Archive for the ‘Juniper’ Category

JN0-420 JNCIS-DevOps

This list provides a general view of the skillset required to successfully complete the specified certification exam.

Platform Automation Overview
Identify features and fuctions on an IDP sensor
MGD-based automation
JSD-based automation

NETCONF/XML API
Describe the concepts, benefits or operation of automation access methods
XML API
NETCONF
REST API
gRPC

Data Serialization
Describe the concepts, benefits or operation of data serialization
YAML
JSON
XML

Python/Ruby
Describe Python tools for automating Junos
PyEZ
RPCs
PyEZ exception handling
REST
JSNAPy
Jinja2
Describe Ruby tools for automating Junos
RubyEZ

Ansible
Describe how to use Ansible for automating Junos
Play books
Templates (Jinja2)

Junos Automation Scripts
Describe the concepts, benefits or operation of automation scripts for Junos
Commit, Op, Event, or SNMP scripts
Python
SLAX

YANG
Identify the concepts, general features of Junos support for YANG models
Implementation concepts

Juniper Extension Toolkit
Identify the concepts, general features or functionality of the Juniper Extension Toolkit
Service APIs
Notification APIs
Fast Programmatic Configuration (Ephemeral DBs)
 

QUESTION 2
A customer has a control machine with a default Ansible installation. During execution of an Ansible module, the Ansible control machine generates the no hosts matched error.
Which statement is correct in this scenario?

A. The targetdevice was not defined in /etc/ansible/hosts on the control machine.
B. The target device was not defined in /etc/ansible/invertory/hosts on the control machine.
C. The target device was not defined in /etc/hosts on the control machine.
D. The target device was not defined on the associated DNS servers.

Answer: A

 


 

QUESTION 3
What are three elements of a JET notification message? (Choose three.)

A. hostname
B. time
C. username
D. severity
E. subscription type

Answer: B,C,D

 


 

QUESTION 4
With which three processes does the JET service process communicate?(Choose three)

A. rpd
B. mgd
C. cosd
D. ancpd
E. snmpd

Answer: A,B,E

 


 

QUESTION 5
What is the purpose of an _intit_.py file ?

A. An_init_.py file sets all magic attributes with the _init_prefix with the appropriate default values.
B. An_init_.py file initializes a Python application with default values for instantiated objects.
C. An_init_.py file contains strings for additional directories that the Python interpreter adds to sys.path [].
D. An_init_.py file indicates to the Python interpreter that a directory contains Python packages or modules.

Answer: B

 

Click here to view complete Q&A of JN0-420 exam
Certkingdom Review
, Certkingdom PDF Torrents

 

 MCTS Training, MCITP Trainnig

 

 Best Juniper JN0-420 Certification, JNCIS JN0-420 Training at certkingdom.com

 

JN0-647 Enterprise Routing and Switching Exam

JN0-647 Enterprise Routing and Switching Exam

This list provides a general view of the skill set required to successfully complete the specified certification exam. Topics listed are subject to change.

Interior Gateway Protocols (IGPs)
BGP
IP Multicast
Ethernet Switching and Spanning Tree
Layer 2 Authentication and Access Control
IP Telephony Features
Class of Service (CoS)

Interior Gateway Protocols (IGPs)

Describe the concepts, operation or functionality of IGPs
IS-IS
RIP
OSPFv2 and OSPFv3
Routing Policy
Given a scenario, demonstrate knowledge of how to configure, troubleshoot, or monitor IGPs

BGP

Describe the concepts, operation or functionality of BGP
BGP route selection process
Next hop resolution
BGP attributes – concept and operation
BGP communities
Regular expressions
Load balancing – multipath, multihop, forwarding table
NLRI families — inet, inet6
Advanced BGP options
Given a scenario, demonstrate knowledge of how to configure, troubleshoot, or monitor BGP
Implement BGP routing policy

IP Multicast

Describe the concepts, operation or functionality of IP multicast
Components of IP multicast, including multicast addressing
IP multicast traffic flow
Any-Source Multicast (ASM) vs. Source-Specific Multicast (SSM)
RPF – concept and operation
IGMP, IGMP snooping
PIM dense-mode and sparse-mode
Rendezvous point (RP) – concept, operation, discovery, election
SSM – requirements, benefits, address ranges
Anycast RP
MSDP
Routing policy and scoping
Given a scenario, demonstrate knowledge of how to configure, troubleshoot, or monitor IP multicast
IGMP, PIM-DM, or PIM-SM (including SSM)
Implement IP multicast routing policy

Ethernet Switching and Spanning Tree

Describe the concepts, operation or functionality of advanced Ethernet switching
Filter-based VLANs
Private VLANs
Dynamic VLAN registration using MVRP
Tunnel Layer 2 traffic through Ethernet networks
Junos Fusion Enterprise
Layer 2 tunneling using Q-in-Q and L2PT
Given a scenario, demonstrate knowledge of how to configure, troubleshoot, or monitor advanced Ethernet switching
Filter-based VLANs
Private VLANs
Dynamic VLAN registration using MVRP
Tunnel Layer 2 traffic through Ethernet networks
Junos Fusion Enterprise
Layer 2 tunneling using Q-in-Q and L2PT
Describe the concepts, operation or functionality of advanced spanning tree protocols, including MSTP or VSTP
Given a scenario, demonstrate knowledge of how to configure, troubleshoot, or monitor MSTP or VSTP

Layer 2 Authentication and Access Control

Describe the operation of various Layer 2 authentication or access control features
Authentication process flow
802.1x – concepts and functionality
MAC RADIUS
Captive portal
Server fail fallback
Guest VLAN
Considerations when using multiple authentication/access control methods
Given a scenario, demonstrate how to configure, troubleshoot, or monitor Layer 2 authentication or access control

IP Telephony Features

Describe the concepts, operation or functionality of features that facilitate IP telephony deployments
Power over Ethernet (PoE)
LLDP and LLDP-MED
Voice VLAN
Given a scenario, demonstrate how to configure, troubleshoot, or monitor features used to support IP telephony deployments

Class of Service (CoS)

Describe the concepts, operation or functionality of Junos CoS for Layer 2/3 networks
CoS processing on Junos devices
CoS header fields
Forwarding classes
Classification
Packet loss priority
Policers
Schedulers
Drop profiles
Shaping
Rewrite rules
Given a scenario, demonstrate knowledge of how to configure, troubleshoot, or monitor CoS for Layer 2/3 networks


QUESTION 1
You are configuring a scheduler map on an EX9200 Series device. You want to ensure that traffic is dropped in a policing action once traffic exceeds the configured transit rate.
Which configuration parameter will meet this requirement?

A. exact
B. rate-limit
C. remainder
D. percent

Answer: B


QUESTION 2
Which two statements are true about PIM source-specific multicast (SSM)? (Choose two.)

A. The receiver DR builds a source-base tree to the RP.
B. S, G is always used.
C. A Different group address must be used by each source.
D. IGMPv3 is required.

Answer: B,D


QUESTION 3
Which statement is correct about CoS policers on Junos devices?

A. Traffic that exceeds a policer’s traffic profile can be dropped or assigned to aspecific drop profile.
B. A policer can assign in-profile traffic to a specific forwarding class.
C. A policer does not alter in-profile traffic.
D. Policers can be configured to buffer traffic that exceeds the policer’s traffic profile.

Answer: C


QUESTION 4
Which statement is correct about MSTP?

A. MSTP enables mapping multiple independent spanning-tree instances onto one physical topology.
B. MSTP enables dynamic discovery of Layer 2 neighbors.
C. MSTP dynamically manages VLAN registration in a LAN.
D. MSTP uses stacked VLAN tags to extend a Layer 2 Ethernet connection between multiple sites.

Answer: A


QUESTION 5
Which type of BGP is used to peer with a different autonomous system?

A. external
B. classless
C. dynamic
D. static

Answer: A

Click here to view complete Q&A of JN0-647 exam
Certkingdom Review
, Certkingdom PDF Torrents

MCTS Training, MCITP Trainnig

Best HP JN0-647 Certification, Juniper JN0-647 Training at certkingdom.com

JN0-634 JNCIP-SEC Exam Objectives

This list provides a general view of the skill set required to successfully complete the specified certification exam. Topics listed are subject to change.

