1048 お客様のコメント
質問 1:
You have implemented 802.1X authentication in your Layer 2 network and you have only a single RADIUS server. You are asked to ensure that if the RADIUS server becomes unreachable or fails, users connected to the ge-0/0/0 port are still able to reach the Internet using a predefined guest VLAN.
Which command allows this access?
A. [edit]
user@switch# set protocols dot1x authenticator interface ge-0/0/0.0 radius-fail vlan guest
B. [edit]
user@switch# set protocols dot1x authenticator interface ge-0/0/0.0 radius-fail assign guest
C. [edit]
user@switch# set protocols dot1x authenticator interface ge-0/0/0.0 server-fail vlan-name guest
D. [edit]
user@switch# set protocols dot1x authenticator interface ge-0/0/0.0 auth-fail assign-vlan guest
正解:C
質問 2:
Two PCs are attached to a hub, which is attached to port ge-0/0/0 on your EX Series switch. You must separate the incoming traffic from the PCs into two VLANs.
What should you use to accomplish this task?
A. guest VLAN
B. dynamic VLAN registration with MVRP
C. private VLAN
D. filter-based VLAN
正解:D
質問 3:
Which statement is true regarding the SPF algorithm?
A. The SPF algorithm is run on a per-domain basis.
B. There are two databases used in the calculation, the link-state database and the tree database.
C. If you apply an import policy to OSPF, it keeps LSAs from being flooded, and the SPF calculation can be affected.
D. The SPF calculation is run on a per-area basis on each router.
正解:D
質問 4:
-- Exhibit -
-- Exhibit --
Click the Exhibit button.
A contractor needs to connect a laptop to your company network, but your company has no wireless access and each office has only a single network port for an employee laptop. You have an IP phone with a data port available and you have access to the switch connected to it. You can also add the contractor's MAC address to the RADIUS server database.
Referring to the exhibit, which three commands will allow access? (Choose three.)
A. set protocols dot1x authenticator authentication-profile-name radius_profile interface ge-
0/0/16.0 mac-radius
B. set interfaces ge-0/0/16.0 family ethernet-switching port-mode trunk
C. set protocols dot1x authenticator authentication-profile-name radius_profile interface ge-
0/0/16.0 supplicant multiple
D. set interfaces ge-0/0/16.0 family ethernet-switching vlan members contractor
E. set interfaces ge-0/0/16.0 family ethernet-switching vlan members all
正解:A,C,D
質問 5:
You must configure a multifield classifier on ge-1/0/0. This classifier must match only TCP traffic from port number 79, set the loss priority to high, and classify the traffic as expedited- forwarding. The inbound traffic has no previous CoS markings.
Which configuration meets these requirements?
A. [edit firewall]
user@switch# show filter ef_classifier_mf
term 1 {
from {
protocol tcp;
source-port 79;
dscp ef;
}
then {
loss-priority high;
accept;
}
[...]
}
B. [edit firewall]
user@switch# show filter ef_classifier_mf
term 1 {
from {
protocol tcp;
source-port 79;
}
then {
loss-priority high;
forwarding-class expedited-forwarding;
}
[...]
}
C. [edit firewall]
user@switch# show filter ef_classifier_mf
term 1 {
from {
protocol tcp;
destination-port 79;
}
then {
loss-priority low;
forwarding-class expedited-forwarding;
}
[...]
}
D. [edit firewall]
user@switch# show filter ef_classifier_mf
term 1 {
from {
protocol tcp;
destination-port 79;
}
then {
loss-priority high;
forwarding-class expedited-forwarding;
}
[...]
}
正解:B
質問 6:
A customer wants to connect computer and IP telephone equipment to a switch using the same port. LLDP-MED has been turned onto discover VoIP equipment. Which two statements are true in this scenario? (Choose two)
A. the switch will identify voice traffic automatically based on the source MAC address
B. the access port can be configured to accept both tagged voice traffic and untagged data traffic
C. the computer and VOIP equipment must be in the same VLAN on an access port
D. the switch can send configuration information to the IP phone to assign it a VLAN automatically
正解:B,D
質問 7:
Which three statements are correct about the PIM output shown in the exhibit (Choose three)?
A. RP is the RP
B. The joint request path me from the client at 192 168 35 2
C. R1 has the shortest path tree connection to the multicast source
D. The RP is upstream from R1
E. The multicast stream is flowing out of R1 THROUGH interface ge 0/0/10 0
正解:A,C,E
You have implemented 802.1X authentication in your Layer 2 network and you have only a single RADIUS server. You are asked to ensure that if the RADIUS server becomes unreachable or fails, users connected to the ge-0/0/0 port are still able to reach the Internet using a predefined guest VLAN.
