究極のガイド準備JN0-351認証試験JNCIS-ENTは2024年更新 [Q12-Q32]

究極のガイド準備JN0-351認証試験JNCIS-ENTは2024年更新

リアルJN0-351問題集でJuniper正確なアンサーは最新問題は2024年更新

質問 # 12
You are asked to connect an IP phone and a user computer using the same interface on an EX Series switch.
The traffic from the computer does not use a VLAN tag, whereas the traffic from the IP phone uses a VLAN tag.
Which feature enables the interface to receive both types of traffic?

A. MAC limiting
B. DHCP snooping
C. voice VLAN
D. native VLAN

正解：C

解説：
Explanation
The feature that enables an interface on an EX Series switch to receive both untagged traffic (from the computer) and tagged traffic (from the IP phone) is the voice VLAN12.
The voice VLAN feature in EX-series switches enables access ports to accept both data (untagged) and voice (tagged) traffic and separate that traffic into different VLANs12. This allows the switch to differentiate between voice and data traffic, ensuring that voice traffic can be treated with a higher priority12. Therefore, option D is correct.

質問 # 13
Exhibit

You are receiving the BGP route shown in the exhibit from four different upstream ISPs.
Referring to the exhibit, which ISP will be selected as the active path?

A. ISP 4
B. ISP1
C. ISP 2
D. ISP 3

正解：A

解説：
Explanation
In BGP, the path selection process is based on a set of attributes1. The process starts by preferring the path with the highest weight, then the highest local preference, then the locally originated routes, and so on1. If all these attributes are the same, then it prefers the path with the shortest AS path1.
Referring to the exhibit, all four ISPs have the same weight, local preference, and origin1. However, ISP 4 has the shortest AS path1. Therefore, ISP 4 will be selected as the active path. So, option C is correct.

質問 # 14
Exhibit.

You want to enable redundancy for the EBGP peering between the two routers shown in the exhibit. Which three actions will you perform in this scenario? (Choose three.)

A. Configure a cluster ID.
B. Configure routes for the peer loopback interface IP addresses.
C. Configure an MD5 peer authentication.
D. Configure loopback interface peering.
E. Configure BGP multihop.

正解：B、D、E

解説：
A is correct because you need to configure BGP multihop to enable redundancy for the EBGP peering between the two routers. BGP multihop is a feature that allows BGP peers to establish a session over multiple hops, instead of requiring them to be directly connected1. By default, EBGP peers use a time-to-live (TTL) value of 1 for their packets, which means that they can only reach adjacent neighbors1. However, if you configure BGP multihop with a higher TTL value, you can allow EBGP peers to communicate over multiple routers in between1. This can provide redundancy in case of a link failure or a router failure between the EBGP peers.
B is correct because you need to configure loopback interface peering to enable redundancy for the EBGP peering between the two routers. Loopback interface peering is a technique that uses loopback interfaces as the source and destination addresses for BGP sessions, instead of physical interfaces2. Loopback interfaces are virtual interfaces that are always up andreachable as long as the router is operational2. By using loopback interface peering, you can avoid the dependency on a single physical interface or link for the BGP session, and use multiple paths to reach the loopback address of the peer2. This can provide redundancy and load balancing for the EBGP peering.
C is correct because you need to configure routes for the peer loopback interface IP addresses to enable redundancy for the EBGP peering between the two routers. Routes for the peer loopback interface IP addresses are necessary to ensure that the routers can reach each other's loopback addresses over multiple hops2. You can use static routes or dynamic routing protocols to advertise and learn the routes for the peer loopback interface IP addresses2. Without these routes, the routers will not be able to establish or maintain the BGP session using their loopback interfaces.

質問 # 15
Exhibit

Referring to the exhibit, which statement is correct?

A. The local device is using a bridge priority of 4k.
B. The root bridge has not been elected for this RSTP topology.
C. The root bridge is using a bridge priority of 4k.
D. The local device is the root bridge for this RSTP topology.