Application-Aware Security Services
Security Director Logging and Reporting
Sky ATP
Unified Threat Management (UTM)
Intrusion Prevention System (IPS)
Software Defined Secure Networks (SDSN)
User Firewall
Layer 2 Security

Application-Aware Security Services
Describe the concepts, operation, or functionality of AppSecure
Application identification
Custom Applications
Application Signatures
Application Tracking
AppQoS
AppFirewall
Given a scenario, demonstrate how to configure or monitor AppSecure

Security Director Logging and Reporting
Describe the concepts, operation, or functionality of Security Director logging and reporting
Security Director logging and reporting Installation
Security policy design and application
Analyzing data
Given a scenario, demonstrate how to configure or monitor Security Director logging and reporting information

Sky ATP
Describe the concepts, operation, or functionality of Sky ATP
Functions and processing flow
Analysis and actions
Monitoring and reporting
Given a scenario, demonstrate how to configure or monitor Sky ATP

Unified Threat Management (UTM)
Describe the concepts, operation, or functionality of UTM
Processing order
Content Filtering
Anti-virus
Anti-Spam
Web filtering
Given a scenario, demonstrate how to configure or monitor UTM functions

Intrusion Prevention System (IPS)
Describe the concepts, operation, or functionality of IPS
Processing order
Signatures
Policy
Templates
Given a scenario, demonstrate how to configure or monitor IPS functions

Software Defined Secure Networks (SDSN)
Describe the concepts, operation, or functionality of SDSN
SDSN fundamentals
Policy Enforcer
SDSN components
Given a scenario, demonstrate how to configure or monitor SDSN deployments

User Firewall

Describe the concepts, operation, or functionality of the user firewall
Integrated user firewall
User firewall implementation
Authentication sources
Given a scenario, demonstrate how to configure or monitor the user firewall

Layer 2 Security
Describe the concepts, operation, or functionality of Layer 2 security
Transparent mode
Mixed mode
Secure wire
MacSec
Given a scenario, demonstrate how to configure or monitor Layer 2 security


QUESTION 2 – (Topic 1)
In the IPS packet processing flow on an SRX Series device, when does application identification occur?

A. before fragmentation processing
B. after protocol decoding
C. before SSL decryption
D. after attack signature matching

Answer: A


QUESTION 4 – (Topic 1)
Click the Exhibit button.
user@host> monitor traffic interface ge-0/0/3
verbose output suppressed, use <detail> or <extensive> for full protocol decode
Address resolution is ON. Use <no-resolve> to avoid any reverse lookup delay.
Address resolution timeout is 4s.
Listening on ge-0/0/3, capture size 96 bytes
Reverse lookup for 172.168.3.254 failed (check DNS reachability). Other reverse lookup failures will not be reported.
Use <no-resolve> to avoid reverse lockups on IP addresses.
19:24:16.320907 In arp who-has 172.168.3.254 tell 172.168.3.1 19.24:17.322751 In arp who has 172.168.3.254 tell 172.168.3.1 19.24:18.328895 In arp who-has 172.168.3.254 tell 172.168.3.1
19.24:18.332956 In arn who has 172.168.3.254 tell 172.168.3.1
A new server has been set up in your environment. The administrator suspects that the firewall is blocking the traffic from the new server. Previously existing servers in the VLAN are working correctly. After reviewing the logs, you do not see any traffic for the new server.
Referring to the exhibit, what is the cause of the problem?

A. The server is in the wrong VLAN.
B. The server has been misconfigured with the wrong IP address.
C. The firewall has been misconfigured with the incorrect routing-instance.
D. The firewall has a filter enabled to block traffic from the server.

Answer: C


QUESTION 5 – (Topic 1)
Click the Exhibit button.
— Exhibit —
CID-0:RT: flow process pak fast ifl 71 in_ifp ge-0/0/5.0
CID-0:RT: ge-0/0/5.0:10.0.0.2/55892->192.168.1.2/80, tcp, flag 2 syn
CID-0:RT: find flow: table 0x5a386c90, hash 50728(0xffff), sa 10.0.0.2, da 192.168.1.2, sp 55892, dp 80, proto 6, tok 7
CID-0:RT: no session found, start first path. in_tunnel – 0x0, from_cp_flag – 0 CID-0:RT: flow_first_create_session
CID-0:RT: flow_first_in_dst_nat: in <ge-0/0/5.0>, out <N/A> dst_adr 192.168.1.2, sp 55892, dp 80
CID-0:RT: chose interface ge-0/0/5.0 as incoming nat if. CID-0:RT:flow_first_rule_dst_xlatE. DST no-xlatE. 0.0.0.0(0) to 192.168.1.2(80)
CID-0:RT:flow_first_routinG. vr_id 0, call flow_route_lookup(): src_ip 10.0.0.2, x_dst_ip 192.168.1.2, in ifp ge-0/0/5.0, out ifp N/A sp 55892, dp 80, ip_proto 6, tos 10
CID-0:RT:Doing DESTINATION addr route-lookup
CID-0:RT: routed (x_dst_ip 192.168.1.2) from LAN (ge-0/0/5.0 in 0) to ge-0/0/1.0, Next-hop: 172.16.32.1
CID-0:RT:flow_first_policy_searcH. policy search from zone LAN-> zone WAN (0x0,0xda540050,0x50)
CID-0:RT:Policy lkup: vsys 0 zone(7:LAN) -> zone(6:WAN) scope:0
CID-0:RT: 10.0.0.2/55892 -> 192.168.1.2/80 proto 6
CID-0:RT:Policy lkup: vsys 0 zone(5:Unknown) -> zone(5:Unknown) scope:0 CID-0:RT: 10.0.0.2/55892 -> 192.168.1.2/80 proto 6
CID-0:RT: app 6, timeout 1800s, curr ageout 20s CID-0:RT: packet dropped, denied by policy
CID-0:RT: denied by policy default-policy-00(2), dropping pkt CID-0:RT: packet dropped, policy deny.
CID-0:RT: flow find session returns error. CID-0:RT: —– flow_process_pkt rc 0x7 (fp rc -1) CID-0:RT:jsf sess close notify CID-0:RT:flow_ipv4_del_flow: sess , in hash 32 — Exhibit —
A host is not able to communicate with a Web server.
Based on the logs shown in the exhibit, what is the problem?

A. A policy is denying the traffic between these two hosts.
B. A session has not been created for this flow.
C. A NAT policy is translating the address to a private address.
D. The session table is running out of resources.

Answer: A


QUESTION 6 – (Topic 1)
Your management has a specific set of Web-based applications that certain employees are allowed to use.
Which two SRX Series device features would be used to accomplish this task? (Choose two.)
A. UserFW
B. IDP
C. AppFW
D. firewall filter

Answer: C


QUESTION 7 – (Topic 1)
You configured a custom signature attack object to match specific components of an attack:
HTTP-request
Pattern .*\x90 90 90 … 90
Direction: client-to-server
Which client traffic would be identified as an attack?

A. HTTP GET .*\x90 90 90 … 90
B. HTTP POST .*\x90 90 90 … 90
C. HTTP GET .*x909090 … 90
D. HTTP POST .*x909090 … 90

Answer: A
Reference: http://www.juniper.net/techpubs/en_US//idp/topics/task/configuration/intrusion-detection-prevention-signature-attack-object-creating-nsm.html

 

Click here to view complete Q&A of JN0-634 exam
Certkingdom Review
, Certkingdom JN0-634 PDF

 

MCTS Training, MCITP Trainnig

 

Best Juniper JN0-634 Certification, Juniper JN0-634 Training at certkingdom.com

JN0-120 Networks Certified Internet Associate, E-series

JNCIA-E Exam Objectives (Exam: JN0-120)

Operation, Configuration, and Troubleshooting
Identify the redundancy options of an E-series Router.
Describe the E-series Router chassis and line modules.
Define the various switch fabrics and ATM buses.
List the steps involved in moving a packet through the router.
Describe how the E-series Router handles routing updates.
List the different modes of operation.
Describe the components of the E-series Router file system.
Describe the steps involved in a basic configuration.
Identify the boot options available for an E-series Router.
Describe the capability and configuration of SNMP.
List the steps involved in upgrading or downgrading the software on an E-series Router.

E-series Router Virtual Routers
Identify the various uses for virtual routers.
List the steps involved in configuring a virtual router.
Define how to manage a virtual router.

Broadband Remote Access Services (B-RAS)
Define the traditional Remote Access Services.
Describe the basic components of a DSL network.
List the various B-RAS service deployment options.
Identify the steps to setup a basic ATM configuration.

Routed and Bridged 1483
Identify the IP addressing options for a routed 1483 network.
Describe the routing table constraints encountered when using routed 1483 encapsulation.
List the steps in configuring an E-series Router to support a routed 1483 network.
Identify the IP addressing options for a bridged 1483 network.
Describe the routing table constraints encountered when using bridged 1483 encapsulation.
Define the components of DHCP and how it is used.
List the steps in configuring an E-series Router to support a bridged 1483 network.

PPP over ATM (PPPoA)
Describe the processing of a PPP packet.
Define the Authentication, Authorization, and Accounting (AAA) option available for the E-series Router.
Identify the configuration steps involved in setting up authentication options.
List the options available for assigning an IP address to an interface.
Describe how virtual routers are used in a PPPoA service.
Identify the steps involved in configuring PPPoA.

PPP over Ethernet (PPPoE)
Describe the components of a PPP over Ethernet service.
Define the PPP over Ethernet Discovery Stage including the various message types.
Identify the steps for configuring PPPoE using a DSL network.
Identify the steps for configuring PPPoE using a metro Ethernet network.

Dynamic Configuration Mode

Describe the profile configuration utilities available for each B-RAS service offering.
List the services available for use with the autoconfig command.
Describe how a profile is used to describe and define an interface.

