|
Bookmark and Share

Monday, August 24, 2009

JNCIA-ER Preassessment New Exam!

1. Which J-Web menu should you use to view the router's "last known good" configuration? B

A. Configuration > View and Edit
B. Configuration > Rescue
C. Configuration > Rollback
D. Configuration > History

2. Which J-Web window pane allows you to view and manage licenses? D

A. Monitor
B. Configuration
C. Diagnose
D. Manage

3. Which major J-Web menu should you use to view the physical hardware in the router?D

A. Manage
B. Diagnose
C. Configuration
D. Monitor

4. You are logged in to an M10i router as the lab user. The J-Web 8.0R2.8 package is located in your home directory.
Which CLI command would install the J-Web interface?C

A. load software jweb-8.0R2.8-signed.tgz
B. load software /home/lab/jweb-8.0R2.8-signed.tgz
C. request system software add jweb-8.0R2.8-signed.tgz
D. request system software add /home/lab/jweb-8.0R2.8-signed.tgz

5. Which J-Web menu displays the amount of free space on the router's compact flash?C

A. Manage > System
B. Diagnose > Flash
C. Monitor > System
D. Monitor > Flash

6. What is the purpose of the services interface?A

A. Processes traffic using class-of-service.
B. Provides various layer 2 and layer 3 services.
C. Used to bundle Ethernet interfaces on M-series routers.
D. Allows for secure shell access to the router.

7. Which definition most accurately describes VRRP?A

A. An election protocol used to designate one of multiple routers as the master router, which serves as the forwarding next-hop for the LAN.
B. A virtual protocol which makes VPN communications possible.
C. A redundancy protocol used to identify the active WAN circuit.
D. A link-state routing protocol used in Ethernet environments.

8. Which three daemons are contained in the JUNOS software?BCD
There are 3 correct answers

A. VPN
B. Routing Protocol
C. Management
D. Chassis

9. Which two statements regarding the JUNOS software user authentication methods are correct?CD
There are 2 correct answers

A. Multiple users can authenticate using a common local user account.
B. Only one authentication method can be configured.
C. Multiple authentication methods can be configured.
D. All users must be configured locally on the router.

10. Which CLI command displays the hardware currently installed in the router?C

A. show chassis alarms
B. show system hardware
C. show chassis hardware
D. show system environment

11. Which statements are true regarding DHCP services and J-series routers?BC
There are 2 correct answers

A. J-series routers can operate as a DHCP-relay agent only.
B. J-series routers can operate as a DHCP server.
C. J-series routers can function as a DHCP-relay agent and DHCP server simultaneously.
D. J-series routers can relay DHCP requests from one LAN to another.

12. Which CLI command displays any active alarms on the router?B

A. show system alarms
B. show chassis alarms
C. show system environment
D. show chassis environment


13. Which configuration statement contacts a TACACS+ server when the primary RADIUS server is unreachable?C

A. [edit] system { authentication-order [ radius tacacs+ ]; }
B. [edit] authentication { login-order [ radius tacplus ]; }
C. [edit] system { authentication-order [ radius tacplus ]; }
D. [edit] authentication { login-order [ radius tacplus ]; }

14. What are three characteristics of the JUNOS software?ABC
There are 3 correct answers

A. Contains a modular operating system.
B. Separate forwarding and control planes.
C. Single software train for all M,T and J-series routers.
D. Contains easy to read registry keys.

15. What statements about ALGs are true?AC
There are 2 correct answers

A. ALGs monitor protocol exchanges and perform address and port translations within the payload for certain protocols.
B. ALGs allow the router to interact with layer 4 and above when performing translation services.
C. ALGs are required whenever NAT is used.
D. ALGs are only used when PAT is configured.

16. Which type of IGP should you use to achieve scalability in a large enterprise network?B

A. distance-vector protocol
B. link-state protocol
C. Bellman-Ford protocol
D. path-vector protocol

17. What are two services provided by the SDX?AC
There are 2 correct answers

A. customized firewall modifications
B. an XML interface for router configuration
C. usage tracking and accounting
D. secure remote access to the router

18. Which statements are true regarding the ASM?CD
There are 2 correct answers

A. The ASM supports only layer 3 services.
B. The ASM comes standard with all M7i and M10i routers.
C. The ASM supports the layer 2 and layer 3 service packages simultaneously.
D. The ASM is an option when ordering the M7i.

19. You have a router which does not have the J-Web interface installed by default.C
Which CLI command installs the J-Web package?