正解：D

解説：
Explanation
In a Rapid Spanning Tree Protocol (RSTP) topology, the root bridge is determined by the switch with the lowest bridge priority value12. If all switches have the same priority, then the root bridge is assigned to the switch whose MAC address's hex value is the lowest2. The default bridge priority value is 3276832. However, without the actual exhibit, it's difficult to definitively determine which device is the root bridge. But based on the options provided, if we assume that the local device has a lower bridge priority or a lower MAC address than other devices in the network, then it could be considered as the root bridge for this RSTP topology45.

質問 # 16
Which two statements about redundant trunk groups on EX Series switches are correct? (Choose two.)

A. Layer 2 control traffic is permitted on the secondary link
B. If the active link fails, then the secondary link automatically takes over.
C. Redundant trunk groups load-balance traffic across two designated uplink interfaces.
D. Redundant trunk groups must be connected to the same aggregation switch.

正解：B、D

解説：
Explanation
Redundant Trunk Groups (RTGs) on EX Series switches provide a simple solution for network recovery when a trunk port on a switch goes down1. They are configured on the access switch and contain two links: a primary or active link, and a secondary link1. Therefore, option B is correct because if the active link fails, the secondary link automatically starts forwarding data traffic without waiting for normal spanning-tree protocol convergence1.
Option D is also correct. In a typical enterprise network composed of distribution and access layers, RTGs are used where one Access switch is connected to two different uplink switches2. This implies that RTGs must be connected to the same aggregation switch2.

質問 # 17
You are asked to connect an IP phone and a user computer using the same interface on an EX Series switch.
The traffic from the computer does not use a VLAN tag, whereas the traffic from the IP phone uses a VLAN tag.
Which feature enables the interface to receive both types of traffic?

A. MAC limiting
B. DHCP snooping
C. voice VLAN
D. native VLAN

正解：C

質問 # 18
Exhibit

You are troubleshooting an issue where traffic to 192.168.10.0/24 is being sent to R1 instead of your desired path through R2.
Referring to the exhibit, what is the reason for the problem?

A. R2's route is not the best path due to a lower origin code.
B. R1's route is the best path due to a higher local preference
C. R2's route is not the best path due to loop prevention.
D. R1's route is the best path due to the shorter AS path.

正解：B

解説：
The exhibit shows the output of the command show ip bgp, which displays information about the BGP routes in the routing table1. The output shows two routes for the destination 192.168.10.0/24, one from R1 and one from R2.
The route from R1 has a local preference of 200, while the route from R2 has a local preference of
100. Local preference is a BGP attribute that indicates the degree of preference for a route within an autonomous system (AS)2. A higher local preference means a more preferred route2.
BGP uses a best path selection algorithm to choose the best route for each destination among multiple paths. The algorithm compares different attributes of the routes in a specific order of precedence3. The first attribute that is compared is weight, which is a Cisco-specific attribute that is local to the router3. If the weight is equal or not set, the next attribute that is compared is local preference3.
In this case, both routes have the same weight of 0, which means that they are learned from external BGP (eBGP) peers3. Therefore, the next attribute that is compared is local preference. Since R1's route has a higher local preference than R2's route, it is chosen as the best path and installed in the routing table3. The other attributes, such as origin code and AS path, are not considered in this case.

質問 # 19
You are attempting to configure the initial two aggregated Ethernet interfaces on a router but there are no aggregated Ethernet interfaces available.
In this scenario, which configuration will enable these interfaces on this router?

正解：D

解説：
Explanation
The correct answer to your question is
Option C shows the configuration of the statement, which defines the properties of the router chassis, such as the number of aggregated Ethernet interfaces, the number of FPCs, and the number of PICs1.
To enable aggregated Ethernet interfaces on a router, you need to specify the aggregated-devices statement under the chassis parameter to the desired number of interfaces2. For example, to enable two aggregated Ethernet interfaces, you can use the following configuration:
chassis { aggregated-devices { ethernet { device-count 2; } } }
Option C shows this configuration with the device-count set to 2, which will enable two aggregated Ethernet interfaces on the router. The other options do not show this configuration and will not enable any aggregated Ethernet interfaces on the router.
Therefore, option C is the correct answer to your question.

質問 # 20
You are concerned about spoofed MAC addresses on your LAN.
Which two Layer 2 security features should you enable to minimize this concern? (Choose two.)

