JN0-348 Practice Qs Flashcards
What are two benefits of 802.3ad link aggregation? (Choose two.)
A. It increases bandwidth.
B. It ensures symmetrical paths.
C. It simplifies interface configuration.
D. It creates physical layer redundancy.
- A. It increases bandwidth.
D. It creates physical layer redundancy.
Aggregating multiple links between physical interfaces creates a single logical point-to-point trunk link or a LAG. The LAG balances traffic across the member links within an aggregated Ethernet bundle and effectively increases the uplink bandwidth. Another advantage of link aggregation is increased availability, because the LAG is composed of multiple member links. If one member link fails, the LAG continues to carry traffic over the remaining links.
Which statement is true about IP-IP tunnels?
A. Intermediate devices must have a route to the destination address of the traffic being tunneled.
B. Intermediate devices must have a route to both the tunnel source address and the tunnel destination address.
C. Intermediate devices must have a route to the tunnel destination address but do not require a route to the tunnel source address.
D. Intermediate devices must have a route to the tunnel source address but do not require a route to the tunnel destination address.
- B. Intermediate devices must have a route to both the tunnel source address and the tunnel destination address.
The intermediary devices, located in the forwarding path between the tunnel endpoint, must be able to route between the tunnel endpoints.
To form a tunnel you need 3 things, Tunnel Source, Tunnel Destination and IP. The intermediary devices need to have a route to both.
You have a conference room with an open network port that is used by employees to connect to the network. You are concerned about rogue switches being connected to this port.
Which two features should you enable on your switch to limit access to this port? (Choose two.)
A. DHCP snooping
B. dynamic ARP inspection
C. MAC limiting
D. 802.1X
- C. MAC limiting
D. 802.1X
Should be (D)802.1X and (C)MAC limiting, as the question focuses on rogue switches. DHCP snooping and DAI are tracking IP <> MAC association which mitigates rogue hosts, not switches.
Which statement is correct about IS-IS link-state PDUs?
A. They are used to maintain link-state database synchronization.
B. They are used to establish adjacencies.
C. They are used to build the link-state database.
D. They are used to determine whether the neighbors are Level 1 or Level 2.
- C. They are used to build the link-state database.
Which Junos feature allows you to combine multiple interfaces into a single bundle? A. VRRP B. Virtual Chassis C. LAG D. NSB
- C. LAG
Link aggregation is used to aggregate Ethernet interfaces between two devices. The aggregated Ethernet interfaces that participate in a link aggregation group (LAG) are called member links. Because a LAG is composed of multiple member links, even if one member link fails, the LAG continues to carry traffic over the remaining links.
Which protocol prevents loops and calculates the best path through a switched network that contains redundant paths? A. VRRP B. STP C. DHCP D. IS-IS
- B. STP
Juniper Networks devices provide Layer 2 loop prevention through STP, RSTP, and MSTP. You can configure bridge protocols data unit (BPDU) protection on interfaces to prevent them from receiving BPDUs that could result in STP misconfigurations, which could lead to network outages.
Which two characteristics are true for EBGP peerings? (Choose two.)
A. EBGP peers must be directly connected.
B. EBGP connects peer devices in the same autonomous system.
C. EBGP connects peer devices in two different autonomous systems.
D. EBGP peers can be connected over a multihop connection.
- C. EBGP connects peer devices in two different autonomous systems.
D. EBGP peers can be connected over a multihop connection.
What are two advantages of a point-to-point OSPF adjacency? (Choose two.)
A. Only a DR is elected.
B. No type 1 LSAs are generated.
C. No type 2 LSAs are generated.
D. There is quicker neighbor establishment.
- C. No type 2 LSAs are generated.
D. There is quicker neighbor establishment.
Which two port security features use the DHCP snooping database for additional port security? (Choose two.) A. dynamic ARP inspection B. MACsec C. IP Source Guard D. MAC learning
- A. dynamic ARP inspection
C. IP Source Guard
DAI intercepts ARP packets on untrusted ports and validate against DHCP snooping database, IP Source Guard inspects IP packets on untrusted ports and validate against DHCP snooping database
You want to configure Layer 2 services over an IP-based tunneling mechanism between two sites. Which configuration statement is required to accomplish this task?