Layer 2 Tunneling Protocol (L2TP)
Describe the applications for using L2TP as a Virtual Private Network technology.
Describe the operation of the L2TP Access Concentrator.
Describe the operation of the L2TP Network Server.
List the steps for establishing an L2TP tunnel.
List the steps for establishing an L2TP session.
Identify the steps for configuring the E-series Router as an LAC.
Identify the steps for configuring the E-series Router as an LNS.

E-series Router Policy Management
Identify the components involved in classifying a packet for policy management.
Describe the functionality and configuration of rate limit profiles.
Define the function of a policy list.


QUESTION 1
By default, how does the router handle changes to its operational configuration?

A. Changes are not implemented, but are saved automatically.
B. Changes are not implemented and must be written into memory.
C. Changes are implemented immediately and saved automatically.
D. Changes are implemented immediately, but must be written into memory.

Answer: C

Explanation:


QUESTION 2
You would like to configure your PC’s IP address of 10.10.0.156 as an FTP host with a username
of user and a password of mypass. Which configuration command accomplishes this goal?

A. host userpc 10.10.0.156 ftp user mypass
B. host userpc 10.10.0.156 tftp user mypass
C. hostname userpc 10.10.0.156 ftp user mypass
D. hostname userpc 10.10.0.156 tftp user mypass

Answer: A

Explanation:


QUESTION 3
Where should you install the spare line module in a redundancy group?

A. last slot in the chassis
B. first slot in the chassis
C. lowest numbered slot in the group
D. highest numbered slot in the group

Answer: C

Explanation:

Click here to view complete Q&A of JN0-120 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Juniper JN0-120 Certification, Juniper JN0-120 Training at certkingdom.com

JN0-130 Juniper Networks Certified Internet Specialist

JNCIS-E Exam Objectives (Exam: JN0-130)

Advanced Operation, Configuration, and Troubleshooting
Identify the steps required to recover from a corrupted flash drive.
Describe the operation and configuration of NTP.
Define the logging and scripting capabilities of the E-series Router.
Describe the various macros available using the router CLI.
Identify the CLI login security features of the E-series Router.
Describe the steps performed during a Loopback test.
Describe the steps performed during a BERT test.

Interface Configuration
List the steps involved in configuring an ATM interface.
Identify the configuration components for a Frame Relay interface.
Define the configuration process for establishing both VLAN-tagged Ethernet and non-tagged Ethernet interfaces.
List the configuration steps for enabling a channelized interface.

Routing Information Protocol (RIP)
Describe the basic characteristics of the RIP protocol.
Identify the message types used in RIP.
List the CLI commands used to configure and verify RIP.

Open Shortest Path First (OSPF)
Define the functions of the following OSPF packet types: Hello, Database Descriptor, LS Request, LS Update, LS Ack.
Define the functions of the following OSPF area designations and functions: backbone area, non backbone area, stub area, and not-so-stubby area.
Define the functions of the following OSPF router types: backbone, area, ABR, ASBR.
Define the function and default values of the following OSPF timers: the hello interval, LSA transmission and retransmission interval, router dead interval.
Identify the steps required to form an OSPF adjacency.
Identify OSPF authentication types.
Identify the criteria used to choose an OSPF designated router (DR). Further discuss the functions of the DR and BDR.
Identify CLI commands used to configure and troubleshoot an OSPF network.

Intermediate System to Intermediate System (IS-IS)
Define the functions of the following IS-IS PDUs: Hello, Link-State, CSNP, PSNP.
Describe ISO network addressing as it applies to IS-IS.
Describe characteristics of IS-IS adjacencies, as they pertain to L1 and L2.
Define the function and identify the characteristics of the following IS-IS parameters: authentication, mesh groups, wide metrics, LSP lifetime, overload.
Describe the election of the Designated Intermediate System.
Describe interarea routing in IS-IS.
Describe the steps required to configure IS-IS.
Identify CLI commands used to monitor and troubleshoot an IS-IS network.

Border Gateway Protocol (BGP)
Define the functionality of BGP including partial updates, TCP connectivity, and BGP prefixes.
Describe the different BGP neighbor states.
Define the functions of the following BGP packet types: Open, Update, Notification, Keepalive.
Define the functions of the following BGP attributes: Next Hop, Local Preference, AS Path, Origin, MED, Community.
Identify the steps of the BGP Route Selection Algorithm.
Describe the default action for BGP route advertisements to EBGP and IBGP peers.
Define the consequences of BGP route flap damping.
Identify the characteristics of MBGP and list the reasons for enabling multiprotocol BGP.
Identify the use of route maps, prefix lists, and community lists in a BGP environment.
Describe the operation of a BGP confederation network.
Describe the operation of BGP route reflection.
Describe the steps required to configure and troubleshoot BGP.

Broadband Remote Access Services (B-RAS)
Identify configuration and troubleshooting steps involved in operating a Routed 1483 service offering.
Identify configuration and troubleshooting steps involved in operating a Bridged 1483 service offering.
Identify configuration and troubleshooting steps involved in operating a PPP over ATM service offering.
Identify configuration and troubleshooting steps involved in operating a PPP over Ethernet service offering.
Identify configuration and troubleshooting steps involved in using Dynamic Configuration Mode on the E-series Router.

Multiprotocol Label Switching (MPLS)
Define the functions of the following MPLS terms: Label-Switched Path, Label-Switched Router, Ingress, Transit, Penultimate, and Egress.
Identify the format and uses of an MPLS Label.
Define the functions and characteristics of RSVP.
Define the functions of the following RSVP attributes: Strict ERO, Loose ERO, Label Object, Label Request Object, Record-Route, Session Attribute, TSpec.
Describe the operation of LDP.
Define and configure basic MPLS functionality.
Describe the terminology of a BGP MPLS network.
Define the operation of a BP MPLS network.

Miscellaneous Topics
Identify the components of a multicast network.
Define how the E-series Router implements Quality of Service in a network environment.
Describe the applications of policy management on the E-series Router.
Identify the security features of the E-series Router.


QUESTION 1
What are two purposes of the RSVP signaling protocol when configuring MPLS Label-Switched
Paths (LSPs)? (Choose two.)

A. to perform a labelpush operation
B. to track the status of signaled LSPs
C. to perform longest-match route lookups
D. to reserve resources, such as labels and path information

Answer: B,D


QUESTION 2
A Bridged 1483 network is grouping all DSL users into a single logical subnet. Which configuration
command prevents the end users from directly communicating with each other?

A. noip arp
B. noip proxy-arp
C. restrictip arp
D. restrictip proxy-arp

Answer: B


QUESTION 3
Which three BGP attributes are always communicated in a BGP update packet? (Choose three.)

A. MED
B. Origin
C. AS Path
D. Next Hop
E. Aggregator

Answer: B,C,D


QUESTION 4
What is the default Quality of Service traffic class used by the ERX Edge Router?

A. bronze forwarding
B. assured forwarding
C. expedited forwarding
D. best effort forwarding

Answer: D


QUESTION 5
When configuring an explicit path, what does the next-address entry identify?

A. the tunnel end point
B. the tunnel start point
C. a specific node to be traversed
D. the node prior to the tunnel end point

Answer: A

Click here to view complete Q&A of JN0-130 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Juniper JN0-130 Certification, Juniper JN0-130 Training at certkingdom.com

 

JN0-342 Juniper Networks Certified Internet Associate (JNCIA-ER)

JNCIS-SP Exam Objectives (Exam: JN0-360)

Protocol-Independent Routing
Identify the concepts, operation and functionality of various protocol-independent routing components
Static, aggregate, and generated routes
Martian addresses
Routing instances, including RIB groups
Load balancing
Filter-based forwarding
Demonstrate knowledge of how to configure and monitor various protocol-independent routing components
Static, aggregate, and generated routes
Load balancing
Filter-based forwarding

Open Shortest Path First (OSPF)
Identify the concepts, operation and functionality of OSPF
Link-state database
OSPF packet types
Router ID
Adjacencies and neighbors
Designated router (DR) and backup designated router (BDR)
OSPF area and router types
LSA packet types
Demonstrate knowledge of how to configure, monitor and troubleshoot OSPF
Areas, interfaces and neighbors
Additional basic options
Routing policy application
Troubleshooting tools

Intermediate System to Intermediate System (IS-IS)
Identify the concepts, operation and functionality of IS-IS
Link-state database
IS-IS PDUs
TLVs
Levels and areas
Designated intermediate system (DIS)
Metrics
Demonstrate knowledge of how to configure, monitor and troubleshoot OSPF
Areas, interfaces and neighbors
Additional basic options
Routing policy application
Troubleshooting tools

Border Gateway Protocol (BGP)

Identify the concepts, operation and functionality of BGP
BGP basic operation
BGP message types
Attributes
Route/path selection process
IBGP and EBGP functionality and interaction
Demonstrate knowledge of how to configure and monitor BGP
Groups and peers
Additional basic options
Routing policy application

Layer 2 Bridging and VLANs
Identify the concepts, operation, and functionality of Layer 2 bridging for the Junos OS
Service Provider switching platforms
Bridging elements and terminology
Frame processing
Virtual Switches
Provider bridging (e.g., Q-in-Q tunneling)
Identify the concepts, benefits, and functionality of VLANs
Port modes
Tagging
MVRP
IRB
Demonstrate knowledge of how to configure, monitor and troubleshoot Layer 2 bridging and VLANs
Interfaces and ports
VLANs
MVRP
IRB
Provider bridging