A. dynamic ARP inspection
B. DHCP snooping
C. static ARP
D. IP source guard

正解：A、B

解説：
A is correct because dynamic ARP inspection (DAI) is a Layer 2 security feature that prevents ARP spoofing attacks. ARP spoofing is a technique that allows an attacker to send fake ARP messages to associate a spoofed MAC address with a legitimate IP address. This can result in traffic redirection, man-in-the-middle attacks, or denial-of-service attacks. DAI validates ARP packets by checking the source MAC address and IP address against a trusted database, which is usually built by DHCP snooping1. DAI discards any ARP packets that do not match the database or have invalid formats1.
C is correct because DHCP snooping is a Layer 2 security feature that prevents DHCP spoofing attacks.
DHCP spoofing is a technique that allows an attacker to act as a rogue DHCP server and offer fake IP addresses and other network parameters to unsuspecting clients. This can result in traffic redirection, man-in-the-middle attacks, or denial-of-service attacks. DHCP snooping filters DHCP messages by classifying switch ports as trusted or untrusted. Trusted ports are allowed to send and receive any DHCP messages, while untrusted ports are allowed to send only DHCP requests and receive only valid DHCP replies from trusted ports2. DHCP snooping also builds a database of MAC addresses, IP addresses, lease times, and binding types for each client2.

質問 # 21
You implemented the MAC address limit feature with the shutdown action on all interfaces on your switch.
In this scenario, which statement is correct when a violation occurs?

A. By default, the interface will continue to send and receive traffic for all connected devices after a violation has occurred.
B. By default, devices that are learned before the violation occurs are still allowed to send and receive traffic through the specific interface.
C. By default, you must manually clear the violation for the interface to send and receive traffic again.
D. By default, the violation will automatically be cleared after 300 seconds and the interface will resume sending and receiving traffic for all learned devices.

正解：C

解説：
Explanation
When the MAC address limit feature with the shutdown action is implemented on a switch, if a violation occurs, the interface is disabled and a system log entry is generated1. If the switch has been configured with the port-error-disable statement, the disabled interface recovers automatically upon expiration of the specified disable timeout1. However, if the switch has not been configured for auto-recovery from port error disabled conditions, you must manually clearthe violation by running the clear ethernet-switching port-error command for the interface to send and receive traffic again1. This explanation is based on the Enterprise Routing and Switching Specialist (JNCIS-ENT) documents and learning resources available at Juniper Networks1.

質問 # 22
Exhibit

What does the * indicate in the output shown in the exhibit?

A. All interfaces have elected a root bridge.
B. The interface is active.
C. The switch ports have a router attached.
D. The interface is down.

正解：B

解説：
The exhibit shows the output of the command show vlans brief, which displays brief information about VLANs and their associated interfaces1.
The output has four columns: Routing instance, VLAN name, Interfaces, and Tagging.
The * symbol indicates that the interface is active, meaning that it is up and forwarding traffic1. This can be verified by the command , which displays the status of the interfaces2.

質問 # 23
You are a network operator who wants to add a second ISP connection and remove the default route to the existing ISP You decide to deploy the BGP protocol in the network.
What two statements are correct in this scenario? (Choose two.)

A. IBGP peers advertise routes received from EBGP peers to other IBGP peers.
B. IBGP updates the next-hop attribute to ensure reachability within an AS.
C. EBGP peers advertise routes received from IBGP peers to other EBGP peers.
D. IBGP peers advertise routes received from IBGP peers to other IBGP peers.

正解：A、B

解説：
A is correct because IBGP updates the next-hop attribute to ensure reachability within an AS. This is because the next-hop attribute is the IP address of the router that advertises the route to a BGP peer. If the next-hop attribute is not changed by IBGP, it would be the IP address of an external router, which may not be reachable by all routers within the AS. Therefore, IBGP updates the next-hop attribute to the IP address of the router that received the route from an EBGP peer1.
B is correct because IBGP peers advertise routes received from EBGP peers to other IBGP peers. This is because BGP follows the rule of advertising only the best route to a destination, and EBGP routes have a higher preference than IBGP routes. Therefore, IBGP peers advertise routes learned from an EBGP peer to all BGP peers, including both EBGP and IBGP peers1.

質問 # 24
Which statement is correct about the storm control feature?