A. load system software jweb-8.0R2.8-signed.tgz
B. install package jweb-8.0R2.8-signed.tgz
C. request system software add jweb-8.0R2.8-signed.tgz
D. package add jweb-8.0R2.8-signed.tgz

20. Which VRRP configuration option monitors the state of an interface and is capable of initiating a change in mastership if the monitored interface goes down?C

A. snoop
B. monitor
C. preempt
D. track

21. Which JUNOS software feature forms the basis for JUNOScope?B

A. J-Web
B. JUNOScript
C. BSD Kernel
D. SDX

22. Which configuration option allows you to view autoinstallation messages?A

A. traceoptions
B. debug
C. view
D. decode

23. Which of the following address assignment options are available when configuring NAT?AB
There are 2 correct answers

A. Static
B. Dynamic
C. One-to-one
D. One-to-many

24. Within the J-Web initial setup wizard, which menu is used to configure the hostname of the router?A

A. Set Up
B. Interfaces
C. Users
D. Routing

25. Which MLPPP configuration statement determines the threshold for maintaining the state of an MLPPP bundle?B

A. link-limit
B. link-threshold
C. minimum-threshold
D. minimum-links

26. What are three protocol limitations of RIP? (Choose three.) (ACD)

A. It has a maximum network diameter.

B. It can only be used on broadcast links.

C. It will count to infinity and slow down loop prevention.

D. It will send periodic updates of the entire routing table.



27. What is the JUNOS software term for decoding protocol packets? 19. (c)

A. dump .

B. stat

C. trace

D. debug


28. Which CLI command displays all static routes in the routing table? (D)
A. show static all

B. show route static

C. show static route

D. show route protocol static

29. When using the J-Web interface to configure RIP, which two policies are automatically configured by the router? (Choose two.)

(C D)

A. Import policy to block RIP routes.
B. Import policy to block direct routes.
C. Export policy to advertise RIP routes.
D. Export policy to advertise direct routes.


30. Which statement describes the function of a routing policy?

(D)

A. It controls the size of routing protocol packets.
B. It allows routing protocols to be auto configured.
C. It allows for the configuration and management of user permissions.
D. It controls routing information transferred in and out of the routing table.



31. Which type of routing protocol is RIP?

(D)

A. link state
B. path vector
C. policy based
D. distance vector

32. Which routing technology is often used when a customer is single-homed to a service provider?(C)

A. RIP

B. BGP

C. Static

D. OSPF

33. Which command configures a minimal SNMP Configuration? (C)

A. edit snmp community juniper
B. set snmp server 10.12.1.1 version 2c
C. set snmp community juniper authorization read-only
D. snmp community juniper authorization read-only


34. Which protocol family must be configured on an interface to allow ICMP traffic to be received? (B)

A. ip

B. inet

C. icmp

D. management


Q35) which statements are true regarding DHCP services and J-series routers? (B, D)
A) J-series routers can operate as a DHCP-relay agent only.
B) J-series routers can operate as a DHCP server
C) J-series routers can function as DHCP-relay agent and DHCP server simultaneously
D) J-series routers can relay DHCP requests from one LAN to another



Q36). Which CLI command displays the current RIP configuration on a J-series router?(D)

A. show protocols rip
B. show configuration rip
C. show rip configuration
D. show configuration protocols rip

Q37) Which tool can be used to verify that packets are using the correct path toward a given destination? (D)
A) Ping
B) Netstat
C) Nslookup
D) Traceroute


Q38) What is one way to activate the rescue configuration on a J-series router?(D)
A. Issue the load rescue command.
B. Issue the activate rescue command.
C. Press the rescue button for less than 5 seconds.
D. Press the configuration button for less than 5 seconds.

Q39). Which type of policy allows RIP routes to be placed into OSPF?(C)
A. RIP import policy
B. RIP export policy
C. OSPF import policy
D. OSPF export policy


Q40). What are two action types in the Juniper routing policy? (Choose two.)(B,C)

A. sorting
B. ee-writing
C. terminating
D. modifying

Q41). Where do you configure a RIP neighbor in the CLI?(D)

A. under [routing rip neighbor]
B. under [protocols rip neighbor]
C. under [routing rip group "group-name" neighbor]
D. under [protocols rip group "group-name" neighbor]

JNCIA-EX pre-assessment exam

1. What does the Virtual Router Redundancy Protocol (VRRP) provide?
A.VRRP provides a way for multiple routers to form a virtual chassis.
B.VRRP provides a way for multiple routers to share routing information.
C.VRRP provides a way for multiple routers to function as a redundant gateway for a subnet.
D.VRRP provides a way for multiple routers to share information about virtual chassis with each other.

2. What is true about the way the JUNOS software processes routing policies?
A.The JUNOS software processes terms in order. When it finds a matching from clause, it applies all the actions specified in the then statement. It stops processing further terms.
B.The JUNOS software processes terms in order. When it finds a matching from clause, it applies all the actions specified in the then statement. It continues processing further terms until it reaches a reject action.
C.The JUNOS software processes terms in order. When it finds a matching from clause, it applies all the actions specified in the then statement. It continues processing further terms until a terminating action is reached.
D.The JUNOS software processes terms in order. When it finds a matching from clause, it applies the first action specified in the then statement. It stops processing further terms unless the next term action is specified.

