juniper Networks documentation2, you can group any Ethernet interfaces on a switch into a LAG, regardless of their physical location or slot number. This provides flexibility and scalability for configuring LAGs on switches.
NEW QUESTION # 35
Which two statements are correct about tunnels? (Choose two.)
- A. BFD cannot be used to monitor tunnels.
- B. Tunnels add additional overhead to packet size.
- C. Tunnel endpoints must have a valid route to the remote tunnel endpoint.
- D. IP-IP tunnels are stateful.
Answer: B,C
Explanation:
Explanation
A tunnel is a connection between two computer networks, in which data is sent from one network to another through an encrypted link. Tunnels are commonly used to secure data communications between two networks or to connect two networks that use different protocols.
Option B is correct, because tunnel endpoints must have a valid route to the remote tunnel endpoint. A tunnel endpoint is the device that initiates or terminates a tunnel connection. For a tunnel to be established, both endpoints must be able to reach each other over the underlying network. This means that they must have a valid route to the IP address of the remote endpoint1.
Option D is correct, because tunnels add additional overhead to packet size. Tunnels work by encapsulating packets: wrapping packets inside of other packets. This means that the original packet becomes the payload of the surrounding packet, and the surrounding packet has its own header and trailer. The header and trailer of the surrounding packet add extra bytes to the packet size, which is called overhead. Overhead can reduce the efficiency and performance of a network, as it consumes more bandwidth and processing power2.
Option A is incorrect, because BFD can be used to monitor tunnels. BFD is a protocol that can be used to quickly detect failures in the forwarding path between two adjacent routers or switches. BFD can be integrated with various routing protocols and link aggregation protocols to provide faster convergence and fault recovery.
BFD can also be used to monitor the connectivity of tunnels, such as GRE, IPsec, or MPLS.
Option C is incorrect, because IP-IP tunnels are stateless. IP-IP tunnels are a type of tunnels that use IP as both the encapsulating and encapsulated protocol. IP-IP tunnels are simple and easy to configure, but they do not provide any security or authentication features. IP-IP tunnels are stateless, which means that they do not keep track of the state or status of the tunnel connection. Stateless tunnels do not require any signaling or negotiation between the endpoints, but they also do not provide any error detection or recovery mechanisms.
References:
1: What is Tunneling? | Tunneling in Networking 2: What Is Tunnel In Networking, Its Types, And Its Benefits? : [Configuring Bidirectional Forwarding Detection] : [IP-IP Tunneling]
NEW QUESTION # 36
Which two types of tunnels are able to be created on all Junos devices? (Choose two.)
- A. GRE
- B. IPsec
- C. IP-IP
- D. STP
Answer: A,B
Explanation:
Explanation
Junos devices support various types of tunnels for different purposes12.
Option B is correct. Generic Routing Encapsulation (GRE) is a tunneling protocol that can encapsulate a wide variety of network layer protocols inside virtual point-to-point links over an Internet Protocol network1. Junos devices support GRE tunnels1.
Option D is correct. IPsec (Internet Protocol Security) is a protocol suite for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a communication session1. Junos devices support IPsec tunnels1.
Option A is incorrect. Spanning Tree Protocol (STP) is not a type of tunnel. It's a network protocol designed to prevent loops in a bridged Ethernet local area network2.
Option C is incorrect. While Junos devices do support IP-IP (also known as IP tunneling), it's not supported on all Junos devices1.
NEW QUESTION # 37
Exhibit
Which command displays the output shown in the exhibit?
- A. show ethernet-switching table
- B. show route forwarding-table family ethernet-switching
- C. show route forwarding-table
- D. show ethernet-switching table extensive
Answer: A
Explanation:
The output shown in the exhibit is a brief display of the Ethernet switching table, which shows the learned Layer 2 MAC addresses for each VLAN and interface1.
The command show ethernet-switching table displays the Ethernet switching table with brief information, such as the destination MAC address, the VLAN name, the forwarding state, and the interface name1.
