Server farm goes solar
A data storage company generates all its own power using solar panels.
Business 2.0 Magazine
By Todd Woody, Business 2.0 Magazine
October 4 2007: 4:53 AM EDT
(Business 2.0 Magazine) -- Massive data centers are vital to the economy. They are also notorious power hogs. If their numbers keep growing at the expected rate, the United States alone will need nearly a dozen new power plants by 2011 just to keep the data flowing, according to the Environmental Protection Agency.
That\'s why a small server-farm company called AISO.net (for \"affordable Internet services online\") has gone completely off the grid. Located 80 miles southeast of Los Angeles in the desert hamlet of Romoland, AISO.net has flanked its 2,000-square-foot building with two banks of ground-mounted solar panels, which generate 12 kilowatts of electricity. Batteries store the juice for nighttime operation.
To slash energy consumption, AISO.net switched from 120 individual servers to four IBM blades running virtualization software that lets one computer do the work of multiple machines. The cooling system cranks up for only about 10 minutes an hour, and when the outside temperature drops to 60 degrees, air is sucked into the building to cool the servers. Solar tubes built into the roof illuminate the facility's interior.
The service is attracting plenty of eco-conscious clients. Al Gore's Live Earth concerts were webcast on AISO.net's servers in July. And San Diego startup GreenestHost is reselling AISO.net's services to mom-and-pop website operators who want to go carbon-neutral. "Small data centers could easily start to adapt and make changes like this," says AISO.net co-founder Phil Nail, who claims the project cost about $100,000.
His monthly electric bills, once as high as $3,000, have dropped to zero. Larger data centers can't match that. But Sun Microsystems (Charts, Fortune 500) did recently slash power consumption 61 percent by consolidating its Silicon Valley servers into a single state-of-the-art facility. And IBM (Charts, Fortune 500) BladeCenter VP Alex Yost sees growing demand for energy-efficient servers like the ones AISO.net uses. "It's an enormous economic opportunity," he says.
Friday, August 22, 2008
Wednesday, December 26, 2007
my Test Center in Karachi
Softworld Intl. (Pvt) Ltd.
305, Landmark Plaza, Muhammad Bin Qasim Road,
Off. I.I.Chundrigar Road, Karachi - 74200, Pakistan.
Tel: (92-21) 2626380-81
Fax: (92-21) 2635218 - 2626465
Emails:
Information - info@softworld.com.pk
Sales - sales@softworld.com.pk
Support - support@softworld.com.pk
Office Direction:
See my other blogs
http://cd-bills.blogspot.com/
Good area to visit frequently. I put topics that my friends ask from me. or what ever I search for myself. :)
Covering Linux information, Networking, Mac OS, some general topics
http://certification-juniper.blogspot.com/
You are here right now.. name says all, will also post other certifications...
http://youtubedl-how-to.blogspot.com/
started with the first post how to download youtube.. some other good informations. I'll soon copy its contant to http://cd-bills.blogspot.com
http://tecom-pk.blogspot.com/
Tecom Pakistan (Pvt.) Ltd.
they are the sole distributors of Siemens mobiles, BanQ Moblies, Everon Accessories for Mobiles and Computers.
My client :)
http://iqbalsajid.blogspot.com/
started to post some personals, don't get time to update.. will soon be active :)
Good area to visit frequently. I put topics that my friends ask from me. or what ever I search for myself. :)
Covering Linux information, Networking, Mac OS, some general topics
http://certification-juniper.blogspot.com/
You are here right now.. name says all, will also post other certifications...
http://youtubedl-how-to.blogspot.com/
started with the first post how to download youtube.. some other good informations. I'll soon copy its contant to http://cd-bills.blogspot.com
http://tecom-pk.blogspot.com/
Tecom Pakistan (Pvt.) Ltd.
they are the sole distributors of Siemens mobiles, BanQ Moblies, Everon Accessories for Mobiles and Computers.
My client :)
http://iqbalsajid.blogspot.com/
started to post some personals, don't get time to update.. will soon be active :)
Saturday, December 15, 2007
JNCIA-ER Preassessment test Q&A scored 76% with these answers
Juniper Networks
Which JUNOS software feature forms the basis for JUNOScope? Which JUNOS software feature forms the basis for JUNOScope?
A. SDX A. SDX
B. J-Web B. J-Web
C. BSD Kernel C. BSD Kernel
D. JUNOScript D. JUNOScript
14. Which additional boot device is available on a J4300 or J6300 router? 14. Which additional boot device is available on a J4300 or J6300 router?
A. USB A. USB
B. hard drive B. hard drive
C. LS-120 floppy disk C. LS -120 floppy disk
D. removable compact flash D. removable compact flash
p.61 P.61
When using the J-Web interface to configure RIP, which two policies are automatically configured by the router? (Choose two.) When using the J-Web interface to configure RIP, which two policies are automatically configured by the router? (Choose two.)
A. Import policy to block RIP routes. A. Import policy to block RIP routes.
B. Import policy to block direct routes. B. Import policy to block direct routes.
C. Export policy to advertise RIP routes. C. Export policy to advertise RIP routes.
D. Export policy to advertise direct routes. D. Export policy to advertise direct routes.
P,351 P, 351
What are three characteristics of the JUNOS software? (Choose three.) What are three characteristics of the JUNOS software? (Choose three.)
A. Contains easy to read registry keys. A. Contains easy to read registry keys.
B. Contains a modular operating system. B. Contains a modular operating system.
C. Separate forwarding and control planes. C. Separate forwarding and control planes.
D. Single software train for all M,T and J-series routers. D. Single software train for all M, T and J-series routers.
p.43 P.43
JUNOS User Interfaces JUNOS User Interfaces
Installation and Initial Configuration Installation and Initial Configuration
During autoinstalltion, how many attempts are made to retrieve the hostname.conf file? During autoinstalltion, how many attempts are made to retrieve the hostname.conf file?
A. 1 A. 1
B. 2 B. 2
C. 3 C. 3
D. 4 D. 4
p.179 P.179
Which represents a valid method for obtaining an IP address during an autoinstallation process? Which represents a valid method for obtaining an IP address during an autoinstallation process?
A. RIP A. RIP
B. BGP B. BGP
C. OSPF C. OSPF
D. DHCP D. DHCP
What is one way to activate the rescue configuration on a J-series router? What is one way to activate the rescue configuration on a J-series router?
A. Issue the load rescue command. A. Issue the load rescue command.
B. Issue the activate rescue command. B. Issue the activate rescue command.
C. Press the rescue button for less than 5 seconds. C. Press the rescue button for less than 5 seconds.
D. Press the configuration button for less than 5 seconds. D. Press the configuration button for less than 5 seconds.
p.57 P.57
Operational Monitoring and Maintenance Operational Monitoring and Maintenance
Which CLI command displays any active alarms on the router? Which CLI command displays any active alarms on the router?
A. show system alarms A. show system alarms
B. show chassis alarms B. show chassis alarms
C. show system environment C. show system environment
D. show chassis environment D. show chassis environment
p.246 P.246
16. Which J-Web window pane allows you to view and manage licenses? 16. Which J-Web window pane allows you to view and manage licenses?