3. Which three statements are true regarding firewall filters?


There are 3 correct answers
A.Firewall filters contain terms.
B.Terms contain then clauses.
C.Terms are processed sequentially.
D.from clauses specify only the source addresses and port information.
E.to clauses specify only the destination addresses and port information.

5. Which three are valid firewall filter application points?


There are 3 correct answers
A.input on a VLAN
B.output on a VLAN
C.output on a trunk-mode switch port
D.input on an access-mode switch port
E.output on an access-mode switch port

6.Which three configurable actions are supported for MAC limiting on an EX-series switch?


There are 3 correct answers
A.log
B.trap
C.drop
D.none
E.admin-down

7. What is the default reauthentication interval for 802.1X?
A.1600 seconds
B.2600 seconds
C.3600 seconds
D.4600 seconds

8. Which statement correctly describes a benefit of 802.1X?

A.802.1X provides a way to prevent unauthorized access to the network.
B.802.1X provides access control and authentication mechanism on a per- VLAN basis.
C.802.1X provides efficiency by allowing supplicants to communicate directly with the authentication server.
D.802.1X provides a comprehensive authentication and authorization method that can replace any other security features against Denial of Service (DoS) attacks.



10. What is the benefit of enabling the voice VLAN feature on EX-series switches?
A.It allows only one device to be connected on an enabled port.
B.It automatically applies Class of Service (CoS) on enabled ports.
C.It helps to reduce the number of ports required for connected devices.
D.It helps combine both data and voice traffic into a single defined VLAN

11. Which term describes a network device that implements the Link Layer Discovery Protocol
(LLDP)?
A.LLDP agent
B.LLDP object
C.LLDP client
D.LLDP idenitity

12. What is the command to set an IP address on an interface?
A.[edit interfaces ge-0/0/0] root# set unit 0 ip address 10.1.1.1/24
B.[edit interfaces ge-0/0/0] root# set unit 0 family inet address 10.1.1.1/24
C.[edit interface ge-0/0/0] root# set unit 0 ip address 10.1.1.1 255.255.255.0
D.[edit interfaces ge-0/0/0] root# set unit 0 family inet address 10.1.1.1 255.255.255.0

13. What is the purpose of the command shown below?
[edit] user@switch# save config.conf

A.This command saves the current active configuration to the /var/tmp directory.
B.This command saves the current candidate configuration to the /var/tmp directory.
C.This command saves the current active configuration to the user’s home directory.
D.This command saves the current candidate configuration to the user’s home directory.

14. Which configuration-mode command loads the EX-series switch back to its factory-default configuration?
A.load factory-default
B.save factory-default
C.activate factory-default
D.rollback factory-default

15. Which configuration would allow a user to authenticate with an EX-series switch if both the RADIUS and TACACS+ server rejected the authentication?
A.[edit system] lab@s1# show authentication-order [ radius ];
B.[edit system] lab@s1# show authentication-order [ tacplus ];
C.[edit system] lab@s1# show authentication-order [ radius tacplus local ];
D.[edit system] lab@s1# show authentication-order [ radius tacplus password ];

16.What are three predefined system login classes?


There are 3 correct answers
A.remote
B.operator
C.read-only
D.super-user
E.administrator

17. Which configuration sends syslog messages with a facility of authorization and a severity level of info to a syslog server with the IP address 10.0.0.1?
A.[edit system] lab@s1# show syslog 10.0.0.1 { authorization info; }
B.[edit system] lab@s1# show syslog { host 10.0.0.1 { authorization info; } }
C.[edit system] lab@s1# show syslog { host 10.0.0.1 { authorization all; } }
D.[edit system] lab@s1# show syslog 10.0.0.1 { info authorization; }

18. Which two commands display the Routing Engine temperature?


There are 2 correct answers


A.show chassis status
B.show chassis environment
C.show chassis routing-engine
D.show chassis temperature-thresholds

19. Which two statements are true with regard to roles and responsibilities in a virtual chassis?


There are 2 correct answers


A.When the virtual chassis master switch fails, a new election occurs to elect the new master switch.
B.In the virtual chassis mastership election process the switch with the highest mastership priority wins.
C.In the virtual chassis mastership election process, the switch with the lowest mastership priority wins.
D.When the virtual chassis master switch fails, the backup switch will automatically become the new master switch

20. What are three roles of member switches in a virtual chassis?


There are 3 correct answers
A.slave
B.master
C.backup
D.standby
E.line card


21. Which operational-mode command would you use to find out which switch is operating as the virtual chassis master switch?

A.show chassis hardware
B.show virtual-chassis status
C.show virtual-chassis protocol
D.show virtual-chassis active-topology

22. Which statement about virtual chassis technology is true?
A.PFEs in a virtual chassis use Link Layer Discovery Protocol (LLDP) to discover each other.
B.A virtual chassis uses a spanning-tree-type algorithm to prevent loops in a virtual chassis ring.
C.A virtual chassis uses token-based ring-access technology to forward packets between ports on different member switches.
D.A virtual chassis uses a shortest-path-based algorithm to decide how packets are forwarded between ports on different member switches.

