Archive for December, 2016:

JN0-643 Enterprise Routing and Switching, Professional (JNCIP-ENT)

JNCIP-ENT Exam Objectives (Exam: JN0-643 and JN0-646)

OSPF
Describe the concepts, operation and functionality of OSPFv2 and OSPFv3
OSPF LSA types
OSPF area types and operations
LSA flooding through an OSPF multi-area network
DR/BDR operation
SPF algorithm
Metrics, including external metric types
Authentication options
Route summarization and restriction
Overload
Virtual links
OSPFv2 vs OSPFv3
Given a scenario, demonstrate knowledge of how to configure and monitor single-area and multi-area OSPF
Implement OSPF routing policy

BGP
Describe the concepts, operation and functionality of BGP
BGP route selection process
Next hop resolution
BGP attributes – concept and operation
BGP communities
Regular expressions
Load balancing – multipath, multihop, forwarding table
NLRI families – inet, inet6
Advanced BGP options
Given a scenario, demonstrate knowledge of how to configure and monitor BGP
Implement BGP routing policy

IP Multicast
Describe the concepts, operation and functionality of IP multicast
Components of IP multicast, including multicast addressing
IP multicast traffic flow
Any-Source Multicast (ASM) vs. Source-Specific Multicast (SSM)
RPF – concept and operation
IGMP, IGMP snooping
PIM dense-mode and sparse-mode
Rendezvous point (RP) – concept, operation, discovery, election
SSM – requirements, benefits, address ranges
Anycast RP
MSDP
Routing policy and scoping
Given a scenario, demonstrate knowledge of how to configure and monitor IGMP, PIM-DM and PIM-SM (including SSM)
Implement IP multicast routing policy

Ethernet Switching and Spanning Tree
Describe the concepts, operation and functionality of advanced Ethernet switching
Filter-based VLANs
Private VLANs
Dynamic VLAN registration using MVRP
Tunnel Layer 2 traffic through Ethernet networks
Layer 2 tunneling using Q-in-Q and L2PT
Given a scenario, demonstrate knowledge of how to configure and monitor advanced Ethernet switching
Filter-based VLANs
Private VLANs
Dynamic VLAN registration using MVRP
Tunnel Layer 2 traffic through Ethernet networks
Layer 2 tunneling using Q-in-Q and L2PT
Describe the concepts, operation and functionality of advanced spanning tree protocols, including MSTP and VSTP
Given a scenario, demonstrate knowledge of how to configure and monitor MSTP and VSTP

Layer 2 Authentication and Access Control
Describe the operation of various Layer 2 authentication and access control features
Authentication process flow
802.1x – concepts and functionality
MAC RADIUS
Captive portal
Server fail fallback
Guest VLAN
Considerations when using multiple authentication/access control methods
Given a scenario, demonstration how to configure and monitor Layer 2 authentication and access control

IP Telephony Features
Describe the concepts, operation and functionality of features that facilitate IP telephony deployments
Power over Ethernet (PoE)
LLDP and LLDP-MED
Voice VLAN
Given a scenario, demonstrated how to configure and monitor features used to support IP Telephony

Class of Service (CoS)
Describe the concepts, operation and functionality of Junos CoS for Layer 2/3 networks
CoS processing on Junos devices
CoS header fields
Forwarding classes
Classification
Packet loss priority
Policers
Schedulers
Drop profiles
Shaping
Rewrite rules
Given a scenario, demonstrate knowledge of how to configure and monitor CoS for Layer 2/3 networks
QUESTION 1
Which connection method do OSPF routers use to communicate with each other?

A. IP protocol number 89
B. TCP port 179
C. UDP port 179
D. IP protocol number 6

Answer: A

Explanation:


QUESTION 2
Which statement is true about default BGP route redistribution behavior?

A. IBGP-learned routes are advertised only to other IBGP peers.
B. EBGP-learned routes are redistributed into any IGPs.
C. EBGP-learned routes are advertised only to other EBGP peers.
D. EBGP-learned routes are advertised to other IBGP and EBGP peers.

Answer: D

Explanation:


QUESTION 3
In a PIM-SM network, which type of node helps to build a tree towards an unknown multicast
source?

A. DIS
B. RP
C. DR
D. BSR

Answer: B

Explanation:


QUESTION 4
Which statement is true about MVRP?

A. It allows you to split a broadcast domain into multiple isolated broadcast subdomains.
B. It dynamically manages VLAN registration in a LAN.
C. It maps multiple independent spanning-tree instances onto one physical topology.
D. It is a Layer 2 protocol that facilitates network and neighbor discovery.

Answer: A

Explanation:


QUESTION 5
Which statement is true about LLDP?

A. It allows you to split a broadcast domain into multiple isolated broadcast subdomains.
B. It dynamically manages VLAN registration in a LAN.
C. It maintains a separate spanning-tree instance for each VLAN.
D. It is a Layer 2 protocol that facilitates network and neighbor discovery.

Answer: D

Explanation:

 

Click here to view complete Q&A of JN0-643 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Juniper JN0-643 Certification, Juniper JN0-643 Training at certkingdom.com

 


Continue Reading

JN0-633 Security, Professional (JNCIP-SEC) Exam

JN0-633 Security, Professional (JNCIP-SEC) Exam

Application-Aware Security Services
Describe the concepts, operation and functionality of AppSecure
AppSecure traffic processing
AppID
AppTrack
User FW
SSL proxy
AppFW
AppQoS
Given a scenario, demonstrate knowledge of how to configure, monitor and troubleshoot the various AppSecure modules

Virtualization
Describe the concepts, operation and functionality of various virtualization components on SRX Series Services Gateways
Routing instances
RIB groups
Routing between instances
Logical systems (LSYS)
Intra-LSYS and Inter-LSYS communication
Given a scenario, demonstrate knowledge of how to configure, monitor and troubleshoot the various elements of virtualization
Given a scenario, describe and implement filter-based forwarding (FBF)

Advanced NAT
Describe the concepts, operation and functionality of various types of NAT
NAT traffic processing
Destination NAT
Source NAT
Persistent NAT
Static NAT
Double NAT
NAT traversal
DNS doctoring
IPv6 NAT (Carrier-grade NAT) – NAT64, NAT46, NAT444, DS-Lite
Routing
NAT and FBF
NAT and security policy
Given a scenario, demonstrate knowledge of how to configure, monitor and troubleshoot advanced NAT implementations

Advanced IPSec VPNs
Describe the concepts, operation and functionality of various IPSec VPN implementations
IPSec traffic processing
Site-to-site VPNs
Hub-and-spoke VPNs
Group VPNs
Dynamic VPNs
Routing over VPNs
VPNs and NAT
Public key infrastructure (PKI) for IPSec VPNs
Traffic Selectors
VPNs and dynamic gateways
Given a scenario, demonstrate knowledge of how to configure, monitor and troubleshoot advanced IPSec VPN implementations

Intrusion Prevention
Describe the concepts, operation and functionality of Junos Intrusion Prevention System (IPS) for SRX Series Services Gateways
IPS packet inspection process
IPS rules and rulebases
Signature-based attack detection
Reconnaissance scans and fingerprinting
Flooding, attacks and spoofing
Describe how to perform setup and initial configuration for SRX Series Services Gateways with IPS functionality
IPS deployment options and considerations
Network settings
Attack database
Given a scenario, demonstrate knowledge of how to configure mechanisms to detect and protect against scans and attacks
Custom signatures
Scan prevention

Transparent Mode
Describe the concepts, operation and functionality of various transparent mode implementations
High Availability
VLAN translation
Layer 2 security
IRB
Bridge groups
Spanning tree traffic processing
Given a scenario, demonstrate knowledge of how to configure, monitor and troubleshoot transparent mode implementations

Troubleshooting
Given a scenario, demonstrate knowledge of how to troubleshoot Junos OS security issues
Flow analysis
SNMP
show commands
Logging and syslog
Tracing, including flow traceoptions
Policy flow
Packet capture

QUESTION 1
Which AppSecure module provides Quality of Service?