Spanning-Tree Protocols
Identify the concepts, benefits, operation, and functionality of Spanning Tree Protocol and its variants
STP, RSTP, MSTP and VSTP concepts
Port roles and states
BPDUs
Convergence and reconvergence
Spanning-tree security
Demonstrate knowledge of how to configure, monitor and troubleshoot STP and its variants
Spanning-tree protocols – STP, RSTP, MSTP, VSTP
BPDU, loop and root protection

Multiprotocol Label Switching (MPLS) and MPLS VPNs
Identify the concepts, operation, and functionality of MPLS
MPLS terminology
MPLS packet header
End-to-end packet flow and forwarding
Labels and the label information base (LIB)
MPLS and routing tables
RSVP
LDP
Identify the concepts, benefits, operation, and functionality of MPLS VPNs
VPN routing tables
Layer 3 VPN terminology and components
BGP Layer 2 VPN terminology and components
LDP Layer 2 circuit terminology and components
Virtual private LAN service (VPLS) terminology and components
MPLS VPN control plane traffic flow
MPLS VPN data plane traffic flow
Demonstrate knowledge of how to configure and monitor MPLS
MPLS forwarding
RSVP-signaled and LDP-signaled LSPs

IPv6
Identify the concepts, operation and functionality of IPv6
IPv4 vs. IPv6
Address types, notation and format
Address scopes
Autoconfiguration
Tunneling
Demonstrate knowledge of how to configure and monitor IPv6
Interfaces
Static routes
Dynamic routing – OSPFv3, IS-IS, BGP
IPv6 over IPv4 tunneling

Tunnels
Identify the concepts, requirements and functionality of IP tunneling
Tunneling applications and considerations
GRE
IP-IP
Demonstrate knowledge of how to configure and monitor IP tunnels
GRE configuration
IP-IP configuration

High Availability

Identify the concepts, benefits, applications and requirements of high availability
Link aggregation groups (LAG) and multichassis LAGs (MC-LAGs)
Graceful restart (GR)
Graceful Routing Engine switchover (GRES)
Nonstop active routing (NSR)
Nonstsop bridging (NSB)
Bidirectional Forwarding Detection (BFD)
Virtual Router Redundancy Protocol (VRRP)
Unified In-Service Software Upgrade (ISSU)
Ethernet Ring Protection (ERP)
Demonstrate knowledge of how to configure and monitor high availability component
LAG, MC-LAG
Additional basic options
GR, GRES, NSR and NSB
VRRP
ISSU


QUESTION 1
Which two statements are true about MPLS VPNs? (Choose two.)

A. With Layer 3 VPNs, the provider’s routers participate in the customer’s Layer 3 routing.
B. MPLS VPNs are designed to run over private networks rather than the public Internet.
C. With Layer 2 VPNs, the provider does not participate in the routing of the customer’s private IP
traffic.
D. MPLS VPN tunnels are always encrypted.

Answer: A,C

Explanation:


QUESTION 2
Which label operation is performed by an MPLS transit router?

A. inject
B. pop
C. push
D. swap

Answer: D

Explanation: http://www.juniper.net/techpubs/software/junos-security/junos-security96/junossecurity-
swconfig-interfaces-and-routing/mpls-ov.html


QUESTION 3
Which Junos platform supports provider bridging?

A. T Series devices
B. SRX Series devices
C. MX Series devices
D. MAG Series devices

Answer: B

Explanation: http://www.juniper.net/techpubs/en_US/junos10.0/information-products/pathway-
pages/mx-series/ethernet-switching-mx-series.html


QUESTION 4
In which environment would you run BGP?

A. a company spread across multiple floors of a building
B. a company with a single office
C. a home network
D. the public Internet

Answer: D

Explanation:


QUESTION 5
For a network running single-area OSPF, how would you decrease the size of the link-state
database (LSDB)?

A. Implement RIP as an overlay protocol on all devices.
B. Add more devices to the OSPF network to help with LSDB processing.
C. Reduce the frequency of hello timers throughout the network.
D. Implement OSPF areas.

Answer: D

Explanation:

Click here to view complete Q&A of JN0-342 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Juniper JN0-342 Certification, Juniper JN0-342 Training at certkingdom.com

JN0-102 Junos, Associate (JNCIA-Junos)

JNCIA-Junos Exam Objectives (Exam: JN0-102)

Networking Fundamentals
Identify the concepts and functionality of various fundamental elements of networking
Collision domains and broadcast domains
Function of routers and switches
Optical network fundamentals – SONET/SDH, OTN
Ethernet networks
Layer 2 addressing, including address resolution
IPv4 and IPv6 fundamentals
Layer 3 / IP addressing, including subnet masks
Subnetting and supernetting
Decimal to binary conversion
Longest match routing
Connection-oriented vs. connectionless protocols

Junos OS Fundamentals
Identify the concepts, benefits and functionality of the core elements of the Junos OS
Junos device portfolio – product families, general functionality
Software architecture
Control and forwarding planes
Routing Engine and Packet Forwarding Engine
Protocol daemons
Transit traffic processing
Exception traffic

User Interfaces
Identify the concepts, operation and functionality of the Junos user interfaces
CLI functionality
CLI modes
CLI navigation
CLI Help
Filtering output
Active vs. candidate configuration
Reverting to previous configurations
Modifying, managing, and saving configuration files
Viewing, comparing, and loading configuration files
J-Web – core/common functionality

Junos Configuration Basics
Identify the main elements for configuring Junos devices
Factory-default state
Initial configuration
User accounts
Login classes
User authentication methods
Interface types and properties
Configuration groups
Additional initial configuration elements – NTP, SNMP, syslog, etc.
Configuration archival
Logging and tracing
Rescue configuration
Describe how to configure basic components of a Junos device

Operational Monitoring and Maintenance
Identify methods of monitoring and maintaining Junos devices
Show commands
Monitor commands
Interface statistics and errors
Network tools – ping, traceroute, telnet, SSH, etc.
Real-time performance monitoring (RPM)
Junos OS installation
Software upgrades
Powering on and shutting down Junos devices
Root password recovery
Describe monitoring and maintenance procedures for a Junos device

Routing Fundamentals
Identify basic routing concepts and functionality for Junos devices
Packet forwarding concepts
Routing tables
Routing vs. forwarding tables
Route preference
Routing instances
Static routing
Advantages of / use cases for dynamic routing protocols
Describe how to configure and monitor basic routing elements for a Junos device

Routing Policy and Firewall Filters
Identify the concepts and functionality of routing policy and firewall filters on Junos devices
Default routing policies
Import and export policies
Routing policy flow
Effect of policies on routes and routing tables
Policy structure and terms
Policy match criteria, match types, and actions
Firewall filter concepts
Firewall filter concepts
Filter match criteria and actions
Effect of filters on packets
Unicast reverse-path-forwarding (RPF)
Describe how to configure and monitor routing policies and firewall filters on a Junos device


QUESTION 1
The IP address 10.1.1.1 belongs to which class of IP address space?

A. Class A
B. Class B
C. Class C
D. Class D

Answer: D

Explanation:


QUESTION 2
For the interface ge-1/2/3.4, what does “ge” represent?

A. SONET/SDH
B. Gigabit Ethernet
C. Aggregated Ethernet
D. GRE

Answer: A

Explanation:


QUESTION 3
Which word starts a command to display the operational status of a Junos device?

A. put
B. set
C. show
D. get

Answer: A

Explanation:


QUESTION 4
Which command prompt indicates that you are in operational mode?

A. user@router&
B. user@router#
C. user@router%
D. user@router>

Answer: D

Explanation:


QUESTION 5
What is the decimal equivalent of 00000100?

A. 2
B. 4
C. 9
D. 12

Answer: D

Explanation:

 

Click here to view complete Q&A of JN0-102 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Juniper JN0-102 Certification, Juniper JN0-102 Training at certkingdom.com

JN0-311 Juniper Networks Certified Internet Associate WX (JNCIA-WX)

JNCIA-WX Exam Objectives (Exam: JN0-311)

WX Framework Overview
Technology Overview
Name and define the various patented technologies which allow state-of-the-art compression and acceleration of WAN traffic.
Product Overview
List the WAN Acceleration Platforms and describe their differences.
Define how the WX Framework relates to Routing.

Basic Installation
Pre-installation and Configuration Considerations
List the pre-installation and configuration considerations.
Installation Tasks
Describe the procedure to connect to the Web Console or CLI.
List the steps in Quick Setup.
List common items configured to complete initial installation
Configure application definitions

Basic Configuration and Compression
Configuring Endpoints for Reduction Tunnels
Describe the procedure to verify if the Endpoints are configured properly.
Describe how to verify if the Reduction Tunnels are up and passing data.
Molecular Sequence Reduction (MSR)
Define the patented technology which allows state-of-the-art compression of WAN traffic.
Network Sequence Caching (NSC)
List the differences between MSR and NSC.