Which command allows this access?
A. [edit]
user@switch# set protocols dot1x authenticator interface ge-0/0/0.0 radius-fail vlan guest
B. [edit]
user@switch# set protocols dot1x authenticator interface ge-0/0/0.0 radius-fail assign guest
C. [edit]
user@switch# set protocols dot1x authenticator interface ge-0/0/0.0 server-fail vlan-name guest
D. [edit]
user@switch# set protocols dot1x authenticator interface ge-0/0/0.0 auth-fail assign-vlan guest
正解:C
質問 2:
Two PCs are attached to a hub, which is attached to port ge-0/0/0 on your EX Series switch. You must separate the incoming traffic from the PCs into two VLANs.
What should you use to accomplish this task?
A. guest VLAN
B. dynamic VLAN registration with MVRP
C. private VLAN
D. filter-based VLAN
正解:D
質問 3:
Which statement is true regarding the SPF algorithm?
A. The SPF algorithm is run on a per-domain basis.
B. There are two databases used in the calculation, the link-state database and the tree database.
C. If you apply an import policy to OSPF, it keeps LSAs from being flooded, and the SPF calculation can be affected.
D. The SPF calculation is run on a per-area basis on each router.
正解:D
質問 4:
-- Exhibit -
-- Exhibit --
Click the Exhibit button.
A contractor needs to connect a laptop to your company network, but your company has no wireless access and each office has only a single network port for an employee laptop. You have an IP phone with a data port available and you have access to the switch connected to it. You can also add the contractor's MAC address to the RADIUS server database.
Referring to the exhibit, which three commands will allow access? (Choose three.)
A. set protocols dot1x authenticator authentication-profile-name radius_profile interface ge-
0/0/16.0 mac-radius
B. set interfaces ge-0/0/16.0 family ethernet-switching port-mode trunk
C. set protocols dot1x authenticator authentication-profile-name radius_profile interface ge-
0/0/16.0 supplicant multiple
D. set interfaces ge-0/0/16.0 family ethernet-switching vlan members contractor
E. set interfaces ge-0/0/16.0 family ethernet-switching vlan members all
正解:A,C,D
質問 5:
You must configure a multifield classifier on ge-1/0/0. This classifier must match only TCP traffic from port number 79, set the loss priority to high, and classify the traffic as expedited- forwarding. The inbound traffic has no previous CoS markings.
Which configuration meets these requirements?
A. [edit firewall]
user@switch# show filter ef_classifier_mf
term 1 {
from {
protocol tcp;
source-port 79;
dscp ef;
}
then {
loss-priority high;
accept;
}
[...]
}
B. [edit firewall]
user@switch# show filter ef_classifier_mf
term 1 {
from {
protocol tcp;
source-port 79;
}
then {
loss-priority high;
forwarding-class expedited-forwarding;
}
[...]
}
C. [edit firewall]
user@switch# show filter ef_classifier_mf
term 1 {
from {
protocol tcp;
destination-port 79;
}
then {
loss-priority low;
forwarding-class expedited-forwarding;
}
[...]
}
D. [edit firewall]
user@switch# show filter ef_classifier_mf
term 1 {
from {
protocol tcp;
destination-port 79;
}
then {
loss-priority high;
forwarding-class expedited-forwarding;
}
[...]
}
正解:B
質問 6:
A customer wants to connect computer and IP telephone equipment to a switch using the same port. LLDP-MED has been turned onto discover VoIP equipment. Which two statements are true in this scenario? (Choose two)
A. the switch will identify voice traffic automatically based on the source MAC address
B. the access port can be configured to accept both tagged voice traffic and untagged data traffic
C. the computer and VOIP equipment must be in the same VLAN on an access port
D. the switch can send configuration information to the IP phone to assign it a VLAN automatically
正解:B,D
質問 7:
Which three statements are correct about the PIM output shown in the exhibit (Choose three)?
A. RP is the RP
B. The joint request path me from the client at 192 168 35 2
C. R1 has the shortest path tree connection to the multicast source
D. The RP is upstream from R1
E. The multicast stream is flowing out of R1 THROUGH interface ge 0/0/10 0
正解:A,C,E
Ayukawa -
JuniperのJN0-643を2度通読し、問題を3度解いた上で受験した結果、初回で合格できました。ありがとうございます。