A. Monitor A. Monitor
B. Manage B. Manage
C. Diagnose C. Diagnose
D. Configuration D. Configuration
P,284 P, 284
24. Which J-Web menu displays the hardware currently installed in the router? 24. Which J-Web menu displays the hardware currently installed in the router?
A. Monitor > Chassis A. Monitor> Chassis
B. Diagnose > Chassis B. Diagnose> Chassis
C. Diagnose > Hardware C. Diagnose> Hardware
D. Monitor > Environment D. Monitor> Environment
Which J-Web menu displays the amount of free space on the router's compact flash? Which J-Web menu displays the amount of free space on the router's compact flash?
A. Monitor > Flash A. Monitor> Flash
B. Diagnose > Flash B. Diagnose> Flash
C. Monitor > System C. Monitor> System
D. Manage > System D. Manage> System
p.244 P.244
Based on these parameters, which type of ping packet will be sent? Based on these parameters, which type of ping packet will be sent?
A. one packet with payload of 1200 data bytes and with the do not fragment bit set A. one packet with payload of 1200 data bytes and with the do not fragment bit set
B. one packet with payload of 1200 data bytes and the record route option set B. one packet with payload of 1200 data bytes and the record route option set
C. 1200 packets with a destination ip address of C. 1200 packets with a destination ip address of 10.0.1 10.0.1 .201 .201
D. one packet with a source ip address of D. one packet with a source ip address of 10.0.1 10.0.1 .201 and a TTL value of 32 .201 And a TTL value of 32
19. What is the JUNOS software term for decoding protocol packets? 19. What is the JUNOS software term for decoding protocol packets?
A. dump A. dump
B. stat B. stat
C. trace C. trace
D. debug D. debug
Routing Protocols and Policy Routing Protocols and Policy
12. Which statement describes the function of a routing policy? 12. Which statement describes the function of a routing policy?
A. It controls the size of routing protocol packets. A. It controls the size of routing protocol packets.
B. It allows routing protocols to be auto configured. B. It allows routing protocols to be auto configured.
C. It allows for the configuration and management of user persmissons. C. It allows for the configuration and management of user persmissons.
D. It controls routing information transferred in and out of the routing table. D. It controls routing information transferred in and out of the routing table.
p.316 P.316
13. What are three protocol limitations of RIP? (Choose three.) 13. What are three protocol limitations of RIP (Choose three.)
A. It has a maximum network diameter. A. It has a maximum network diameter.
B. It can only be used on broadcast links. B. It can only be used on broadcast links.
C. It will count to infinity and slow down loop prevention. C. It will count to infinity and slow down loop prevention.
D. It will send periodic updates of the entire routing table. D. It will send periodic updates of the entire routing table.
p.348 P.348
15. Where do you configure a RIP neighbor in the CLI? 15. Where do you configure a RIP neighbor in the CLI?
A. under [routing rip neighbor] A. under [routing rip neighbor]
B. under [protocols rip neighbor] B. under [protocols rip neighbor]
C. under [routing rip group "group-name" neighbor] C. under [routing rip group "group-name" neighbor]
D. under [protocols rip group "group-name" neighbor] D. under [protocols rip group "group-name" neighbor]
p.316 P.316
17. Which type of policy allows RIP routes to be placed into OSPF? 17. Which type of policy allows RIP routes to be placed into OSPF?
A. RIP import policy A. RIP import policy
B. RIP export policy B. RIP export policy
C. OSPF import policy C. OSPF import policy
D. OSPF export policy D. OSPF export policy
18. What are two action types in the Juniper routing policy? (Choose two.) 18. What are two action types in the Juniper routing policy? (Choose two.)
A. sorting A. sorting
B. ee-writing B. ee-writing
C. terminating C. terminating
D. flow control D. flow control
p.316 P.316
25. Which CLI command displays routes received from a RIP neighbor? 25. Which CLI command displays routes received from a RIP neighbor?
A. show rip route "neighbor" A. show rip route "neighbor"
B. show rip receive-route "neighbor" B. show rip receive-route "neighbor"
C. show route protocol rip "neighbor" C. show route protocol rip "neighbor"
D. show route receive-protocol rip "neighbor" D. show route receive-protocol rip "neighbor"
20. Why would you apply an export policy to a routing protocol? 20. Why would you apply an export policy to a routing protocol?
A. to allow a route to be accepted into your routing table A. to allow a route to be accepted into your routing table
B. to allow a route to be advertised out of your routing table B. to allow a route to be advertised out of your routing table
C. to allow a route to have a higher metric in your routing table C. to allow a route to have a higher metric in your routing table
D. to allow a route to be be rejected from entering your routing table D. to allow a route to be be rejected from entering your routing table
21. Why would you apply an import policy to a protocol? 21. Why would you apply an import policy to a protocol?
A. to restrict traffic that enters your router A. to restrict traffic that enters your router
B. to redistribute routes between protocols B. to redistribute routes between protocols
C. to modify route properties in routes you send to other routers C. to modify route properties in routes you send to other routers
D. to modify route properties of routes received from other routers D. to modify route properties of routes received from other routers
23. Which CLI command displays all static routes in the routing table? 23. Which CLI command displays all static routes in the routing table?
A. show static all A. show static all
B. show route static B. show route static
C. show static route C. show static route
D. show route protocol static D. show route protocol static
5. Where do you configure static routes in the Junos CLI? 5. Where do you configure static routes in the Junos CLI?
A. under [static route] A. under [static route]
B. under [protocols static] B. under [protocols static]
C. under [policy-options static] C. under [policy-options static]
D. under [routing-options static] D. under [static routing-options]
6. Which CLI command displays the current RIP configuration on a J-series router? 6. Which CLI command displays the current RIP configuration on a J-series router?
A. show protocols rip A. show protocols rip
B. show configuration rip B. show configuration rip
C. show rip configuration C. show rip configuration
D. show configuration protocols rip D. show configuration protocols rip
Which tool can be used to verify that packets are using the correct path towards a given destination? Which tool can be used to verify that packets are using the correct path towards a given destination?
A. ping A. ping
B. netstat B. netstat
C. nslookup C. nslookup
D. traceroute D. traceroute
Which routing technology is often used when a customer is single-homed to a service provider? Which routing technology is often used when a customer is single-homed to a service provider?
A. RIP A. RIP
B. BGP B. BGP
C. Static C. Static
D. OSPF D. OSPF
Which CLI command displays the status of each operational OSPF link on the router? Which CLI command displays the status of each operational OSPF link on the router?
A. show ospf neighbor A. show ospf neighbor
B. show ospf adjacency B. show ospf adjacency
C. show ospf interface C. show ospf interface
D. show ospf statistics D. show ospf statistics
A JUNOS router has a packet filter configured under [edit firewall family inet]. Which two statements accurately reflect the operation of this packet filter? (Choose two.) A JUNOS router has a packet filter configured under [edit firewall family inet]. Which two statements accurately reflect the operation of this packet filter? (Choose two.)
A. It maintains protocol state. A. It maintains protocol state.
B. It does not maintain protocol state. B. It does not maintain protocol state.
C. It processes packets independently of a particular flow. C. It processes packets independently of a particular flow.
D. It processes packets within the context of a particular flow. D. It processes packets within the context of a particular flow.
Which three daemons are contained in the JUNOS software? (Choose three.) Which three daemons are contained in the JUNOS software? (Choose three.)