Route Learning
Discovering Local Routes
List the ways a WX device can learn routes for optimization.
Configure RIP and OSPF support.
Advertising Reduction Subnets
Define Reduction Subnets.
Configuring Reduction Filters
Describe the use of a reduction filter.

Quality of Service
Describe the components of outbound QoS.
Describe the difference between dedicated and oversubscribed WANs.
Describe the types of QoS settings that require Direct Setup.
List the reasons why you would use Bandwidth Detection.
Describe the difference between WFQ and WSP.

Packet Flow Acceleration
Examine each method of Packet Flow Acceleration (PFA).
Describe the WAN environments and applications that can benefit most from each PFA method.
Configuring Packet Flow Acceleration.

Application Flow Acceleration
Overview of Application Flow Acceleration
Describe the difference between Packet Flow Acceleration and Application Flow Acceleration.
Describe the applications supported by Application Flow Acceleration.
Common Internet File System (CIFS)
List the CIFs commands that the WX platform accelerates.
List the requirements for CIFS acceleration configuration.
Exchange and the Messaging Application Programming Interface (MAPI)
Define the Exchange and Outlook versions the WX accelerates.
HyperText Transfer Protocol (HTTP)
Define the difference between header and content caching.
Configuring AppFlow
Describe how to configure Application Flow Acceleration.

Monitoring and Reporting
Interpret reporting statistics.
List the WAN reports available on the WX and WXC platforms.
Identify the statistics of a data reduction report.
Identify the statistics of a data acceleration report.
Describe an Executive Summary report.
Identify the statistics of a QoS report.

WX Central Management System (WX CMS)
Describe the functionality of the WX CMS software.

Operation and Maintenance
Describe the security features.
Describe SNMP and DNS support.
Describe how to upgrade WXOS software and maintain configuration files.
Describe the logs and Syslog support.
List the WX network tools.

Troubleshooting
Basic Installation
Describe the error messages which indicate the WX is not cabled properly.
Basic Configuration and Compression
Name the preferred community topologies.
List the Switch-to-Wire functionality.
Route Learning
Verify proper default gateway connectivity.
Application Flow Acceleration
List the reasons why AppFlow may not be working.
Operation and Management
List the ways to export data and generate support files.
Compression
List reasons why Compression may not be working.
Packet Flow Acceleration
List reasons why Packet Flow Acceleration may not be working.


QUESTION 1
Which two configurations are made using the QoS Setup Wizard? (Choose two.)

A. Assign applications to traffic classes.
B. Use ToS/DSCP values for traffic classes.
C. Exclude subnets from QoS management.
D. Select dedicated vs. over-subscribed circuits.

Answer: A,D

Explanation:


QUESTION 2
Which three locations in WebView allow you to confirm that the endpoints are configured properly?
(Choose three.)

A. Monitor > Endpoints
B. Acceleration > Endpoints
C. Device Setup > Endpoints
D. Compression > Endpoints
E. Admin > Maintenance > Display Configuration

Answer: A,D,E

Explanation:


QUESTION 3
When defining an application for AppFlow acceleration, which two must be configured on the WX
device? (Choose two.)

A. Define application type.
B. Enable AppFlow for the application.
C. Enable monitoring for the application.
D. Define source and destination IP addresses.

Answer: A,B

Explanation:


QUESTION 4
What are three key prE.installation/configuration considerations when deploying a WX device?
(Choose three.)

A. cabling
B. community topology
C. requires a license key
D. requires two IP addresses
E. registration server designation

Answer: A,B,E

Explanation:

Click here to view complete Q&A of JN0-311 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Juniper JN0-311 Certification, Juniper JN0-311 Training at certkingdom.com

 

JN0-643 Enterprise Routing and Switching, Professional (JNCIP-ENT)

JNCIP-ENT Exam Objectives (Exam: JN0-643 and JN0-646)

OSPF
Describe the concepts, operation and functionality of OSPFv2 and OSPFv3
OSPF LSA types
OSPF area types and operations
LSA flooding through an OSPF multi-area network
DR/BDR operation
SPF algorithm
Metrics, including external metric types
Authentication options
Route summarization and restriction
Overload
Virtual links
OSPFv2 vs OSPFv3
Given a scenario, demonstrate knowledge of how to configure and monitor single-area and multi-area OSPF
Implement OSPF routing policy

BGP
Describe the concepts, operation and functionality of BGP
BGP route selection process
Next hop resolution
BGP attributes – concept and operation
BGP communities
Regular expressions
Load balancing – multipath, multihop, forwarding table
NLRI families – inet, inet6
Advanced BGP options
Given a scenario, demonstrate knowledge of how to configure and monitor BGP
Implement BGP routing policy

IP Multicast
Describe the concepts, operation and functionality of IP multicast
Components of IP multicast, including multicast addressing
IP multicast traffic flow
Any-Source Multicast (ASM) vs. Source-Specific Multicast (SSM)
RPF – concept and operation
IGMP, IGMP snooping
PIM dense-mode and sparse-mode
Rendezvous point (RP) – concept, operation, discovery, election
SSM – requirements, benefits, address ranges
Anycast RP
MSDP
Routing policy and scoping
Given a scenario, demonstrate knowledge of how to configure and monitor IGMP, PIM-DM and PIM-SM (including SSM)
Implement IP multicast routing policy

Ethernet Switching and Spanning Tree
Describe the concepts, operation and functionality of advanced Ethernet switching
Filter-based VLANs
Private VLANs
Dynamic VLAN registration using MVRP
Tunnel Layer 2 traffic through Ethernet networks
Layer 2 tunneling using Q-in-Q and L2PT
Given a scenario, demonstrate knowledge of how to configure and monitor advanced Ethernet switching
Filter-based VLANs
Private VLANs
Dynamic VLAN registration using MVRP
Tunnel Layer 2 traffic through Ethernet networks
Layer 2 tunneling using Q-in-Q and L2PT
Describe the concepts, operation and functionality of advanced spanning tree protocols, including MSTP and VSTP
Given a scenario, demonstrate knowledge of how to configure and monitor MSTP and VSTP

Layer 2 Authentication and Access Control
Describe the operation of various Layer 2 authentication and access control features
Authentication process flow
802.1x – concepts and functionality
MAC RADIUS
Captive portal
Server fail fallback
Guest VLAN
Considerations when using multiple authentication/access control methods
Given a scenario, demonstration how to configure and monitor Layer 2 authentication and access control

IP Telephony Features
Describe the concepts, operation and functionality of features that facilitate IP telephony deployments
Power over Ethernet (PoE)
LLDP and LLDP-MED
Voice VLAN
Given a scenario, demonstrated how to configure and monitor features used to support IP Telephony

Class of Service (CoS)
Describe the concepts, operation and functionality of Junos CoS for Layer 2/3 networks
CoS processing on Junos devices
CoS header fields
Forwarding classes
Classification
Packet loss priority
Policers
Schedulers
Drop profiles
Shaping
Rewrite rules
Given a scenario, demonstrate knowledge of how to configure and monitor CoS for Layer 2/3 networks
QUESTION 1
Which connection method do OSPF routers use to communicate with each other?

A. IP protocol number 89
B. TCP port 179
C. UDP port 179
D. IP protocol number 6

Answer: A

Explanation:


QUESTION 2
Which statement is true about default BGP route redistribution behavior?

A. IBGP-learned routes are advertised only to other IBGP peers.
B. EBGP-learned routes are redistributed into any IGPs.
C. EBGP-learned routes are advertised only to other EBGP peers.
D. EBGP-learned routes are advertised to other IBGP and EBGP peers.

Answer: D

Explanation:


QUESTION 3
In a PIM-SM network, which type of node helps to build a tree towards an unknown multicast
source?

A. DIS
B. RP
C. DR
D. BSR

Answer: B

Explanation:


QUESTION 4
Which statement is true about MVRP?

A. It allows you to split a broadcast domain into multiple isolated broadcast subdomains.
B. It dynamically manages VLAN registration in a LAN.
C. It maps multiple independent spanning-tree instances onto one physical topology.
D. It is a Layer 2 protocol that facilitates network and neighbor discovery.

Answer: A

Explanation:


QUESTION 5
Which statement is true about LLDP?

A. It allows you to split a broadcast domain into multiple isolated broadcast subdomains.
B. It dynamically manages VLAN registration in a LAN.
C. It maintains a separate spanning-tree instance for each VLAN.
D. It is a Layer 2 protocol that facilitates network and neighbor discovery.