A. set interfaces gr-0/0/0.0 family bridge
B. set interfaces ip-0/0/0.0 encapsulation vlan-bridge
C. set interfaces gr-0/0/0.0 encapsulation vlan-bridge
D. set interfaces ip-0/0/0.0 family bridge
A. set interfaces gr-0/0/0.0 family bridge
Which two routes belong to the 172.16.0.0/22 aggregate route? (Choose two.) A. 172.16.4.0/24 B. 172.16.0.0/24 C. 172.16.5.0/24 D. 172.16.3.0/24
- B. 172.16.0.0/24
D. 172.16.3.0/24
255.255.252.0 :: 172.16.0.1-172.16.3.254
Which two statements are correct regarding the root bridge election process when using STP? (Choose two.)
A. A lower system MAC address is preferred.
B. A higher bridge priority is preferred.
C. A lower bridge priority is preferred.
D. A higher system MAC address is preferred.
- A. A lower system MAC address is preferred.
C. A lower bridge priority is preferred.
The switch with lower priority value is elected as the root bridge. If the priority values are equal for multiple switches then STP evaluates the system MAC addresses and elects the switch with the lowest MAC address as the root bridge.
What are two reasons for configuring more than one VLAN on a switch? (Choose two.)
A. A group of clients requires that security be applied to traffic entering or exiting the group’s devices.
B. A group of devices must forward traffic across a WAN.
C. A group of devices are connected to the same Layer 3 network.
D. A group of clients requires that the group’s devices receive less broadcast traffic than they are currently receiving.
- A. A group of clients requires that security be applied to traffic entering or exiting the group’s devices.
D. A group of clients requires that the group’s devices receive less broadcast traffic than they are currently receiving.
Referring to the exhibit, which configuration will force traffic to always use ae0.0 as long as it is active?
(Image shows three switches; SwitchC(sC) has two connections, one to sA and one to sB; sA connects to sC via ae0.0, while sB connects to sC via ge-0/0/0.0)
A.
user@switchC# show switch-options
redundant-trunk-group {
group rtg1 {
interface ge-0/0/0.0;
interface ae0.0 {
minimum-links 2;
}
}
}
B.
user@switchC# show switch-options
redundant-trunk-group {
group rtg1 {
interface ge-0/0/0.0 {
priority200;
}
interface ae0.0 {
priority254;
}
}
}
C.
user@switchC# show switch-options
redundant-trunk-group {
group rtg1 {
interface ge-0/0/0.0;
interface ae0.0 {
primary;
}
}
}
D.
user@switchC# show switch-options
redundant-trunk-group {
group rtg1 {
interface ge-0/0/0.0 {
track {
interface ae0.0;
}
}
}
}
C.
user@switchC# show switch-options
redundant-trunk-group {
group rtg1 {
interface ge-0/0/0.0;
interface ae0.0 {
primary;
}
}
}
https://www.juniper.net/documentation/en_US/junos/topics/topic-map/redundant-trunk-groups.htmlWhat are two characteristics of OSPF ABRs? (Choose two.)
A. ABRs transmit routing information between the backbone and other areas.
B. ABRs cannot be part of the backbone and another area at the same time.
C. ABRs inject routing information from outside the OSPF domain.
D. ABRs link two OSPF areas.
- A. ABRs transmit routing information between the backbone and other areas.
D. ABRs link two OSPF areas.
Area border router (ABR): An OSPF router with links in two areas, the ABR is responsible for connecting OSPF areas to the backbone. It transmits network information between the backbone and other areas.
Which statement is correct about trunk ports?
A. Trunk ports must have an IRB assigned to accept VLAN tagged traffic.
B. By default, trunk ports accept only VLAN tagged traffic.
C. By default, a trunk port can have only a single VLAN assigned.
D. trunk ports must have an IRB assigned to accept untagged traffic.
- B. By default, trunk ports accept only VLAN tagged traffic.
Your network is configured with dynamic ARP inspection (DAI) using the default parameters for all the DHCP and ARP related configurations. You just added a new device connected to a trunk port and configured it to obtain an IP address using DHCP.
Which two statements are correct in this scenario? (Choose two.)
A. The DHCP server assigns the IP addressing information to the new device.
B. DAI validates the ARP packets for the new device against the DHCP snooping database.
C. The ARP request and response packets for the new device will bypass DAI.
D. DHCP snooping adds the DHCP assigned IP address for the new device to its database.
- A. The DHCP server assigns the IP addressing information to the new device.
C. The ARP request and response packets for the new device will bypass DAI.
JUNOS for EX-series software uses DAI for ARP packets received on access ports, because these ports are, by default, untrusted . By default, Trunk ports are trusted , so ARP packets bypass DAI on them.
https://supportportal.juniper.net/s/article/What-is-Dynamic-Arp-Inspection-DAI-and-how-to-configure-it-on-EX-switches?language=en_US