A. AppTrack
B. AppFW
C. AppID
D. AppQoS

Answer: D


QUESTION 2
You are asked to configure your SRX Series device to support IDP SSL inspections for up to 6,000 concurrent HTTP sessions to a server within your network.
Which two statements are true in this scenario? (Choose two.)

A. You must add at least one PKI certificate.
B. Junos does not support more than 5000 sessions in this scenario.
C. You must enable SSL decoding.
D. You must enable SSL inspection.

Answer: C,D


QUESTION 3
You are troubleshooting an SRX240 acting as a NAT translator for transit traffic. Traffic is dropping at the SRX240 in your network.Which three tools would you use to troubleshoot the issue? (Choose three.)

A. security flow traceoptions
B. monitor interface traffic
C. show security flow session
D. monitor traffic interface
E. debug flow basic

Answer: A,B,C
Reference: http://kb.juniper.net/InfoCenter/index?page=content&id=KB16110


QUESTION 4
You are asked to establish a baseline for your company’s network traffic to determine the bandwidth usage per application. You want to undertake this task on the central SRX device that connects all segments together.What are two ways to accomplish this goal? (Choose two.)

A. Configure a mirror port on the SRX device to capture all traffic on a data collection server for further investigation.
B. Use interface packet counters for all permitted and denied traffic and calculate the values using Junos scripts.
C. Send SNMP traps with bandwidth usage to a central SNMP server.
D. Enable AppTrack on the SRX device and configure a remote syslog server to receive AppTrack messages.

Answer: A,D

Explanation:
AppTrack is used for visibility for application usage and bandwidth
Reference:http://www.juniper.net/us/en/local/pdf/datasheets/1000327-en.pdf

 

Click here to view complete Q&A of JN0-633 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Juniper JN0-633 Certification, Juniper JN0-633 Training at certkingdom.com

 


Continue Reading

JN0-660 Service Provider Routing and Switching, Professional (JNCIP-SP)

JNCIP-SP Exam Objectives (Exam: JN0-660)

OSPF
Describe the concepts, operation and functionality of OSPFv2 and OSPFv3
OSPF LSA types
OSPF area types and operations
LSA flooding through an OSPF multi-area network
DR/BDR operation
SPF algorithm
Metrics, including external metric types
Authentication options
Summarize and restrict routes
Virtual links
OSPFv2 vs OSPFv3
Given a scenario, demonstrate knowledge of how to configure and monitor single-area and multi-area OSPF
Implement OSPF routing policy

IS-IS
Describe the concepts, operation and functionality of IS-IS
IS-IS link-state PDU (LSP) types
IS-IS areas/levels and operations
LLSP flooding through an IS-IS multi-area network
DIS operation
SPF algorithm
Metrics, including wide metrics
Authentication options
Route summarization and route leaking
Given a scenario, demonstrate knowledge of how to configure and monitor single-area and multi-area IS-ISa
Implement IS-IS routing policy

BGP
Describe the concepts, operation and functionality of BGP
BGP route selection process
Next hop resolution
BGP attributes – concept and operation
BGP communities
Regular expressions
Multipath
Multihop
Load balancing
Advanced BGP options
BGP route damping
Multiprotocol BGP
Given a scenario, demonstrate knowledge of how to configure and monitor BGP
Route reflection
Confederations
Describe the concepts, operation and functionality of BGP scaling mechanisms
Implement BGP routing policy

Class of Service (CoS)
Describe the concepts, operation and functionality of Junos CoS
CoS processing on Junos devices
CoS header fields
Forwarding classes
Classification
Packet loss priority
Policers, including tricolor marking and hierarchical policers
Schedulers
Drop profiles
Shaping
Rewrite rules
Hierarchical scheduling (H-CoS) characteristics (high-level only)
Given a scenario, demonstrate knowledge of how to configure and monitor CoS

IP Multicast
Describe the concepts, operation and functionality of IP multicast
Components of IP multicast, including multicast addressing
IP multicast traffic flow
Any-Source Multicast (ASM) vs. Source-Specific Multicast (SSM)
RPF – concept and operation
IGMP
PIM dense-mode and sparse-mode
Rendezvous point (RP) – concept, operation, discovery, election
SSM – requirements, benefits, address ranges
MSDP, including single and multi-PIM domains
Anycast RP
Routing policy and scoping
Given a scenario, demonstrate knowledge of how to configure and monitor IGMP, PIM-DM, PIM-SM (including SSM) and MSDP
Implement IP multicast routing policy

MPLS
Describe the concepts, operation and functionality of MPLS
RSVP and LDP operation
Primary/secondary paths
LSP metrics, including interaction with IGP metrics
LSP priority and preemption
Fast reroute, link protection and node protection
LSP optimization
Routing table integration options for traffic engineering
RSVP reservation styles
Routing policy to control path selection
Advanced MPLS features
Describe the concepts, operation and functionality of Constrained Shortest Path First (CSPF)
TED
IGP extensions
CSPF algorithm – selecting the best path
Tie-breaking options
Administrative groups
Advanced CSPF options
Given a scenario, demonstrate knowledge of how to configure and monitor MPLS, LDP and RSVP
RSVP-signaled and LDP-signaled LSPs
Traffic protection mechanisms
CSPF
Implement MPLS routing policy

Layer 3 VPNs
Describe the concepts, operation and functionality of Layer 3 VPNs
Traffic flow – control and data planes
Full mesh vs. hub-and-spoke topology
VPN-IPv4 addressing
Route distinguishers
Route targets
Route distribution
Site of origin
Sham links
vrf-table-label
Layer 3 VPN scaling
Layer 3 VPN Internet access options
Given a scenario, demonstrate knowledge of how to configure and monitor the components of Layer 3 VPNs
Describe the concepts, operation and functionality of multicast VPNs
Next-generation MVPNs (NG-MVPN)
Flow of control and data traffic in a NG-MVPN
Describe Junos support for carrier-of-carriers and interprovider VPN models

Layer 2 VPNs
Describe the concepts, operation and functionality of BGP Layer 2 VPNs
Traffic flow – control and data planes
Forwarding tables
Connection mapping
Layer 2 VPN NLRI
Route distinguishers
Route targets
Layer 2 VPN scaling
Describe the concepts, operation and functionality of LDP Layer 2 circuits
Traffic flow – control and data planes
Virtual circuit label
Layer 2 interworking
Describe the concepts, operation and functionality of VPLS
Traffic flow – control and data planes
BGP VPLS label distribution
LDP VPLS label distribution
Route targets
Site IDs
Given a scenario, demonstrate knowledge of how to configure and monitor Layer 2 VPNs
BGP Layer 2 VPNs
LDP Layer 2 circuits
VPLS

Automation
Demonstrate basic knowledge of using automation scripts
Operation scripts
Commit scripts
Event scripts
QUESTION 1
You are the administrator for a network that uses IBGP. As the network grows, you must examine options to support increased scale. Which two scaling options should you consider? (Choose two.)

A. route reflection
B. areas
C. zones
D. confederations

Answer: A,D


QUESTION 2
You manage an MPLS network where the PE devices consist of multiple vendors. You are asked to conceal the MPLS topology for all LSPs. Which global configuration parameter will accomplish this?

A. Configure no-decrement-ttl on the ingress router only.
B. Configure no-propagate-ttl on the ingress router only.
C. Configure no-decrement-ttl on all routers within the MPLS network.
D. Configure no-propagate-ttl on all routers within the MPLS network.

Answer: D


QUESTION 3
In which two ways does VPLS populate the MAC table? (Choose two.)

A. dynamically using BGP
B. dynamically using the source MAC address on received frames
C. dynamically using LDP
D. statically using CLI

Answer: B,D


QUESTION 4
Which CoS feature supports per-VLAN queuing and scheduling?

A. multilevel scheduling
B. hierarchical scheduling
C. tagged queuing
D. per-instance queuing

Answer: C


QUESTION 5
Which two statements are true about OSPFv3? (Choose two.)