Answer: D

Explanation:

 

Click here to view complete Q&A of JN0-643 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Juniper JN0-643 Certification, Juniper JN0-643 Training at certkingdom.com

 

JN0-633 Security, Professional (JNCIP-SEC) Exam

JN0-633 Security, Professional (JNCIP-SEC) Exam

Application-Aware Security Services
Describe the concepts, operation and functionality of AppSecure
AppSecure traffic processing
AppID
AppTrack
User FW
SSL proxy
AppFW
AppQoS
Given a scenario, demonstrate knowledge of how to configure, monitor and troubleshoot the various AppSecure modules

Virtualization
Describe the concepts, operation and functionality of various virtualization components on SRX Series Services Gateways
Routing instances
RIB groups
Routing between instances
Logical systems (LSYS)
Intra-LSYS and Inter-LSYS communication
Given a scenario, demonstrate knowledge of how to configure, monitor and troubleshoot the various elements of virtualization
Given a scenario, describe and implement filter-based forwarding (FBF)

Advanced NAT
Describe the concepts, operation and functionality of various types of NAT
NAT traffic processing
Destination NAT
Source NAT
Persistent NAT
Static NAT
Double NAT
NAT traversal
DNS doctoring
IPv6 NAT (Carrier-grade NAT) – NAT64, NAT46, NAT444, DS-Lite
Routing
NAT and FBF
NAT and security policy
Given a scenario, demonstrate knowledge of how to configure, monitor and troubleshoot advanced NAT implementations

Advanced IPSec VPNs
Describe the concepts, operation and functionality of various IPSec VPN implementations
IPSec traffic processing
Site-to-site VPNs
Hub-and-spoke VPNs
Group VPNs
Dynamic VPNs
Routing over VPNs
VPNs and NAT
Public key infrastructure (PKI) for IPSec VPNs
Traffic Selectors
VPNs and dynamic gateways
Given a scenario, demonstrate knowledge of how to configure, monitor and troubleshoot advanced IPSec VPN implementations

Intrusion Prevention
Describe the concepts, operation and functionality of Junos Intrusion Prevention System (IPS) for SRX Series Services Gateways
IPS packet inspection process
IPS rules and rulebases
Signature-based attack detection
Reconnaissance scans and fingerprinting
Flooding, attacks and spoofing
Describe how to perform setup and initial configuration for SRX Series Services Gateways with IPS functionality
IPS deployment options and considerations
Network settings
Attack database
Given a scenario, demonstrate knowledge of how to configure mechanisms to detect and protect against scans and attacks
Custom signatures
Scan prevention

Transparent Mode
Describe the concepts, operation and functionality of various transparent mode implementations
High Availability
VLAN translation
Layer 2 security
IRB
Bridge groups
Spanning tree traffic processing
Given a scenario, demonstrate knowledge of how to configure, monitor and troubleshoot transparent mode implementations

Troubleshooting
Given a scenario, demonstrate knowledge of how to troubleshoot Junos OS security issues
Flow analysis
SNMP
show commands
Logging and syslog
Tracing, including flow traceoptions
Policy flow
Packet capture

QUESTION 1
Which AppSecure module provides Quality of Service?

A. AppTrack
B. AppFW
C. AppID
D. AppQoS

Answer: D


QUESTION 2
You are asked to configure your SRX Series device to support IDP SSL inspections for up to 6,000 concurrent HTTP sessions to a server within your network.
Which two statements are true in this scenario? (Choose two.)

A. You must add at least one PKI certificate.
B. Junos does not support more than 5000 sessions in this scenario.
C. You must enable SSL decoding.
D. You must enable SSL inspection.

Answer: C,D


QUESTION 3
You are troubleshooting an SRX240 acting as a NAT translator for transit traffic. Traffic is dropping at the SRX240 in your network.Which three tools would you use to troubleshoot the issue? (Choose three.)

A. security flow traceoptions
B. monitor interface traffic
C. show security flow session
D. monitor traffic interface
E. debug flow basic

Answer: A,B,C
Reference: http://kb.juniper.net/InfoCenter/index?page=content&id=KB16110


QUESTION 4
You are asked to establish a baseline for your company’s network traffic to determine the bandwidth usage per application. You want to undertake this task on the central SRX device that connects all segments together.What are two ways to accomplish this goal? (Choose two.)

A. Configure a mirror port on the SRX device to capture all traffic on a data collection server for further investigation.
B. Use interface packet counters for all permitted and denied traffic and calculate the values using Junos scripts.
C. Send SNMP traps with bandwidth usage to a central SNMP server.
D. Enable AppTrack on the SRX device and configure a remote syslog server to receive AppTrack messages.

Answer: A,D

Explanation:
AppTrack is used for visibility for application usage and bandwidth
Reference:http://www.juniper.net/us/en/local/pdf/datasheets/1000327-en.pdf

 

Click here to view complete Q&A of JN0-633 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Juniper JN0-633 Certification, Juniper JN0-633 Training at certkingdom.com

 

JN0-660 Service Provider Routing and Switching, Professional (JNCIP-SP)

JNCIP-SP Exam Objectives (Exam: JN0-660)

OSPF
Describe the concepts, operation and functionality of OSPFv2 and OSPFv3
OSPF LSA types
OSPF area types and operations
LSA flooding through an OSPF multi-area network
DR/BDR operation
SPF algorithm
Metrics, including external metric types
Authentication options
Summarize and restrict routes
Virtual links
OSPFv2 vs OSPFv3
Given a scenario, demonstrate knowledge of how to configure and monitor single-area and multi-area OSPF
Implement OSPF routing policy

IS-IS
Describe the concepts, operation and functionality of IS-IS
IS-IS link-state PDU (LSP) types
IS-IS areas/levels and operations
LLSP flooding through an IS-IS multi-area network
DIS operation
SPF algorithm
Metrics, including wide metrics
Authentication options
Route summarization and route leaking
Given a scenario, demonstrate knowledge of how to configure and monitor single-area and multi-area IS-ISa
Implement IS-IS routing policy

BGP
Describe the concepts, operation and functionality of BGP
BGP route selection process
Next hop resolution
BGP attributes – concept and operation
BGP communities
Regular expressions
Multipath
Multihop
Load balancing
Advanced BGP options
BGP route damping
Multiprotocol BGP
Given a scenario, demonstrate knowledge of how to configure and monitor BGP
Route reflection
Confederations
Describe the concepts, operation and functionality of BGP scaling mechanisms
Implement BGP routing policy

Class of Service (CoS)
Describe the concepts, operation and functionality of Junos CoS
CoS processing on Junos devices
CoS header fields
Forwarding classes
Classification
Packet loss priority
Policers, including tricolor marking and hierarchical policers
Schedulers
Drop profiles
Shaping
Rewrite rules
Hierarchical scheduling (H-CoS) characteristics (high-level only)
Given a scenario, demonstrate knowledge of how to configure and monitor CoS

IP Multicast
Describe the concepts, operation and functionality of IP multicast
Components of IP multicast, including multicast addressing
IP multicast traffic flow
Any-Source Multicast (ASM) vs. Source-Specific Multicast (SSM)
RPF – concept and operation
IGMP
PIM dense-mode and sparse-mode
Rendezvous point (RP) – concept, operation, discovery, election
SSM – requirements, benefits, address ranges
MSDP, including single and multi-PIM domains
Anycast RP
Routing policy and scoping
Given a scenario, demonstrate knowledge of how to configure and monitor IGMP, PIM-DM, PIM-SM (including SSM) and MSDP
Implement IP multicast routing policy

MPLS
Describe the concepts, operation and functionality of MPLS
RSVP and LDP operation
Primary/secondary paths
LSP metrics, including interaction with IGP metrics
LSP priority and preemption
Fast reroute, link protection and node protection
LSP optimization
Routing table integration options for traffic engineering
RSVP reservation styles
Routing policy to control path selection
Advanced MPLS features
Describe the concepts, operation and functionality of Constrained Shortest Path First (CSPF)
TED
IGP extensions
CSPF algorithm – selecting the best path
Tie-breaking options
Administrative groups
Advanced CSPF options
Given a scenario, demonstrate knowledge of how to configure and monitor MPLS, LDP and RSVP
RSVP-signaled and LDP-signaled LSPs
Traffic protection mechanisms
CSPF
Implement MPLS routing policy

Layer 3 VPNs
Describe the concepts, operation and functionality of Layer 3 VPNs
Traffic flow – control and data planes
Full mesh vs. hub-and-spoke topology
VPN-IPv4 addressing
Route distinguishers
Route targets
Route distribution
Site of origin
Sham links
vrf-table-label
Layer 3 VPN scaling
Layer 3 VPN Internet access options
Given a scenario, demonstrate knowledge of how to configure and monitor the components of Layer 3 VPNs
Describe the concepts, operation and functionality of multicast VPNs
Next-generation MVPNs (NG-MVPN)
Flow of control and data traffic in a NG-MVPN
Describe Junos support for carrier-of-carriers and interprovider VPN models

Layer 2 VPNs
Describe the concepts, operation and functionality of BGP Layer 2 VPNs
Traffic flow – control and data planes
Forwarding tables
Connection mapping
Layer 2 VPN NLRI
Route distinguishers
Route targets
Layer 2 VPN scaling
Describe the concepts, operation and functionality of LDP Layer 2 circuits
Traffic flow – control and data planes
Virtual circuit label
Layer 2 interworking
Describe the concepts, operation and functionality of VPLS
Traffic flow – control and data planes
BGP VPLS label distribution
LDP VPLS label distribution
Route targets
Site IDs
Given a scenario, demonstrate knowledge of how to configure and monitor Layer 2 VPNs
BGP Layer 2 VPNs
LDP Layer 2 circuits
VPLS

Automation
Demonstrate basic knowledge of using automation scripts
Operation scripts
Commit scripts
Event scripts
QUESTION 1
You are the administrator for a network that uses IBGP. As the network grows, you must examine options to support increased scale. Which two scaling options should you consider? (Choose two.)