A. The storm control feature is enabled in the factory-default configuration on EX Series switches.
B. The storm control configuration only applies to traffic being sent between the forwarding and control plane.
C. The storm control feature requires a special license on EX Series switches.
D. The storm control feature is not supported on aggregate Ethernet interfaces.

正解：A

解説：
Option A is correct. The storm control feature is enabled in the factory-default configuration on EX Series switches12. On EX2200, EX3200, EX3300, EX4200, and EX6200 switches, the factory default configuration enables storm control for broadcast and unknown unicast traffic on all switch interfaces2. On EX4300 switches, the factory default configuration enables storm control on all Layer 2 switch interfaces1.
Option B is incorrect. The storm control feature does not require a special license on EX Series switches34.
Option C is incorrect. There's no information available that suggests the storm control feature is not supported on aggregate Ethernet interfaces.
Option D is incorrect. The storm control configuration applies to traffic at the ingress of an interface5, not just between the forwarding and control plane.

質問 # 25
A new network requires multiple topology support. You decide to use IS-IS in this situation. Which three protocol topologies are supported in this scenario? (Choose three.)

A. IPv4
B. multicast
C. IPv6
D. anycast
E. IPsec

正解：A、B、C

解説：
Explanation
IS-IS (Intermediate System to Intermediate System) is a routing protocol that is designed to move information efficiently within a computer network12. It supports multiple protocol topologies, including IPv4, IPv6, and multicast12. Therefore, options C, E, and D are correct.

質問 # 26
Which two statements about redundant trunk groups on EX Series switches are correct? (Choose two.)

A. Redundant trunk groups load balance traffic across two designated uplink interfaces.
B. If the active link fails, then the secondary link automatically takes over.
C. Layer 2 control traffic is permitted on the secondary link.
D. Redundant trunk groups use spanning tree to provide loop-free redundant uplinks.

正解：B、C

解説：
C is correct because Layer 2 control traffic is permitted on the secondary link of a redundant trunk group (RTG) on EX Series switches. Layer 2 control traffic includes protocols such as LLDP, LACP, and STP, which are used to exchange information and coordinate actions between switches1. According to the Juniper Networks documentation2, Layer 2 control traffic is allowed to pass through both the active and the secondary links of an RTG, but data traffic is only forwarded through the active link. This allows the switches to maintain their Layer 2 adjacencies and monitor the link status on both links.
D is correct because if the active link fails, then the secondary link automatically takes over in an RTG on EX Series switches. An RTG consists of two trunk links: an active or primary link, and a secondary or backup link2. The active link is used to forward data traffic, while the secondary link is in standby mode. If the active link fails or becomes unavailable, the secondary link immediately transitions to a forwarding state and takes over the data traffic without waiting for normal STP convergence2. This provides fast recovery and redundancy for the network.

質問 # 27
What is the default MAC age-out timer on an EX Series switch?

A. 30 minutes
B. 300 seconds
C. 300 minutes
D. 30 seconds

正解：B

解説：
Explanation
The default MAC age-out timer on an EX Series switch is 300 seconds12. The MAC age-out timer is the maximum time that an entry can remain in the MAC table before it "ages out," or is removed31. This configuration can influence efficiency of network resource use by affecting the amount of traffic that is flooded to all interfaces1. When traffic is received for MAC addresses no longer in the Ethernet routing table, the router floods the traffic to all interfaces1.

質問 # 28
Two routers share the same highest priority and start time.

A. The router with the highest MAC address become the DR
B. In this situation, what is evaluated next when determining the designated router? The router with the lowest router ID become the DR.
C. The routers perform another DR election.
D. The router with the highest router ID becomes the DR

正解：D

解説：
According to the OSPF protocol, the designated router (DR) is the router that acts as the focal point for exchanging routing information on a multi-access network segment, such as a LAN1. The DR election process is based on the following criteria, in order of precedence1:
The router with the highest OSPF priority becomes the DR. The default priority is 1, and a priority of 0 means the router will not participate in the election.
If there is a tie in priority, the router with the highest router ID becomes the DR. The router ID is a 32-bit number that uniquely identifies a router in an OSPF domain. It can be manually configured or automatically derived from the highest IP address of a loopback interface or a physical interface.
If there is a tie in router ID, the router that was first to become an OSPF neighbor becomes the DR.
In your scenario, two routers share the same highest priority and start time. This means that they have equal chances of becoming the DR based on the first and third criteria. Therefore, the second criterion will be used to break the tie, which is the router ID. The router with the highest router ID will become the DR, and the other router will become the backup designated router (BDR), which is ready to take over the role of DR if it fails1.