A. OSPFv3 uses a 32-bit router ID to uniquely identify a node in the network.
B. OSPFv3 uses a 128-bit router ID to uniquely identify a node in the network.
C. OSPFv3 routes are always preferred over OSPFv2 routes for all traffic.
D. OSPFv3 and OSPFv2 can be configured at the same time.

Answer: A,D

Click here to view complete Q&A of JN0-660 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Juniper JN0-660 Certification, Juniper JN0-660 Training at certkingdom.com


Continue Reading

JN0-541 Juniper Networks IDP Certified Internet Associate (JNCIA-IDP)

Concepts of intrusion detection
Identify the features and functions of an IDP sensor
Identify the use of IDP interfaces
Identify the TCP ports used by IDP sensors and Security Manager
Understanding the IDP provisioning modes

Initial configuration of an IDP sensor
Identify the steps involved in implementing the IDP sensor
Describe the configuration of a new sensor via the console
Describe the communication setup between Security Manager and IDP sensor

Configure and fine-tune policies
Assign the IDP attack terminology to the corresponding definitions
Understand the components of an IDP rule
Choice of appropriate IDP actions and IP actions
Describe the algorithm of the IDP rule assignment
Explain the use of captured packages
Explain the fine-tuning of guidelines

Configuring Other Policies for IDP
Explain the function of a rule database for exceptions
Explain the function of a rule database for anomalies
Explain the function of a rule database for backdoors
Explain the function of a SYN Protector rule database
Explain the function of honeypots in the network

Configure and use the profiler
Describe the normal functioning of a profiler
Showing the steps to a working profiler
Describe the use of a profiler for network detection
Describe the use of a profiler to identify new devices and ports
Describe the use of a profiler to detect policy violations

Sensor operation and sensor command line utility
Describe the sensor components and processes
Use scio to manage policies and display sensor configurations
Use sctop to display sensor statistics

Manage attack objects and create custom signatures
Describe the use of static and dynamic groups
Explain how to update the attack object database
List the steps for obtaining information about an attack
Understanding the purpose and use of the sensor commands “scio ccap” and “scio pcap”
List the steps for creating a simple attack object
Describe the purpose of combined attack objects

Maintenance and troubleshooting
Use the Appliance Configuration Manager (ACM) to view and modify sensor configurations
Use sensor and unix commands to resolve IDP issues
Understand the operation of external HA and NIC bypass

QUESTION 1
Which statement is true about the attack object database update process?

A. Each sensor updates its own attack object database automatically; however they must be able
to access the Juniper site on TCP port 443.
B. The attack object database update must be manually performed by the administrator, and the
administrator must manually install it on each sensor.
C. The attack object database update can be initiated manually or automatically.
D. The attack object database update can be automatically scheduled to occur using the Security
Manager GUI.

Answer: C


QUESTION 2
On a sensor, which command will indicate if log messages are being sent to Security Manager?

A. scio vr list
B. serviceidp status
C. scio agentstats display
D. scio getsystem

Answer: C


QUESTION 3
After you enable alerts for new hosts that are detected by the Enterprise Security Profiler, where
do you look in Security Manager to see those alerts?

A. Security Monitor > Profiler > Application Profiler tab
B. Security Monitor > Profiler > Violation Viewer tab
C. Security Monitor > Profiler > Network Profiler tab
D. Log Viewer > Profiler Log

Answer: D


QUESTION 4
When connecting to a sensor using SSH, which account do you use to login?

A. admin
B. super
C. netscreen
D. root

Answer: A


QUESTION 5
Which OSI layer(s) of a packet does the IDP sensor examine?

A. layers 2-7
B. layers 2-4
C. layer 7 only
D. layers 4-7

Answer: A

Click here to view complete Q&A of JN0-541 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Juniper JN0-541 Certification, Juniper JN0-541 Training at certkingdom.com


Continue Reading

JN0-532 FWV, Specialist (JNCIS -FWV)

JNCIS-FWV Exam Objectives (Exam: JN0-532)

VPNs
Identify IKE Phase 1/Phase2 negotiation sequence and proposals
Identify/differentiate IPSec standard elements (encapsulations, SA, SPI, etc.)
List steps for policy-based/route-based VPN configuration
Relate proxy-ID to VPN setup
Identify proper configuration for various hub/spoke configurations (policy, int. placement, etc.)
Identify NHTB requirements/configurations
Configure/verify AC-VPNs
Identify PKI components (certificates, CDL, etc.)
List steps for PKI implementation w/ VPNs
VPN Variations
Configure Dynamic Peer VPNs
Configure Transparent mode VPNs
Configure Overlapping Networks
Describe GRE applications/Configure GRE

Network Management
Configure local management (SSL, SSH, management restrictions).
Interpret internal counters and logs.
Configure SYSLOG.
Discuss logging levels.
Configure SNMP.

Troubleshooting with Debug/Snoop
Enable debug/snoop.
Set debug filters.
Set snoop filters.
Use get commands to validates/troubleshoot routing and policies.
Use debug output to identify routing and policy problems.
Use get commands to validate/troubleshoot address translation.
Use debug output to identify problems.
Use get commands to validate/troubleshoot VPN setup.

Traffic Management
Describe the bandwidth allocation process.
Describe queuing functionality.
List requirements/steps for configuring traffic management.

Virtual Systems
Define VSYS applications
Describe root vs. VSYS administration
Explain VSYS vs. root assignment of routes/NAT pools/etc.
Configure interface-based VSYS
Configure inter-VSYS communications, including NAT.
Use show/debug output to identify VSYS usage.
Configure VSYS resource allocation

NSRP
Distinguish active/passive and active/active.
Describe NSRP operations (HA link, session sync, master election, etc.)
Configure active/passive and active/active NSRP.
Validate NSRP operations.
Adjust operations (secondary link, failover settings).
Configure redundant interface.

Dynamic Routing/Routing over VPNs
Configure RIP over VPNs
Configure OSPF over VPNs
Configure/verify OSPF routing
Configure OSPF options
Configure/verify BGP
Configure redistribution/filters/route maps
Configure static routes incl. floating static routes
Configure/verify source routing
Configure/verify policy routing

Attack Prevention
Describe SCREEN functions
Describe/configure Deep Inspection
Describe/configure anti-virus functionality
Configure web filtering

Multicast
Configure/verify IGMP
Configure/verify PIM-SM


QUESTION 1
You have created a VPN to a dynamic peer. Which two configured parameters must match?
(Choose two.)

A. static side peer-id
B. dynamic side local-id
C. static side IP address
D. dynamic side IP address

Answer: A,B


QUESTION 2
Which three events would cause ScreenOS devices to generate SNMP traps? (Choose three.)

A. cold starts
B. traffic alarms
C. warm reboots
D. self log events
E. traffic log events

Answer: A,B,C


QUESTION 3
Which command shows the filter applied to snoop captures?

