• Home
  • Blogs
  • [Jul 21, 2023] Verified JN0-664 dumps and 67 unique questions [Q10-Q27]

[Jul 21, 2023] Verified JN0-664 dumps and 67 unique questions [Q10-Q27]

Share

[Jul 21, 2023] Verified JN0-664 dumps and 67 unique questions

JN0-664 Dumps for Pass Guaranteed - Pass JN0-664 Exam 2023

NEW QUESTION # 10
Exhibit

You are asked to exchange routes between R1 and R4 as shown in the exhibit. These two routers use the same AS number Which two steps will accomplish this task? (Choose two.)

  • A. Configure the BGP group with the advertise-peer-as parameter on R1 and R4.
  • B. Configure the BGP group with the as-override parameter on R2 and R3
  • C. Configure the BGP group with the advertise-peer-as parameter on R2 and R3.
  • D. Configure the BGP group with the as-override parameter on R1 and R4

Answer: A,B

Explanation:
Explanation
The advertise-peer-as parameter allows a router to advertise its peer's AS number as part of the AS path attribute when sending BGP updates to other peers. This parameter is useful when two routers in the same AS need to exchange routes through another AS, such as in the case of R1 and R4. By configuring this parameter on R1 and R4, they can advertise each other's AS number to R2 and R3, respectively.
The as-override parameter allows a router to replace the AS number of its peer with its own AS number when receiving BGP updates from that peer. This parameter is useful when two routers in different ASes need to exchange routes through another AS that has the same AS number as one of them, such as in the case of R2 and R3. By configuring this parameter on R2 and R3, they can override the AS number of R1 and R4 with their own AS number when sending BGP updates to each other.


NEW QUESTION # 11
Which three mechanisms are used by Junos platforms to evaluate incoming traffic for CoS purposes? (Choose three )

  • A. traffic shapers
  • B. behavior aggregate classifiers
  • C. rewrite rules
  • D. multifield classifiers
  • E. fixed classifiers

Answer: B,D,E

Explanation:
Explanation
Junos platforms use different mechanisms to evaluate incoming traffic for CoS purposes, such as:
* Behavior aggregate classifiers: These classifiers use a single field in a packet header to classify traffic into different forwarding classes and loss priorities based on predefined or user-defined values.
* Fixed classifiers: These classifiers use a fixed field in a packet header to classify traffic into different forwarding classes and loss priorities based on predefined values.
* Multifield classifiers: These classifiers use multiple fields in a packet header to classify traffic into different forwarding classes and loss priorities based on user-defined values and filters.
Rewrite rules and traffic shapers are not used to evaluate incoming traffic for CoS purposes, but rather to modify or shape outgoing traffic based on CoS policies.


NEW QUESTION # 12
Exhibit

Referring to the exhibit, which three statements are correct about route 10 0 0.0/16 when using the default BGP advertisement rules'? (Choose three.)

  • A. R1 will prepend AS 65531 when advertising 10 0.0 0/16 to R2.
  • B. R1 will advertise 10.0.0.0/16 to R2 with 192 168 1 1 as the next hop.
  • C. R2 will advertise 10.0.0.0/16 to R3 with 192.168.1 1 as the next hop
  • D. R2 will advertise 10.0.0.0/16 to R4 with 172.16.1.1 as the next hop
  • E. R4 will advertise 10 0.0 0/16 to R6 with 172.16 1 1 as the next hop

Answer: B,D,E

Explanation:
Explanation
The problem in this scenario is that R1 and R8 are not receiving each other's routes because of private AS numbers in the AS path. Private AS numbers are not globally unique and are not advertised to external BGP peers. To solve this problem, you need to do the following:
* Configure loops on routers in AS 65412 and advertise-peer-as on routers in AS 64498. This allows R5 and R6 to advertise their own AS number (65412) instead of their peer's AS number (64498) when sending updates to R7 and R8. This prevents a loop detection issue that would cause R7 and R8 to reject the routes from R5 and R62
* Configure remove-private on advertisements from AS 64497 toward AS 64498 and from AS 64500 toward AS 64499. This removes any private AS numbers from the AS path before sending updates to external BGP peers. This allows R2 and R3 to receive the routes from R1 and R4, respectively3.


NEW QUESTION # 13
By default, which statement is correct about OSPF summary LSAs?

