Pass JN0-649 Exam - Real Test Engine PDF with 195 Questions [Q59-Q84]

Pass JN0-649 Exam - Real Test Engine PDF with 195 Questions

Get New JN0-649 Certification Practice Test Questions Exam Dumps

NEW QUESTION # 59
Referring to the exhibit, a PIM-SM network is set up to enable communication between multicast devices.
Which two statements are true? (Choose two.)

• A. Before the formation of the rendezvous-point tree, an IGMP is sent from the Source to R5.
• B. Before the formation of the rendezvous-point tree, a join message is sent from R1 to R3.
• C. Before the formation of the rendezvous-point tree, a join message is sent from R1 to R5.
• D. Before the formation of the rendezvous-point tree, an IGMP is sent from the Receiver to R1.

Answer: A,D

NEW QUESTION # 60
When configuring class of services, what would be you use to allocate bandwidth to a forwarding class?

• A. bandwidth
• B. transmit rate
• C. buffer depth
• D. speed

Answer: B

NEW QUESTION # 61
Juniper devices use the token bucket algorithm for policing. Which two statements are true regarding the token bucket algorithm? (Choose two.)

• A. Policers transmit streams of traffic at the maximum interface speed until the burst rate is reached.
• B. Policers do not reduce the speed of an interface.
• C. Policers reduce the speed of an interface.
• D. Policers enforce gaps between transmitted packets.

Answer: B,D

NEW QUESTION # 62
Which two statements about OSPF routing policies are correct? (Choose two.)

• A. By default, OSPF export policies reject network-summary LSAs.
• B. By default, OSPF export policies accept network-summary LSAs.
• C. By default, OSPF import policies accept network-summary LSAs.
• D. By default, OSPF import policies reject network-summary LSAs.

Answer: A,C

NEW QUESTION # 63
You are implementing 802.1x authentication in your Layer 2 network. Each user will have a computer and a phone and you must ensure that both device are authenticated individually. In this scenario, which supplicant mode should be used?

• A. multiple
• B. Captive-portal
• C. Single
• D. Single-secure

Answer: C

NEW QUESTION # 64
Which three statements are correct about EVPN route types? (Choose three.)

• A. Type 2 routes carry endpoint MAC address information.
• B. Type 2 routes carry endpoint IP address information.
• C. Type 5 routes carry replication information.
• D. Type 1 routes carry endpoint MAC address information.
• E. Type 3 routes carry replication information.

Answer: A,B,E

Explanation:
The EVPN control plane advertises the following types of information:
Route type 1 - This is an Ethernet Auto-Discovery (EAD) route type used to advertise Ethernet segment identifier, Ethernet Tag ID, and EVPN instance information. EAD route advertisements may be sent for each EVPN instance or for each Ethernet segment.
Route type 2 - This advertises endpoint reachability information, including MAC and IP addresses of the endpoints or VTEPs.
Route type 3 - This performs multicast router advertisement, announcing the capability and intention to use ingress replication for specific VNIs.
Route type 4 - This is an Ethernet Segment route used to advertise the Ethernet segment identifier, IP address length, and the originating router's IP address.
Route type 5 - This is an IP prefix route used to advertise internal IP subnet and externally learned routes to a VXLAN network.

NEW QUESTION # 65
Referring to the exhibit, which LSA type is used to advertise 192.168.1.0/24 to R5?

• A. Type 3
• B. Type 7
• C. Type 4
• D. Type 5

Answer: C

NEW QUESTION # 66
Referring to the exhibit, which two statements are correct? (Choose two.)

• A. The ge-0/0/10 interface supports PoE+.
• B. If the total power consumption exceeds 90 watts, the ge-0/0/11 interface will continue to receive power.
• C. PoE is not enabled on the ge-0/0/0 interface.
• D. The maximum wattage that this switch can allocate to attached Ethernet devices is 100 watts.

Answer: A,D

Explanation:
POE is enabled in the interface ge-0/0/0 but nothing is connected to it. switch is in AT mode (poe+) and interface ge-0/0/11 supports poe+ judging by maximun wattage.

NEW QUESTION # 67
You are 802.1X supplicant, but traffic must be accepted once the user has authenticated their computer on the port In this scenario, which supplicant mode should be used?

• A. multiple
• B. captive-portal
• C. single
• D. single-secure

Answer: C

NEW QUESTION # 68
You are troubleshooting a BGP connection.
Referring to the exhibit, which two statements are correct? (Choose two.)