A. route reflection
B. areas
C. zones
D. confederations

Answer: A,D


QUESTION 2
You manage an MPLS network where the PE devices consist of multiple vendors. You are asked to conceal the MPLS topology for all LSPs. Which global configuration parameter will accomplish this?

A. Configure no-decrement-ttl on the ingress router only.
B. Configure no-propagate-ttl on the ingress router only.
C. Configure no-decrement-ttl on all routers within the MPLS network.
D. Configure no-propagate-ttl on all routers within the MPLS network.

Answer: D


QUESTION 3
In which two ways does VPLS populate the MAC table? (Choose two.)

A. dynamically using BGP
B. dynamically using the source MAC address on received frames
C. dynamically using LDP
D. statically using CLI

Answer: B,D


QUESTION 4
Which CoS feature supports per-VLAN queuing and scheduling?

A. multilevel scheduling
B. hierarchical scheduling
C. tagged queuing
D. per-instance queuing

Answer: C


QUESTION 5
Which two statements are true about OSPFv3? (Choose two.)

A. OSPFv3 uses a 32-bit router ID to uniquely identify a node in the network.
B. OSPFv3 uses a 128-bit router ID to uniquely identify a node in the network.
C. OSPFv3 routes are always preferred over OSPFv2 routes for all traffic.
D. OSPFv3 and OSPFv2 can be configured at the same time.

Answer: A,D

Click here to view complete Q&A of JN0-660 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Juniper JN0-660 Certification, Juniper JN0-660 Training at certkingdom.com

JN0-541 Juniper Networks IDP Certified Internet Associate (JNCIA-IDP)

Concepts of intrusion detection
Identify the features and functions of an IDP sensor
Identify the use of IDP interfaces
Identify the TCP ports used by IDP sensors and Security Manager
Understanding the IDP provisioning modes

Initial configuration of an IDP sensor
Identify the steps involved in implementing the IDP sensor
Describe the configuration of a new sensor via the console
Describe the communication setup between Security Manager and IDP sensor

Configure and fine-tune policies
Assign the IDP attack terminology to the corresponding definitions
Understand the components of an IDP rule
Choice of appropriate IDP actions and IP actions
Describe the algorithm of the IDP rule assignment
Explain the use of captured packages
Explain the fine-tuning of guidelines

Configuring Other Policies for IDP
Explain the function of a rule database for exceptions
Explain the function of a rule database for anomalies
Explain the function of a rule database for backdoors
Explain the function of a SYN Protector rule database
Explain the function of honeypots in the network

Configure and use the profiler
Describe the normal functioning of a profiler
Showing the steps to a working profiler
Describe the use of a profiler for network detection
Describe the use of a profiler to identify new devices and ports
Describe the use of a profiler to detect policy violations

Sensor operation and sensor command line utility
Describe the sensor components and processes
Use scio to manage policies and display sensor configurations
Use sctop to display sensor statistics

Manage attack objects and create custom signatures
Describe the use of static and dynamic groups
Explain how to update the attack object database
List the steps for obtaining information about an attack
Understanding the purpose and use of the sensor commands “scio ccap” and “scio pcap”
List the steps for creating a simple attack object
Describe the purpose of combined attack objects

Maintenance and troubleshooting
Use the Appliance Configuration Manager (ACM) to view and modify sensor configurations
Use sensor and unix commands to resolve IDP issues
Understand the operation of external HA and NIC bypass

QUESTION 1
Which statement is true about the attack object database update process?

A. Each sensor updates its own attack object database automatically; however they must be able
to access the Juniper site on TCP port 443.
B. The attack object database update must be manually performed by the administrator, and the
administrator must manually install it on each sensor.
C. The attack object database update can be initiated manually or automatically.
D. The attack object database update can be automatically scheduled to occur using the Security
Manager GUI.

Answer: C


QUESTION 2
On a sensor, which command will indicate if log messages are being sent to Security Manager?

A. scio vr list
B. serviceidp status
C. scio agentstats display
D. scio getsystem

Answer: C


QUESTION 3
After you enable alerts for new hosts that are detected by the Enterprise Security Profiler, where
do you look in Security Manager to see those alerts?

A. Security Monitor > Profiler > Application Profiler tab
B. Security Monitor > Profiler > Violation Viewer tab
C. Security Monitor > Profiler > Network Profiler tab
D. Log Viewer > Profiler Log

Answer: D


QUESTION 4
When connecting to a sensor using SSH, which account do you use to login?

A. admin
B. super
C. netscreen
D. root

Answer: A


QUESTION 5
Which OSI layer(s) of a packet does the IDP sensor examine?

A. layers 2-7
B. layers 2-4
C. layer 7 only
D. layers 4-7

Answer: A

Click here to view complete Q&A of JN0-541 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Juniper JN0-541 Certification, Juniper JN0-541 Training at certkingdom.com

JN0-532 FWV, Specialist (JNCIS -FWV)

JNCIS-FWV Exam Objectives (Exam: JN0-532)

VPNs
Identify IKE Phase 1/Phase2 negotiation sequence and proposals
Identify/differentiate IPSec standard elements (encapsulations, SA, SPI, etc.)
List steps for policy-based/route-based VPN configuration
Relate proxy-ID to VPN setup
Identify proper configuration for various hub/spoke configurations (policy, int. placement, etc.)
Identify NHTB requirements/configurations
Configure/verify AC-VPNs
Identify PKI components (certificates, CDL, etc.)
List steps for PKI implementation w/ VPNs
VPN Variations
Configure Dynamic Peer VPNs
Configure Transparent mode VPNs
Configure Overlapping Networks
Describe GRE applications/Configure GRE

Network Management
Configure local management (SSL, SSH, management restrictions).
Interpret internal counters and logs.
Configure SYSLOG.
Discuss logging levels.
Configure SNMP.

Troubleshooting with Debug/Snoop
Enable debug/snoop.
Set debug filters.
Set snoop filters.
Use get commands to validates/troubleshoot routing and policies.
Use debug output to identify routing and policy problems.
Use get commands to validate/troubleshoot address translation.
Use debug output to identify problems.
Use get commands to validate/troubleshoot VPN setup.

Traffic Management
Describe the bandwidth allocation process.
Describe queuing functionality.
List requirements/steps for configuring traffic management.

Virtual Systems
Define VSYS applications
Describe root vs. VSYS administration
Explain VSYS vs. root assignment of routes/NAT pools/etc.
Configure interface-based VSYS
Configure inter-VSYS communications, including NAT.
Use show/debug output to identify VSYS usage.
Configure VSYS resource allocation

NSRP
Distinguish active/passive and active/active.
Describe NSRP operations (HA link, session sync, master election, etc.)
Configure active/passive and active/active NSRP.
Validate NSRP operations.
Adjust operations (secondary link, failover settings).
Configure redundant interface.

Dynamic Routing/Routing over VPNs
Configure RIP over VPNs
Configure OSPF over VPNs
Configure/verify OSPF routing
Configure OSPF options
Configure/verify BGP
Configure redistribution/filters/route maps
Configure static routes incl. floating static routes
Configure/verify source routing
Configure/verify policy routing

Attack Prevention
Describe SCREEN functions
Describe/configure Deep Inspection
Describe/configure anti-virus functionality
Configure web filtering

Multicast
Configure/verify IGMP
Configure/verify PIM-SM


QUESTION 1
You have created a VPN to a dynamic peer. Which two configured parameters must match?
(Choose two.)

A. static side peer-id
B. dynamic side local-id
C. static side IP address
D. dynamic side IP address

Answer: A,B


QUESTION 2
Which three events would cause ScreenOS devices to generate SNMP traps? (Choose three.)

A. cold starts
B. traffic alarms
C. warm reboots
D. self log events
E. traffic log events

Answer: A,B,C


QUESTION 3
Which command shows the filter applied to snoop captures?