  • A. The metric associated with a summary route will be equal to the lowest metric associated with an individual contributing route
  • B. All Type 2 and Type 7 LSAs will be summanzed into a single Type 5 LSA
  • C. Type 3 LSAs are advertised for routes in Type 1 LSAs.
  • D. The area-range command must be installed on all routers.

Answer: C

Explanation:
Explanation
OSPF uses different types of LSAs to describe different aspects of the network topology. Type 1 LSAs are also known as router LSAs, and they describe the links and interfaces of a router within an area. Type 3 LSAs are also known as summary LSAs, and they describe routes to networks outside an area but within the same autonomous system (AS). By default, OSPF will summarize routes from Type 1 LSAs into Type 3 LSAs when advertising them across area boundaries .


NEW QUESTION # 14
Which two statements about IS-IS are correct? (Choose two.)

  • A. CSNPs contain only descriptions of LSPs.
  • B. PSNPs contain only descriptions of LSPs.
  • C. PSNPs are flooded periodically.
  • D. CSNPs are flooded periodically

Answer: B,D

Explanation:
Explanation
IS-IS is an interior gateway protocol that uses link-state routing to exchange routing information among routers within a single autonomous system. IS-IS uses two types of packets to synchronize link-state databases among routers: Link State Packets (LSPs) and Partial Sequence Number Packets (PSNPs). LSPs contain information about the state and cost of links in the network, and are flooded periodically throughout the network. PSNPs are used to acknowledge receipt of LSPs and request retransmission of missing or corrupted LSPs. PSNPs contain only descriptions of LSPs, such as their sequence numbers and checksums3. IS-IS also uses another type of packet called Complete Sequence Number Packets (CSNPs), which are used to summarize the entire link-state database at regular intervals or when a new adjacency is formed. CSNPs are flooded periodically throughout the network and contain only descriptions of LSPs4. Therefore, PSNPs contain only descriptions of LSPs and CSNPs are flooded periodically.
References: 3:
https://www.juniper.net/documentation/us/en/software/junos/routing-policy/topics/concept/routing-policy-is-is-p
4:
https://www.juniper.net/documentation/us/en/software/junos/routing-policy/topics/concept/routing-policy-is-is-c


NEW QUESTION # 15
Exhibit

Referring to the exhibit, what do the brackets [ ] in the AS path identify?

  • A. They identify that the autonomous system number is incomplete and awaiting more information from the BGP protocol.
  • B. They identify an AS set, which are groups of AS numbers in which the order does not matter
  • C. They identify the local AS number associated with the AS path if configured on the router, or if AS path prepending is configured
  • D. They identify that a BGP confederation is being used to ensure that there are no routing loops.

Answer: B

Explanation:
Explanation
The brackets [ ] in the AS path identify an AS set, which are groups of AS numbers in which the order does not matter. An AS set is used when BGP aggregates routes from different ASs into a single prefix. For example, if BGP aggregates routes 10.0.0.0/16 and 10.1.0.0/16 from AS 100 and AS 200, respectively, into a single prefix 10.0.0.0/15, then the AS path for this prefix will be [100 200]. An AS set reduces the length of the AS path and prevents routing loops.


NEW QUESTION # 16
Exhibit

The network shown in the exhibit is based on IS-IS
Which statement is correct in this scenario?

  • A. The system IDofR1_2 is 192.168.16.1
  • B. The area address is two bytes.
  • C. The routers are using unnumbered interfaces
  • D. The NSEL byte for Area 0001 is 00.

Answer: D

Explanation:
Explanation
IS-IS is an interior gateway protocol that uses link-state routing to exchange routing information among routers within a single autonomous system. IS-IS uses two types of addresses to identify routers and areas:
system ID and area address. The system ID is a unique identifier for each router in an IS-IS domain. The system ID is 6 octets long and can be derived from the MAC address or manually configured. The area address is a variable-length identifier for each area in an IS-IS domain. The area address can be 1 to 13 octets long and is composed of high-order octets of the address. An IS-IS instance may be assigned multiple area addresses, which are considered synonymous. Multiple synonymous area addresses are useful when merging or splitting areas in the domain1. In this question, we have a network based on IS-IS with four routers (R1_1, R1_2, R2_1, and R2_2) belonging to area 0001. The area address for area 0001 is 49.0001. The NSEL byte for area 0001 is the last octet of the address, which is 01. The NSEL byte stands for Network Service Access Point Selector (NSAP Selector) and indicates the type of service requested from the network layer2. Therefore, the correct statement in this scenario is that the NSEL byte for area 0001 is 01.
References: 1:
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_isis/configuration/xe-16/irs-xe-16-book/irs-ovrvw-cf.
2:
https://www.juniper.net/documentation/us/en/software/junos/is-is/topics/concept/is-is-routing-overview.html