• A. Packet fragmentation is preventing the session from establishing.
• B. The ge-0/0/1 interface is disabled.
• C. The 192.168.1.4 peer has a misconfigured autonomous system number.
• D. The 192.168.1.5 peer has a misconfigured MD5 key.

Answer: C,D

Explanation:
* Step 1: Check the error messages in the log.
The log messages indicate:
vbnet
Copy code
Dec 22 19:22:29 router rpd[7394]: bgp_process_open:4185: NOTIFICATION sent to 192.168.1.4 (Internal AS 65000): code 2 (Open Message Error) subcode 2 (bad peer AS number), Reason: peer 192.168.1.4 (Internal AS 65000) claims 65100, 65000 configured Dec 22 19:22:33 router rpd[7394]: bgp_pp_recv:4788: NOTIFICATION sent to 192.168.1.4+56714 (proto):
code 2 (Open Message Error) subcode 2 (bad peer AS number), Reason: no group for 192.168.1.4+56714 (proto) from AS 65100 found (peer as mismatch) in master
* Step 2: Interpret the messages.
* The first message indicates that a BGP NOTIFICATION was sent to 192.168.1.4 due to an "Open Message Error" with a "bad peer AS number" because peer 192.168.1.4 claims AS 65100, but
65000 is configured.
* The second message reiterates that the peer AS number 65100 does not match the configured AS
65000, causing a mismatch.
* Step 3: Understand the MD5 key error.
sql
Copy code
Dec 22 19:23:29 router kernel: tcp_auth_ok: Packet from 192.168.1.5:64047 missing MD5 digest Dec 22 19:23:30 router kernel: tcp_auth_ok: Packet from 192.168.1.6:56201 missing MD5 digest
* These lines indicate that packets from 192.168.1.5 and 192.168.1.6 are missing the MD5 digest, suggesting a potential MD5 key misconfiguration.
* Step 4: Validate the answers.
* Option B: The 192.168.1.5 peer has a misconfigured MD5 key. This is correct because the logs show that packets from 192.168.1.5 are missing the MD5 digest.
* Option D: The 192.168.1.4 peer has a misconfigured autonomous system number. This is correct because the logs indicate that 192.168.1.4 claims AS 65100, while the router is configured for AS
65000.
References:
* Document on useful Juniper commands for troubleshooting BGP and understanding log messages.
* Commands for checking BGP logs: show log messages | match notification, show bgp summary, show configuration protocols bgp.

NEW QUESTION # 69
Remote branches connect to the corporate WAN through access switches. The access switches connect to access ports on the WAN distribution switch, as shown in the exhibit. L2PT has previously been configured on the tunnel Layer 2 traffic across the WAN. You decide to move the L2PT tunnel endpoints to the access switches. When you apply the L2PT configuration to the access switches, the ports that connect the access switches to the distribution switch shut down.
Which action would solve this problem?

• A. Disable the BPDU block function on the access switches.
• B. Configure the links between the access switches and the distribution switch as a trunk port.
• C. Configure a GRE tunnel to encapsulate the L2PT traffic across the WAN.
• D. Disable the BPDU block function on the distribution switch.

Answer: B

Explanation:
Access interfaces in an L2PT-enabled VLAN should not receive L2PT-tunneled PDUs. If an access interface does receive L2PT-tunneled PDUs, there might be a loop in the network, and the device will shut down the interface. https://www.juniper.net/documentation/us/en/software/junos/multicast-l2/topics/topic-map/layer-2-protocol-tunneling.html

NEW QUESTION # 70
You will to route Layer 3 PVLAN traffic within the secondary VLAN.
What is required to accomplish this task?

• A. an FBF policy
• B. an IRB
• C. a community VIAN
• D. an isolated VLAN

Answer: B

NEW QUESTION # 71
Referring to the exhibit, traffic ingresses on interface ge-0/0/3 and egresses on interface ge-0/0/4.
Which queue does traffic with the IP precedence value of 100 use?

• A. assured-forwarding
• B. expedited-forwarding
• C. network-control
• D. best-effort

Answer: B

NEW QUESTION # 72
A modified deficit round-robin scheduler is defined by which three variables? (Choose three.)

• A. WRED
• B. priority
• C. transmit rate
• D. Layer 3 fields
• E. buffer size

Answer: A,B,C

NEW QUESTION # 73
You are deploying IP phones in your enterprise networks. When plugged in, the IP phones must be automatically provided with the correct VLAN ID needed for sending voice traffic to the EX Series switches.
In this scenario, which two solutions are required to accomplish this task? (Choose two.)

