JN0-643 - Pass 2 You Leading IT Exam Materials Provider
http://www.TwPass.com
JN0-643
Juniper
Enterprise Routing and Switching, Professional (JNCIP-ENT)
http://www.twpass.com/twpass.com/exam.aspx?eCode= JN0-643
The JN0-643 practice exam is written and formatted by Certified Senior IT Professionals working in
today's prospering companies and data centers all over the world! The JN0-643 Practice Test covers
all the exam topics and objectives and will prepare you for success quickly and efficiently.
The JN0-643 exam is very challenging, but with our JN0-643 questions and answers practice exam,
you can feel confident in obtaining your success on the JN0-643 exam on your FIRST TRY!
Juniper JN0-643 Exam Features
- Detailed questions and answers for JN0-643 exam
- Try a demo before buying any Juniper exam
- JN0-643 questions and answers, updated regularly
- Verified JN0-643 answers by Experts and bear almost 100% accuracy
- JN0-643 tested and verified before publishing
- JN0-643 exam questions with exhibits
- JN0-643 same questions as real exam with multiple choice options
Acquiring Juniper certifications are becoming a huge task in the field of I.T. More over
these
exams like JN0-643 exam are now continuously updating and accepting this challenge is itself a task.
This JN0-643 test is an important part of Juniper certifications. We have the resources
to
prepare you for this. The JN0-643 exam is essential and core part of Juniper certifications
and
once you clear the exam you will be able to solve the real life problems yourself.Want to take
advantage of the Real JN0-643 Test and save time and money while developing your skills to pass
your Juniper JN0-643 Exam? Let us help you climb that ladder of success and pass your JN0-643
now!
JN0-643
QUESTION: 1
Click the Exhibit button. A user on port ge-0/0/12 fails an 802.1x authentication attempt. What
is the next action of Switch A? A. It puts the Authenticator in the HELD status where all
EAPOL packets are discarded until the default hold timer expires. B. It communicates with the
RADIUS server to confirm the user s password. C. It transmits an EAP-Identity-Request packet
immediately after it sends out EAP-Failure. D. It tries to authenticate the user using MAC
radius authentication.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=1
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 2
Click the Exhibit button. Based on the configuration in the exhibit, why are you seeing drops in
the best-effort queue on the SRX Series platform? A. The drop-profile fill level is set too low.
B. Packets are dropped by a firewall policy. C. The best-effort queue is being shaped. D. The
scheduler is not being applied correctly.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=2
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 3
Click the Exhibit button. Based on the output shown in the exhibit, why is VSTP not working
for VLAN 100? A. No interfaces are assigned to VLAN 100. B. Your MSTI is misconfigured.
C. RSTP is configured in addition to VSTP. D. No native VLAN is configured.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=3
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 4
If your WAN-edge router is multihomed to different ISPs, which two BGP attributes would
you modify to affect outbound traffic? (Choose two.) A. MED B. origin C. local preference D.
community
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=4
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 5
When 802.1X, MAC-RADIUS, and Captive Portal are enabled on an interface, which
authentication sequence occurs? A. The authentication sequence is based on the order of the
configuration. B. If MAC-RADIUS is rejected, Captive Portal will start. If Captive portal is
timed out, 802.1X will start. C. If 802.1X times out, then MAC-RADIUS will start. If MACRADIUS is timed out by the RADIUS server, then Captive Portal will start. D. If 802.1X times
out, then MAC-RADIUS will start. If MAC-RADIUS is rejected by the RADIUS server, then
Captive Portal will start.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=5
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 6
A medium-sized enterprise has some devices that are 802.1X capable and some that are not.
Any device that fails authentication must be provided limited access through a VLAN called
NONAUTH. How do you provide this access? A. Configure NONAUTH VLAN as the guest
VLAN. B. Configure NONAUTH VLAN as the server-reject VLAN. C. Configure
NONAUTH VLAN as the guest VLAN and the server-reject VLAN D. Configure a separate
VLAN for each type of user: 802.1X and non-802.1X.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=6
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 7
Click the Exhibit button. Host 1, Host 2, and Host 3 are connected to Switch A on interface ge0/0/2. Host 1 and Host 2 have been authenticated through 802.1X, however Host 3 does not
have an 802.1X supplicant. Referring to the configuration in the exhibit, how can Host 3 be
authenticated? A. secure-authentication option of HTTP or HTTPS must be configured for
Captive Portal. B. MAC RADIUS authentication must be configured for Host 3 instead of
Captive Portal. C. A new authentication-profile must be configured because 802.1X and
Captive Portal cannot have the same authentication-profile. D. The 802.1X server failback
feature must be configured for Host 3 to allow non-802.1X clients to authenticate.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=7
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 8
A user complains about connectivity problems from their IP address (10.1.1.87) to a server
(10.65.1.100).Which Junos command can help verify connectivity in the network? (Choose
two.) A. mroute B. traceoptions C. ping D. clear bgp neighbor
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=8
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 9
Click the Exhibit button. The exhibit shows the output of an OSPF router LSA . Which
interface ID represents the router s loopback address?
A. ID 10.1.1.0
B. ID 10.0.3.4
C. ID 10.0.3.3
D. ID 10.0.2.4
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=9
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 10
Click the Exhibit button. Referring to the output in the exhibit, why does the router prefer the
path toward interface ge-0/0/0.0 for the 20.0.0.0/8 route? A. The origin is IGP. B. The origin is
unknown. C. The AS path is longer. D. Multihop is enabled.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=10
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 11
Click the Exhibit button. Based on the output shown in the exhibit, which protocol is
configured? A. MSTP B. RSTP C. STP D. VSTP
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=11
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 12
What is the default LLDP timeout? A. 60 seconds B. 90 seconds C. 120 seconds D. infinite
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=12
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 13
Click the Exhibit button. In the exhibit, which statement about the ABR between Area 8 and
Area 2 is true? A. The router has connectivity to all areas. B. The router has connectivity to
Area 8 only. C. The router has connectivity to Area 2 only. D. The router has connectivity to all
routers in Area 8 and Area 2.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=13
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 14
Which two LSA types are only generated by an ABR router? (Choose two.) A. ASBR
summary LSA (Type 4) B. ASBR LSA (Type 5) C. Summary LSA (Type 3) D. Router LSA
(Type 1)
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=14
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 15
Port authentication falls back to Captive Portal. In which two scenarios would the port
authentication move back to 802.1X? (Choose two.) A. if any MAC RADIUS request packet is
received on the interface and if there are no sessions in authenticated/authenticating state B. if
Captive Portal is deactivated on the interface C. if the user gets logged out D. if the EAP packet
is received on the interface and if there are no sessions in authenticated/authenticating state
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=15
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 16
Which command prevents Layer 2 loops if the switch stops receiving spanning-tree keepalives
on port ge-1/0/1? A. [edit protocols rstp] user@switch# show interface ge-1/0/1 { bpdu-block;
} B. [edit protocols layer2-control] user@switch# show interface ge-1/0/1 { bpdu-time-outaction { block; alarm; } } C. [edit protocols layer2-control] user@switch# show bpdu-block {
interface ge-1/0/1; } D. [edit protocols rstp] interface ge-1/0/1 { no-root-port; }
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=16
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 17
Click the Exhibit button. You are attaching into an EX Series switch-1a legacy IP phone that
does not support LLDP-MED, but does allow configuration using DHCP, as shown in the
exhibit. Your existing network QoS policies dictate that VoIP traffic must traverse over VLAN
10.Which two actions put VoIP traffic onto VLAN 10? (Choose two.) A. Configure protocols
cdp on switch-1. B. Manually configure the voice VLAN on the IP phone. C. Configure vlan 1
under forwarding-options bootp. D. Configure interface ge-0/0/5 under forwarding-options
bootp.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=17
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 18
What are three types of port designation specific to Private VLANs? (Choose three.) A.