23. What are three valid port roles used in RSTP?


There are 3 correct answers
A.trunk port
B.access port
C.backup port
D.alternate port
E.designated port

24. What are two purposes of STP?


There are 2 correct answers
A.loop prevention
B.best path calculation
C.create redundant paths
D.lower convergence time

25. Which two elements make up an STP bridge ID?


There are 2 correct answers
A.cost
B.bridge priority value
C.interface priority value
D.system MAC address

-----------

26. You are connecting a PC that does not support 802.1X to an EX-series switch port with 802.1X enabled.
* Which action would allow the device to gain access to the network?

A. Configure the dynamic VLAN on the interface.
B. Configure firewall filter to bypass 802.1X authentication.
C. Configure the number of retries parameter of interface to 0.
D. Configure authentication bypass for the PC’s MAC address.

27. In which two situations would you use a routing policy? There are 2 correct answers

A. When you need to restrict Telnet to the device.
B. When you need to deny packets over an interface.
C. When you need to modify routes in the forwarding table.
D. When you need to restrict advertisements to a neighbor.

JNCIS-ER Preassessment Exam.

Q1. Which attributes are automatically updated when a BGP update is sent to an EBGP
neighbor? (choose 2) A,D

A. BGP Next-hop attribute
B. Local Preference attribute
C. Multi Exit Descriminator (MED) attribute
D. AS-Path attribute
E. Origin attribute


Q2. Which statements are true about post-service-filters? (choose 3) A,C,D

A. A post-service-filter can only be used on input
B. A post-service-filter can be used on input, output or both
C. A post-service-filter is only applied to packets that are processed by a service-set
D. A post-service-filter is a standard stateless firewall-filter


Q3. For a given prefix 10.10.10.0/23 learned as an OSPF Internal Intra-Area, an OSPF
Internal Inter-Area and an OSPF AS External type 1, which route will be preferred? A

A. OSPF Internal Intra-Area route
B. OSPF Internal Inter-Area route
C. OSPF AS External type 1
D. Equal cost load sharing will occur if equal cost paths exist


Q4. Your enterprise is dual-homed to the same Service Provider using BGP, with two links
having bandwidth of STM1/OC3 and STM4/OC12 respectively. You want to influence all traffic
leaving your autonomous-system to use the STM/OC12 link.
Which BGP attributes can you modify to accomplish this goal? (choose 2) B,D

A. Set Local Preference in an import policy for routes learned from the neighbor on the
STM4/OC12 link to be 80
B. Set Local Preference in an import policy for routes learned from the neighbor on the
STM4/OC12 link to be 180
C. Configure the import-policy for the STM4/OC12 neighbor to set the ORIGIN attribute to
be INCOMPLETE
D. Configure the import-policy for the STM1/OC3 neighbor to as-path prepend the
neighbors autonomous-system twice
E. Configure the import-policy for the STM4/OC12 neighbor to as-path prepend the
neighbors autonomous-system twice















Q5. In the exhibit,
which export policy or policies will be applied to BGP neighbor 10.10.10.1? C


A. global-policy
B. group-policy
C. nbr-policy
D. all three policies
E. none of the policies


Q6. Which steps are required to configure an interface-style service set? (choose 5) A,B,C,D,F

A. Configure the service interface
B. Configure the service rules and rule-sets
C. Configure the service-set to include the service rules and/or rule-sets
D. Configure the service-set to be interface-style and which service interface to use
E. Configure routing to the service interface
F. Apply the service-set to the required interfaces


Q7. Which step is not recommended as part of a seamless RIP to OSPF IGP transition using
the overlay method? C

A. Configure all routers to ensure the existing RIP IGP has a better route preference than
the new OSPF IGP
B. Configure all routers to run OSPF
C. Redistribute all RIP routes into OSPF and vise versa
D. Ensure all routers have learned all networks via OSPF
E. Gracefully transition to OSPF by changing the route-preference of RIP to be higher than
OSPF


Q8. Which configuration step is required when configuring an OSPF NSSA area? C

A. You must configure nssa on all routers in the network
B. You must configure nssa under [ edit protocols ospf ]
C. You must configure nssa under [ edit protocols ospf area ]
D. You must configure nssa only on the Area Border Routers (ABR's)


Q9. Which statements below are valid JUNOS stateful-firewall rule match types? (choose 3) A,
B,D

A. destination-address-range
B. source-prefix-list
C. esp-spi
D. applications
E. interface-set























Q10. In the exhibit, which statement is true for the static route 11.11.11.0/24 that is evaluated
against the BGP export policy chain? D

A. The 11.11.11.0/24 prefix is accepted by policy P1 and advertised to neighbor
10.10.10.1
B. The 11.11.11.0/24 prefix is rejected by policy P1 and not advertised to neighbor
10.10.10.1
C. The 11.11.11.0/24 prefix is rejected by the policy P2
D. The 11.11.11.0/24 prefix is rejected by the BGP default policy
E. The 11.11.11.0/24 prefix is accepted by the BGP default policy