• A. Create two VLANs and assign them as VLAN members to the appropriate access interfaces.
• B. Enable LLDP-MED on appropriate access interfaces.
• C. Use LLDP on appropriate interfaces.
• D. Enable the voice VLAN feature with the appropriate access interfaces and VLAN ID for voice traffic.

Answer: B,D

Explanation:
* Enabling LLDP-MED:
* LLDP-MED (Link Layer Discovery Protocol - Media Endpoint Discovery) is an extension of LLDP specifically for VoIP devices.
* It allows network devices to advertise and receive configuration information, such as VLAN IDs, from the network switch.
* Voice VLAN Feature:
* The voice VLAN feature on switches is designed to simplify the deployment of VoIP by automatically placing voice traffic on a designated VLAN.
* Configuring the appropriate access interfaces and VLAN ID for voice traffic ensures that voice
* packets are prioritized and properly segmented from other types of traffic.
* Configuration Steps:
* Enable LLDP-MED on the appropriate access interfaces:
plaintext
Copy code
set protocols lldp-med interface ge-0/0/0
* Enable the voice VLAN feature and specify the VLAN ID:
plaintext
Copy code
set ethernet-switching-options voip interface ge-0/0/0 vlan voice
set ethernet-switching-options voip interface ge-0/0/0 forwarding-class assured-forwarding References:
* Juniper documentation on LLDP-MED
* Juniper EX Series switch configuration guide for voice VLAN

NEW QUESTION # 74
You are deploying IP phones in your enterprise network that must receive their power through their Ethernet connection. You are using your EX Series switch's PoE ports that support IEEE
802.3af. In this scenario, what is the maximum amount of power allocated to each interface?

• A. 50 W
• B. 15.4 W
• C. 10.2 W
• D. 30 W

Answer: B

Explanation:
PoE was first defined in the IEEE 802.3af standard, which supplied up to 15.4 W of power to a connected powered device. Subsequent versions increased the amount of power that can be supplied to a powered device.

NEW QUESTION # 75
You are asked to establish interface level authentication for users connecting to your network.
You must ensure that only corporate devices, identified by MAC addresses, are allowed to connect and authenticate. Authentication must be handled by a centralized server to increase scalability. Which authentication method would satisfy this requirement?

• A. 802.1X with multiple supplicant mode
• B. 802.1X with single-secure supplicant mode
• C. MAC RADIUS
• D. captive portal

Answer: C

Explanation:
https://www.juniper.net/documentation/us/en/software/junos/user-access/topics/topic-map/mac- radius-authentication-switching-devices.html You can configure MAC RADIUS authentication on an interface that also allows 802.1X authentication, or you can configure either authentication method alone.
If both MAC RADIUS and 802.1X authentication are enabled on the interface, the switch first sends the host three EAPoL requests to the host. If there is no response from the host, the switch sends the host's MAC address to the RADIUS server to check whether it is a permitted MAC address. If the MAC address is configured as permitted on the RADIUS server, the RADIUS server sends a message to the switch that the MAC address is a permitted address, and the switch opens LAN access to the nonresponsive host on the interface to which it is connected.

NEW QUESTION # 76
Referring to the exhibit, you configured a new multicast classifier for the ge-1/2/0 interface ICMP traffic to the best-effort queue and traffic from 190.168.20.0/24 to the expedited forwarding queue.
You received noticed that some application are not working after the change.
Which configuration change will remedy the problem?

• A. [edit firewall family inet filter ingress
  User@host # set term 3 then accept
• B. [edit firewall family inet filter ingress
  User@host # set term 3 then next
• C. [edit firewall family inet filter ingress
  User@host # set term 2 from service-filter hit
• D. [edit firewall family inet filter ingress
  User@host # set term 2 from protocol tcp

Answer: A

NEW QUESTION # 77
You are troubleshooting a BGP connection.
Referring to the exhibit, which two statements are correct? (Choose two.)

• A. Packet fragmentation is preventing the session from establishing.
• B. The ge-0/0/1 interface is disabled.
• C. The 192.168.1.4 peer has a misconfigured autonomous system number.
• D. The 192.168.1.5 peer has a misconfigured MD5 key.

Answer: C,D

NEW QUESTION # 78
Your EX Series switch has IP telephones and computers connected to a single switch port. You are considering implementing the voice VLAN feature to help with this setup. In this scenario, which two statements are correct? (Choose two.)

• A. The voice VLAN feature must be used with LLDP-MED to associate VLAN ID and 802.1p values with the traffic.
• B. The interfaces must be configured as access ports.
• C. The voice VLAN feature will enable incoming tagged data and voice traffic to be associated with separate VLANs.
• D. Assigning the incoming voice and data traffic to separate VLANs enables the ability to prioritize the traffic using CoS.