NEW QUESTION # 17
Exhibit

You want Site 1 to access three VLANs that are located in Site 2 and Site 3 The customer-facing interface on the PE-1 router is configured for Ethernet-VLAN encapsulation.
What is the minimum number of L2VPN routing instances to be configured to accomplish this task?

  • A. 0
  • B. 1
  • C. 2
  • D. 3

Answer: B

Explanation:
Explanation
To allow Site 1 to access three VLANs that are located in Site 2 and Site 3, you need to configure three L2VPN routing instances on PE-1, one for each VLAN. Each L2VPN routing instance will have a different VLAN ID and a different VNI for VXLAN encapsulation. Each L2VPN routing instance will also have a different vrf-target export value to identify which VPN routes belong to which VLAN. This way, PE-1 can forward traffic from Site 1 to Site 2 and Site 3 based on the VLAN tags and VNIs.


NEW QUESTION # 18
Which two statements are correct about VPLS tunnels? (Choose two.)

  • A. BGP-signaled VPLS tunnels can use either RSVP or LDP between the PE routers.
  • B. LDP-signaled VPLS tunnels only support control bit 0.
  • C. BGP-signaled VPLS tunnels require manual provisioning of sites.
  • D. LDP-signaled VPLS tunnels use auto-discovery to provision sites

Answer: A,D

Explanation:
Explanation
VPLS is a Layer 2 VPN technology that allows multiple sites to connect over a shared IP/MPLS network as if they were on the same LAN. VPLS tunnels can be signaled using either Label Distribution Protocol (LDP) or Border Gateway Protocol (BGP). LDP-signaled VPLS tunnels use auto-discovery to provision sites, meaning that PE routers can automatically discover other PE routers that belong to the same VPLS instance


NEW QUESTION # 19
When using OSPFv3 for an IPv4 environment, which statement is correct?

  • A. OSPFv3 only supports IPv4.
  • B. OSPFv3 supports IPv4 only on interfaces with family inet6 defined
  • C. OSPFv3 is not backward compatible with IPv4
  • D. OSPFv3 supports both IPv6 and IPv4, but not in the same routing instance.

Answer: C

Explanation:
Explanation
OSPFv3 is an extension of OSPFv2 that supports IPv6 routing and addressing. OSPFv3 is not backward compatible with IPv4 because it uses a different packet format and a different link-state advertisement (LSA) structure than OSPFv2. OSPFv3 also uses IPv6 link-local addresses as router IDs and neighbor addresses, instead of IPv4 addresses. To use OSPFv3 for an IPv4 environment, you need to enable the IPv4 unicast address family under [edit protocols ospf3] hierarchy level and configure IPv4 addresses on the interfaces.


NEW QUESTION # 20
Exhibit

Based on the configuration contents shown in the exhibit, which statement is true?

  • A. Joins for any group are accepted if the group count value is less than 25.
  • B. Joins for group 224.7.7.7 are accepted if the group count is less than 25
  • C. Joins for group 224.7.7.7 are always rejected, regardless of the group count.
  • D. Joins for group 224.7.7.7 are rejected if the source address is 192.168.100.10

Answer: B

Explanation:
Explanation
BGP policy framework is a set of tools that allows you to control the flow of routing information and apply routing policies based on various criteria. BGP policy framework consists of several components, such as route maps, prefix lists, community lists, AS path lists, and route filters. Route maps are used to define routing policies by matching certain conditions and applying certain actions. Prefix lists are used to filter routes based on their prefixes. Community lists are used to filter routes based on their community attributes. AS path lists are used to filter routes based on their AS path attributes. Route filters are used to filter routes based on their prefix length or range3. In this question, we have a route map named ISP-A that has two clauses: clause 10 and clause 20. Clause 10 matches any route with a prefix length between 8 and 24 bits and sets the local preference to 200. Clause 20 matches any route with a prefix of 224.7.7.7/32 and rejects it. The route map is applied inbound on the BGP neighborship with ISP-A. Based on this configuration, the correct statement is that joins for group 224.7.7.7 are always rejected, regardless of the group count. This is because clause 20 explicitly denies any route with a prefix of 224.7.7.7/32, which corresponds to the multicast group 224.7.7.7.