質問 # 29
Exhibit

Your ISP is announcing a default route to both R1 and R2. You want your network routers to forward all Internet traffic through the R1 device Which BGP attribute would you use?

A. MED
B. origin
C. local preference
D. next-hop

正解：C

解説：
Explanation
The BGP attribute that you would use to forward all Internet traffic through the R1 device is the local preference1.
The local preference is an attribute that is used within an autonomous system (AS) and exchanged between iBGP routers1. It is used to select an exit point from the AS1. The path with the highest local preference is preferred1. By setting a higher local preference for the routes received from R1, you can make R1 the preferred exit point for all Internet traffic1.

質問 # 30
Exhibit.

You want to verify prefix information being sent from 10.36.1.4.
Which two statements are correct about the output shown in the exhibit? (Choose two.)

A. The output shows routes that are active and rejected by an import policy.
B. The routes displayed have traversed one or more autonomous systems.
C. The routes displayed are being learned from an I BGP peer.
D. The output shows routes that were received prior to the application of any BGP import policies.

正解：B、D

解説：
Explanation
The output shown in the exhibit is the result of the command "show ip bgp neighbor 10.36.1.4 received-routes", which displays all received routes (both accepted and rejected) from the specified neighbor.
Option A is correct, because the routes displayed have traversed one or more autonomous systems. This can be seen from the AS_PATH attribute, which shows the sequence of AS numbers that the route has passed through. For example, the route 10.0.0.0/8 has an AS_PATH of 65001 65002, which means that it has traversed AS 65001 and AS 65002 before reaching the local router.
Option B is correct, because the output shows routes that were received prior to the application of any BGP import policies. This can be seen from the fact that some routes have a status code of "r", which means that they are rejected by an import policy. The"received-routes" keyword shows the routes coming from a given neighbor before the inbound policy has been applied. To see the routes after the inbound policy has been applied, the "routes" keyword should be used instead.
Option C is incorrect, because the output does not show routes that are active and rejected by an import policy.
The status code of "r" means that the route is rejected by an import policy, but it does not mean that it is active. The status code of ">" means that the route is active and selected as the best path. None of the routes in the output have both ">" and "r" status codes.
Option D is incorrect, because the routes displayed are not being learned from an IBGP peer. An IBGP peer is a BGP neighbor that belongs to the same AS as the local router. The output shows that the neighbor 10.36.1.4 has a remote AS of 65001, which is different from the local AS of 65002. Therefore, the neighbor is an EBGP peer, not an IBGP peer.

質問 # 31
What is the maximum allowable MTU size for a default GRE tunnel without IPv4 traffic fragmentation?

A. 1476 bytes
B. 1480 bytes
C. 1500 bytes
D. 1496 bytes

正解：A

解説：
Explanation
The maximum allowable MTU size for a default GRE tunnel without IPv4 traffic fragmentation is 1476 bytes1. This is because GRE packets are formed by the addition of the original packets and the required GRE headers1. These headers are 24-bytes in length and since these headers are added to the original frame, depending on the original size of the packet we may run into IP MTU problems1. The most common IP MTU is 1500-bytes in length (Ethernet)1. When the tunnel is created, it deducts the 24-bytes it needs to encapsulate the passenger protocols and that is the IP MTU it will use1. For example, if we are forming a tunnel over FastEthernet (IP MTU 1500)the IOS calculates the IP MTU on the tunnel as: 1500-bytes from Ethernet -
24-bytes for the GRE encapsulation = 1476-Bytes1.

質問 # 32
......

JNCIS-ENT JN0-351試験練習問題集：https://www.jpntest.com/shiken/JN0-351-mondaishu

JN0-351プレミアム資料テストPDFで無料問題集お試しセット：https://drive.google.com/open?id=1gUfcO7RDsV21ZnsQxRGFpjcIEqBmlxoN