A. VPN A. VPN
B. Chassis B. Chassis
C. Management C. Management
D. Routing Protocol D. Routing Protocol
Wrong (Iqbal Sajid)
Adaptive Services Adaptive Services
22. Which protocol family must be configured on an interface to allow ICMP traffic to be received? 22. Which protocol family must be configured on an interface to allow ICMP traffic to be received?
A. ip A. ip
B. inet B. inet
C. icmp C. icmp
D. management D. management
Which major J-Web menu should you use to send an ICMP echo request packet to a neighboring router? Which major J-Web menu should you use to send an ICMP echo request packet to a neighboring router?
A. Monitor A. Monitor
B. Manage B. Manage
C. Diagnose C. Diagnose
D. Configuration D. Configuration
Wednesday, December 12, 2007
JUNIPER JNCIS-ER preassessment exam Q&A
Yesturday night I've cleared two preassesment test from Juniper.
Copying here all the questions with answers. I scored 96% with these answers
Copying here all the questions with answers. I scored 96% with these answers
Juniper Networks Certified Internet Associate
Q. Which attributes are automatically updated when a BGP update is sent to an EBGP
neighbor? (choose 2) A,D
A. BGP Next-hop attribute
B. Local Preference attribute
C. Multi Exit Descriminator (MED) attribute
D. AS-Path attribute
E. Origin attribute
Q. Which statements are true about post-service-filters? (choose 3) A,C,D
A. A post-service-filter can only be used on input
B. A post-service-filter can be used on input, output or both
C. A post-service-filter is only applied to packets that are processed by a service-set
D. A post-service-filter is a standard stateless firewall-filter
Q. For a given prefix 10.10.10.0/23 learned as an OSPF Internal Intra-Area, an OSPF
Internal Inter-Area and an OSPF AS External type 1, which route will be preferred? A
A. OSPF Internal Intra-Area route
B. OSPF Internal Inter-Area route
C. OSPF AS External type 1
D. Equal cost load sharing will occur if equal cost paths exist
Q. Your enterprise is dual-homed to the same Service Provider using BGP, with two links
having bandwidth of STM1/OC3 and STM4/OC12 respectively. You want to influence all traffic
leaving your autonomous-system to use the STM/OC12 link.
Which BGP attributes can you modify to accomplish this goal? (choose 2) B,D
A. Set Local Preference in an import policy for routes learned from the neighbor on the
STM4/OC12 link to be 80
B. Set Local Preference in an import policy for routes learned from the neighbor on the
STM4/OC12 link to be 180
C. Configure the import-policy for the STM4/OC12 neighbor to set the ORIGIN attribute to
be INCOMPLETE
D. Configure the import-policy for the STM1/OC3 neighbor to as-path prepend the
neighbors autonomous-system twice
E. Configure the import-policy for the STM4/OC12 neighbor to as-path prepend the
neighbors autonomous-system twice
Q.
neighbor? (choose 2) A,D
A. BGP Next-hop attribute
B. Local Preference attribute
C. Multi Exit Descriminator (MED) attribute
D. AS-Path attribute
E. Origin attribute
Q. Which statements are true about post-service-filters? (choose 3) A,C,D
A. A post-service-filter can only be used on input
B. A post-service-filter can be used on input, output or both
C. A post-service-filter is only applied to packets that are processed by a service-set
D. A post-service-filter is a standard stateless firewall-filter
Q. For a given prefix 10.10.10.0/23 learned as an OSPF Internal Intra-Area, an OSPF
Internal Inter-Area and an OSPF AS External type 1, which route will be preferred? A
A. OSPF Internal Intra-Area route
B. OSPF Internal Inter-Area route
C. OSPF AS External type 1
D. Equal cost load sharing will occur if equal cost paths exist
Q. Your enterprise is dual-homed to the same Service Provider using BGP, with two links
having bandwidth of STM1/OC3 and STM4/OC12 respectively. You want to influence all traffic
leaving your autonomous-system to use the STM/OC12 link.
Which BGP attributes can you modify to accomplish this goal? (choose 2) B,D
A. Set Local Preference in an import policy for routes learned from the neighbor on the
STM4/OC12 link to be 80
B. Set Local Preference in an import policy for routes learned from the neighbor on the
STM4/OC12 link to be 180
C. Configure the import-policy for the STM4/OC12 neighbor to set the ORIGIN attribute to
be INCOMPLETE
D. Configure the import-policy for the STM1/OC3 neighbor to as-path prepend the
neighbors autonomous-system twice
E. Configure the import-policy for the STM4/OC12 neighbor to as-path prepend the
neighbors autonomous-system twice
Q.
In the exhibit, which export policy or policies will be applied to BGP neighbor 10.10.10.1? C
Category
A. global-policy
B. group-policy
C. nbr-policy
D. all three policies
E. none of the policies
Q. Which steps are required to configure an interface-style service set? (choose 5) A,B,C,D,F
A. Configure the service interface
B. Configure the service rules and rule-sets
C. Configure the service-set to include the service rules and/or rule-sets
D. Configure the service-set to be interface-style and which service interface to use
E. Configure routing to the service interface
F. Apply the service-set to the required interfaces
Q. Which step is not recommended as part of a seamless RIP to OSPF IGP transition using
the overlay method? C
A. Configure all routers to ensure the existing RIP IGP has a better route preference than
the new OSPF IGP
B. Configure all routers to run OSPF
C. Redistribute all RIP routes into OSPF and vise versa
D. Ensure all routers have learned all networks via OSPF
E. Gracefully transition to OSPF by changing the route-preference of RIP to be higher than
OSPF
Q. Which configuration step is required when configuring an OSPF NSSA area? C
A. You must configure nssa on all routers in the network
B. You must configure nssa under [ edit protocols ospf ]
C. You must configure nssa under [ edit protocols ospf area ]
D. You must configure nssa only on the Area Border Routers (ABR's)
Q. Which statements below are valid JUNOS stateful-firewall rule match types? (choose 3) A,
B,D
A. destination-address-range
B. source-prefix-list
C. esp-spi
D. applications
E. interface-set
Q.
In the exhibit, which statement is true for the static route 11.11.11.0/24 that is evaluated
against the BGP export policy chain? D
A. The 11.11.11.0/24 prefix is accepted by policy P1 and advertised to neighbor
10.10.10.1
B. The 11.11.11.0/24 prefix is rejected by policy P1 and not advertised to neighbor
10.10.10.1
C. The 11.11.11.0/24 prefix is rejected by the policy P2
D. The 11.11.11.0/24 prefix is rejected by the BGP default policy
E. The 11.11.11.0/24 prefix is accepted by the BGP default policy
Q You want to determine which NAT pools have been configured on the router.
Which command will display this information (choose 1) D
A. show services nat available pools
B. show services pools
C. show services nat-pool-table
D. show services nat pools
Q Which statements best describe Enterprise connections to Service Providers? (choose 2) C,
D
A. Enterprises should always run BGP with their Service Providers when their CPE router
has parallel multiple links to the ISP router
B. When BGP is run in an enterprise network, all routers need to run BGP
C. Enterprises should use a static default route when there is only one entry/exit point out
of their network
D. Enterprises should use BGP when they are multi-homed and have a need to exercise
policy controls
Q Assuming the requirements for the establishment of an EBGP session between the
loopback0 interfaces of both routers. The local autonomous-system is defined as AS100 and
the neighbors autonomous-system is AS200.