NEW QUESTION # 21
Which two statements are correct about reflecting inet-vpn unicast prefixes in BGP route reflection? (Choose two.)

  • A. Clients add their originator ID when advertising routes to their route reflector
  • B. A BGP peer does not require any configuration changes to become a route reflector client.
  • C. Route reflectors do not change any existing BGP attributes by default when advertising routes.
  • D. Route reflectors add their cluster ID to the AS path when readvertising client routes.

Answer: B,C

Explanation:
Explanation
Route reflection is a BGP feature that allows a router to reflect routes learned from one IBGP peer to another IBGP peer, without requiring a full-mesh IBGP topology. Route reflectors do not change any existing BGP attributes by default when advertising routes, unless explicitly configured to do so. A BGP peer does not require any configuration changes to become a route reflector client, only the route reflector needs to be configured with the client parameter under [edit protocols bgp group group-name neighbor neighbor-address] hierarchy level.


NEW QUESTION # 22
You are asked to protect your company's customers from amplification attacks. In this scenario, what is Juniper's recommended protection method?

  • A. unicast Reverse Path Forwarding
  • B. destination-based Remote Triggered Black Hole
  • C. ASN prepending
  • D. BGP FlowSpec

Answer: B

Explanation:
Explanation
amplification attacks are a type of distributed denial-of-service (DDoS) attack that exploit the characteristics of certain protocols to amplify the traffic sent to a victim. For example, an attacker can send a small DNS query with a spoofed source IP address to a DNS server, which will reply with a much larger response to the victim. This way, the attacker can generate a large amount of traffic with minimal resources.
One of the methods to protect against amplification attacks is destination-based Remote Triggered Black Hole (RTBH) filtering. This technique allows a network operator to drop traffic destined to a specific IP address or prefix at the edge of the network, thus preventing it from reaching the victim and consuming bandwidth and resources. RTBH filtering can be implemented using BGP to propagate a special route with a next hop of
192.0.2.1 (a reserved address) to the edge routers. Any traffic matching this route will be discarded by the edge routers.


NEW QUESTION # 23
Exhibit

Referring to the exhibit, CE-1 is providing NAT services for the hosts at Site 1 and you must provide Internet access for those hosts Which two statements are correct in this scenario? (Choose two.)

  • A. You must configure a static route in the main routing instance for the 203.0.113.1/32 prefix that uses the VPN-A.inet.0 table as the next hop.
  • B. You must configure a RIB group on PE-1 to leak a default route from the inet.0 table to the VPN-A.inet.0 table.
  • C. You must configure a static route in the main routing instance for the 10 1 2.0/24 prefix that uses the VPN-A.inet.0 table as the next hop
  • D. You must configure a RIB group on PE-1 to leak the 10 1 2.0/24 prefix from the VPN-A.inet.0 table to the inet.0 table.

Answer: A,C

Explanation:
Explanation
To provide Internet access for the hosts at Site 1, you need to configure static routes in the main routing instance on PE-1 that point to the VPN-A.inet.0 table as the next hop. This allows PE-1 to forward traffic from the Internet to CE-1 using MPLS labels and vice versa. You need to configure two static routes: one for the
10.1.2.0/24 prefix that represents the private network of Site 1, and one for the 203.0.113.1/32 prefix that represents the public IP address of CE-1.


NEW QUESTION # 24
Exhibit

CE-1 and CE-2 are part of a VPLS called Customer1 No connectivity exists between CE-1 and CE-2. In the process of troubleshooting, you notice PE-1 is not learning any routes for this VPLS from PE-2, and PE-2 is not learning any routes for this VPLS from PE-1.

  • A. The route distinguisher must match on PE-1 and PE-2.
  • B. The no-tunnel-services statement should be deleted on both PEs.
  • C. The instance type should be changed to I2vpn.
  • D. The route target must match on PE-1 and PE-2.

Answer: D

Explanation:
Explanation
VPLS is a technology that provides Layer 2 VPN services over an MPLS network. VPLS uses BGP as its control protocol to exchange VPN membership information between PE routers. The route target is a BGP extended community attribute that identifies which VPN a route belongs to. The route target must match on PE routers that participate in the same VPLS instance, otherwise they will not accept or advertise routes for that VPLS.