Promiscuous ports B. Transparent ports C. PVLAN trunk ports D. Designated ports E. Isolated
ports
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=18
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 19
Click the Exhibit button. Looking at the output in the exhibit, why is the BGP neighbor not in
Established state? A. BGP Refresh is not supported. B. Multihop is not configured. C. The peer
address is not reachable. D. Authentication is configured.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=19
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 20
Which component comes first on ingress CoS processing? A. behavior aggregate classification
B. multifield classification C. firewall policing D. rewrite marking
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=20
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 21
R1 has an OSPF adjacency with R2 over a point-to-point link. Which three statements about
the advertisements for this link in the Type 1 (Router) LSA generated by R1 are true? (Choose
three.) A. It has a value in the link ID field with R2 s interface IP address. B. It has a value in
the link ID field with R2 s router ID. C. It has a link-type of point-to-point (Type 1). D. It has a
link-type of Transit (Type 2). E. It has a link-type of stub (Type 3).
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=21
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 22
You notice that a number of IGMP leave group messages are passing through a BMA network
and are impacting the network s performance. What would you do to resolve this issue without
affecting multicast traffic? A. Apply an import policy to control leave group messages. B.
Suppress group-specific queries. C. Suppress generic IGMP queries. D. Enable promiscuousmode in IGMP.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=22
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 23
How does an administrator block IGMP reports for the 239.0.0.0/8 group range? A. Create a
routing policy and apply it to IGMP using the group-policy feature. B. Create a routing policy
and apply it to IGMP using the report-policy feature. C. Create a routing policy and apply it to
IGMP as export. D. Create a routing policy and apply it to IGMP as import.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=23
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 24
Click the Exhibit button. In the exhibit, Source is sending multicast traffic to the multicast
group address ffbe::1.Which protocol must you configure on R1 s ge-0/0/0 to forward multicast
traffic toward the receiver? A. IGMP v3 B. PIM C. OSPF v3 D. MLD
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=24
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 25
Which AS path regular expression will only match a route originating in AS 500 with the last
traversing AS of 100? A. "$100 .* ^500" B. "500 .*" C. "^100 .* 500$" D. "^100 .*"
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=25
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 26
Click the Exhibit button. As shown in the exhibit, the 10.10/16 prefix is redistributed into
OSPF through R2 and R5. R2 and R5 are advertising the prefix with a Type 2 metric of
100.What is the preferred path to reach 10.10/16 from R6? A. R6-R4-R3-R2 B. R6-R5 C. R6R4-R5-R2 D. R6-R4-R5
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=26
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 27
Click the Exhibit button. Looking at the trace options output in the exhibit, why are the OSPF
routers stuck in Init state? A. There is an MTU mismatch. B. There is a network mask
mismatch. C. The routers are in different areas. D. No BDR has been elected.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=27
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 28
Which two statements about MVRP on EX Series switches are true? (Choose two.) A. MVRP
can add VLANs on access interfaces. B. MVRP can add VLANs on trunk interfaces. C. MVRP
adds VLANs on MVRP-enabled interfaces by default. D. MVRP is in transparent mode on
MVRP-enabled interfaces by default.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=28
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 29
Your customer has five office locations. Each office location has 20 VLANs configured, one
for each department. Your engineering team has recently secured a government contract with
strict regulations which require that engineers be placed into separate workgroups. These
workgroups cannot communicate with each other. Without changing the primary VLAN
assignments, which JUNOS feature meets this requirement with minimal configuration? A.
Create a series of firewall filters to block users in each workgroup. B. Configure a Private
VLAN and assign each workgroup a secondary VLAN. C. Configure Virtual Private LAN
Service to isolate broadcast domain. D. Turn off the default BUM (Broadcast, unknown,
multicast) flooding mode.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=29
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 30
Click the Exhibit button. In the exhibit, switches S1, S2, and S3 have Q-in-Q tunneling
configured between Site 1 and Site 2.Which configuration on switch S1 allows Site 1 and Site 2
to exchange Cisco Discovery Protocol (CDP), but blocks VLAN Trunking Protocol (VTP)
between Site 1 and Site 2? A. {master:0}[edit vlans provider-vlan] user@S1# set dot1qtunneling layer2-protocol-tunneling cdp B. {master:0}[edit vlans provider-vlan] user@S1# set
dot1q-tunneling l2tp cdp C. {master:0}[edit vlans provider-vlan] user@S1# set dot1q-tunneling
layer2-protocol-tunneling deny vtp D. {master:0}[edit vlans provider-vlan] user@S1# set
dot1q-tunneling l2tp deny vtp
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=30
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 31
A coffee shop offering free Internet service to customers wants to implement the following
security policies: 1. Every customer must agree to a set of terms and conditions before
accessing the Internet. 2. Log out customers that are logged in for more than one hour. 3. Log
out customers that are idle for more than 5 minutes. 4. Authenticate employee desktop
computers with known hardware addresses in the office of the coffee shop to access the
Internet without the above restrictions. The following configuration has been applied to the
switch: set access radius-server 172.16.14.26 port 1812 set access radius-server 172.16.14.26
secret Am@zingC00f33 set access profile dot1x authentication-order radius set access profile
dot1x radius authentication-server 172.27.14.226 What would you add to implement these
policies? A. set protocols dot1x authenticator interface ge-0/0/12.0 supplicant multiple set
protocols dot1x authenticator interface ge-0/0/12.0 mac-radius set protocols dot1x authenticator
authentication-profile-name dot1x set services captive-portal authentication-profile-name dot1x
set services captive-portal interface ge-0/0/12.0 set services captive-portal secureauthentication https set services captive-portal custom-options header-message "Welcome to
Our Coffee Shop" set services captive-portal custom-options banner-message "Terms and
Conditions of Use" B. set protocols dot1x authenticator interface ge-0/0/12.0 supplicant
multiple set protocols dot1x authenticator authentication-profile-name dot1x set services
captive-portal authentication-profile-name dot1x set services captive-portal interface ge0/0/12.0 set services captive-portal secure-authentication https set services captive-portal
custom-options header-message "Welcome to Our Coffee Shop" set services captive-portal
custom-options banner-message "Terms and Conditions of Use" C. set protocols dot1x
authenticator interface ge-0/0/12.0 supplicant multiple set protocols dot1x authenticator
interface ge-0/0/12.0 mac-radius set protocols dot1x authenticator authentication-profile-name
dot1x set services captive-portal authentication-profile-name dot1x set services captive-portal
interface ge-0/0/12.0 set services captive-portal interface ge-0/0/12.0 idle-timeout 300 set
services captive-portal interface ge-0/0/12.0 user-timeout 3600 set services captive-portal
secure-authentication https set services captive-portal custom-options header-message
"Welcome to Our Coffee Shop" set services captive-portal custom-options banner-message
"Terms and Conditions of Use" D. set protocols dot1x authenticator interface ge-0/0/12.0
supplicant multiple set protocols dot1x authenticator interface ge-0/0/12.0 mac-radius set
protocols dot1x authenticator interface ge-0/0/12.0 idle-timeout 300 set protocols dot1x
authenticator interface ge-0/0/12.0 user-timeout 3600 set protocols dot1x authenticator
authentication-profile-name dot1x set services captive-portal authentication-profile-name dot1x
set services captive-portal interface ge-0/0/12.0 set services captive-portal secureauthentication https set services captive-portal custom-options header-message "Welcome to
Our Coffee Shop" set services captive-portal custom-options banner-message "Terms and
Conditions of Use"
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=31
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 32
Click the Exhibit button. In the PIM-SM network in the exhibit, all links in the topology have
the same IGP metric configured. Which link will not be on the RPT?