A. get snoop
B. snoop info
C. get ffilter
D. get ffilter ip-proto snoop

Answer: B

Click here to view complete Q&A of JN0-532 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Juniper JN0-532 Certification, Juniper JN0-532 Training at certkingdom.com

JPR-932 Juniper Networks Certified Internet Expert-SEC (JNCIE-SEC)

JNCIE-SEC Exam Objectives (Exam: JPR-932)

Infrastructure Concepts
Security Forwarding Options
Packet-based
MPLS
inet6
Flow-Based
inet6
Security Zones
Configure security zones
Device Management
User accounts
System services

High Availability
HA Clustering
Active-active
Active-passive
Reth interfaces
Link aggregation
Control and data plane
Dual fabric links
Redundancy groups

Firewall Policies
Security Polices
Policy configuration
Advanced policy options
Schedulers
ALGs
Authorization
Bypass flow forwarding
Logging
Data and control plane logs
Forward logs to the RE
Send logs to external collectors
UTM
Anti-virus
Web filtering

IPSec VPNs
Implementation of IPSec VPNs
Multipoint tunnels
Policy-based VPNs
Route-based VPNs
Traffic selectors
Proxy ID
Traceoptions
Dual and backup tunnels
On-demand tunnels
DRP over a tunnel
Dynamic VPNs
Certificate-based VPNs
PKI
Interoperability with 3rd party devices

NAT
Implementation of NAT
Source NAT
Destination NAT
Static NAT
NAT64
Implementation of NAT with IPSec
Overlapping IPs between sites

Advanced Security Services
AppSecure
AppTrack
AppFW
AppQoS
AppDoS
Application Identification
User Firewall
SSL Forward Proxy
Integration with IPS
IDP
Logs
Custom polices
Automatic updates
L3/L4/L7 DoS
Stateless filters
Screens
Flow options
App DDos
Active Directory Integration

IGPs
OSPF
Multi-area OSPF topologies
Filter and summarize routes
Network and link types
Route selection process
Redistribution
IPv6

BGP
Implementation
Routing policy
Route selection
IPv6

Protocol-Independent Routing
Filter-based Forwarding
Based on Layer 4
Based on IFL
Configuring Routes
Aggregate
Static
Generated
Policies

Extended Implementation Concepts
Transparent mode
Configure transparent mode

Click here to view complete Q&A of JPR-932 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Juniper JPR-932 Certification, Juniper JPR-932 Training at certkingdom.com

JN0-661 Service Provider Routing and Switching JNCIP-SP

JNCIP-SP Exam Objectives (Exam: JN0-661)

OSPF
Describe the concepts, operation and functionality of OSPFv2 or OSPFv3
OSPF area types and operations
LSA flooding through an OSPF multi-area network
DR/BDR operation
SPF algorithm
Metrics, including external metric types
Summarize and restrict routes
Virtual links
OSPFv2 vs OSPFv3
Given a scenario, demonstrate knowledge of how to configure or monitor single-area and multi-area OSPF
Implement OSPF routing policy

IS-IS
Describe the concepts, operation, or functionality of IS-IS
IS-IS areas/levels and operations
LSP flooding through an IS-IS multi-area network
DIS operation
SPF algorithm
Metrics, including wide metrics
Route summarization and route leaking
Given a scenario, demonstrate knowledge of how to configure or monitor single-area and multi-area IS-IS
Implement IS-IS routing policy

BGP
Describe the concepts, operation, or functionality of BGP
BGP route selection process
Next hop resolution
BGP attributes – concept and operation
BGP communities
Regular expressions
Multipath
Multihop
Load balancing
Advanced BGP options
BGP route damping
Multiprotocol BGP
Describe the concepts, operation or functionality of BGP scaling mechanisms
Route reflection
Confederations
Given a scenario, demonstrate knowledge of how to configure or monitor BGP
Implement BGP routing policy

Class of Service (CoS)
Describe the concepts, operation, or functionality of Junos CoS
CoS processing on Junos devices
CoS header fields
Forwarding classes
Classification
Packet loss priority
Policers, including tricolor marking and hierarchical policers
Schedulers
Drop profiles
Shaping
Rewrite rules
Hierarchical scheduling (H-CoS) characteristics (high-level only)
Given a scenario, demonstrate knowledge of how to configure or monitor CoS

IP Multicast
Describe the concepts, operation, or functionality of IP multicast
Components of IP multicast, including multicast addressing
IP multicast traffic flow
Any-Source Multicast (ASM) versus Source-Specific Multicast (SSM)
RPF – concept and operation
IGMP
PIM dense-mode and sparse-mode
Rendezvous point (RP) – concept, operation, discovery, election
SSM – requirements, benefits, address ranges
MSDP, including single and multi-PIM domains
Anycast RP
Routing policy and scoping
Given a scenario, demonstrate knowledge of how to configure or monitor IGMP, PIM-DM, PIM-SM (including SSM) and MSDP
Implement IP multicast routing policy

Advanced MPLS
Describe the concepts, operation, or functionality of MPLS
Routing table integration options for traffic engineering
Routing policy to control path selection
Advanced MPLS features
Administrative groups
Advanced CSPF options
Implement MPLS routing policy

Layer 3 VPNs
Describe the concepts, operation, or functionality of Layer 3 VPNs
Traffic flow – control and data planes
Full mesh vs. hub-and-spoke topology
VPN-IPv4 addressing
Route distinguishers
Route targets
Route distribution
Site of origin
Sham links
vrf-table-label
Layer 3 VPN scaling
IPv6 Layer 3 VPNs
Layer 3 VPN Internet access options
Given a scenario, demonstrate knowledge of how to configure or monitor the components of Layer 3 VPNs
Describe the concepts, operation or functionality of multicast VPNs
Next-generation MVPNs (NG-MVPN)
Flow of control and data traffic in an MVPN
Describe Junos support for carrier-of-carriers or interprovider VPN models

Layer 2 VPNs
Describe the concepts, operation, or functionality of BGP Layer 2 VPNs
Traffic flow – control and data planes
Forwarding tables
Connection mapping
Layer 2 VPN NLRI
Route distinguishers
Route targets
Layer 2 VPN scaling
Describe the concepts, operation, or functionality of LDP Layer 2 circuits
Traffic flow – control and data planes
Virtual circuit label
Layer 2 interworking
Describe the concepts, operation, or functionality of VPLS
Traffic flow – control and data planes
BGP VPLS label distribution
LDP VPLS label distribution
Route targets
VPLS Multihoming
Site IDs
Describe the concepts, operation, or functionality of EVPN
Traffic flow – control and data planes
MAC learning and distribution
EVPN Multihoming
BGP EVPN label distribution
Given a scenario, demonstrate knowledge of how to configure or monitor Layer 2 VPNs
BGP Layer 2 VPNs
LDP Layer 2 circuits
EVPNs
VPLS


QUESTION 1
Which OSPFv3 router ID is valid?

A. 192.168.1.1
B. ::192.168.1.1
C. 0.0.0.0
D. 2008:db8::1

Answer: A

Explanation

OSPFv3 Router IDs, Area IDs, and LSA link-state IDs remain at the OSPFv2 IPv4 size of 32 bits.
References: Network Configuration Example OSPF Version 3 for IPv6 Feature Guide, page 3


QUESTION 2
You are working with a new MPLS network that is using the default EXP classifier and default schedules.
A small amount of traffic is being placed in the assured
forwarding class. No other traffic is passing through the network at this time.
In this scenario, what happens to the traffic that is being placed in the assured forwarding class?

A. The traffic is reclassified to the best effort forwarding class and is forwarded.
B. The traffic remains in the assured forwarding class and is forwarded.
C. The traffic is reclassified to the network control forwarding class and is forwarded.
D. The traffic remains in the assured forwarding class and is dropped.

Answer: B

Explanation

References: https://www.juniper.net/documentation/en_US/junos15.1/topics/concept/forwarding-classes-default-cos-config-guide.html


QUESTION 3
You are connecting your OSPF router to your customer’s RIP router and redistributing
the customer’s routes into your OSPF domain. Your OSPF routes is part of an NSSA
and the ABR is injecting an OSPF default route, which you have advertised to your customer.
After committing the configuration, you notice a routing loop
between your OSPF router and the customer’s RIP router.
Which action must you perform on your OSPF router to solve this problem?

A. Enable Type 7-to-Type 5 LSA conversion.
B. Set the customer-facing interface to passive.
C. Convert the area to a stub area.
D. Change the OSPF external route preference.

Answer: D

Explanation

Avoid routing loops by changing the OSPF external route preference.

Incorrect Answers:
A: If multiple NSSA ABR routers are present, it is recommended that not all ABRs perform
Type 7-to-5 translation to avoid routing loops.
B: We would have to make the interface on the RIP router, the customer router,
passive, not the customer-facing interface on the OSPF router.

Note: By default RIP broadcasts are sent from all interfaces. RIP allows us to control this behavior.
We can configure which interface should send RIP broadcast or
which not. Once we mark any interface as passive interface, RIP will stop sending updates from that interface.

References: https://www.juniper.net/documentation/en_US/junos15.1/topics/topic-map/ospf-stub-and-not-so-stubby-areas.html


QUESTION 4
A PE provides VLAN VPLS service to a CE attached with two links.
You want to prevent Layer 2 loops and provide link redundancy.
Which two actions will accomplish this task? (Choose two.)

A. Place both interfaces in a link aggregation group.
B. Configure different VLANs on each interface.
C. Configure all VLANs on both interfaces, on the PE, and on the CE.
D. Configure Spanning Tree Protocol between the PE and the CE.

Answer: B,D

Explanation

D: To prevent the formation of Layer 2 loops between the CE devices and the multihomed PE routers,
Juniper recommends that you employ the Spanning Tree
Protocol (STP) on your CE devices. Layer 2 loops can form due to inconfiguration.
Temporary Layer 2 loops can also form during convergence after a change in the network topology.

References: http://www.juniper.net/documentation/en_US/junos16.1/topics/topic-map/vpls-bgp-multihoming.html

Click here to view complete Q&A of JN0-661 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Juniper JN0-661 Certification, Juniper JN0-661 Training at certkingdom.com

A Hotels in Malta Theme. Designed by Malta Hotel and Malta Hotels