• Home
  • Articles
  • Ace JN0-351 Certification with 109 Actual Questions [Q61-Q83]

Ace JN0-351 Certification with 109 Actual Questions [Q61-Q83]

Share

Ace JN0-351 Certification with 109 Actual Questions

PASS Juniper JN0-351 EXAM WITH UPDATED DUMPS


Juniper JN0-351 Exam Syllabus Topics:

TopicDetails
Topic 1
  • IS-IS: Aspiring Juniper networking professionals enhance their understanding of IS-IS routing protocols. This topic equips candidates with the knowledge to configure and monitor IS-IS systems, addressing specific exam challenges and practical applications.
Topic 2
  • Layer 2 Security: This topic introduces Layer 2 protection mechanisms and firewall filters to fortify network security. Practical skills in configuring, monitoring, and troubleshooting these features prepare candidates to address exam objectives and real-world challenges effectively.
Topic 3
  • High Availability: This topic covers the importance and application of high availability within Junos OS environments. Knowledge in configuring and managing these components is critical for ensuring robust and uninterrupted network operations, aligning with exam expectations.
Topic 4
  • Protocol Independent Routing: An essential domain for understanding routing components outside protocol dependencies, this topic enhances expertise in configuring, monitoring, and troubleshooting critical elements.

 

NEW QUESTION # 61
What is a purpose of using a spanning tree protocol?

  • A. to route IP packets
  • B. to eliminate broadcast storms
  • C. to look up MAC addresses
  • D. to tunnel Ethernet frames

Answer: B

Explanation:
A broadcast storm is a network condition where a large number of broadcast packets are sent and received by multiple devices, causing congestion and performance degradation1. A broadcast storm can occur when there are loops in the network topology, meaning that there are multiple paths between two devices2.
A spanning tree protocol is a network protocol that prevents loops from being formed when switches or bridges are interconnected via multiple paths. It does this by creating a logical tree structure that spans all the devices in the network, and disabling or blocking the links that are not part of the tree, leaving a single active path between any two devices3.
By eliminating loops, a spanning tree protocol also eliminates broadcast storms, as broadcast packets will not be forwarded endlessly along the looped paths. Instead, broadcast packets will be sent only along the tree structure, reaching each device once and avoiding congestion3.


NEW QUESTION # 62
You are configuring a router as a new Level 1 router in an existing Level 1 area. The NET address for an existing Level 1 router is 49.0011.1111.2222.3333.00. The new router must form a Level 1 adjacency with the existing router.
What should be the area ID in this scenario?

  • A. 0011
  • B. 00
  • C. 0
  • D. 1

Answer: A


NEW QUESTION # 63
You are troubleshooting a BGP routing issue between your network and a customer router and are reviewing the BGP routing policies. Which two statements are correct in this scenario?
(Choose two.)

  • A. Export policies are applied after the RIB-Local table.
  • B. Import policies are applied to routes in the RIB-Local table.
  • C. Export policies are applied to routes in the RIB-ln table.
  • D. Import policies are applied after the RIB-ln table.

Answer: A,D

Explanation:
In BGP, routing policies are used to control the flow of routing information between BGP peers.
Option C suggests that import policies are applied after the RIB-In table. This is correct because import policies in BGP are applied to routes that are received from a BGP peer, before they are installed in the local BGP Routing Information Base (RIB-In). The RIB-In is a database that stores all the routes that are received from all peers.
Option D suggests that export policies are applied after the RIB-Local table. This is correct because export policies in BGP are applied to routes that are being advertised to a BGP peer, after they have been selected from the local BGP Routing Information Base (RIB-Local). The RIB-Local is a database that stores all the routes that the local router is using.


NEW QUESTION # 64
In addition to the MAC addresses, what information is stored in the bridging table? (Choose two.)

  • A. preamble of Ethernet packet
  • B. ether type details
  • C. MAC learned time
  • D. interface details

Answer: C,D


NEW QUESTION # 65
Referring to the exhibit, all users connected to the same VLAN can communicate with each other, but not with users on other VLANs in this network.

What must be configured to enable communication between the VLANs?

  • A. A single logical IRB interface must be created and assigned to all three VLANs.
  • B. The switch ports to which the users are connected should be configured as trunk ports.
  • C. A separate routing device is required to forward traffic between the configured VLANs.
  • D. A logical IRB interface must be created and assigned to each VLAN.