Q11. You want to determine which NAT pools have been configured on the router.
Which command will display this information (choose 1) D

A. show services nat available pools
B. show services pools
C. show services nat-pool-table
D. show services nat pools


Q12. Which statements best describe Enterprise connections to Service Providers? (choose 2) C,
D

A. Enterprises should always run BGP with their Service Providers when their CPE router
has parallel multiple links to the ISP router
B. When BGP is run in an enterprise network, all routers need to run BGP
C. Enterprises should use a static default route when there is only one entry/exit point out
of their network
D. Enterprises should use BGP when they are multi-homed and have a need to exercise
policy controls


Q13. Assuming the requirements for the establishment of an EBGP session between the
loopback0 interfaces of both routers. The local autonomous-system is defined as AS100 and
the neighbors autonomous-system is AS200.
The local autonomous-system is configured under [ routing-options autonomous-system
100 ]
Which statement is not true about Multihop External BGP peering sessions? A

A. Both peer-as 200 and type external parameters are required
B. Only peer-as 200 is required
C. You must configure the local-address parameter
D. You must configure the ttl for the multi-hop neighbor(s)
E. The local router must have a route to the eBGP neighbors configured address


Q14. In the exhibit, which statements are true for the NAT translation? (choose 2) B,C

A. The private/internal IP address that will be changed is 192.168.11.4
B. The private/internal IP addresses that will be changed are 10.222/16
C. The public/external IP address is 192.168.11.4
D. The private/internal IP addresses can be anything
E. The public/external IP address is 10.222.44.1


Q15. While monitoring the systems messages file, you encounter an entry that is frequently
repeated, but seems somewhat cryptic
Jun 8 14:12:28 R1 chassisd[2737]: CHASSISD_IFDEV_DETACH_PIC: ifdev_detach_pic(0/3)
Which command can you use to better understand the significance of this message? C

A. show syslog message CHASSISD_IFDEV_DETACH_PIC
B. show system message CHASSISD_IFDEV_DETACH_PIC
C. help syslog CHASSISD_IFDEV_DETACH_PIC
D. show system error log CHASSISD_IFDEV_DETACH_PIC


Q16. In the exhibit, which statements are valid entries for the "State" field? (choose 3) B,D,E

A. Monitor
B. Watch
C. Listen
D. Drop
E. Forward


Q17. The security policy for your company specify that access for all operations staff to network
devices will migrate to the TACACS+ protocol. The RADIUS protocol is currently deployed and
will be the preferred method for authentication
What configuration is required on the JUNOS routers to ensure that only when network
connectivity issues resulting in the TACACS+ and RADIUS being inaccessible allow locally
defined users to login to the routers? C

A. set system authentication-order [radius tacplus password]
B. set system authentication-order [tacplus radius password]
C. set system authentication-order [radius tacplus]
D. set system authentication-order [tacplus radius]


Q18. Which statements are true about Queuing on M-Series and J-Series routers (choose 3) B,C,
E

A. All M-Series routers support up to 8 hardware queues
B. All J-Series routers support up to 8 queues
C. Forwarding-classes map to queues
D. Voice Traffic is automatically classified as expedited-forwarding (EF) and sent to queue
1
E. The default queue/forwarding class associations are
a. Queue 0 - best-effort
b. Queue 1 - expedited-forwarding
c. Queue 2 - assured-forwarding
d. Queue 3 - network-control


Q19. You need to determine which VPN technology is best suited to provide enterprise branch
office connectivity. The requirements are that the solution should be:
cost-effective does not have stringent security requirements need not support legacy protocols
should be simple to manage for the customer
should also provide Internet access on the same physical interface Which technologies/
solutions are best suited? D

A. Traditional overlay L2VPN based on Frame-Relay, ATM or Leased lines
B. MPLS based L2VPN
C. IPSec VPN
D. MPLS based L3VPN
E. GRE tunnel VPN


Q20. You need to ensure that a branch office which is connected to the Service Provider with a
link speed of 128K does not get overwhelmed with traffic from the head office which has a link
speed of 2Mbps. Juniper Networks J-Series routers are deployed as CPE devices in both
locations.
Which mechanism is best suited? D

A. Police traffic exceeding 128Kbps to the branch site at the head office
B. Upgrade the branch sites bandwidth to 2 Mbps to ensure traffic limits are not exceeded
C. Apply Class of Service to ensure that the most important traffic is prioritized
D. Apply JUNOS Virtual Channels at the head office to ensure branch office sites are not
overwhelmed with too much traffic


Q21. Which statements are true regarding Class of Service configuration in JUNOS? (choose 4)
A,C,D,E