A. get snoop
B. snoop info
C. get ffilter
D. get ffilter ip-proto snoop

Answer: B

Click here to view complete Q&A of JN0-532 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Juniper JN0-532 Certification, Juniper JN0-532 Training at certkingdom.com


Continue Reading

JPR-932 Juniper Networks Certified Internet Expert-SEC (JNCIE-SEC)

JNCIE-SEC Exam Objectives (Exam: JPR-932)

Infrastructure Concepts
Security Forwarding Options
Packet-based
MPLS
inet6
Flow-Based
inet6
Security Zones
Configure security zones
Device Management
User accounts
System services

High Availability
HA Clustering
Active-active
Active-passive
Reth interfaces
Link aggregation
Control and data plane
Dual fabric links
Redundancy groups

Firewall Policies
Security Polices
Policy configuration
Advanced policy options
Schedulers
ALGs
Authorization
Bypass flow forwarding
Logging
Data and control plane logs
Forward logs to the RE
Send logs to external collectors
UTM
Anti-virus
Web filtering

IPSec VPNs
Implementation of IPSec VPNs
Multipoint tunnels
Policy-based VPNs
Route-based VPNs
Traffic selectors
Proxy ID
Traceoptions
Dual and backup tunnels
On-demand tunnels
DRP over a tunnel
Dynamic VPNs
Certificate-based VPNs
PKI
Interoperability with 3rd party devices

NAT
Implementation of NAT
Source NAT
Destination NAT
Static NAT
NAT64
Implementation of NAT with IPSec
Overlapping IPs between sites

Advanced Security Services
AppSecure
AppTrack
AppFW
AppQoS
AppDoS
Application Identification
User Firewall
SSL Forward Proxy
Integration with IPS
IDP
Logs
Custom polices
Automatic updates
L3/L4/L7 DoS
Stateless filters
Screens
Flow options
App DDos
Active Directory Integration

IGPs
OSPF
Multi-area OSPF topologies
Filter and summarize routes
Network and link types
Route selection process
Redistribution
IPv6

BGP
Implementation
Routing policy
Route selection
IPv6

Protocol-Independent Routing
Filter-based Forwarding
Based on Layer 4
Based on IFL
Configuring Routes
Aggregate
Static
Generated
Policies

Extended Implementation Concepts
Transparent mode
Configure transparent mode

Click here to view complete Q&A of JPR-932 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Juniper JPR-932 Certification, Juniper JPR-932 Training at certkingdom.com


Continue Reading

JN0-661 Service Provider Routing and Switching JNCIP-SP

JNCIP-SP Exam Objectives (Exam: JN0-661)

OSPF
Describe the concepts, operation and functionality of OSPFv2 or OSPFv3
OSPF area types and operations
LSA flooding through an OSPF multi-area network
DR/BDR operation
SPF algorithm
Metrics, including external metric types
Summarize and restrict routes
Virtual links
OSPFv2 vs OSPFv3
Given a scenario, demonstrate knowledge of how to configure or monitor single-area and multi-area OSPF
Implement OSPF routing policy

IS-IS
Describe the concepts, operation, or functionality of IS-IS
IS-IS areas/levels and operations
LSP flooding through an IS-IS multi-area network
DIS operation
SPF algorithm
Metrics, including wide metrics
Route summarization and route leaking
Given a scenario, demonstrate knowledge of how to configure or monitor single-area and multi-area IS-IS
Implement IS-IS routing policy

BGP
Describe the concepts, operation, or functionality of BGP
BGP route selection process
Next hop resolution
BGP attributes – concept and operation
BGP communities
Regular expressions
Multipath
Multihop
Load balancing
Advanced BGP options
BGP route damping
Multiprotocol BGP
Describe the concepts, operation or functionality of BGP scaling mechanisms
Route reflection
Confederations
Given a scenario, demonstrate knowledge of how to configure or monitor BGP
Implement BGP routing policy

Class of Service (CoS)
Describe the concepts, operation, or functionality of Junos CoS
CoS processing on Junos devices
CoS header fields
Forwarding classes
Classification
Packet loss priority
Policers, including tricolor marking and hierarchical policers
Schedulers
Drop profiles
Shaping
Rewrite rules
Hierarchical scheduling (H-CoS) characteristics (high-level only)
Given a scenario, demonstrate knowledge of how to configure or monitor CoS

IP Multicast
Describe the concepts, operation, or functionality of IP multicast
Components of IP multicast, including multicast addressing
IP multicast traffic flow
Any-Source Multicast (ASM) versus Source-Specific Multicast (SSM)
RPF – concept and operation
IGMP
PIM dense-mode and sparse-mode
Rendezvous point (RP) – concept, operation, discovery, election
SSM – requirements, benefits, address ranges
MSDP, including single and multi-PIM domains
Anycast RP
Routing policy and scoping
Given a scenario, demonstrate knowledge of how to configure or monitor IGMP, PIM-DM, PIM-SM (including SSM) and MSDP
Implement IP multicast routing policy

Advanced MPLS
Describe the concepts, operation, or functionality of MPLS
Routing table integration options for traffic engineering
Routing policy to control path selection
Advanced MPLS features
Administrative groups
Advanced CSPF options
Implement MPLS routing policy

Layer 3 VPNs
Describe the concepts, operation, or functionality of Layer 3 VPNs
Traffic flow – control and data planes
Full mesh vs. hub-and-spoke topology
VPN-IPv4 addressing
Route distinguishers
Route targets
Route distribution
Site of origin
Sham links
vrf-table-label
Layer 3 VPN scaling
IPv6 Layer 3 VPNs
Layer 3 VPN Internet access options
Given a scenario, demonstrate knowledge of how to configure or monitor the components of Layer 3 VPNs
Describe the concepts, operation or functionality of multicast VPNs
Next-generation MVPNs (NG-MVPN)
Flow of control and data traffic in an MVPN
Describe Junos support for carrier-of-carriers or interprovider VPN models

Layer 2 VPNs
Describe the concepts, operation, or functionality of BGP Layer 2 VPNs
Traffic flow – control and data planes
Forwarding tables
Connection mapping
Layer 2 VPN NLRI
Route distinguishers
Route targets
Layer 2 VPN scaling
Describe the concepts, operation, or functionality of LDP Layer 2 circuits
Traffic flow – control and data planes
Virtual circuit label
Layer 2 interworking
Describe the concepts, operation, or functionality of VPLS
Traffic flow – control and data planes
BGP VPLS label distribution
LDP VPLS label distribution
Route targets
VPLS Multihoming
Site IDs
Describe the concepts, operation, or functionality of EVPN
Traffic flow – control and data planes
MAC learning and distribution
EVPN Multihoming
BGP EVPN label distribution
Given a scenario, demonstrate knowledge of how to configure or monitor Layer 2 VPNs
BGP Layer 2 VPNs
LDP Layer 2 circuits
EVPNs
VPLS


QUESTION 1
Which OSPFv3 router ID is valid?

A. 192.168.1.1
B. ::192.168.1.1
C. 0.0.0.0
D. 2008:db8::1

Answer: A

Explanation

OSPFv3 Router IDs, Area IDs, and LSA link-state IDs remain at the OSPFv2 IPv4 size of 32 bits.
References: Network Configuration Example OSPF Version 3 for IPv6 Feature Guide, page 3


QUESTION 2
You are working with a new MPLS network that is using the default EXP classifier and default schedules.
A small amount of traffic is being placed in the assured
forwarding class. No other traffic is passing through the network at this time.
In this scenario, what happens to the traffic that is being placed in the assured forwarding class?

A. The traffic is reclassified to the best effort forwarding class and is forwarded.
B. The traffic remains in the assured forwarding class and is forwarded.
C. The traffic is reclassified to the network control forwarding class and is forwarded.
D. The traffic remains in the assured forwarding class and is dropped.

Answer: B

Explanation

References: https://www.juniper.net/documentation/en_US/junos15.1/topics/concept/forwarding-classes-default-cos-config-guide.html


QUESTION 3
You are connecting your OSPF router to your customer’s RIP router and redistributing
the customer’s routes into your OSPF domain. Your OSPF routes is part of an NSSA
and the ABR is injecting an OSPF default route, which you have advertised to your customer.
After committing the configuration, you notice a routing loop
between your OSPF router and the customer’s RIP router.
Which action must you perform on your OSPF router to solve this problem?

A. Enable Type 7-to-Type 5 LSA conversion.
B. Set the customer-facing interface to passive.
C. Convert the area to a stub area.
D. Change the OSPF external route preference.

Answer: D

Explanation

Avoid routing loops by changing the OSPF external route preference.

Incorrect Answers:
A: If multiple NSSA ABR routers are present, it is recommended that not all ABRs perform
Type 7-to-5 translation to avoid routing loops.
B: We would have to make the interface on the RIP router, the customer router,
passive, not the customer-facing interface on the OSPF router.

Note: By default RIP broadcasts are sent from all interfaces. RIP allows us to control this behavior.
We can configure which interface should send RIP broadcast or
which not. Once we mark any interface as passive interface, RIP will stop sending updates from that interface.