Answer: D


NEW QUESTION # 66
The ISP1.inet.0 route table has currently no routes in it.
What will happen when you commit the configuration shown on the exhibit?

  • A. The inet.0 route table will be completely overwritten by the ISP1.inet.0 route table.
  • B. The ISP1.inet.0 route table will be completely overwritten by the inet.0 route table.
  • C. The ISP1.inet.0 route table will be imported into the inet.0 route table.
  • D. The inet.0 route table will be imported into the ISP1.inet.0 route table.

Answer: D

Explanation:
The configuration shown in the exhibit is an example of a routing instance of type virtual-router. A routing instance is a collection of routing tables, interfaces, and routing protocol parameters that create a separate routing domain on a Juniper device. A virtual-router routing instance allows administrators to divide a device into multiple independent virtual routers, each with its own routing table.
The configuration also includes a rib-group statement, which is used to import routes from one routing table to another. A rib-group consists of an import-rib statement, which specifies the source routing table, and an export-rib statement, which specifies the destination routing table. In this case, the rib-group name is inet-to-ispi, and the import-rib statement specifies inet.0 as the source routing table. The export-rib statement specifies ispi.inet.0 as the destination routing table.
This means that the routes from inet.0 will be imported into ispi.inet.0.


NEW QUESTION # 67
What is the default keepalive time for BGP?

  • A. 60 seconds
  • B. 10 seconds
  • C. 30 seconds
  • D. 90 seconds

Answer: A

Explanation:
Explanation
The default keepalive time for BGP is 60 seconds1. The keepalive time is the interval at which BGP sends keepalive messages to maintain the connection with its peer1. If the keepalive message is not received within the hold time, the connection is considered lost1. By default, the hold time is three times the keepalive time, which is 180 seconds1.


NEW QUESTION # 68
In the exhibit, each IP subnet in the campus environment is associated with a unique VLAN ID.

Which action will ensure that Host C will communicate with Host A and Host B?

  • A. Configure all switch ports connecting to the host devices as trunk ports associated with all VLANs
  • B. Configure all switch ports connecting to the host devices as access ports associated with a common VLAN
  • C. Configure an IRB interface for each VLAN and associate it with its corresponding VLAN
  • D. Configure a port-based ACL that permits inter-VLAN routing for all configured VLANs

Answer: C


NEW QUESTION # 69
Referring to the output shown in the exhibit, which statement is correct?

  • A. An area ID mismatch exists between the OSPF neighbors
  • B. An MTU mismatch exists between the OSPF neighbors.
  • C. The state is normal for a DR neighbor.
  • D. The state is normal for a DRother neighbor

Answer: D

Explanation:
In OSPF, the state of the neighbor relationship is determined by the exchange of OSPF packets between routers. The state "2Way" as shown in the exhibit indicates that bi-directional communication has been established between the two OSPF routers. This is the normal state for a neighbor that is not the Designated Router (DR) or Backup Designated Router (BDR) on a broadcast, non-broadcast multi-access (NBMA), or point-to-multipoint network. These neighbors are often referred to as "DRothers". Therefore, option B is correct.


NEW QUESTION # 70
You are configuring a router as a new Level 1 router in an existing Level 1 area. The NET address for an existing Level 1 router is 49.0011.1111.2222.3333.00. The new router must form a Level 1 adjacency with the existing router. What should be the area ID in this scenario?

  • A. 0011
  • B. 00
  • C. 0
  • D. 1

Answer: A


NEW QUESTION # 71
Which two elements are used to create the STP bridge ID? (Choose two.)

  • A. the system MAC address
  • B. the bridge priority value
  • C. the root port number
  • D. the port cost

Answer: A,B


NEW QUESTION # 72
Exhibit:

When trying to commit the configuration shown in the exhibit, you receive an error.
What is the problem?

  • A. You have omitted the interface-mode access command.
  • B. You have not configured an IP address to the interface.
  • C. You have omitted the interface-mode trunk command.
  • D. You have not set the interface family correctly.

Answer: C

Explanation:
References: Configuring Layer 2 Firewall Filters - TechLibrary - Juniper Networks


NEW QUESTION # 73
Which two statements about MACsec are true? (Choose two.)

  • A. MACsec functions on point-to-multipoint connections.
  • B. MACsec is an IEEE standard.
  • C. MACsec does not provide data integrity.
  • D. MACsec functions on point-to-point connections.