A. Behavior Aggregate (BA) classifiers are configured under
[edit class-of-service classifiers]
B. Behavior Aggregate (BA) classifiers are applied under
[edit interfaces class-of-service]
C. scheduler-maps are needed to link forwarding-classes to schedulers
D. RED/WRED profiles configured under [edit class-of-service drop-profiles] must be
referenced in schedulers to take effect
E. Rewrite-rules are configured under [edit class-of-service rewrite-rules] and must be
applied to the logical interfaces defined under [edit class-of-service interfaces]
F. Schedulers are configured under [edit class-of-service schedulers] and may include
a. forwarding-class
b. transmit-rate
c. priority
d. buffer-size


Q22. Which statements are true about Policing/Rate Limiting (choose 2) A,C

A. Policing is a useful tool for protecting the network from non-compliant sources
B. Token-bucket policers can not be used on all interface types
C. Policers can be used to protect the network against DoS/DDoS attacks
D. Policers can only be configured on ingress


Q23. Which command can be used to determine which sockets the router has in either a listen
or established state? B

A. show netstat sockets
B. show system connections
C. show running protocols
D. show connections up


Q24. During the establishment of an IPSec VPN, the routers negotiate which parameters will be
used for the establishment of the IPSec Security Association (SA) using proposals that define
these parameters.
Which statements are true about configuring IPSec proposals? (choose 3) C,D,F
[edit services ipsec-vpn ipsec proposal p1]
luser@Junos-router#

A. set authentication algorithm blowfish
B. set encryption algorithm rsa
C. set encryption algorithm aes-256-cbc
D. set protocol esp
E. set protocol ip
F. set lifetime 86400


Q25. You need to verify that the IPSec VPN that you have just configured on a J-Series router is
operating correctly.
Which commands could be used to verify this? (choose 2) C,D

A. show ike security-associations
B. show ipsec security-associations
C. show services ipsec-vpn ike security-associations
D. show services ipsec-vpn ipsec security-associations


Q26. Which statements are true for Class of Service ingress processing (choose 2) B,E

A. Rewrite codepoints
B. Multifield classification
C. Scheduling
D. Shaping
E. RateLimiting/Policing


Q27. Which three commands are valid syntax?' A,C,D

A. set then reject
B. set then discard
C. set then accept
D. set then next-policy
E. set then metric2 20 accept


Q28. Which configuration step is required when configuring an OSPF NSSA area? C

A. You must configure nssa on all routers in the network
B. You must configure nssa under [ edit protocols ospf ]
C. You must configure nssa under [ edit protocols ospf area ]
D. You must configure nssa only on the Area Border Routers (ABR's)


Q29. Which statement is true about prefix-lists? (choose 2) B,C

A. They are always exact matches when used in firewall-filters
B. They are always orlonger matches when used in firewall-filters
C. They are always exact matches when used in routing policies
D. They are always orlonger matches when used in routing policies


Q30. You are at the [ firewall family inet filter actions term u-decide] Yoiurconfiguration
hierarchy.
Which three commands are valid syntax? A,C,E

A. set then reject tcp-reset
B. set then source-class
C. set then accept log syslog sample count PKTS
D. set then next-policy
E. set then forwarding-class


Q31. Which statement is true if a route does not match any terms in a policy chain? D

A. The route is automatically accepted
B. The route is automatically rejected',false
C. The accept/reject decision must be specified in the final policy',false
D. The accept/reject decision is based on the protocols default policy


Q32. Which OSPF LSA is not flooded in an OSPF Stub Area? D

A. Router LSA\'s (Type 1)
B. Network LSA\'s (Type 2)
C. Summary LSA\'s (Type 3)
D. ASBR Summary LSA\'s (Type 4)

Q. Which statement is true for the order of the selection of the BGP active route? D
A. AS-Path -> Local-Preference -> Origin -> MED
B. MED -> Origin -> AS-Path -> Local-Preference
C. Local-Preference -> Origin -> AS-Path -> MED
D. Local-Preference -> AS-Path -> Origin -> MED


Q33. Which statements are true about Internal BGP configurations? (choose 3) B,C,D

A. Only directly connected neighbors need be configured
B. Usually the IP address of the loopback0 interface is used for the IBGP sessions
C. Use of the local-address configuration statement is required
D. The IGP is used to route packets between remote neighbors
E. When multiple links exist between neighbors, there needs to be multiple neighbors
configured


Q34. In a network which does not use Route Reflectors, which statements are true about BGP
readvertisement rules? (choose 2) B,E

A. When learned from External BGP, readvertise to only IBGP neighbors
B. When learned from External BGP, readvertise to both IBGP and other EBGP neighbors
C. When learned from Internal BGP, readvertise to only IBGP
D. When learned from Internal BGP, readvertise to both IBGP and EBGP neighbors
E. When learned from Internal BGP, readvertise to only EBGP


Q35.You have multiple routes to the same destination using the default route preference.
Which source of routing information will be selected? A

A. OSPF Internal
B. RIP
C. OSPF External
D. Internal BGP
E. External BGP


Q36. Which of the following configuration statements must be added to the sample configuration
to redistribute RIP prefixes into all OSPF areas? A