NEW QUESTION # 25
Exhibit

Referring to the exhibit, you must provide Internet access for VPN-A using CE-1 as the hub CE.
Which two statements are correct in this situation? (Choose two.)

  • A. RIB groups are not needed to leak routes between the inet. 0 and VPN-A. inet. 0 tables,
  • B. You must use RIB groups to leak routes between the inet. o and vpn-a. inet. o tables.
  • C. Internet traffic from Site 2 takes the path of PE-2 -> PE-1 -> CE-1 -> PE-1 -> GW-1.
  • D. Internet traffic from Site 2 takes the path of PE-2 -> PE-1 -> GW-1.

Answer: B,C

Explanation:
Explanation
To provide Internet access for VPN-A using CE-1 as the hub CE, you need to do the following:
* You must use RIB groups to leak routes between the inet.0 and vpn-a.inet.0 tables on PE-1 and CE-1.
RIB groups are routing options that allow you to import routes from one routing table into another routing table based on certain criteria. In this scenario, you need to configure RIB groups on PE-1 and CE-1 to import Internet routes from inet.0 into vpn-a.inet.0 and vice versa.
* Internet traffic from Site 2 takes the path of PE-2 -> PE-1 -> CE-1 -> PE-1 -> GW-1. This is because Site 2 does not have direct Internet access and needs to use CE-1 as its default gateway for Internet traffic. Site 2 sends its Internet traffic to PE-2, which forwards it to PE-1 based on VPN-A routes. PE-1 then sends it to CE-1 based on RIB group import policy. CE-1 then sends it back to PE-1 based on its default route pointing to GW-1. PE-1 then forwards it to GW-1 based on RIB group import policy again.


NEW QUESTION # 26
You are configuring a BGP signaled Layer 2 VPN across your MPLS enabled core network. Your PE-2 device connects to two sites within the s VPN In this scenario, which statement is correct?

  • A. By default on PE-2, the site's local ID is automatically assigned a value of 0 and must be configured to match the total number of attached sites.
  • B. You must use separate physical interfaces to connect PE-2 to each site.
  • C. By default on PE-2, the remote site IDs are automatically assigned based on the order that you add the interfaces to the site configuration.
  • D. You must create a unique Layer 2 VPN routing instance for each site on the PE-2 device.

Answer: C

Explanation:
Explanation
BGP Layer 2 VPNs use BGP to distribute endpoint provisioning information and set up pseudowires between PE devices. BGP uses the Layer 2 VPN (L2VPN) Routing Information Base (RIB) to store endpoint provisioning information, which is updated each time any Layer 2 virtual forwarding instance (VFI) is configured. The prefix and path information is stored in the L2VPN database, which allows BGP to make decisions about the best path.
In BGP Layer 2 VPNs, each site has a unique site ID that identifies it within a VFI. The site ID can be manually configured or automatically assigned by the PE device. By default, the site ID is automatically assigned based on the order that you add the interfaces to the site configuration. The first interface added to a site configuration has a site ID of 1, the second interface added has a site ID of 2, and so on.
Option D is correct because by default on PE-2, the remote site IDs are automatically assigned based on the order that you add the interfaces to the site configuration. Option A is not correct because by default on PE-2, the site's local ID is automatically assigned a value of 0 and does not need to be configured to match the total number of attached sites. Option B is not correct because you do not need to create a unique Layer 2 VPN routing instance for each site on the PE-2 device. You can create one routing instance for all sites within a VFI. Option C is not correct because you do not need to use separate physical interfaces to connect PE-2 to each site. You can use subinterfaces or service instances on a single physical interface.


NEW QUESTION # 27
......

Latest 100% Passing Guarantee - Brilliant JN0-664 Exam Questions PDF: https://www.actual4cert.com/JN0-664-real-questions.html

JN0-664 Exam Dumps - Try Best JN0-664 Exam Questions: https://drive.google.com/open?id=16A4ansS9bUVo_LK6RaT77jLAiLJGoiW8

Related Blogs

more
Juniper JN0-664 Certification Practice Exam

Copyright © 2026 ACTUAL4CERT.COM. All rights reserved. All trademarks are the property of their respective owners and we don't provide actual questions from any vendor.