A. R1-R4
B. R3-R6
C. R4-R5
D. R5-R6
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=32
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 33
Click the Exhibit button. In the exhibit, Site 1 is sending traffic on VLANs 100, 200, and 300.
The provider operating switch S1 must configure Q-in-Q tunneling to transport VLANs 100
and 200 to Site2. The provider must configure switch S1 to block traffic received from site 1 on
VLAN 300.Which configuration accomplishes this goal? A. {master:0}[edit vlans pv200]
user@S1# show vlan-id 200; interface { ge-0/0/0.0; ge-0/0/1.0; } dot1q-tunneling { customervlans [ 100 200 ]; } B. {master:0}[edit vlans pv200] user@S1# show vlan-id [100 200];
interface { ge-0/0/0.0 { dot1q-tunneling { block-vlans 300; } } ge-0/0/1.0; } C. {master:0}[edit
vlans pv200] user@S1# show vlan-id 200; interface { ge-0/0/0.0; ge-0/0/1.0; } dot1q-tunneling
{ block-vlans 300; } D. {master:0}[edit vlans pv200] user@S1# show vlan-id 200; interface {
ge-0/0/0.0 { dot1q-tunneling { customer-vlans [ 100 200 ]; } } ge-0/0/1.0; }
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=33
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 34
Click the Exhibit button. The four routers in the exhibit are participating in a multi-area OSPF
topology. Node B (in the upper right-hand corner) is an ASBR advertising an external route.
Node A (lower left-hand corner) receives the external route and begins to forward traffic to the
ASBR. How many hops will the packets take through this topology? (Do not count node A.) A.
2 B. 3 C. 4 D. 5
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=34
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 35
Click the Exhibit button. The phone connected to switch-1 in the exhibit cannot communicate
with the rest of the network. How do you solve this problem? A. Add the VLAN named voice
as a member of the trunk on interface ge-0/0/12.0. B. Configure the voice VLAN on interface
ge-0/0/6.0. C. Add interface ge-0/0/12.0 to the ethernet-switching-options voip hierarchy. D.
Configure LLDP-MED for interface ge-0/0/12.0.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=35
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 36
You are AS 6573.Which AS path regular expression matches only routes originated in your
AS? A. "6573.*" B. ".*" C. "{" D. "^$"
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=36
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 37
Which protocol reachability is advertised by OSPFv2? (Choose two.) A. IPv4 B. IPv5 C. IPv6
D. ISO
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=37
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 38
Click the Exhibit button. You are using an IBGP route reflector within your network. Your
route reflector has received the 2001:1:2::/64 prefix, but it is not advertising the prefix to its
cluster members. After examining the route reflector, you notice the output shown in the
exhibit.Which configuration statement causes the route reflector to transmit the route to its
IBGP peers? A. set protocols bgp group ibgpv6 advertise-inactive B. set protocols bgp group
ibgpv6 accept-remote-nexthop C. set protocols bgp group ibgpv6 multipath D. set protocols
bgp group ibgpv6 include-mp-next-hop
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=38
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 39
Click the Exhibit button. Referring to the exhibit, R4 in AS 100 is sending routes 20.0.0.0/8
and 10.0.0.0/8. R3 sees the routes but R5 does not. What must be configured on the R3 router
for the R5 router to install the routes? A. a next-hop self policy B. as-override toward the R5
router C. as-loops 2 D. local-as 100
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=39
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 40
Click the Exhibit button. The CLI output shown in the exhibit was taken from the RP in a PIMSM network. Which statement explains the output shown in the exhibit? A. No tunnel PIC is
installed on the RP router. B. 192.168.1.1 is not a local IP address on the RP router. C.
Multicast traffic is arriving on the so-0/0/0.0 interface. D. The router does not have a unicast
route to 10.0.5.2.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=40
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 41
Voice traffic is coming in on UDP port 17689. This traffic must be classified into the
expedited-forwarding forwarding-class. Which type of classifier is needed? A. code point alias
B. rewrite marker C. multifield D. behavior aggregate
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=41
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 42
You must configure your access switch with more than 3000 VLANs and you want the ability
to load-balance across them. Which spanning-tree approach has the least impact on controlplane performance? A. Configure your access switch with a load-balancing policy and apply it
to protocols RSTP. B. Configure your access switch for Rapid-PVST+. C. Configure your
access switch for MSTP incorporating the use of MSTIs. D. Configure your access switch for
both VSTP and RSTP.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=42
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 43
Click the Exhibit button. You are asked to configure an OSPF virtual link that connects remote
Area 4 to the backbone. Referring to the exhibit, what are two requirements for an OSPF
virtual link to operate correctly? (Choose two.)
A. A virtual link configuration on the ABR between Areas 0 and 1 must include transit
area 1.