The local autonomous-system is configured under [ routing-options autonomous-system
100 ]
Which statement is not true about Multihop External BGP peering sessions? A
A. Both peer-as 200 and type external parameters are required
B. Only peer-as 200 is required
C. You must configure the local-address parameter
D. You must configure the ttl for the multi-hop neighbor(s)
E. The local router must have a route to the eBGP neighbors configured address
Q In the exhibit, which statements are true for the NAT translation? (choose 2) B,C
A. The private/internal IP address that will be changed is 192.168.11.4
B. The private/internal IP addresses that will be changed are 10.222/16
C. The public/external IP address is 192.168.11.4
D. The private/internal IP addresses can be anything
E. The public/external IP address is 10.222.44.1
Q While monitoring the systems messages file, you encounter an entry that is frequently
repeated, but seems somewhat cryptic
Jun 8 14:12:28 R1 chassisd[2737]: CHASSISD_IFDEV_DETACH_PIC: ifdev_detach_pic(0/3)
Which command can you use to better understand the significance of this message? C
A. show syslog message CHASSISD_IFDEV_DETACH_PIC
B. show system message CHASSISD_IFDEV_DETACH_PIC
C. help syslog CHASSISD_IFDEV_DETACH_PIC
D. show system error log CHASSISD_IFDEV_DETACH_PIC
Q In the exhibit, which statements are valid entries for the "State" field? (choose 3) B,D,E
A. Monitor
B. Watch
C. Listen
D. Drop
E. Forward
Q The security policy for your company specify that access for all operations staff to network
devices will migrate to the TACACS+ protocol. The RADIUS protocol is currently deployed and
will be the preferred method for authentication
What configuration is required on the JUNOS routers to ensure that only when network
connectivity issues resulting in the TACACS+ and RADIUS being inaccessible allow locally
defined users to login to the routers? C
A. set system authentication-order [radius tacplus password]
B. set system authentication-order [tacplus radius password]
C. set system authentication-order [radius tacplus]
D. set system authentication-order [tacplus radius]
Q Which statements are true about Queuing on M-Series and J-Series routers (choose 3) B,C,
E
A. All M-Series routers support up to 8 hardware queues
B. All J-Series routers support up to 8 queues
C. Forwarding-classes map to queues
D. Voice Traffic is automatically classified as expedited-forwarding (EF) and sent to queue
1
E. The default queue/forwarding class associations are
a. Queue 0 - best-effort
b. Queue 1 - expedited-forwarding
c. Queue 2 - assured-forwarding
d. Queue 3 - network-control
Q You need to determine which VPN technology is best suited to provide enterprise branch
office connectivity. The requirements are that the solution should be:
cost-effective does not have stringent security requirements need not support legacy protocols
should be simple to manage for the customer
should also provide Internet access on the same physical interface Which technologies/
solutions are best suited? D
A. Traditional overlay L2VPN based on Frame-Relay, ATM or Leased lines
B. MPLS based L2VPN
C. IPSec VPN
D. MPLS based L3VPN
E. GRE tunnel VPN
Q You need to ensure that a branch office which is connected to the Service Provider with a
link speed of 128K does not get overwhelmed with traffic from the head office which has a link
speed of 2Mbps. Juniper Networks J-Series routers are deployed as CPE devices in both
locations.
Which mechanism is best suited? D
A. Police traffic exceeding 128Kbps to the branch site at the head office
B. Upgrade the branch sites bandwidth to 2 Mbps to ensure traffic limits are not exceeded
C. Apply Class of Service to ensure that the most important traffic is prioritized
D. Apply JUNOS Virtual Channels at the head office to ensure branch office sites are not
overwhelmed with too much traffic
Q Which statements are true regarding Class of Service configuration in JUNOS? (choose 4)
A,C,D,E
A. Behavior Aggregate (BA) classifiers are configured under
[edit class-of-service classifiers]
B. Behavior Aggregate (BA) classifiers are applied under
[edit interfaces class-of-service]
C. scheduler-maps are needed to link forwarding-classes to schedulers
D. RED/WRED profiles configured under [edit class-of-service drop-profiles] must be
referenced in schedulers to take effect
E. Rewrite-rules are configured under [edit class-of-service rewrite-rules] and must be
applied to the logical interfaces defined under [edit class-of-service interfaces]
F. Schedulers are configured under [edit class-of-service schedulers] and may include
a. forwarding-class
b. transmit-rate
c. priority
d. buffer-size
Q Which statements are true about Policing/Rate Limiting (choose 2) A,C
A. Policing is a useful tool for protecting the network from non-compliant sources
B. Token-bucket policers can not be used on all interface types
C. Policers can be used to protect the network against DoS/DDoS attacks
D. Policers can only be configured on ingress
Q Which command can be used to determine which sockets the router has in either a listen
or established state? B
A. show netstat sockets
B. show system connections
C. show running protocols
D. show connections up
Q During the establishment of an IPSec VPN, the routers negotiate which parameters will be
used for the establishment of the IPSec Security Association (SA) using proposals that define
these parameters.
Which statements are true about configuring IPSec proposals? (choose 3) C,D,F
[edit services ipsec-vpn ipsec proposal p1]
luser@Junos-router#
A. set authentication algorithm blowfish
B. set encryption algorithm rsa
C. set encryption algorithm aes-256-cbc
D. set protocol esp
E. set protocol ip
F. set lifetime 86400
Q You need to verify that the IPSec VPN that you have just configured on a J-Series router is
operating correctly.
Which commands could be used to verify this? (choose 2) C,D
A. show ike security-associations
B. show ipsec security-associations
C. show services ipsec-vpn ike security-associations
D. show services ipsec-vpn ipsec security-associations
Q Which statements are true for Class of Service ingress processing (choose 2) B,E
A. Rewrite codepoints
B. Multifield classification
C. Scheduling
D. Shaping
E. RateLimiting/Policing
Q. Which three commands are valid syntax?' A,C,D
A. set then reject
B. set then discard
C. set then accept
D. set then next-policy
E. set then metric2 20 accept
Q. Which configuration step is required when configuring an OSPF NSSA area? C
A. You must configure nssa on all routers in the network
B. You must configure nssa under [ edit protocols ospf ]
C. You must configure nssa under [ edit protocols ospf area ]
D. You must configure nssa only on the Area Border Routers (ABR's)
Q. Which statement is true about prefix-lists? (choose 2) B,C
A. They are always exact matches when used in firewall-filters
B. They are always orlonger matches when used in firewall-filters
C. They are always exact matches when used in routing policies
D. They are always orlonger matches when used in routing policies
Q. You are at the [ firewall family inet filter actions term u-decide] Yoiurconfiguration
hierarchy.