Answer: B,D


NEW QUESTION # 74
Which two statements are correct about tunnels? (Choose two.)

  • A. IP-IP tunnels are stateful.
  • B. Tunnel endpoints must have a valid route to the remote tunnel endpoint.
  • C. BFD cannot be used to monitor tunnels.
  • D. Tunnels add additional overhead to packet size.

Answer: B,D

Explanation:
Explanation
A tunnel is a connection between two computer networks, in which data is sent from one network to another through an encrypted link. Tunnels are commonly used to secure data communications between two networks or to connect two networks that use different protocols.
Option B is correct, because tunnel endpoints must have a valid route to the remote tunnel endpoint. A tunnel endpoint is the device that initiates or terminates a tunnel connection. For a tunnel to be established, both endpoints must be able to reach each other over the underlying network. This means that they must have a valid route to the IP address of the remote endpoint1.
Option D is correct, because tunnels add additional overhead to packet size. Tunnels work by encapsulating packets: wrapping packets inside of other packets. This means that the original packet becomes the payload of the surrounding packet, and the surrounding packet has its own header and trailer. The header and trailer of the surrounding packet add extra bytes to the packet size, which is called overhead. Overhead can reduce the efficiency and performance of a network, as it consumes more bandwidth and processing power2.
Option A is incorrect, because BFD can be used to monitor tunnels. BFD is a protocol that can be used to quickly detect failures in the forwarding path between two adjacent routers or switches. BFD can be integrated with various routing protocols and link aggregation protocols to provide faster convergence and fault recovery.
BFD can also be used to monitor the connectivity of tunnels, such as GRE, IPsec, or MPLS.
Option C is incorrect, because IP-IP tunnels are stateless. IP-IP tunnels are a type of tunnels that use IP as both the encapsulating and encapsulated protocol. IP-IP tunnels are simple and easy to configure, but they do not provide any security or authentication features. IP-IP tunnels are stateless, which means that they do not keep track of the state or status of the tunnel connection. Stateless tunnels do not require any signaling or negotiation between the endpoints, but they also do not provide any error detection or recovery mechanisms.
References:
1: What is Tunneling? | Tunneling in Networking 2: What Is Tunnel In Networking, Its Types, And Its Benefits? : [Configuring Bidirectional Forwarding Detection] : [IP-IP Tunneling]


NEW QUESTION # 75
Which two events cause a router to advertise a connected network to OSPF neighbors? (Choose two.)

  • A. When a static route to the 224.0.0.6 address is created.
  • B. When an interface has the OSPF passive option enabled.
  • C. When a static route to the 224.0.0.5 address is created.
  • D. When an OSPF adjacency is established.

Answer: C,D

Explanation:
A is correct because when an OSPF adjacency is established, a router will advertise a connected network to OSPF neighbors. An OSPF adjacency is a logical relationship between two routers that agree to exchange routing information using the OSPF protocol1. To establish an OSPF adjacency, the routers must be in the same area, have compatible parameters, and exchange hello packets1. Once an OSPF adjacency is formed, the routers will exchange database description (DBD) packets, which contain summaries of their link-state databases (LSDBs)1. The LSDBs include information about the connected networks and their costs2. Therefore, when an OSPF adjacency is established, a router will advertise a connected network to OSPF neighbors through DBD packets.
D is correct because when a static route to the 224.0.0.5 address is created, a router will advertise a connected network to OSPF neighbors. The 224.0.0.5 address is the multicast address for all OSPF routers3. A static route to this address can be used to send OSPF hello packets to all OSPF neighbors on a network segment3. This can be useful when the network segment does not support multicast or when the router does not have an IP address on the segment3. When a static route to the 224.0.0.5 address is created, the router will send hello packets to this address and establish OSPF adjacencies with other routers on the segment3. As explained above, once an OSPF adjacency is formed, the router will advertise a connected network to OSPF neighbors through DBD packets.


NEW QUESTION # 76
Exhibit.

You want to enable redundancy for the EBGP peering between the two routers shown in the exhibit. Which three actions will you perform in this scenario? (Choose three.)

  • A. Configure BGP multihop.
  • B. Configure loopback interface peering.
  • C. Configure a cluster ID.
  • D. Configure routes for the peer loopback interface IP addresses.
  • E. Configure an MD5 peer authentication.