The command show route forwarding-table displays the routing table information for each protocol family, such as inet, inet6, mpls, iso, and so on2. It does not show the Ethernet switching table or the MAC addresses.
The command show ethernet-switching table extensive displays the Ethernet switching table with extensive information, such as the destination MAC address, the VLAN name, the forwarding state, the interface name, the VLAN index, and the tag type1. It shows more details than the brief output shown in the exhibit.
The command show route forwarding-table family ethernet-switching displays the routing table information for the ethernet-switching protocol family, whichshows the destination MAC address, the next-hop MAC address, and the interface name3. It does not show the VLAN name or the forwarding state.
NEW QUESTION # 38
What is the default keepalive time for BGP?
- A. 10 seconds
- B. 30 seconds
- C. 90 seconds
- D. 60 seconds
Answer: D
Explanation:
Explanation
The default keepalive time for BGP is 60 seconds1. The keepalive time is the interval at which BGP sends keepalive messages to maintain the connection with its peer1. If the keepalive message is not received within the hold time, the connection is considered lost1. By default, the hold time is three times the keepalive time, which is 180 seconds1.
NEW QUESTION # 39
What is the maximum allowable MTU size for a default GRE tunnel without IPv4 traffic fragmentation?
- A. 1480 bytes
- B. 1476 bytes
- C. 1500 bytes
- D. 1496 bytes
Answer: B
Explanation:
Explanation
The maximum allowable MTU size for a default GRE tunnel without IPv4 traffic fragmentation is 1476 bytes1. This is because GRE packets are formed by the addition of the original packets and the required GRE headers1. These headers are 24-bytes in length and since these headers are added to the original frame, depending on the original size of the packet we may run into IP MTU problems1. The most common IP MTU is 1500-bytes in length (Ethernet)1. When the tunnel is created, it deducts the 24-bytes it needs to encapsulate the passenger protocols and that is the IP MTU it will use1. For example, if we are forming a tunnel over FastEthernet (IP MTU 1500)the IOS calculates the IP MTU on the tunnel as: 1500-bytes from Ethernet -
24-bytes for the GRE encapsulation = 1476-Bytes1.
NEW QUESTION # 40
Exhibit.
What is the management IP address of the device shown in the exhibit?
- A. 172.23.11.10
- B. 10.210.20.233
- C. 128.0.0.1
- D. 172.23.12.100
Answer: D
Explanation:
Explanation
The management IP address of a device is the IP address that is used to access the device for configuration and monitoring purposes. It is usually assigned to a dedicatedmanagement interface that is separate from the data interfaces. The management interface can be accessed via SSH, Telnet, HTTP, or other protocols.
In the exhibit, the list of interfaces and their statuses shows that the management interface isme0. This interface has an admin status ofup, a protocol status ofinet, a local address of172.23.12.100/24, and a remote address ofunspecified. This means that the me0 interface is active, has an IPv4 address assigned, and is not connected to another device.
Therefore, the management IP address of the device shown in the exhibit is172.23.12.100.
References:
[Management Interfaces Overview] : [Displaying Interface Status Information]
NEW QUESTION # 41
Refer to the exhibit.
Referring to the output shown in the exhibit, which statement is correct?
- A. An MTU mismatch exists between the OSPF neighbors.
- B. The state is normal for a DRother neighbor
- C. An area ID mismatch exists between the OSPF neighbors
- D. The state is normal for a DR neighbor.
Answer: B
Explanation:
Explanation
In OSPF, the state of the neighbor relationship is determined by the exchange of OSPF packets between routers1. The state "2Way" as shown in the exhibit indicates that bi-directional communication has been established between the two OSPF routers1. This is the normal state for a neighbor that is not the Designated Router (DR) or Backup Designated Router (BDR) on a broadcast, non-broadcast multi-access (NBMA), or point-to-multipoint network1. These neighbors are often referred to as "DRothers"1. Therefore, option B is correct.
NEW QUESTION # 42
......
Actual Questions Answers Pass With Real JN0-351 Exam Dumps: https://www.testsimulate.com/JN0-351-study-materials.html