References: https://www.juniper.net/documentation/en_US/junos15.1/topics/topic-map/ospf-stub-and-not-so-stubby-areas.html


QUESTION 4
A PE provides VLAN VPLS service to a CE attached with two links.
You want to prevent Layer 2 loops and provide link redundancy.
Which two actions will accomplish this task? (Choose two.)

A. Place both interfaces in a link aggregation group.
B. Configure different VLANs on each interface.
C. Configure all VLANs on both interfaces, on the PE, and on the CE.
D. Configure Spanning Tree Protocol between the PE and the CE.

Answer: B,D

Explanation

D: To prevent the formation of Layer 2 loops between the CE devices and the multihomed PE routers,
Juniper recommends that you employ the Spanning Tree
Protocol (STP) on your CE devices. Layer 2 loops can form due to inconfiguration.
Temporary Layer 2 loops can also form during convergence after a change in the network topology.

References: http://www.juniper.net/documentation/en_US/junos16.1/topics/topic-map/vpls-bgp-multihoming.html

Click here to view complete Q&A of JN0-661 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Juniper JN0-661 Certification, Juniper JN0-661 Training at certkingdom.com


Continue Reading

JNCDS-SEC Exam Objectives (Exam: JN0-1330)

JNCDS-SEC Exam Objectives (Exam: JN0-1330)

Fundamental Security Concepts
Describe the various tenets of common security features
Access control lists
Stateful security policies
ALG’s
IPS
UTM
NAT
IPsec
Next-generation firewall
Screen

Advanced Security Concepts
Describe advanced security features
Security intelligence
Advanced anti-malware
Defense in-depth

Securing the Campus and Branch
Describe the security design considerations within a campus or branch network
Network segmentation
Network access
Wireless
802.1X
Remote access VPN’s
NAT
End-to-end security
BYOD

Securing the Enterprise WAN
Describe the security design considerations for an enterprise WAN
Internet edge security design principles
WAN aggregation
Private WAN
VPNs

Securing the Service Provider WAN
Describe the security design considerations for a service provider WAN
DoS/DDos attacks
Securing the control plane
Internet security
CG-NAT

Securing the Data Center

Describe the security design considerations in a data center
Securing data center interconnects
Securing North-South flows
Securing East-West flows
Virtual routers

Security Automation and Management
Describe the design considerations for security management
Securing the individual devices
Centralized security
Junos Space management platform
Junos Space Security Director and Log Director
Juniper Secure Analytics

Security Virtualization
Describe the security design considerations for a virtualized environment
NFV
Service chaining
Micro-segmentation
vSRX

High Availability
Describe the design considerations of high availability in a secure networks
Physical high availability
Virtual high availability
Asymmetrical traffic handling
Chassis clustering


QUESTION: No: 1
You are asked to implement port-based authentication on your access switches. Security and ease of
access are the two primary requirements. Which authentication solution satisfies these requirements?

A. MAC RADIUS
B. network access control
C. firewall authentication
D. IPsec tunnel

Answer: A


QUESTION: No: 2
What is one way to increase the security ofa site-to-site IPsec VPN tunnel?

A. Implement a stronger Diffie-Hellman group.
B. Change IKE Phase 1 from main mode to aggressive mode.
C. Implement traffic selectors.
D. Implement a policy-based VPN.

Answer: C


QUESTION: No: 3
Your customer is planning the deployment of a new hub-and-spoke WAN architecture that must support
dual stack They have decided against using a dynamic routing protocol. They are concerned about the
difficulty of managing configurations and operations at the hub location as they deploy branch routers
In this scenario, what ate three reasons for selecting route-based VPNs with traffic selectors’? (Choose
three)

A. Traffic selectors support IPv4 and IPv6.
B. Traffic selectors reduce the number of Phase 2 IPsec security associations.
C. Traffic selectors reduce latency because they bypass UTIVI.
D. Traffic selectors support auto route insertion
E. You can define mutliple traffic selectors within a single route-based VPN

Answer: A,D,E

Click here to view complete Q&A of JN0-1330 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Cisco JN0-1330 Certification, Cisco JN0-1330 Training at certkingdom.com


Continue Reading

JN0-1360 Juniper Networks Certified Design Specialist, WAN (JNCDS-WAN)

JNCDS-WAN Exam Objectives (Exam: JN0-1360)

WAN Connectivity
Describe the various methods of WAN connectivity
Public/Private/Managed
Service Provider connectivity
Service Provider hand-off methods
Service Provider MPLS services
Enterprise Internet transport
Enterprise Layer 2/Layer 3 handoff services
Enterprise private connections

Network Availability and Traffic Prioritization
Describe network availability concepts
Calculating availability
Physical redundancy
Logical redundancy
Fate sharing (e.g., high availability)
Capacity planning
Describe class of service concepts
Diffserv
CoS processing

Service Provider Core WAN Design
Describe the design considerations of a Service Provider’s core WAN
Network segmentation
IGP design
BGP design
MPLS design

Service Provider Edge WAN Design
Describe the design considerations of a Service Provider’s edge WAN
Layer 2 Services
Layer 3 services
Metro Ethernet
Subscriber services
Multicast services

Enterprise WAN
Describe the design considerations of an Enterprise WAN
Private WANs
Large Enterprise WAN design
SME WAN design

Data Center WAN
Describe the design considerations of a data center WAN
Gateway and fabric connectivity
L2 WAN extensions
EVPN
VXLAN

WAN Security
Describe the design considerations for security in the WAN
Platform security
BGP Flowspec
MACsec
IPsec
Subscriber access security

WAN Management
Describe the design considerations for WAN management
OOB management design
Junos Space management platform
Best practices

SDN in the WAN
Describe the design considerations of SDN in the WAN
SD-WAN (protocols, considerations, benefits)
Northstar
WANDL
Contrail Cloud CPE

Click here to view complete Q&A of JN0-1360 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Cisco JN0-1360 Certification, Cisco JN0-1360 Training at certkingdom.com


Continue Reading

JN0-943 Enterprise Routing and Switching, Expert

JN0-943 Enterprise Routing and Switching, Expert

At the pinnacle of the Enterprise Routing and Switching certification track is the 1-day JNCIE-ENT practical exam. This exam is designed to validate the networking professionals’ ability to deploy, configure, manage and troubleshoot Junos-based enterprise routing and switching platforms. Throughout this 8-hour practical exam, candidates will build an enterprise network infrastructure consisting of multiple routers and switching devices. Successful candidates will perform system configuration on all devices, configure protocols and features like IPV6, OSPF V2, OSPF V3, BGP, MSDP, PIM, SSM, RSTP, LLDP, 802.1x, CoS, routing policies.

The JNCIE-ENT is valid for two years. Re-certification is achieved by passing the current version of the JNCIP-ENT exam.