Which three commands are valid syntax? A,C,E
A. set then reject tcp-reset
B. set then source-class
C. set then accept log syslog sample count PKTS
D. set then next-policy
E. set then forwarding-class
Q. Which statement is true if a route does not match any terms in a policy chain? D
A. The route is automatically accepted
B. The route is automatically rejected',false
C. The accept/reject decision must be specified in the final policy',false
D. The accept/reject decision is based on the protocols default policy
Q. Which OSPF LSA is not flooded in an OSPF Stub Area? D
A. Router LSA\'s (Type 1)
B. Network LSA\'s (Type 2)
C. Summary LSA\'s (Type 3)
D. ASBR Summary LSA\'s (Type 4)
Q. Which statement is true for the order of the selection of the BGP active route? D
A. AS-Path -> Local-Preference -> Origin -> MED
B. MED -> Origin -> AS-Path -> Local-Preference
C. Local-Preference -> Origin -> AS-Path -> MED
D. Local-Preference -> AS-Path -> Origin -> MED
Q. Which statements are true about Internal BGP configurations? (choose 3) B,C,D
A. Only directly connected neighbors need be configured
B. Usually the IP address of the loopback0 interface is used for the IBGP sessions
C. Use of the local-address configuration statement is required
D. The IGP is used to route packets between remote neighbors
E. When multiple links exist between neighbors, there needs to be multiple neighbors
configured
Q. In a network which does not use Route Reflectors, which statements are true about BGP
readvertisement rules? (choose 2) B,E
A. When learned from External BGP, readvertise to only IBGP neighbors
B. When learned from External BGP, readvertise to both IBGP and other EBGP neighbors
C. When learned from Internal BGP, readvertise to only IBGP
D. When learned from Internal BGP, readvertise to both IBGP and EBGP neighbors
E. When learned from Internal BGP, readvertise to only EBGP
Q.You have multiple routes to the same destination using the default route preference.
Which source of routing information will be selected? A
A. OSPF Internal
B. RIP
C. OSPF External
D. Internal BGP
E. External BGP
Q. Which of the following configuration statements must be added to the sample configuration
to redistribute RIP prefixes into all OSPF areas? A
A. set export rip-2-ospf
B. set area 0 export rip-2-ospf
set area 10 export rip-2-osp
set area 20 export rip-2-ospf
C. set area 20 nssa default-lsa default-metric 1
D. set area all export rip-2-ospf
Q. Which statements are true about service-filters? (choose 3) B,C,E
A. A service-filter can only be used on input
B. A service-filter can be used on input, output or both
C. A service-filter cannot match multicast traffic
D. A service-filter is a standard stateless firewall-filter
E. A service-filter can only be used with interface-style service-sets
Q. Which statements are true about the Networks Address Translations (NAT) options that
JUNOS supports? (choose 3) A,C,D
A. Source Dynamic
B. Destination Dynamic
C. Source Static
D. Destination Static
Q. Which statements are true about the Networks Address Translations (NAT) types that
JUNOS supports? (choose 4) A,B,C,E
A. Source Static 1:1 translation
B. Destination Static 1:1 translation
C. Source Dynamic many:1 translation (PAT)
D. Destination Dynamic 1:1 translation
E. Source Dynamic 1:1 translation
Q. Which statements below are valid JUNOS stateful-firewall rule actions and action modifiers?
(choose 2) C
A. discard
B. log
C. syslog
D. sample
Q. Which statements are true about the IPSec VPN implementation for protecting transit data
on M-Series and J-Series routers? (choose 2) C,D
A. Only data integrity is supported with Authentication Header (AH)
B. Only data privacy is supported with Encapsulating Security Payload (ESP)
C. Both data integrity with Authentication Header (AH) and data privacy with Encapsulating
Security Paylpoad (ESP) are supported
D. Only tunnel mode is supported
E. Only transport mode is supported
Q. Which statements are true about Application Layer Gateways (ALG\'s)? (choose 3) A,B,E
A. ALG\'s allow the router to interact with protocols at layer 4 and above
B. ALG\'s allow the router to inspect the payload of connections
C. ALG\'s allow the router to translate protocols
D. ALG\'s are required for all connections
E. Custom ALG definitions can be configured
Q. Which statements below are valid JUNOS nat rule match types and actions? (choose 3) A,D,
F
A. from source-address
B. from destination-address-range
C. from source-prefix-list
D. then translated translation-type source dynamic
E. then count
F. then no-translation
Q. Which statements below best describe the role of Class of Service (choose 2) B,D
A. CoS is designed to make the network faster
B. CoS provides mechanisms for categorizing traffic
C. CoS is designed to reduce congestion
D. CoS allows network devices to prioritize traffic based on category
E. CoS always improves network performance
Q. Which statements are true for Class of Service traffic classification (choose 3) B,D,E
A. Behavior Aggregate (BA) classification is based on examining various fields in the IP header
B. Multifield (MF) classification is based on examining various fields in the IP header
C. Behavior Aggregate (BA) classifiers are most commonly used at the edge of the network
D. Behavior Aggregate (BA) classifiers are most commonly used in the network core
E. Behavior Aggregate (BA) classification is based on examining codepoints
Q. The components of scheduling include priority, transmission-rate, buffer-size and
congestion avoidance (RED).
Which statements are true about Scheduling on MSeries
and J-Series routers (choose 4) A,B,C,D
A. Priority defines the order of which queues will be serviced
B. By default all queues are low priority
C. The queue priorities on J-Series routers are
a. High
b. Medium-high
c.
Medium-low
d. Low
D. By default the buffer-size is distributed equally amongst available queues
E. Congestion avoidance with RED by default results in 50% drop when the corresponding
queue is 50% full
Q. You need to verify that packets are being correctly classified and sent to the appropriate
queue on a J-Series router with interface se-3/0/0.
Which commands or tools could
be used to verify this information? (choose 2) A,D
A. how interfaces queue se-3/0/0
B. show class-of-service interface se-3/0/0
C. show interfaces se-3/0/0 queue-statistics
D. show interfaces detail se-3/0/0
Q. Which statements are true regarding Multilink Frame Relay (MLFR)? (choose 2) A,D
A. FRF.15 is similar to Multilink PPP (MLPPP) and operates end-to-end
B. FRF.16 is similar to Multilink PPP (MLPPP) and operates end-to-end
C. FRF.15 makes it possible to connect a Customer Premise Equipment (CPE) device with
multiple connections to the Provider Edge (PE) device as a single logical connection
D. FRF.16 makes it possible to connect a Customer Premise Equipment (CPE) device with
multiple connections to the Provider Edge (PE) device as a single logical connection
Q. The enterprise network you manage is tightening security of all network devices. You are
tasked to ensure that optimum security of the routers is achieved without interruption to any
legitimate protocols or services that are required to run and manage this network.
Which commands should be run to ensure all services and protocols are included in
the router protection filters? (choose 4) A,B,D,F
A. Configuration mode show system
B. Configuration mode show snmp
C. Configuration mode show services
D. Configuration mode show protocols
E. Configuration mode show firewall
F. Operation mode show system connections
G. Operation mode show system statistics
Q. Which statements are true about the use of next-hop style service sets over interface-style
service sets when using IPSec VPNs? B
A. Supports securing traffic to remote endpoint
B. Supports routing protocols directly over IPSec
C. Supports multiple remote endpoints
D. Supports having multiple local endpoints in the same service-set
Q. M-Series and J-Series routers? (choose 2) C,D
A. Only data integrity is supported with Authentication Header (AH)
B. Only data privacy is supported with Encapsulating Security Payload (ESP)
C. Both data integrity with Authentication Header (AH) and data privacy with Encapsulating
Security Paylpoad (ESP) are supported
D. Only tunnel mode is supported
Q. Which statements are true about IPSec-over-GRE Tunnels? (choose 2) A,D
A. ipsec-over-gre are GRE tunnels that are secured by IPSec
B. ipsec-over-gre are IPSec tunnels that are routed over GRE
C. If the GRE and IPSec endpoints are the same, you should use a next-hop style service-set
D. If the GRE and IPSec endpoints are the same, you should use a interface style service-set
Q. The IPSec VPN you have just configured is not establishing. To troubleshoot this you have
configured the router with traceoptions as below.