B. The interface of the transit area must be of type vt.
C. A virtual link configuration on the ABR between Areas 0 and 1 must be the interface
address of the neighbor on the far end.
D. A virtual link configuration on the ABR between Areas 0 and 1 must be the router
ID (RID) of the neighbor on the far end.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=43
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 44
Which version of BGP would an enterprise use to peer with an ISP? (Choose two.) A.
Confederation BGP B. External BGP C. Internal BGP D. Labeled-Unicast
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=44
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 45
Click the Exhibit button. Based on the configuration in the exhibit, which routing table is used
for IPv4 multicast RPF checks? A. inet.0 B. inet.2 C. foo.inet.0 D. inet.8
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=45
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 46
What are two IP multicast routing protocols? (Choose two.) A. RSVP B. OSPF C. PIM D.
CDP
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=46
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 47
A network routes IPv4 traffic only. You want to add IPv6 to the network, but you must use a
single IGP for both IPv4 and IPv6 traffic. Which protocol meets this requirement? A. OSPFv2
B. BGPv4 C. ES-ISv1 D. OSPFv3
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=47
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 48
Click the Exhibit button. Your company is integrating another OSPF area into your existing
OSPF infrastructure. You created a virtual link that spans Area 2 and connects Area 3 to the
backbone area. Based on the exhibit, what is preventing the adjacency? A. The interface
configured for the virtual link is incorrect. It should be a vt and not a vl interface. B. No
designated router (DR) has been elected. C. The backup route to Area 2 has not been
configured. D. The wrong transit area is configured.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=48
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 49
Click the Exhibit button. In the exhibit, the 67.43.142/24 route is advertised using BGP to ISPs
A and C. No policies have been applied. How will ISP B choose its best BGP route between
ISP A and ISP C? A. It will choose the route with the shortest AS Path. B. It will choose the
route that was received from the router with the lowest router ID. C. It will choose the route
that was received from the router with the lowest peer ID. D. It will choose the first route
received from its neighbor.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=49
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 50
Click the Exhibit button. In the exhibit, the 10.100/16 prefix is introduced at autonomous
system 1 (AS1) and propagated through to AS3. Router A in AS3 receives two different paths
to these prefixes, one through AS2 and the other through AS4. No BGP attributes have been
altered. Which path would router A prefer for the 10.100/16 prefix? A. the route with the
lowest interface address for the EBGP peering session B. the route with the lowest local
preference C. the route to the EBGP peer that has the lowest RID D. the route from the EBGP
peer that arrived first
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=50
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 51
Click the Exhibit button. Referring to the exhibit and based on the output below from Sw-1 and
Sw-2, which statement is true?
A. There will be only one MSTI 2 root bridge.
B. There will be only one CST root bridge.
C. Sw-1 and Sw-2 are in different MSTP regions.
D. There will be only one CIST root bridge.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=51
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 52
You must prioritize VoIP packets on your network. Which feature will accomplish this goal?
(Choose two.) A. RSVP B. Multicast Routing C. VPLS D. Class of Service
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=52
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 53
What is a valid router ID configuration for OSPFv3 in the Junos OS? A. set routing-options
router-id 2001:1:2::1 B. set protocols ospf3 router-id fe80:223:2887:ab31::1 C. set routingoptions router-id 224.1.0.1 D. set protocols ospf3 router-id 10.8.3.9
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=53
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 54
A Layer 2 forwarding loop occurred on your network during a scheduled maintenance period.
You must prevent this behavior in the future. Which protocol should you enable on the EX
Series switch to address this condition in the future? (Choose two.) A. DVMRP B. L2TPv3 C.
STP D. RSVP
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=54
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 55
Click the Exhibit button. Based on the output in the exhibit, which two statements are true?
(Choose two.) A. The router is an ASBR. B. The router has a virtual link. C. The router is a
BDR. D. The router is an ABR.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=55
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 56
In MSTP, which two factors determine the root bridge in each region? (Choose two.) A. The
switch with the higher priority becomes the root bridge. B. The switch with the lower priority
becomes the root bridge. C. The switch with the lower MAC address becomes the root bridge
when priorities are tied. D. The switch with the higher MAC address becomes the root bridge
when priorities are tied.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=56
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 57
Click the Exhibit button. In the exhibit, the data center is using VSTP. The data center network
is experiencing outages due to spanning tree instabilities between the recently installed virtual
switches and the data center Layer 2 domain. Which action resolves the spanning tree
instabilities without impacting connectivity? A. Configure the bpdu-block-on-edge parameter
on the access layer edge ports. B. Configure the no-root-port parameter on the access layer
edge ports. C. Filter BPDU s using a firewall filter and disable VSTP on the access layer edge
ports. D. Directly connect the virtual switches.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=57
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 58
Click the Exhibit button. Referring to the exhibit, what is the correct RPF path toward the
multicast source from R6? A. R6-R5 B. R6-R7-R4-R5 C. R6-R4-R5 D. R6-R4-R3-R2-R5
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=58
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 59
Which two actions can be performed when traffic is exceeding a policer rate? (Choose two.) A.
Set the forwarding table. B. Set the loss priority (PLP). C. Set the forwarding class. D. Set a
community.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=59
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 60
Click the Exhibit button. The configuration in the exhibit shows incoming traffic with specific
IP precedence bits that should be mapped to a forwarding class named best-effort. What must
you add to complete this configuration? A. defined behaviors to the interfaces stanza in the
class-of-service section B. rewrite-rules for the best-effort forwarding class C. a WRED dropprofile for the best-effort scheduler D. a firewall filter that matches and discards the original
code point values
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=60
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 61
Click the Exhibit button. You are configuring an EBGP peer in a transit environment. You
must advertise routes learned from other EBGP peers in your AS. Any routes originated from
within your AS should have a MED of 7000 set. Any routes that originate in AS65222 should
be prepended four times. Any routes that transit AS701 should have a MED set to 6. This
scenario results in the unintended advertisement of internal 10.0.0.0/8 networks to your peer.
What caused the accidental advertisement of internal networks to your EBGP peer? A. Your
AS number of 65550 is a private AS number. B. The BGP group as65010 is configured for
both family inet unicast and family inet6 unicast protocol families. C. The export policy
as65010-out is misconfigured. D. The as-path "local-only" includes a misconfigured regular
expression.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=61
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 62
Which option is a valid IPv6 multicast address? A. fe80::205:8640:471:3200/64 B.
::172.16.0.5/126 C. ff03:365:ba::23 D. ff01:cgfc:345::226:8ff:fee4:bf6f
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=62
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 63
Click the Exhibit button. Looking at the traceoptions output in the exhibit, why are the OSPF
routers stuck in Init state?