Exam topics may include:
System Services and Security
Interfaces
Ethernet Switching
IGPs
BGP
Protocol-Independent Routing
Multicast
Class of Service

System Services and Security
System Services
NTP
Syslog
sFlow
Authentication and authorization
Configuring archival
RPM
PoE
Securing the Control Plane
Stateless firewall configuration

Interfaces
Implementation of Interfaces
Aggregated Ethernet
VRRP
Ethernet OAM
GRE tunnels
BFD
Logical tunnel interfaces

Ethernet Switching
Spanning Tree Protocol
Multiple CIST
MSTP/VSTP/RSTP
xSTP interoperability
Multiple topologies
Optimization
VLANs
VLAN switching and trunking
Q-in-Q
IP Telephony
Private VLANs
Voice VLANs
Virtual Chassis
Master determination
Add/remove members
VCP and VCEP interfaces
Split detection
Security features
Port security features
Dynamic ARP inspection with DHCP snooping
Layer 2 firewall filters
MAC table filtering

IGPs
OSPF
Multi-area OSPF topologies
Filter and summarize routes
Network and link types
Route selection process
BFD
Redistribution
IPv6

BGP
Implementation and Troubleshooting
Routing policy
Route selection
2-byte and 4-byte AS
Multi-homed stub-AS
BFD

Protocol-Independent Routing
Load Balancing
Hash key
Per flow
Filter-based Forwarding
Based on Layer 4
Based on IFL
Configuring Routes
Aggregate
Static
Generated
Policies

Multicast
Implementation of Multicast
Shared tree and source tree
Designated router
RPF table manipulation
SSM
Extend the group range
SSM mapping
RP Redundancy
Anycast RP (PIM and MSDP)
BSR

Class of Service
Implementation
Loss priority
Rewrite rules
Shaping and policing
Scheduling
BA and MF classification
Drop profiles

Click here to view complete Q&A of JN0-943 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Cisco JN0-943 Certification, Cisco JN0-943 Training at certkingdom.com


Continue Reading

JN0-646 Enterprise Routing and Switching, Professional (JNCIP-ENT) Exam

JNCIP-ENT Exam Objectives (Exam: JN0-643 and JN0-646)

OSPF
Describe the concepts, operation and functionality of OSPFv2 and OSPFv3
OSPF LSA types
OSPF area types and operations
LSA flooding through an OSPF multi-area network
DR/BDR operation
SPF algorithm
Metrics, including external metric types
Authentication options
Route summarization and restriction
Overload
Virtual links
OSPFv2 vs OSPFv3
Given a scenario, demonstrate knowledge of how to configure and monitor single-area and multi-area OSPF
Implement OSPF routing policy

BGP
Describe the concepts, operation and functionality of BGP
BGP route selection process
Next hop resolution
BGP attributes – concept and operation
BGP communities
Regular expressions
Load balancing – multipath, multihop, forwarding table
NLRI families – inet, inet6
Advanced BGP options
Given a scenario, demonstrate knowledge of how to configure and monitor BGP
Implement BGP routing policy

IP Multicast
Describe the concepts, operation and functionality of IP multicast
Components of IP multicast, including multicast addressing
IP multicast traffic flow
Any-Source Multicast (ASM) vs. Source-Specific Multicast (SSM)
RPF – concept and operation
IGMP, IGMP snooping
PIM dense-mode and sparse-mode
Rendezvous point (RP) – concept, operation, discovery, election
SSM – requirements, benefits, address ranges
Anycast RP
MSDP
Routing policy and scoping
Given a scenario, demonstrate knowledge of how to configure and monitor IGMP, PIM-DM and PIM-SM (including SSM)
Implement IP multicast routing policy

Ethernet Switching and Spanning Tree
Describe the concepts, operation and functionality of advanced Ethernet switching
Filter-based VLANs
Private VLANs
Dynamic VLAN registration using MVRP
Tunnel Layer 2 traffic through Ethernet networks
Layer 2 tunneling using Q-in-Q and L2PT
Given a scenario, demonstrate knowledge of how to configure and monitor advanced Ethernet switching
Filter-based VLANs
Private VLANs
Dynamic VLAN registration using MVRP
Tunnel Layer 2 traffic through Ethernet networks
Layer 2 tunneling using Q-in-Q and L2PT
Describe the concepts, operation and functionality of advanced spanning tree protocols, including MSTP and VSTP
Given a scenario, demonstrate knowledge of how to configure and monitor MSTP and VSTP

Layer 2 Authentication and Access Control
Describe the operation of various Layer 2 authentication and access control features
Authentication process flow
802.1x – concepts and functionality
MAC RADIUS
Captive portal
Server fail fallback
Guest VLAN
Considerations when using multiple authentication/access control methods
Given a scenario, demonstration how to configure and monitor Layer 2 authentication and access control

IP Telephony Features
Describe the concepts, operation and functionality of features that facilitate IP telephony deployments
Power over Ethernet (PoE)
LLDP and LLDP-MED
Voice VLAN
Given a scenario, demonstrated how to configure and monitor features used to support IP Telephony

Class of Service (CoS)
Describe the concepts, operation and functionality of Junos CoS for Layer 2/3 networks
CoS processing on Junos devices
CoS header fields
Forwarding classes
Classification
Packet loss priority
Policers
Schedulers
Drop profiles
Shaping
Rewrite rules
Given a scenario, demonstrate knowledge of how to configure and monitor CoS for Layer 2/3 networks

Click here to view complete Q&A of JN0-646 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Cisco JN0-646 Certification, Cisco JN0-646 Training at certkingdom.com

 


Continue Reading

JN0-346 Enterprise Routing and Switching, Specialist (JNCIS-ENT)

JNCIS-ENT Exam Objectives (Exam: JN0-343 and JN0-346)

Layer 2 Switching and VLANs
Identify the concepts, operation, and functionality of Layer 2 switching for the Junos OS
Enterprise switching platforms
Bridging components
Frame processing
Identify the concepts, benefits, and functionality of VLANs
Ports
Tagging
Native VLANs and voice VLANs
Inter-VLAN routing
Demonstrate knowledge of how to configure, monitor and troubleshoot Layer 2 switching and VLANs
Interfaces and ports
VLANs
Routed VLAN interfaces (RVI)

Spanning Tree
Identify the concepts, benefits, operation, and functionality of the Spanning Tree Protocol
STP and RSTP concepts
Port roles and states
BPDUs
Convergence and reconvergence
Demonstrate knowledge of how to configure and monitor STP and RSTP
STP
RSTP

Layer 2 Security
Identify the concepts, benefits and operation of various protection and security features
BPDU, loop and root protection
Port security, including MAC limiting, DHCP snooping, Dynamic ARP inspection (DAI) and IP source guard
Storm control
Identify the concepts, benefits and operation of Layer 2 firewall filtres
Filter types
Processing order
Match criteria and actions
Demonstrate knowledge of how to configure and monitor Layer 2 security
Protection
Port security
Storm control
Firewall filter configuration and application

Protocol Independent Routing
Identify the concepts, operation and functionality of various protocol-independent routing components
Static, aggregate, and generated routes
Martian addresses
Routing instances, including RIB groups
Load balancing
Filter-based forwarding
Demonstrate knowledge of how to configure and monitor various protocol-independent routing components
Static, aggregate, and generated routes
Load balancing
Filter-based forwarding

Open Shortest Path First (OSPF)
Identify the concepts, operation and functionality of OSPF
Link-state database
OSPF packet types
Router ID
Adjacencies and neighbors
Designated router (DR) and backup designated router (BDR)
OSPF area and router types
LSA packet types
Demonstrate knowledge of how to configure, monitor and troubleshoot OSPF
Areas, interfaces and neighbors
Additional basic options
Routing policy application
Troubleshooting tools
Realms

Intermediate System to Intermediate System (IS-IS)
Identify the concepts, operation and functionality of IS-IS
Link-state database
IS-IS PDUs
TLVs
Adjacencies and neighbors
Levels and areas
Designated intermediate system (DIS)
Metrics
Demonstrate knowledge of how to configure, monitor and troubleshoot IS-IS
Levels, interfaces and adjacencies
Additional basic options
Routing policy application
Troubleshooting tools

Border Gateway Protocol (BGP)
Identify the concepts, operation and functionality of BGP
BGP basic operation
BGP message types
Attributes
Route/path selection process
IBGP and EBGP functionality and interaction
Demonstrate knowledge of how to configure and monitor BGP
Groups and peers
Additional basic options
Routing policy application

Tunnels

Identify the concepts, requirements and functionality of IP tunneling
Tunneling applications and considerations
GRE
IP-IP
Demonstrate knowledge of how to configure and monitor IP tunnels
GRE
IP-IP

High Availability
Identify the concepts, benefits, applications and requirements for high availability in a Junos OS environment
Link aggregation groups (LAG)
Redundant trunk groups (RTG)
Virtual Chassis
Graceful restart (GR)
Graceful Routing Engine switchover (GRES)
Nonstop active routing (NSR)
Nonstop bridging (NSB)
Bidirectional Forwarding Detection (BFD)
Virtual Router Redundancy Protocol (VRRP)
Unified In-Service Software Upgrade (ISSU)
Demonstrate knowledge of how to configure and monitor high availability components
LAG and RTG
Virtual Chassis
GR, GRES, NSR, and NSB
VRRP
ISSU


QUESTION: No: 1
Which two statements about RSTP are correct? (Choose two.)