A. set export rip-2-ospf
B. set area 0 export rip-2-ospf
set area 10 export rip-2-osp
set area 20 export rip-2-ospf
C. set area 20 nssa default-lsa default-metric 1
D. set area all export rip-2-ospf


Q37. Which statements are true about service-filters? (choose 3) B,C,E

A. A service-filter can only be used on input
B. A service-filter can be used on input, output or both
C. A service-filter cannot match multicast traffic
D. A service-filter is a standard stateless firewall-filter
E. A service-filter can only be used with interface-style service-sets


Q38. Which statements are true about the Networks Address Translations (NAT) options that
JUNOS supports? (choose 3) A,C,D
A. Source Dynamic
B. Destination Dynamic
C. Source Static
D. Destination Static


Q39. Which statements are true about the Networks Address Translations (NAT) types that
JUNOS supports? (choose 4) A,B,C,E

A. Source Static 1:1 translation
B. Destination Static 1:1 translation
C. Source Dynamic many:1 translation (PAT)
D. Destination Dynamic 1:1 translation
E. Source Dynamic 1:1 translation
Q. Which statements below are valid JUNOS stateful-firewall rule actions and action modifiers?
(choose 2) C

A. discard
B. log
C. syslog
D. sample


Q40. Which statements are true about the IPSec VPN implementation for protecting transit data
on M-Series and J-Series routers? (choose 2) C,D

A. Only data integrity is supported with Authentication Header (AH)
B. Only data privacy is supported with Encapsulating Security Payload (ESP)
C. Both data integrity with Authentication Header (AH) and data privacy with Encapsulating
Security Paylpoad (ESP) are supported
D. Only tunnel mode is supported
E. Only transport mode is supported


Q41. Which statements are true about Application Layer Gateways (ALG\'s)? (choose 3) A,B,E

A. ALG\'s allow the router to interact with protocols at layer 4 and above
B. ALG\'s allow the router to inspect the payload of connections
C. ALG\'s allow the router to translate protocols
D. ALG\'s are required for all connections
E. Custom ALG definitions can be configured


Q42. Which statements below are valid JUNOS nat rule match types and actions? (choose 3) A,D,
F

A. from source-address
B. from destination-address-range
C. from source-prefix-list
D. then translated translation-type source dynamic
E. then count
F. then no-translation


Q43. Which statements below best describe the role of Class of Service (choose 2) B,D

A. CoS is designed to make the network faster
B. CoS provides mechanisms for categorizing traffic
C. CoS is designed to reduce congestion
D. CoS allows network devices to prioritize traffic based on category
E. CoS always improves network performance


Q44. Which statements are true for Class of Service traffic classification (choose 3) B,D,E

A. Behavior Aggregate (BA) classification is based on examining various fields in the IP header
B. Multifield (MF) classification is based on examining various fields in the IP header
C. Behavior Aggregate (BA) classifiers are most commonly used at the edge of the network
D. Behavior Aggregate (BA) classifiers are most commonly used in the network core
E. Behavior Aggregate (BA) classification is based on examining codepoints


Q45. The components of scheduling include priority, transmission-rate, buffer-size and
congestion avoidance (RED).

Which statements are true about Scheduling on MSeries
and J-Series routers (choose 4) A,B,C,D

A. Priority defines the order of which queues will be serviced
B. By default all queues are low priority
C. The queue priorities on J-Series routers are
a. High
b. Medium-high
c.
Medium-low
d. Low
D. By default the buffer-size is distributed equally amongst available queues
E. Congestion avoidance with RED by default results in 50% drop when the corresponding
queue is 50% full


Q46. You need to verify that packets are being correctly classified and sent to the appropriate queue on a J-Series router with interface se-3/0/0.

Which commands or tools could
be used to verify this information? (choose 2) A,D

A. how interfaces queue se-3/0/0
B. show class-of-service interface se-3/0/0
C. show interfaces se-3/0/0 queue-statistics
D. show interfaces detail se-3/0/0


Q47. Which statements are true regarding Multilink Frame Relay (MLFR)? (choose 2) A,D

A. FRF.15 is similar to Multilink PPP (MLPPP) and operates end-to-end
B. FRF.16 is similar to Multilink PPP (MLPPP) and operates end-to-end
C. FRF.15 makes it possible to connect a Customer Premise Equipment (CPE) device with
multiple connections to the Provider Edge (PE) device as a single logical connection
D. FRF.16 makes it possible to connect a Customer Premise Equipment (CPE) device with
multiple connections to the Provider Edge (PE) device as a single logical connection


Q48. The enterprise network you manage is tightening security of all network devices. You are
tasked to ensure that optimum security of the routers is achieved without interruption to any
legitimate protocols or services that are required to run and manage this network.