A. There is an MTU mismatch.
B. There is a network mask mismatch.
C. The routers are in different areas.
D. No BDR has been elected.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=63
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 64
Click the Exhibit button. The ASBR in NSSA Area 0.0.0.1 is injecting three external prefixes
(200.200.0.0/16, 200.200.10/24, and 100.100.0.0/24). You must configure the ABR router in
the exhibit to translate only one route (200.200.0.0/16) into the backbone area.Which
configuration accomplishes the goal? A. ospf { area 0.0.0.0 { interface t3-1/0/0.0; } area 0.0.0.1
{ nssa { area-range 0.0.0.0/0 restrict; area-range 200.200.0.0/16 exact; } interface ge-0/0/1.823;
} } B. ospf { area 0.0.0.0 { area-range 200.200.0.0/16 exact; area-range 0.0.0.0/0 restrict;
interface t3-1/0/0.0; } area 0.0.0.1 { nssa; interface ge-0/0/1.823; } } C. ospf { area 0.0.0.0 {
interface t3-1/0/0.0; } area 0.0.0.1 { nssa; area-range 0.0.0.0/0 restrict; area-range
200.200.0.0/16 exact; interface ge-0/0/1.823; } } D. ospf { area 0.0.0.0 { interface t3-1/0/0.0; }
area 0.0.0.1 { nssa; area-range 200.200.0.0/16 { restrict; exact; } interface ge-0/0/1.823; } }
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=64
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 65
Click the Exhibit button. As shown in the exhibit, the 10.10/16 prefix is redistributed into
OSPF through R2 and R5. R2 is advertising the prefix with a Type 1 metric of 100 and R5 is
advertising the prefix with a Type 2 metric of 10.What is the preferred path to reach 10.10/16
from R6? A. R6-R5 B. R6-R4-R5 C. R6-R4-R5-R2 D. R6-R4-R3-R2
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=65
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 66
Click the Exhibit button. A customer is trying to configure a router to peer using EBGP to a
neighbor. As shown in the exhibit, two links are being used for this configuration. The goal of
this configuration is to load-balance traffic across both EBGP links. Which configuration
accomplishes this goal? A. {master:0}[edit] Juniper@External-BGP# show protocols bgp
group External { multihop; local-address 192.168.2.1; peer-as 65543; neighbor 10.10.2.2;
neighbor 10.20.2.2; } {master:0}[edit] lab@Area-0-ABR# show routing-options static { route
192.168.5.1/32 next-hop 192.168.2.1; } autonomous-system 65432; B. {master:0}[edit]
Juniper@External-BGP# show protocols bgp group External { multihop; local-address
192.168.2.1; peer-as 65543; neighbor 192.168.5.1; } {master:0}[edit] lab@Area-0-ABR# show
routing-options static { route 192.168.5.1/32 next-hop [ 10.10.2.2 10.20.2.2 ]; } autonomoussystem 65432; forwarding-table { export load-balance; } {master:0}[edit] lab@Area-0-ABR#
show policy-options policy-statement load-balance term balance { then { load-balance perpacket; accept; } } C. {master:0}[edit] Juniper@External-BGP# show protocols bgp group
External { multi-path; local-address 192.168.2.1; peer-as 65543; neighbor 192.168.5.1; }
{master:0}[edit] lab@Area-0-ABR# show routing-options static { route 192.168.5.1/32 nexthop [ 10.10.2.2 10.20.2.2 ]; } autonomous-system 65432; D. {master:0}[edit]
Juniper@External-BGP# show protocols bgp group External { multipath; local-address
192.168.2.1; peer-as 65543; neighbor 10.10.2.2; neighbor 10.20.2.2; } {master:0}[edit]
lab@Area-0-ABR# show routing-options static { route 192.168.5.1/32 next-hop 192.168.2.1; }
autonomous-system 65432;
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=66
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 67
Click the Exhibit button. Site A is sending voice traffic marked with DSCP code EF. SRX A
has the default CoS classifier. Into which forwarding class is SRX A classifying traffic? A.
best-effort B. expedited-forwarding C. network-control D. assured-forwarding
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=67
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 68
Click the Exhibit button. Based on the exhibit, which two statements are true? (Choose two.) A.
Sw-1 and Sw-2 both claim to be MSTI 1and MSTI 2 root bridges; VLAN-to-instance fields
will not match in the BPDU s MSTI fields. B. Both Sw-1 and Sw-2 are in different MSTP
regions. C. Sw-2 will calculate Sw-1 as CST root. D. Sw-1 and Sw-2 will each claim to be CST
root.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=68
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 69
Click the Exhibit button. Examine the output of the show bgp summary command shown in the
exhibit. From which BGP peer is the router receiving IPv6 routes? A. 10.0.3.5 B. 172.16.0.6 C.
2001:ffff::3:5 D. 2001:ffff:3:5
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=69
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 70
Click the Exhibit button. The output in the exhibit is from a router with the default scheduler
configuration. What is a possible cause of the drops in the expedited-forwarding queue? A. The
default rewrite marker is causing traffic to be classified into the expedited-forwarding queue. B.
There is a policer for the expedited forwarding queue. C. No DSCP classifier is set on ingress.
D. There is no bandwidth reservation for the expedited-forwarding queue.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=70
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 71
What is the significance of the multicast address range: 224.0.0.1 through 224.0.0.254? A.
They have link-local scope. B. They have administrative region scope. C. They are reserved for
future use. D. They have a scope of two or more hops from a router.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=71
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 72
Click the Exhibit button. In the exhibit, Switch A is an EX4200. VLAN10 is receiving tagged
as well as untagged traffic from different ports. The administrator wants to mirror all tagged
and untagged traffic entering VLAN10 to analyzer port ge-0/0/10. All VLAN tags must be
preserved for traffic that is mirrored to the analyzer port. Which configuration will achieve
this? A. set ethernet-switching-options analyzer vlan10_analyzer input vlan VLAN10 interface
xe-1/0/0.0 set ethernet-switching-options analyzer vlan10_analyzer input vlan VLAN10
interface ge-0/0/2 set ethernet-switching-options analyzer vlan10_analyzer output interface ge0/0/10.0 B. set ethernet-switching-options analyzer vlan10_analyzer input interface xe-1/0/0.0
set ethernet-switching-options analyzer vlan10_analyzer input interface ge-0/0/2 set ethernetswitching-options analyzer vlan10_analyzer output interface ge- 0/0/10.0 C. set ethernetswitching-options analyzer vlan10_analyzer input ingress vlan VLAN10 set ethernetswitching-options analyzer vlan10_analyzer output interface ge- 0/0/10.0 set vlans default
interface ge-0/0/10.0 D. set ethernet-switching-options analyzer vlan10_analyzer input ingress
vlan VLAN10 set ethernet-switching-options analyzer vlan10_analyzer output interface ge0/0/10.0 set vlans VLAN10 interface ge-0/0/10.0
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=72
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 73
Click the Exhibit button. Looking at the traceoptions output, what is the current keepalive timer
set for in BGP? A. 1 second B. 10 seconds C. 30 seconds D. 90 seconds
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=73
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 74
Click the Exhibit button. Looking at the traceoptions output in the exhibit, why are the OSPF
routers stuck in Init state? A. There is an MTU mismatch. B. There are duplicate router IDs. C.