Answer: A,B

Explanation:
EX Series switches can accommodate an IP telephone and end host connected to a single switch port. In such a scenario, voice and data traffic must be separated into different broadcast domains, or VLANs. One method for accomplishing this is by configuring a voice VLAN, which enables access ports to accept untagged data traffic as well as tagged voice traffic from IP phones, and associate each type of traffic with separate and distinct VLANs. Voice traffic (tagged) can then be treated differently, generally with a higher priority than data traffic (untagged).

NEW QUESTION # 79
You are asked to establish full connectivity between all devices in the BGP network. Referring to the exhibit, which two configuration changes will allow BGP route advertisements? (Choose two.)

• A. On R1 and R3, include the advertise-peer-as statement at the [edit protocols bgp group external] hierarchy.
• B. On R2, include the loops 2 statement at the [edit protocols bgp family inet unicast] hierarchy.
• C. On R1 and R3, include the loops 2 statement at the [edit protocols bgp family inet unicast] hierarchy.
• D. On R2, include the advertise-peer-as statement at the [edit protocols bgp group external] hierarchy.

Answer: C,D

NEW QUESTION # 80
You are asked to enforce user authentication using a captive portal before users access the corporate network.
Which statement is correct in this scenario?

• A. All Web browser requests are redirected to the captive portal until authentication is successful.
• B. When enabled, a captive portal must be applied to each individual interface.
• C. A captive portal can be bypassed using an allowlist command containing a device's IP address.
• D. HTTPS is the default protocol for a captive portal.

Answer: A

NEW QUESTION # 81
You are implementing the route summarization feature of OSPF.
Which two results do you achieve in this scenario? (Choose two.)

• A. It reduced the routing table size, enabling devices to store and process less information.
• B. It reduces the impact of topology changes on a device.
• C. It helps in migrating to future multi-area OSPF network designs.
• D. It provides optimal routing in the network.

Answer: A,B

Explanation:
OSPF Route Summarization Benefits:
* Reduces Routing Table Size: By summarizing routes, multiple specific routes are combined into a single route. This reduces the number of entries in the routing table, making it more efficient and easier for the devices to process. This is critical in large networks to maintain performance and manageability.
* Reduces Impact of Topology Changes: When a topology change occurs in one of the summarized routes, it does not need to propagate throughout the entire network. Only the summary route may need to be updated, which minimizes the impact and limits the scope of updates needed.
Implementation in OSPF:
* Configuration Example:
shell
Copy code
set protocols ospf area 0.0.0.0 range 10.1.0.0/16
* This command summarizes the routes in area 0.0.0.0 to a single route of 10.1.0.0/16.
References:
* The documents provided, such as "network-mgmt.pdf" and other relevant configuration guides, emphasize these benefits as fundamental to efficient OSPF deployment.

NEW QUESTION # 82
You are configuring, the PVLAN feature on your switches. The PVLAN will span the two EX Series switches shown in the exhibit.
Which three configuration parameters must be enabled on the ports connecting the two switches?
(Choose three. )

• A. family Ethernet-switching
• B. family inet
• C. interface-mode access
• D. inter-switch-link
• E. interface-mode trunk

Answer: A,D,E

NEW QUESTION # 83
You want to create an OSPF area that only contains intra-area route information in the form of Type 1 and Type 2 LSAs.
In this scenario, which area is needed to accomplish this task?

• A. totally stubby area
• B. stub area
• C. non-to-stubby area
• D. totally non-to-stubby area

Answer: A

Explanation:
A totally stubby area (TSA) is a stub area in which summary link-state advertisement (type 3 LSAs) are not sent. A default summary LSA, with a prefix of 0.0. 0.0/0 is originated into the stub area by an ABR, so that devices in the area can forward all traffic for which a specific route is not known, via ABR.

NEW QUESTION # 84
......

The JN0-649 certification exam is a valuable credential for network engineers and administrators who want to demonstrate their expertise in Juniper Networks technologies. It is recognized as a leading certification in the industry and is highly regarded by employers and peers alike.

The JN0-649 exam is a vendor-neutral certification that is recognized worldwide. It is an industry-standard certification that is highly valued by employers and networking professionals alike. Enterprise Routing and Switching, Professional (JNCIP-ENT) certification is designed to provide networking professionals with the skills and knowledge they need to excel in their careers and stay up to date with the latest trends and technologies in enterprise networking.

 

JN0-649 Exam Dumps - PDF Questions and Testing Engine: https://passleader.dumpexams.com/JN0-649-vce-torrent.html