Which commands should be run to ensure all services and protocols are included in
the router protection filters? (choose 4) A,B,D,F

A. Configuration mode show system
B. Configuration mode show snmp
C. Configuration mode show services
D. Configuration mode show protocols
E. Configuration mode show firewall
F. Operation mode show system connections
G. Operation mode show system statistics


Q49. Which statements are true about the use of next-hop style service sets over interface-style
service sets when using IPSec VPNs? B

A. Supports securing traffic to remote endpoint
B. Supports routing protocols directly over IPSec
C. Supports multiple remote endpoints
D. Supports having multiple local endpoints in the same service-set


Q50. M-Series and J-Series routers? (choose 2) C,D

A. Only data integrity is supported with Authentication Header (AH)
B. Only data privacy is supported with Encapsulating Security Payload (ESP)
C. Both data integrity with Authentication Header (AH) and data privacy with Encapsulating
Security Paylpoad (ESP) are supported
D. Only tunnel mode is supported


Q51. Which statements are true about IPSec-over-GRE Tunnels? (choose 2) A,D

A. ipsec-over-gre are GRE tunnels that are secured by IPSec
B. ipsec-over-gre are IPSec tunnels that are routed over GRE
C. If the GRE and IPSec endpoints are the same, you should use a next-hop style service-set
D. If the GRE and IPSec endpoints are the same, you should use a interface style service-set


Q52. The IPSec VPN you have just configured is not establishing. To troubleshoot this you have
configured the router with traceoptions as below.

[edit services ipsec-vpn]

user@Junos-router# show traceoptions
file size 1m files 5;
flag ike;
[edit
services ipsec-vpn]

Which commands could be used to monitor this? (choose 2) C,F

A. show log ipsec-vpn
B. show log messages
C. show log kmd
D. monitor start ipsec-vpn
E. monitor start messages
F. monitor start kmd


Q53. Which command can be used to determine whether the SNMP process is running? C

A. show process snmp
B. show snmp daemon
C. show system processes
D. show task snmp


Q54. Which command can be used monitor the temperature of the components in a Juniper
Networks enterprise router? C

A. show chassis temperature
B. show system temperature
C. show chassis environment
D. show temperature


Q55. Which statements are true about multilink-ppp? Which mechanism is best suited? B

A. multilink-ppp can only be configured on ISDN interfaces on a J-Series router
B. multilink-ppp allows for the increase in overall throughput by combining the bandwidth of
two or more physical links
C. multilink-ppp can only be configured in combination with a valid CRTP configuration
D. multilink-ppp requires multiple IP pt-to-pt links over PPP to provide redundancy


Q56. Which statements are true about Compressed Real-Time Transport Protocol? (choose 2) A,C

A. CRTP is intended to reduce serialization delay
B. CRTP must be configured with multiple links
C. CRTP can be configured with a single link
D. CRTP compresses both UDP and TCP headers


Q57. The routers configuration in the exhibit does not have the router-id configured. Which area
will the loopback interface of the router be included in the Router LSA (Type 1)? D

A. Area 0.0.0.0
B. Area 0.0.0.20
C. No Areas
D. Area 0.0.0.0 and Area 0.0.0.20

Friday, August 21, 2009

PASS4SURE - CCIE™ Written Exam DUMPS

CCIE

DOWNLOADS
350-001 Routing and Switching Download
350-018 Security
350-029 Service Provider
350-040 Storage Networking
350-030 Voice Written Download
350-050 Wireless

PASS4SURE - CCIP™ DUMPS

CCIP™ SERVICE PROVIDER

DOWNLOADS
642-901 BSCI™ See CCNP
642-892 Composite™ See CCNP
642-642 QOS™ v4.82

EXE

642-661 BGP™
642-611 MPLS™
642-691 BGP™+MPLS™ v160Q

PDF

PASS4SURE - CCVP™ DUMPS

For individuals using Cisco Unified Communications Manager the following path towards certification is recommended:

CCVP™ VOICE

DOWNLOADS
642-436 CVOICE™

v4.55

EXE

642-446 CIPT1™

v4.18

EXE

642-642 QOS™ see CCIP
642-456 CIPT2™

v4.28

EXE

v4.88

EXE

642-426 TUC™

v3.89

EXE

Juniper JNCIS-ES Preassessment

Download this image file to attempt JNCIS-ES Preassessment Test HERE

In case of problem contact me on mabbasj@gmail.com

Tuesday, August 4, 2009

CCNA Pass4Sure Dumps with Crack

Latest CCNA Pass4Sure Dumps can be downloaded here free..............
1: CCNA IINS Implementing Cisco IOS Network Security : 640-553 Exam(Crack included) Download

2: CCNA 640-460-voice-114 Q (Before Installing Engine your System must equipped with JRE) Engine PDF

3: CCNA 640-802 v8.14 EXE PDF

4: CCNA 640-802 v7.58 (4-July) EXE PDF

5: CCNA 640-802 v8.03 EXE


Pass4Sure Crack


CCNA 640-802 v8.14 Download

CCNA 640-802 v7.58 (4-July) Download

If you face any problem while cracking contact on mabbasj@gmail.com


ActualTest

CCNA 640-802 PDF
Freelance Jobs