[edit services ipsec-vpn]
user@Junos-router# show traceoptions
file size 1m files 5;
flag ike;
[edit
services ipsec-vpn]
Which commands could be used to monitor this? (choose 2) C,F
A. show log ipsec-vpn
B. show log messages
C. show log kmd
D. monitor start ipsec-vpn
E. monitor start messages
F. monitor start kmd
Q. Which command can be used to determine whether the SNMP process is running? C
A. show process snmp
B. show snmp daemon
C. show system processes
D. show task snmp
Q. Which command can be used monitor the temperature of the components in a Juniper
Networks enterprise router? C
A. show chassis temperature
B. show system temperature
C. show chassis environment
D. show temperature
Q. Which statements are true about multilink-ppp? Which mechanism is best suited? B
A. multilink-ppp can only be configured on ISDN interfaces on a J-Series router
B. multilink-ppp allows for the increase in overall throughput by combining the bandwidth of
two or more physical links
C. multilink-ppp can only be configured in combination with a valid CRTP configuration
D. multilink-ppp requires multiple IP pt-to-pt links over PPP to provide redundancy
Q. Which statements are true about Compressed Real-Time Transport Protocol? (choose 2) A,C
A. CRTP is intended to reduce serialization delay
B. CRTP must be configured with multiple links
C. CRTP can be configured with a single link
D. CRTP compresses both UDP and TCP headers
Q. The routers configuration in the exhibit does not have the router-id configured. Which area
will the loopback interface of the router be included in the Router LSA (Type 1)? D
A. Area 0.0.0.0
B. Area 0.0.0.20
C. No Areas
D. Area 0.0.0.0 and Area 0.0.0.20
Category
A. global-policy
B. group-policy
C. nbr-policy
D. all three policies
E. none of the policies
Q. Which steps are required to configure an interface-style service set? (choose 5) A,B,C,D,F
A. Configure the service interface
B. Configure the service rules and rule-sets
C. Configure the service-set to include the service rules and/or rule-sets
D. Configure the service-set to be interface-style and which service interface to use
E. Configure routing to the service interface
F. Apply the service-set to the required interfaces
Q. Which step is not recommended as part of a seamless RIP to OSPF IGP transition using
the overlay method? C
A. Configure all routers to ensure the existing RIP IGP has a better route preference than
the new OSPF IGP
B. Configure all routers to run OSPF
C. Redistribute all RIP routes into OSPF and vise versa
D. Ensure all routers have learned all networks via OSPF
E. Gracefully transition to OSPF by changing the route-preference of RIP to be higher than
OSPF
Q. Which configuration step is required when configuring an OSPF NSSA area? C
A. You must configure nssa on all routers in the network
B. You must configure nssa under [ edit protocols ospf ]
C. You must configure nssa under [ edit protocols ospf area ]
D. You must configure nssa only on the Area Border Routers (ABR's)
Q. Which statements below are valid JUNOS stateful-firewall rule match types? (choose 3) A,
B,D
A. destination-address-range
B. source-prefix-list
C. esp-spi
D. applications
E. interface-set
Q.
In the exhibit, which statement is true for the static route 11.11.11.0/24 that is evaluated
against the BGP export policy chain? D
A. The 11.11.11.0/24 prefix is accepted by policy P1 and advertised to neighbor
10.10.10.1
B. The 11.11.11.0/24 prefix is rejected by policy P1 and not advertised to neighbor
10.10.10.1
C. The 11.11.11.0/24 prefix is rejected by the policy P2
D. The 11.11.11.0/24 prefix is rejected by the BGP default policy
E. The 11.11.11.0/24 prefix is accepted by the BGP default policy
Q You want to determine which NAT pools have been configured on the router.
Which command will display this information (choose 1) D
A. show services nat available pools
B. show services pools
C. show services nat-pool-table
D. show services nat pools
Q Which statements best describe Enterprise connections to Service Providers? (choose 2) C,
D
A. Enterprises should always run BGP with their Service Providers when their CPE router
has parallel multiple links to the ISP router
B. When BGP is run in an enterprise network, all routers need to run BGP
C. Enterprises should use a static default route when there is only one entry/exit point out
of their network
D. Enterprises should use BGP when they are multi-homed and have a need to exercise
policy controls
Q Assuming the requirements for the establishment of an EBGP session between the
loopback0 interfaces of both routers. The local autonomous-system is defined as AS100 and
the neighbors autonomous-system is AS200.
The local autonomous-system is configured under [ routing-options autonomous-system
100 ]
Which statement is not true about Multihop External BGP peering sessions? A
A. Both peer-as 200 and type external parameters are required
B. Only peer-as 200 is required
C. You must configure the local-address parameter
D. You must configure the ttl for the multi-hop neighbor(s)
E. The local router must have a route to the eBGP neighbors configured address
Q In the exhibit, which statements are true for the NAT translation? (choose 2) B,C
A. The private/internal IP address that will be changed is 192.168.11.4
B. The private/internal IP addresses that will be changed are 10.222/16
C. The public/external IP address is 192.168.11.4
D. The private/internal IP addresses can be anything
E. The public/external IP address is 10.222.44.1
Q While monitoring the systems messages file, you encounter an entry that is frequently
repeated, but seems somewhat cryptic
Jun 8 14:12:28 R1 chassisd[2737]: CHASSISD_IFDEV_DETACH_PIC: ifdev_detach_pic(0/3)
Which command can you use to better understand the significance of this message? C
A. show syslog message CHASSISD_IFDEV_DETACH_PIC
B. show system message CHASSISD_IFDEV_DETACH_PIC
C. help syslog CHASSISD_IFDEV_DETACH_PIC
D. show system error log CHASSISD_IFDEV_DETACH_PIC
Q In the exhibit, which statements are valid entries for the "State" field? (choose 3) B,D,E
A. Monitor
B. Watch
C. Listen
D. Drop
E. Forward
Q The security policy for your company specify that access for all operations staff to network
devices will migrate to the TACACS+ protocol. The RADIUS protocol is currently deployed and
will be the preferred method for authentication
What configuration is required on the JUNOS routers to ensure that only when network
connectivity issues resulting in the TACACS+ and RADIUS being inaccessible allow locally
defined users to login to the routers? C
A. set system authentication-order [radius tacplus password]
B. set system authentication-order [tacplus radius password]
C. set system authentication-order [radius tacplus]
D. set system authentication-order [tacplus radius]
Q Which statements are true about Queuing on M-Series and J-Series routers (choose 3) B,C,
E
A. All M-Series routers support up to 8 hardware queues
B. All J-Series routers support up to 8 queues
C. Forwarding-classes map to queues
D. Voice Traffic is automatically classified as expedited-forwarding (EF) and sent to queue
1
E. The default queue/forwarding class associations are
a. Queue 0 - best-effort
b. Queue 1 - expedited-forwarding
c. Queue 2 - assured-forwarding
d. Queue 3 - network-control
Q You need to determine which VPN technology is best suited to provide enterprise branch
office connectivity. The requirements are that the solution should be:
cost-effective does not have stringent security requirements need not support legacy protocols
should be simple to manage for the customer
should also provide Internet access on the same physical interface Which technologies/
solutions are best suited? D
A. Traditional overlay L2VPN based on Frame-Relay, ATM or Leased lines
B. MPLS based L2VPN
C. IPSec VPN
D. MPLS based L3VPN
E. GRE tunnel VPN
Q You need to ensure that a branch office which is connected to the Service Provider with a
link speed of 128K does not get overwhelmed with traffic from the head office which has a link
speed of 2Mbps. Juniper Networks J-Series routers are deployed as CPE devices in both
locations.