The routers are in different areas. D. No BDR has been elected.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=74
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 75
Click the Exhibit button. Referring to the exhibit, what will R6 do when it receives the first
multicast packet for group 224.1.1.1 from the RP? A. R6 will join the SPT through R4. B. R6
will join the SPT through R5. C. R6 will join the SPT through R7. D. R6 will stay on the RPT
for the 224.1.1.1 group.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=75
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 76
When using PIM-SM in SSM mode, which event triggers the creation of a shortest-path tree?
A. Multicast traffic received at the receiver s designated router (DR). B. An IGMPv3 report
received at the receiver s designated router (DR). C. Multicast traffic received at the
rendezvous point (RP). D. An IGMPv3 report received at the source s designated router (DR).
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=76
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 77
Click the Exhibit button. In the topology shown in the exhibit, which two BGP attributes can
AS1 manipulate to influence the path that AS4 takes to reach prefixes originated by AS1?
(Choose two.)
A. Local Preference
B. AS Path
C. Origin
D. MED
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=77
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 78
Click the Exhibit button. Based on the exhibit, which spanning-tree protocol is running on ge0/0/0? A. VSTP B. MSTP C. RSTP D. PVST
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=78
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 79
An OSPF router is an ABR but not an ASBR. Which three types of LSAs would you expect
this router to generate? (Choose three.) A. Type 1 LSA B. Type 3 LSA C. Type 4 LSA D. Type
5 LSA E. Type 6 LSA
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=79
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 80
A Layer 2 transparent firewall separates two OSPFv3 routers. For the two OSPFv3 routers to
form an adjacency, which protocol must be permitted on the firewall? A. IPv4 protocol 89 B.
IPv6 protocol 89 C. TCP port 89 D. UDP port 89
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=80
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 81
Click the Exhibit button. Based on the exhibit, which statement about the Layer 2 topology is
true? A. A port on switch 3 or switch 4 towards the CST root (switch 6) is blocking traffic. B.
A total of 64 MST instances for MST region A and region B can be configured. C. MSTI
BPDUs are exchanged between MST regions and the CST root bridge. D. IST BPDUs are
exchanged between switch 1 and switch 2 + switch 6 and 7 only.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=81
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 82
Click the Exhibit button. Router R1 in the exhibit is receiving auto-RP announce messages
specifying an RP of 192.168.10.1 and BSR messages specifying an RP-set with an RP of
192.168.50.1.Which address will R1 use as the RP for traffic destined to the 224.1.1.1 multicast
group? A. 192.168.3.1 B. 192.168.5.1 C. 192.168.10.1 D. 192.168.5
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=82
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 83
Click the Exhibit button. Referring to the exhibit, which three statements describe correct
behavior of Switch A? (Choose three.) A. Switch A allows complete access to all users
connected to port ge-0/0/2 that log in with their correct user credentials. B. Switch A allows
complete access to all users connected to port ge-0/0/0 that log in with their correct user
credentials. C. Switch A allows complete access to the second user that connects to port ge0/0/1 with its correct credentials only after the first user logs out. D. Switch A allows complete
access to all users connected to port ge-0/0/0 without authentication after the first user has
logged in with its correct user credentials. E. Switch A allows complete access to all users
connected to port ge-0/0/1 that securely log in using HTTPS with their correct user credentials.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=83
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 84
Click the Exhibit button. Based on the exhibit, why is R2 marking the routes coming from AS
200 as hidden? A. R3 has an import policy filtering all routes. B. R4 is not configured with a
next-hop self policy. C. R2 does not have a route to the peer-id of R4. D. AS 200 is configured
with the advertise-inactive configuration.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=84
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 85
Click the Exhibit button. Looking at the traceoptions output in the exhibit, why is the BGP
neighbor not in Established state? A. BGP refresh is not supported. B. There is a router ID
mismatch. C. IPv6 is not supported on the local peer. D. The peer AS number is misconfigured.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=85
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 86
Click the Exhibit button. Given the output in the exhibit, which two statements are true?
(Choose two.) A. The switch is the root bridge for MSTI 1. B. The switch is the root bridge for
MSTI 2. C. The switch is a non-root bridge for MSTI 1. D. The switch is a non-root bridge for
CIST.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=86
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 87
You are troubleshooting a problem on interface ge-0/0/3.Which command shows statistics in
real time? A. show interfaces statistics B. monitor interface statistics ge-0/0/3 C. monitor
interface traffic D. monitor traffic interface ge-0/0/3
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=87
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 88
Which configuration causes a router to ignore router-id and peer-id from the BGP route
selection algorithm? A. multihop B. as-path loops C. multipath D. next-hop self
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=88
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 89
Click the Exhibit button. Which statement about the non-ABR router in Area 2 in the exhibit is
true? A. The router has connectivity to all areas. B. The router has connectivity to Area 2 only.
C. The router has connectivity to Area 2 and Area 0. D. The router has connectivity to Area 2
and Area 8.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=89
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 90
Which three statements regarding LLDP and LLDP-MED are true? (Choose three.) A. LLDPMED can deliver CoS settings to IP phones. B. LLDP can only operate over interfaces
configured for family ethernet-switching. C. LLDP can operate over interfaces configured for
family inet. D. LLDP attributes are communicated through TLVs. E. LLDP frames are flooded
across a Layer 2 domain to calculate a network topology.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=90
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 91
Click the Exhibit button. In the exhibit, customers connected to Area 3 must have access to
external prefixes received from the data center connected to the router in Area 1. These
configurations are currently applied to the routers in Area 1: {master:0}[edit] lab@Area-1ABR# show protocols ospf no-nssa-abr ;area 0.0.0.1 { nssa; interface ge-1/1/1.100; }
{master:0}[edit] lab@Area-1-External# show protocols ospf area 0.0.0.1 { stub no-summaries;
interface ge-1/1/1.100; } What must you change for these configurations to work? A. Configure
the ABR router in Area 1 to support a virtual link. B. Delete no-summary-lsa from the ABR
router in Area 1. C. Configure the external router in Area 1 for NSSA. D. Configure the ABR
in Area 1 for a default LSA with a default-metric of 10 and no-summaries.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=91
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 92
Click the Exhibit button. Host 1, Host 2, and Host 3 are connected to Switch A on interface ge0/0/2. Host 1 and Host 2 do not support 802.1X. They can authenticate and connect to the
Internet. Host 3 was added and it supports 802.1X; however, it is unable to authenticate.