A. RSTP is not backwards compatible with STP.
B. RSTP is backwards compatible with STP.
C. RSTP permits multiple root bridges within a Layer 2 domain.
D. RSTP permits only a single root bridge within a Layer 2 domain.

Answer: Click Here to view answers


QUESTION: No: 2
Which two port security features are dependent on the DHCP snooping database? (Choose two.)

A. MAC limiting
B. dynamic ARP inspection
C. IP source guard
D. storm control

Answer: Click Here to view answers

Explanation: B: Dynamic ARP inspection (DAI) prevents Address Resolution Protocol (ARP) spoofing


QUESTION: No: 3
How many bytes of overhead does an IP-IP tunnel add to a packet?

A. 24 bytes
B. 28 bytes
C. 20 bytes
D. 14 bytes

Answer: Click Here to view answers

Explanation: Difference Between GRE and IP-IP Tunnel. Generic Routing Encapsulation (GRE) and

Click here to view complete Q&A of JN0-346 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Cisco JN0-346 Certification, Cisco JN0-346 Training at certkingdom.com


Continue Reading

JN0-691 Junos Troubleshooting

Junos Troubleshooting Exam Objectives (Exam: JN0-691)

Troubleshooting Methodology
Identify the elements to build a framework for approaching troubleshooting Junos devices
General troubleshooting methodology
Broad troubleshooting steps
Identify tools that can be used to troubleshoot Junos devices
CLI
Craft interface
Logging
Traceoptions
Real-time monitoring
Core files
Port mirroring
Identify tools that can be used for device and network monitoring
SNMP
RMON
Sampling

Chassis Monitoring and Troubleshooting
Identify the concepts, tools and features used to monitor and troubleshoot chassis-related components of Junos devices
Chassis
RE and PFE components
Fans and power supplies
System
Storage and file system
Boot media and start-up sequence
System software
Backups
Given a scenario, demonstrate knowledge of how to monitor and troubleshoot the chassis and core system components of Junos devices
show commands
Logging

Control Plane Monitoring and Troubleshooting
Identify the concepts, tools and features used to monitor and troubleshoot the control plane of Junos devices
System processes
User processes
ARP
RIB/FIB
Given a scenario, demonstrate knowledge of how to monitor and troubleshoot the control plane of Junos devices
show commands
clear commands
monitor commands
Logging
Traceoptions

Data Plane Monitoring and Troubleshooting
Identify the concepts, tools and features used to monitor and troubleshoot the data plane of Junos devices
PFE issues
Ethernet interfaces
MTU issues
Link flapping
Forwarding table issues
PFE load balancing
Local vs. transit traffic
Firewall filters and policers
Given a scenario, demonstrate knowledge of how to monitor and troubleshoot the data plane of Junos devices
request commands
show commands
monitor commands
clear commands
Loopback testing

Layer 2 and Layer 3 Protocol Monitoring and Troubleshooting
Identify the concepts, tools and features used to monitor and troubleshoot Layer 3 protocols on Junos devices
Routing table information
Routing loops
OSPF neighbors
OSPF adjacencies
BGP peering and peer groups
BGP neighbor states
Identify the concepts, tools and features used to monitor and troubleshoot Layer 2 protocols on Junos devices
VLAN’s
bridging concepts
xSTP protocols
switching table
Given a scenario, demonstrate knowledge of how to perform basic monitoring and troubleshooting of Layer 3 protocols on Junos devices
show commands
clear commands
Traceoptions
Given a scenario, demonstrate knowledge of how to perform basic monitoring and troubleshooting of Layer 2 protocols on Junos devices
show commands
clear commands
Traceoptions

High Availability (HA) Monitoring and Troubleshooting
Identify the concepts, tools and features used to monitor and troubleshoot HA components for Junos devices
Graceful Routing Engine switchover (GRES)
Graceful restart (GR)
Nonstop active routing/bridging
Virtual router redundancy protocol (VRRP)
Link aggregation groups (LAG)
Unified in-service software upgrade (ISSU)
Given a scenario, demonstrate knowledge of how to perform monitoring and troubleshooting of HA features on Junos devices
monitor commands
show commands
request commands
QUESTION 2
Click the Exhibit button.
Which command removes only the ARP entries associated with the ge-0/0/0.0 interface?

A. clear arp | match ge-0/0/0.0
B. clear arp hostname”10.200.14.130|10.210.14.139|10.210.14.190″
C. C.clear arp | except “ge-0/0/3|ge-0/0/4.104|ge-0/0/5.105”
D. clear arp interface ge-0/0/0

Answer: A


QUESTION 3
Which two statements are true about the Junos chassis daemon? (Choose two.)

A. You can parse the chassis daemon log to view the details and time lines for hardware events that have occurred.
B. Theshow log dcdcommand allows you to view chassis related events.
C. You cannot parse the chassis daemon log to view the details andtimelines for hardware events that have occurred.
D. Theshow log chassisdcommand allows you to view chassis related events.

Answer: A,D


QUESTION 4
What are three categories of core files on a Junos device? (Choose three.)

A. PFE
B. Process
C. FPC
D. Kernel
E. PIC

Answer: B,D,E


QUESTION 5
You must verify end-to-end connectivity within your network.
Which two troubleshooting tools meet this objective? (Choose two.)

A. ping
B. SNMP
C. traceroute
D. RMON

Answer: A,C

Click here to view complete Q&A of JN0-691 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Cisco JN0-691 Certification, Cisco JN0-691 Training at certkingdom.com


Continue Reading

JN0-690 Junos Troubleshooting

Junos Troubleshooting Exam Objectives (Exam: JN0-691)

Troubleshooting Methodology
Identify the elements to build a framework for approaching troubleshooting Junos devices
General troubleshooting methodology
Broad troubleshooting steps
Identify tools that can be used to troubleshoot Junos devices
CLI
Craft interface
Logging
Traceoptions
Real-time monitoring
Core files
Port mirroring
Identify tools that can be used for device and network monitoring
SNMP
RMON
Sampling

Chassis Monitoring and Troubleshooting
Identify the concepts, tools and features used to monitor and troubleshoot chassis-related components of Junos devices
Chassis
RE and PFE components
Fans and power supplies
System
Storage and file system
Boot media and start-up sequence
System software
Backups
Given a scenario, demonstrate knowledge of how to monitor and troubleshoot the chassis and core system components of Junos devices
show commands
Logging

Control Plane Monitoring and Troubleshooting
Identify the concepts, tools and features used to monitor and troubleshoot the control plane of Junos devices
System processes
User processes
ARP
RIB/FIB
Given a scenario, demonstrate knowledge of how to monitor and troubleshoot the control plane of Junos devices
show commands
clear commands
monitor commands
Logging
Traceoptions

Data Plane Monitoring and Troubleshooting
Identify the concepts, tools and features used to monitor and troubleshoot the data plane of Junos devices
PFE issues
Ethernet interfaces
MTU issues
Link flapping
Forwarding table issues
PFE load balancing
Local vs. transit traffic
Firewall filters and policers
Given a scenario, demonstrate knowledge of how to monitor and troubleshoot the data plane of Junos devices
request commands
show commands
monitor commands
clear commands
Loopback testing

Layer 2 and Layer 3 Protocol Monitoring and Troubleshooting
Identify the concepts, tools and features used to monitor and troubleshoot Layer 3 protocols on Junos devices
Routing table information
Routing loops
OSPF neighbors
OSPF adjacencies
BGP peering and peer groups
BGP neighbor states
Identify the concepts, tools and features used to monitor and troubleshoot Layer 2 protocols on Junos devices
VLAN’s
bridging concepts
xSTP protocols
switching table
Given a scenario, demonstrate knowledge of how to perform basic monitoring and troubleshooting of Layer 3 protocols on Junos devices
show commands
clear commands
Traceoptions
Given a scenario, demonstrate knowledge of how to perform basic monitoring and troubleshooting of Layer 2 protocols on Junos devices
show commands
clear commands
Traceoptions

High Availability (HA) Monitoring and Troubleshooting
Identify the concepts, tools and features used to monitor and troubleshoot HA components for Junos devices
Graceful Routing Engine switchover (GRES)
Graceful restart (GR)
Nonstop active routing/bridging
Virtual router redundancy protocol (VRRP)
Link aggregation groups (LAG)
Unified in-service software upgrade (ISSU)
Given a scenario, demonstrate knowledge of how to perform monitoring and troubleshooting of HA features on Junos devices
monitor commands
show commands
request commands


QUESTION 1
Which CLI command is used to restart a software process?