Which mechanism is best suited? D
A. Police traffic exceeding 128Kbps to the branch site at the head office
B. Upgrade the branch sites bandwidth to 2 Mbps to ensure traffic limits are not exceeded
C. Apply Class of Service to ensure that the most important traffic is prioritized
D. Apply JUNOS Virtual Channels at the head office to ensure branch office sites are not
overwhelmed with too much traffic
Q Which statements are true regarding Class of Service configuration in JUNOS? (choose 4)
A,C,D,E
A. Behavior Aggregate (BA) classifiers are configured under
[edit class-of-service classifiers]
B. Behavior Aggregate (BA) classifiers are applied under
[edit interfaces class-of-service]
C. scheduler-maps are needed to link forwarding-classes to schedulers
D. RED/WRED profiles configured under [edit class-of-service drop-profiles] must be
referenced in schedulers to take effect
E. Rewrite-rules are configured under [edit class-of-service rewrite-rules] and must be
applied to the logical interfaces defined under [edit class-of-service interfaces]
F. Schedulers are configured under [edit class-of-service schedulers] and may include
a. forwarding-class
b. transmit-rate
c. priority
d. buffer-size
Q Which statements are true about Policing/Rate Limiting (choose 2) A,C
A. Policing is a useful tool for protecting the network from non-compliant sources
B. Token-bucket policers can not be used on all interface types
C. Policers can be used to protect the network against DoS/DDoS attacks
D. Policers can only be configured on ingress
Q Which command can be used to determine which sockets the router has in either a listen
or established state? B
A. show netstat sockets
B. show system connections
C. show running protocols
D. show connections up
Q During the establishment of an IPSec VPN, the routers negotiate which parameters will be
used for the establishment of the IPSec Security Association (SA) using proposals that define
these parameters.
Which statements are true about configuring IPSec proposals? (choose 3) C,D,F
[edit services ipsec-vpn ipsec proposal p1]
luser@Junos-router#
A. set authentication algorithm blowfish
B. set encryption algorithm rsa
C. set encryption algorithm aes-256-cbc
D. set protocol esp
E. set protocol ip
F. set lifetime 86400
Q You need to verify that the IPSec VPN that you have just configured on a J-Series router is
operating correctly.
Which commands could be used to verify this? (choose 2) C,D
A. show ike security-associations
B. show ipsec security-associations
C. show services ipsec-vpn ike security-associations
D. show services ipsec-vpn ipsec security-associations
Q Which statements are true for Class of Service ingress processing (choose 2) B,E
A. Rewrite codepoints
B. Multifield classification
C. Scheduling
D. Shaping
E. RateLimiting/Policing
Q. Which three commands are valid syntax?' A,C,D
A. set then reject
B. set then discard
C. set then accept
D. set then next-policy
E. set then metric2 20 accept
Q. Which configuration step is required when configuring an OSPF NSSA area? C
A. You must configure nssa on all routers in the network
B. You must configure nssa under [ edit protocols ospf ]
C. You must configure nssa under [ edit protocols ospf area ]
D. You must configure nssa only on the Area Border Routers (ABR's)
Q. Which statement is true about prefix-lists? (choose 2) B,C
A. They are always exact matches when used in firewall-filters
B. They are always orlonger matches when used in firewall-filters
C. They are always exact matches when used in routing policies
D. They are always orlonger matches when used in routing policies
Q. You are at the [ firewall family inet filter actions term u-decide] Yoiurconfiguration
hierarchy.
Which three commands are valid syntax? A,C,E
A. set then reject tcp-reset
B. set then source-class
C. set then accept log syslog sample count PKTS
D. set then next-policy
E. set then forwarding-class
Q. Which statement is true if a route does not match any terms in a policy chain? D
A. The route is automatically accepted
B. The route is automatically rejected',false
C. The accept/reject decision must be specified in the final policy',false
D. The accept/reject decision is based on the protocols default policy
Q. Which OSPF LSA is not flooded in an OSPF Stub Area? D
A. Router LSA\'s (Type 1)
B. Network LSA\'s (Type 2)
C. Summary LSA\'s (Type 3)
D. ASBR Summary LSA\'s (Type 4)
Q. Which statement is true for the order of the selection of the BGP active route? D
A. AS-Path -> Local-Preference -> Origin -> MED
B. MED -> Origin -> AS-Path -> Local-Preference
C. Local-Preference -> Origin -> AS-Path -> MED
D. Local-Preference -> AS-Path -> Origin -> MED
Q. Which statements are true about Internal BGP configurations? (choose 3) B,C,D
A. Only directly connected neighbors need be configured
B. Usually the IP address of the loopback0 interface is used for the IBGP sessions
C. Use of the local-address configuration statement is required
D. The IGP is used to route packets between remote neighbors
E. When multiple links exist between neighbors, there needs to be multiple neighbors
configured
Q. In a network which does not use Route Reflectors, which statements are true about BGP
readvertisement rules? (choose 2) B,E
A. When learned from External BGP, readvertise to only IBGP neighbors
B. When learned from External BGP, readvertise to both IBGP and other EBGP neighbors
C. When learned from Internal BGP, readvertise to only IBGP
D. When learned from Internal BGP, readvertise to both IBGP and EBGP neighbors
E. When learned from Internal BGP, readvertise to only EBGP
Q.You have multiple routes to the same destination using the default route preference.