Referring to the exhibit, how do you allow Host 3 to authenticate to the network but maintain
secure access? A. Enable fallback authentication for 802.1X B. Disable MAC RADIUS
Restrict option on ge-0/0/2 C. Disable MAC RADIUS option on ge-0/0/2 D. Enable
Administrative mode for 802.1X
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=92
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 93
Click the Exhibit button. Referring to the exhibit, which statement is true? A. The OSPF cost of
the interface is 128. B. The authentication type of the area is MD5. C. This interface is part of a
stub area. D. This router is the BDR.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=93
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 94
You have a requirement for a device to provide 20 W of power over Ethernet. What meets this
requirement? A. Bond two standard PoE ports together to achieve 30.8 W of power. B. Install
an external redundant power supply in the switch to increase the total power load. C. Select a
switch that has PoE+ support. D. Enable LLDP-MED to transfer power from other switches.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=94
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 95
Click the Exhibit button. Referring to the exhibit, you want to configure Switch-1 to allow a
user on interface ge-0/0/10 to accommodate both voice and data traffic. Your phones and your
switches are LLDP-MED capable. What is the minimal configuration that allows LLDP-MED
to autoconfigure your phone s voice VLAN? A. set interfaces ge-0/0/10 unit 0 family ethernetswitching port-mode trunk set interfaces ge-0/0/10 unit 0 family ethernet-switching vlan
members voice_vlan set interfaces ge-0/0/10 unit 0 family ethernet-switching native-vlan-id
data_vlan set ethernet-switching-options voip interface ge-0/0/10.0 vlan voice_vlan set
protocols lldp-med interface ge-0/0/10.0 B. set interfaces ge-0/0/10 unit 0 family ethernetswitching port-mode trunk set interfaces ge-0/0/10 unit 0 family ethernet-switching vlan
members voice_vlan set interfaces ge-0/0/10 unit 0 family ethernet-switching native-vlan-id
data_vlan set ethernet-switching-options voip interface ge-0/0/10.0 vlan voice_vlan set
protocols lldp interface ge-0/0/10.0 C. set interfaces ge-0/0/10 unit 0 family ethernet-switching
port-mode access set interfaces ge-0/0/10 unit 0 family ethernet-switching vlan members
data_vlan set ethernet-switching-options voip interface ge-0/0/10.0 forwarding-class assuredforwarding set protocols lldp-med interface ge-0/0/10.0 D. set interfaces ge-0/0/10 unit 0
family ethernet-switching port-mode access set interfaces ge-0/0/10 unit 0 family ethernetswitching vlan members data_vlan set ethernet-switching-options voip interface ge-0/0/10.0
vlan voice_vlan set protocols lldp-med interface ge-0/0/10.0
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=95
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 96
Which three allow classification of traffic on ingress? (Choose three.) A. 802.1p B. 802.3ad C.
MPLS EXP D. DSCP E. rewrite markers
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=96
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 97
Click the Exhibit button. In the exhibit, a customer wants to configure an EBGP connection to
two different routers in a neighboring autonomous system. The goal of this configuration is to
use per-prefix load balancing across both EBGP links. Which configuration accomplishes this
goal? A. {master:0}[edit] Juniper@External-BGP# show protocols bgp group External {
multihop; peer-as 65543; neighbor 10.10.2.2; neighbor 10.20.2.2; } B. {master:0}[edit]
Juniper@External-BGP# show protocols bgp group External { multipath; peer-as 65543;
neighbor 10.10.2.2; neighbor 10.20.2.2; } C. {master:0}[edit] Juniper@External-BGP# show
protocols bgp group External { multihop; local-address 192.168.2.1; peer-as 65543; neighbor
10.10.2.2; neighbor 10.20.2.2; lab@Area-0-ABR# show routing-options static { route 0.0.0.0
next-hop [ 10.10.2.2 10.20.2.2 ]; } autonomous-system 65432; D. {master:0}[edit] lab@Area0-ABR# show protocols bgp group External { multihop; local-address 192.168.2.1; peer-as
65543; multipath; neighbor 10.10.2.2; neighbor 10.20.2.2; } lab@Area-0-ABR# show routingoptions static { route 0.0.0.0 next-hop [ 10.10.2.2 10.20.2.2 ]; } autonomous-system 65432;
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=97
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 98
Click the Exhibit button. In the exhibit, User A has authenticated using 802.1X. User B and
User C have not authenticated. The RADIUS server fails.Which configuration allows User A
and User B access to the network, but prevents User C from accessing the network? A. [edit
protocols dot1x authenticator] user@S1# set interface ge-0/0/0.0 server-fail use-cache
user@S1# set interface ge-0/0/1.0 server-fail permit user@S1# set interface ge-0/0/2.0 serverfail use-cache B. [edit protocols dot1x authenticator] user@S1# set interface ge-0/0/0.0 serverbackup if-authenticated user@S1# set interface ge-0/0/1.0 server-backup if-authenticated
user@S1# set interface ge-0/0/2.0 server-backup deny C. [edit protocols dot1x authenticator]
user@S1# set interface ge-0/0/0.0 server-backup if-authenticated user@S1# set interface ge0/0/1.0 server-backup permit user@S1# set interface ge-0/0/2.0 server-backup deny D. [edit
protocols dot1x authenticator] user@S1# set interface ge-0/0/0.0 server-fail permit user@S1#
set interface ge-0/0/1.0 server-fail use-cache user@S1# set interface ge-0/0/2.0 server-fail usecache
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=98
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 99
When using PIM-SM in ASM mode, which two events trigger the creation of a shortest-path
tree? (Choose two.) A. Multicast traffic received at the receiver s designated router (DR). B.
PIM join received at the receiver s designated router (DR). C. PIM join received at the source
designated router (DR). D. PIM registers received by the rendezvous point (RP).
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=99
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 100
Click the Exhibit button. Referring to the exhibit, which two statements are true? (Choose two.)
A. The router has pruned the RPT. B. The router has pruned the SPT only. C. The router has
pruned the RPT only. D. The router has pruned the SPT.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=100
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 101
A network administrator is configuring CoS on a switch and assigns forwarding classes call-sig
and critical to the same queue number per the configuration below: class-of-service {
forwarding-classes { class best-effort queue-num 0; class bulk-data queue-num 1; class critical
queue-num 3; class voice queue-num 6; class call-sig queue-num 3; } } Based on the
configuration, which option prioritizes call-sig traffic over critical traffic? A. Assign call-sig
and critical to different schedulers. B. Assign call-sig and critical to different scheduler maps.