A. restart
B. reboot
C. commit
D. reload

Answer: A

Explanation: To restart a process one have to use restart <process name>, reboot is not even a
valid command.
Possible completions:
restart Restart software process


QUESTION 2
Which CLI command applies the candidate configuration to the active configuration?

A. load
B. merge
C. copy run start
D. commit

Answer: D

Explanation: Copy run start is a Cisco specific command and is nowhere to be found in Junos.
>commit Commit current set of changes


QUESTION 3
Which operational CLI command would you use to troubleshoot hardware-related problems?

A. show system
B. show chassis
C. show route
D. show cli

Answer: B

Explanation: Show route will only show you routing, show chassis will show you hardware related
information.
>show chassis ?
Possible completions:
alarms Show alarm status
cluster Show chassis cluster information
craft-interface Show craft interface status
environment Show component status and temperature, cooling system speeds
fan Show fan and fan tray information
firmware Show firmware and operating system version for components
forwarding Show forwarding process (fwdd) status
fpc Show Flexible PIC Concentrator status
hardware Show installed hardware components
location Show physical location of chassis
mac-addresses Show media access control addresses
pic Show Physical Interface Card state, type, and uptime
routing-engine Show Routing Engine status
temperature-thresholds Show chassis temperature threshold settings
usb Show chassis USB status


QUESTION 4
In the Junos OS, which type of file dumps the program’s environment in the form of memory
pointers, instructions, and register data to a file in the event of a panic or other serious
malfunction?

A. log file
B. backup file
C. configuration file
D. core file

Answer: D

Explanation: Junos will under a panic create a core-dump file, definitely not a backup file.
> show system core-dumps
/var/crash/*core*: No such file or directory
/var/tmp/*core*: No such file or directory
/var/tmp/pics/*core*: No such file or directory
/var/crash/kernel.*: No such file or directory
/tftpboot/corefiles/*core*: No such file or directory


QUESTION 5
Which operational CLI command would you use to display information about the system and
software processes?

A. show system
B. show chassis
C. show route
D. show cli

Answer: A

Explanation: Show route will only show you routing, show system will show you software related
information:
>show system ?
Possible completions:
alarms Show system alarm status
audit Show file system MD5 hash and permissions
auto-snapshot Show auto-snapshot status when system booted from alternate slice
autoinstallation Show autoinstallation information
autorecovery Show autorecovery information
boot-messages Show boot time messages
buffers Show buffer statistics
certificate Show installed X509 certificates
commit Show pending commit requests (if any) and commit history
configuration Show configuration information
connections Show system connection activity
core-dumps Show system core files
directory-usage Show local directory information
download Show status of downloads
firmware Show all firmware version information
health Show online diagnostic status
license Show feature licenses information
login Show system login state
memory Show system memory usage
processes Show system process table
queues Show queue statistics
reboot Show any pending halt or reboot requests
resource-cleanup Show resource cleanup information
rollback Show rolled back configuration
services Show service applications information
snapshot Show snapshot information
software Show loaded JUNOS extensions
statistics Show statistics for protocol
storage Show local storage data
threads Show system threads table
uptime Show time since system and processes started
users Show users who are currently logged in
virtual-memory Show kernel dynamic memory usage

Click here to view complete Q&A of JN0-690 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Cisco JN0-690 Certification, Cisco JN0-690 Training at certkingdom.com


Continue Reading

JN0-694 Enterprise Routing and Switching Support, Professional (JNCSP-ENT)

JNCSP-ENT Exam Objectives (Exam: JN0-694)

IGP Troubleshooting
Given a scenario, demonstrate knowledge of how to troubleshoot OSPFv2 and OSPFv3 issues on Junos devices
Routing issues
Neighbor/adjacency issues
Configuration issues

BGP Troubleshooting
Given a scenario, demonstrate knowledge of how to troubleshoot BGP issues on Junos devices
Peering issues
Routing issues
Next hop resolution issues
Configuration issues

Routing Policy Troubleshooting
Given a scenario, demonstrate knowledge of how to troubleshoot routing policy issues on Junos devices
Forwarding table policy issues
Routing instance issues
IGP policy issues
BGP policy issues
Configuration issues

Layer 2 Switching Troubleshooting
Given a scenario, demonstrate knowledge of how to troubleshoot Spanning Tree issues on Junos devices
STP
RSTP
MSTP
VSTP
Configuration issues
Given a scenario, demonstrate knowledge of how to troubleshoot other Layer 2 switching and High Availability issues on Junos devices
VLAN issues
Q-in-Q tunneling and L2PT issues
Layer 2 port security issues
Authentication and access control issues
Virtual chassis
Configuration issues

Multicast Troubleshooting
Given a scenario, demonstrate knowledge of how to troubleshoot multicast issues on Junos devices
RP issues
SPT issues
PIM issues
IGMP issues
Configuration issues

Class of Service (CoS) Troubleshooting
Given a scenario, demonstrate knowledge of how to troubleshoot CoS issues
Classification and rewrite issues
Policer issues
Queuing/scheduling issues
Packet drop issues
Configuration issues


QUESTION 1
You are implementing Q-in-Q tunneling on an EX Series switch. You want the tunnel to support all
C-VLANs; however, only some VLANs are able to send traffic across the tunnel. Switch-1 has the
following configuration:
[edit vlans]
user@Switch-1# show
v100 {
vlan-id 100;
interface {
ge-0/0/0.10;
ge-0/0/1.20;
}
dot1q-tunneling {
customer-vlans [ ];
}
}
What would solve this problem?

A. Add family ethernet-switching to the tunnel-side interface on Switch-1.
B. Implement RSTP.
C. Q-in-Q tunneling will not work in this scenario; use a Layer 2 VPN instead.
D. Remove the customer-vlans statement.

Answer: C

Explanation:


QUESTION 2
You are troubleshooting a problem where an OSPF adjacency between two neighboring routers will not form.
What are two reasons for this problem? (Choose two.)

A. One or both of the connected interfaces are missing the family inet statement.
B. One or both of the connected interfaces are missing the family iso statement.
C. The connected interfaces are not on the same subnet.
D. Another IGP is running on one or both of the routers, overriding OSPF.

Answer: B,D

Explanation:


QUESTION 3
Your Junos device is dropping certain traffic flows, while allowing other traffic flows to pass through the device unaffected.
Which CoS component is causing this problem?

A. BA classification
B. RED
C. MF classification
D. Rewrite rules

Answer: D

Explanation:


QUESTION 4
Two neighboring routers are able to form an OSPF adjacency, but are not able to establish an IBGP neighborship.
What are two reasons for the IBGP neighborship problem? (Choose two.)

A. One of the devices has a misconfigured BGP peer address.
B. One or both of the connected interfaces are missing the family iso statement.
C. OSPF has a lower route preference than BGP.
D. A firewall filter on one of the interfaces is blocking TCP traffic.

Answer: B,C

Explanation:

Click here to view complete Q&A of JN0-694 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Cisco JN0-694 Certification, Cisco JN0-694 Training at certkingdom.com

 


Continue Reading

Follow Us

Bookmark and Share


Popular Posts