Which source of routing information will be selected? A
A. OSPF Internal
B. RIP
C. OSPF External
D. Internal BGP
E. External BGP
Q. Which of the following configuration statements must be added to the sample configuration
to redistribute RIP prefixes into all OSPF areas? A
A. set export rip-2-ospf
B. set area 0 export rip-2-ospf
set area 10 export rip-2-osp
set area 20 export rip-2-ospf
C. set area 20 nssa default-lsa default-metric 1
D. set area all export rip-2-ospf
Q. Which statements are true about service-filters? (choose 3) B,C,E
A. A service-filter can only be used on input
B. A service-filter can be used on input, output or both
C. A service-filter cannot match multicast traffic
D. A service-filter is a standard stateless firewall-filter
E. A service-filter can only be used with interface-style service-sets
Q. Which statements are true about the Networks Address Translations (NAT) options that
JUNOS supports? (choose 3) A,C,D
A. Source Dynamic
B. Destination Dynamic
C. Source Static
D. Destination Static
Q. Which statements are true about the Networks Address Translations (NAT) types that
JUNOS supports? (choose 4) A,B,C,E
A. Source Static 1:1 translation
B. Destination Static 1:1 translation
C. Source Dynamic many:1 translation (PAT)
D. Destination Dynamic 1:1 translation
E. Source Dynamic 1:1 translation
Q. Which statements below are valid JUNOS stateful-firewall rule actions and action modifiers?
(choose 2) C
A. discard
B. log
C. syslog
D. sample
Q. Which statements are true about the IPSec VPN implementation for protecting transit data
on M-Series and J-Series routers? (choose 2) C,D
A. Only data integrity is supported with Authentication Header (AH)
B. Only data privacy is supported with Encapsulating Security Payload (ESP)
C. Both data integrity with Authentication Header (AH) and data privacy with Encapsulating
Security Paylpoad (ESP) are supported
D. Only tunnel mode is supported
E. Only transport mode is supported
Q. Which statements are true about Application Layer Gateways (ALG\'s)? (choose 3) A,B,E
A. ALG\'s allow the router to interact with protocols at layer 4 and above
B. ALG\'s allow the router to inspect the payload of connections
C. ALG\'s allow the router to translate protocols
D. ALG\'s are required for all connections
E. Custom ALG definitions can be configured
Q. Which statements below are valid JUNOS nat rule match types and actions? (choose 3) A,D,
F
A. from source-address
B. from destination-address-range
C. from source-prefix-list
D. then translated translation-type source dynamic
E. then count
F. then no-translation
Q. Which statements below best describe the role of Class of Service (choose 2) B,D
A. CoS is designed to make the network faster
B. CoS provides mechanisms for categorizing traffic
C. CoS is designed to reduce congestion
D. CoS allows network devices to prioritize traffic based on category
E. CoS always improves network performance
Q. Which statements are true for Class of Service traffic classification (choose 3) B,D,E
A. Behavior Aggregate (BA) classification is based on examining various fields in the IP header
B. Multifield (MF) classification is based on examining various fields in the IP header
C. Behavior Aggregate (BA) classifiers are most commonly used at the edge of the network
D. Behavior Aggregate (BA) classifiers are most commonly used in the network core
E. Behavior Aggregate (BA) classification is based on examining codepoints
Q. The components of scheduling include priority, transmission-rate, buffer-size and
congestion avoidance (RED).
Which statements are true about Scheduling on MSeries
and J-Series routers (choose 4) A,B,C,D
A. Priority defines the order of which queues will be serviced
B. By default all queues are low priority
C. The queue priorities on J-Series routers are
a. High
b. Medium-high
c.
Medium-low
d. Low
D. By default the buffer-size is distributed equally amongst available queues
E. Congestion avoidance with RED by default results in 50% drop when the corresponding
queue is 50% full
Q. You need to verify that packets are being correctly classified and sent to the appropriate
queue on a J-Series router with interface se-3/0/0.
Which commands or tools could
be used to verify this information? (choose 2) A,D
A. how interfaces queue se-3/0/0
B. show class-of-service interface se-3/0/0
C. show interfaces se-3/0/0 queue-statistics
D. show interfaces detail se-3/0/0
Q. Which statements are true regarding Multilink Frame Relay (MLFR)? (choose 2) A,D
A. FRF.15 is similar to Multilink PPP (MLPPP) and operates end-to-end
B. FRF.16 is similar to Multilink PPP (MLPPP) and operates end-to-end
C. FRF.15 makes it possible to connect a Customer Premise Equipment (CPE) device with
multiple connections to the Provider Edge (PE) device as a single logical connection
D. FRF.16 makes it possible to connect a Customer Premise Equipment (CPE) device with
multiple connections to the Provider Edge (PE) device as a single logical connection
Q. The enterprise network you manage is tightening security of all network devices. You are
tasked to ensure that optimum security of the routers is achieved without interruption to any
legitimate protocols or services that are required to run and manage this network.
Which commands should be run to ensure all services and protocols are included in
the router protection filters? (choose 4) A,B,D,F
A. Configuration mode show system
B. Configuration mode show snmp
C. Configuration mode show services
D. Configuration mode show protocols
E. Configuration mode show firewall
F. Operation mode show system connections
G. Operation mode show system statistics
Q. Which statements are true about the use of next-hop style service sets over interface-style
service sets when using IPSec VPNs? B
A. Supports securing traffic to remote endpoint
B. Supports routing protocols directly over IPSec
C. Supports multiple remote endpoints
D. Supports having multiple local endpoints in the same service-set
Q. M-Series and J-Series routers? (choose 2) C,D
A. Only data integrity is supported with Authentication Header (AH)
B. Only data privacy is supported with Encapsulating Security Payload (ESP)
C. Both data integrity with Authentication Header (AH) and data privacy with Encapsulating
Security Paylpoad (ESP) are supported
D. Only tunnel mode is supported
Q. Which statements are true about IPSec-over-GRE Tunnels? (choose 2) A,D
A. ipsec-over-gre are GRE tunnels that are secured by IPSec
B. ipsec-over-gre are IPSec tunnels that are routed over GRE
C. If the GRE and IPSec endpoints are the same, you should use a next-hop style service-set
D. If the GRE and IPSec endpoints are the same, you should use a interface style service-set
Q. The IPSec VPN you have just configured is not establishing. To troubleshoot this you have
configured the router with traceoptions as below.
[edit services ipsec-vpn]
user@Junos-router# show traceoptions
file size 1m files 5;
flag ike;
[edit
services ipsec-vpn]
Which commands could be used to monitor this? (choose 2) C,F
A. show log ipsec-vpn
B. show log messages
C. show log kmd
D. monitor start ipsec-vpn
E. monitor start messages
F. monitor start kmd
Q. Which command can be used to determine whether the SNMP process is running? C
A. show process snmp
B. show snmp daemon
C. show system processes
D. show task snmp
Q. Which command can be used monitor the temperature of the components in a Juniper
Networks enterprise router? C
A. show chassis temperature
B. show system temperature
C. show chassis environment
D. show temperature
Q. Which statements are true about multilink-ppp? Which mechanism is best suited? B
A. multilink-ppp can only be configured on ISDN interfaces on a J-Series router
B. multilink-ppp allows for the increase in overall throughput by combining the bandwidth of
two or more physical links
C. multilink-ppp can only be configured in combination with a valid CRTP configuration
D. multilink-ppp requires multiple IP pt-to-pt links over PPP to provide redundancy
Q. Which statements are true about Compressed Real-Time Transport Protocol? (choose 2) A,C
A. CRTP is intended to reduce serialization delay
B. CRTP must be configured with multiple links
C. CRTP can be configured with a single link
D. CRTP compresses both UDP and TCP headers
Q. The routers configuration in the exhibit does not have the router-id configured. Which area
will the loopback interface of the router be included in the Router LSA (Type 1)? D
A. Area 0.0.0.0
B. Area 0.0.0.20
C. No Areas
D. Area 0.0.0.0 and Area 0.0.0.20
Subscribe to:
Posts (Atom)