C. Assign a loss priority of high to the packets in the critical forwarding class and configure
drop profiles in the scheduler configuration. D. Assign a loss priority of high to the packets in
the critical forwarding class and set priority high in the scheduler configuration.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=101
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 102
A company is deploying a new 802.1X port-based security infrastructure to allow users to
access resources through wired Ethernet ports. However they recently deployed an RSA tokenbased system for users to connect remotely. The network administrator wants to reuse the same
security database for 802.1X port-based security. Which 802.1X authentication protocol is
required? A. EAP-TLS B. LAN-PEAP C. RSA-EAP D. EAP-TTLS
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=102
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 103
Click the Exhibit button. In the exhibit, an EBGP session is currently established between R1
and R2. R2 changes its import policy to accept 10 of the routes it previously denied from
R1.Which BGP capability must be negotiated on the BGP session for R2 to install the routes
accepted by the new policy? A. route refresh B. AddPath C. outbound route filtering (ORF) D.
multiprotocol BGP (MBGP)
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=103
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 104
Click the Exhibit button. In the exhibit, the enterprise is running RSTP on all switches in its
network and is currently experiencing Layer 2 loops. The primary link is between switch 1 and
switch 2. For redundancy, a secondary Layer 2 link is purchased from the provider. The
provider uses Q-in-Q tunneling to transport the enterprise s Layer 2 frames. Which action
resolves the Layer 2 loop while maintaining backup connectivity?
A. The provider enables Layer 2 protocol tunneling.
B. You migrate the enterprise Layer 2 domain to MSTP.
C. Enable the bpdu-time-out-action command on switch 3 and switch 4.
D. Enable the bpdu-block command on switch 3 and switch 4.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=104
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 105
A company s security policy does not allow outside computers or smart phones into their work
areas. All company-provided computers are strictly controlled using 802.1X authentication on
all of their switches. All computers obtain DHCP IP addresses from centralized servers and all
switches have IP spoofing enabled. However, one of the computers was able to send IP spoofed
packets. Why did the IP spoof feature fail to prevent the spoofed packets from being
forwarded? A. The IP source guard database timeout was set too low. B. The DHCP snooping
feature was not enabled on any of the switches. C. IP source guard does not prevent IP spoof
attacks; you need to configure the Dynamic ARP Inspection feature. D. 802.1X feature was not
enabled on the port that was directly connected to the infected computer.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=105
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 106
You suspect that a PoE device connected to interface ge-0/0/5 on switch-1 is periodically
spiking above 15 W of power consumption. Which configuration parameter added to switch-1
would allow you to confirm this? A. set poe guard-band 15 B. set poe interface all telemetries
C. set poe interface ge-0/0/5 maximum-power 15 D. set poe management class
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=106
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 107
Which CoS component helps with TCP global synchronization problems? A. WRR with
rewrite rules B. WRED with drop profiles C. tail drop profiles with a behavior aggregate
classifier D. exact term with a scheduler
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=107
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 108
Click the Exhibit button. Sw-1, as configured in the exhibit, is directly connected to Sw-2
through ge-0/0/2. The "Link type" field in show spanning-tree interface ge-0/0/2.0 detail vlanid 20 output has been omitted from the exhibit. Which "Link type" should be displayed in the
output? A. Pt-Pt/NONEDGE B. SHARED/NONEDGE C. SHARED/EDGE D. Pt-Pt/EDGE
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=108
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 109
Sw-1 and Sw-2 as shown in the exhibit are configured as follows: Sw-1 admin@Sw-1# show
configuration-name juniper; revision-level 1; bridge-priority 4k; msti 1 { vlan 10; } msti 2 {
vlan 20; } Sw-2 configuration-name juniper; revision-level 1; bridge-priority 8k; msti 1 { vlan [
10 15 ]; } msti 2 { vlan 20; } Which bridge is the root for CIST? A. Neither is root for CIST. B.
Both are root for CIST. C. Sw-1 is the only root bridge for CIST. D. Sw-2 is the only root
bridge for CIST.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=109
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 110
You have configured L2TP on VLAN blue. Which CLI command verifies that STP BPDUs are
being tunneled? A. show ethernet-switching layer2-protocol-tunneling statistics B. show
ethernet-switching layer2-protocol-tunneling vlan blue C. show ethernet-switching layer2protocol-tunneling interface D. show ethernet-switching layer2-protocol-tunneling vlan blue
extensive
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=110
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 111
You are adding ports to a Private VLAN on a standalone EX Series switch so that you can
control access between the sales and finance departments. Which two actions should you
implement for a Private VLAN? (Choose two.) A. The secondary VLANs can be untagged. B.
The secondary VLANs must be tagged. C. The primary VLAN must be tagged. D. The primary
VLAN can be untagged.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=111
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 112
During the BGP route-resolution process, the Junos OS must calculate the appropriate next-hop
based on the BGP protocol next-hop attribute. Which two routing tables are checked during this
process in a default Junos configuration? (Choose two.) A. inet.0 B. inet.1 C. inet.2 D. inet.3
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=112
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 113
Click the Exhibit button. In the exhibit, you see a configuration for CoS. Incoming traffic with
specific IP precedence bits should be mapped to a forwarding class named best-effort. A
classifier named normal-traffic is defined. What must you add to complete this configuration?
A. Include the option q-pic-large-buffer under the chassis hierarchy to accommodate the new
code points. B. Apply classifier normal traffic to the interface hierarchy under the class-ofservice stanza. C. Configure a rewrite marker on the ingress Gigabit Ethernet interface. D. Add
code point values for the expedited-forwarding forwarding class as well as the best-effort
forwarding class.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=113
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 114
Click the Exhibit button. Based on the SPF calculation in the exhibit, what is the shortest path
to reach R3 from R1? A. R2-R3 B. R2-R5-R4 C. R3 D. R2-R4
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=JN0-643&qno=114
-------------------------------------------------------------------------------------------------------------------------------------
TwPass Certification Exam Features;
-
TwPass offers over 2500 Certification exams for professionals.
More than 98,800 Satisfied Customers Worldwide.
Average 99.8% Success Rate.
Over 120 Global Certification Vendors Covered.
Services of Professional & Certified Experts available via support.
Free 90 days updates to match real exam scenarios.
Instant Download Access! No Setup required.
Price as low as $19, which is 80% more cost effective than others.
Verified answers researched by industry experts.
Study Material updated on regular basis.
Questions / Answers are downloadable in PDF format.
Mobile Device Supported (Android, iPhone, iPod, iPad)
No authorization code required to open exam.
Portable anywhere.
Guaranteed Success.
Fast, helpful support 24x7.
View list of All Exams (AE);
http://www.twpass.com/twpass.com/vendors.aspx
Download Any Certication Exam DEMO.
http://www.twpass.com/twpass.com/vendors.aspx
To purchase Full version of exam click below;
http://www.TwPass.com/
© Copyright 2024