Answer: A,B,D

Explanation:
A is correct because you need to configure BGP multihop to enable redundancy for the EBGP peering between the two routers. BGP multihop is a feature that allows BGP peers to establish a session over multiple hops, instead of requiring them to be directly connected1. By default, EBGP peers use a time-to-live (TTL) value of 1 for their packets, which means that they can only reach adjacent neighbors1. However, if you configure BGP multihop with a higher TTL value, you can allow EBGP peers to communicate over multiple routers in between1. This can provide redundancy in case of a link failure or a router failure between the EBGP peers.
B is correct because you need to configure loopback interface peering to enable redundancy for the EBGP peering between the two routers. Loopback interface peering is a technique that uses loopback interfaces as the source and destination addresses for BGP sessions, instead of physical interfaces2. Loopback interfaces are virtual interfaces that are always up andreachable as long as the router is operational2. By using loopback interface peering, you can avoid the dependency on a single physical interface or link for the BGP session, and use multiple paths to reach the loopback address of the peer2. This can provide redundancy and load balancing for the EBGP peering.
C is correct because you need to configure routes for the peer loopback interface IP addresses to enable redundancy for the EBGP peering between the two routers. Routes for the peer loopback interface IP addresses are necessary to ensure that the routers can reach each other's loopback addresses over multiple hops2. You can use static routes or dynamic routing protocols to advertise and learn the routes for the peer loopback interface IP addresses2. Without these routes, the routers will not be able to establish or maintain the BGP session using their loopback interfaces.


NEW QUESTION # 77
Which statement about configuring persistent MAC learning is correct?

  • A. Persistent MAC learning cannot be configured on redundant trunk groups.
  • B. Persistent MAC learning flushes dynamically learned MAC addresses on reboots.
  • C. Persistent MAC learning requires 802.1X authentication.
  • D. Persistent MAC learning can be configured on access mode interfaces.

Answer: D


NEW QUESTION # 78
Which statement is true about IP-IP tunnels?

  • A. The packet header is replaced before entering the tunnel.
  • B. IP-IP tunnels are protocol agnostic.
  • C. The time-to-live value of the original packet is decremented.
  • D. The packet is encapsulated unchanged before entering the tunnel.

Answer: B


NEW QUESTION # 79
Which two mechanisms are part of building and maintaining a Layer 2 bridge table? (Choose two.)

  • A. learning
  • B. flooding
  • C. blocking
  • D. listening

Answer: A,B

Explanation:
* Option B is correct. Flooding is a mechanism used in Layer 2 bridging where the switch sends incoming packets to all its ports except for the port where the packet originated 1 . This is done when the switch doesn't know the destination MAC address or when the packet is a broadcast or multicast 1 .
* Option C is correct. Learning is another mechanism used in Layer 2 bridging where the switch learns the source MAC addresses of incoming packets and associates them with the port on which they were received 2 3 . This information is stored in a MAC address table, also known as a bridge table 2 3 .
* Option A is incorrect. Blocking is a state in Spanning Tree Protocol (STP) used to prevent loops in a network 2 . It's not a mechanism used in building and maintaining a Layer 2 bridge table 2 .
* Option D is incorrect. Listening is also a state in Spanning Tree Protocol (STP) where the switch listens for BPDUs to make sure no loops occur in the network before transitioning to the learning state
2 . It's not a mechanism used in building and maintaining a Layer 2 bridge table 2 .


NEW QUESTION # 80
Which two statements describe NSR? (Choose two.)

  • A. NSR requires GRES to function properly.
  • B. NSR provides high availability with multiple Routing Engines.
  • C. NSR rapidly detects link failures.
  • D. NSR provides routing loop protection.

Answer: A,B


NEW QUESTION # 81
Which two statements correctly describe RSTP port roles? (Choose two.)

  • A. The root port is responsible for forwarding data to the root bridge.
  • B. The designated port forwards data to the downstream network segment or device.
  • C. The alternate port is a standby port for an edge port.
  • D. The backup port is used as a backup for the root port.

Answer: A,B

Explanation:
An RSTP topology contains ports that have specific roles:
The root port is responsible for forwarding data to the root bridge.
The alternate port is a standby port for the root port. When a root port goes down, the alternate port becomes the active root port.
The designated port forwards data to the downstream network segment or device.
The backup port is a backup port for the designated port. When a designated port goes down, the backup port becomes the active designated port and starts forwarding data.


NEW QUESTION # 82
You are concerned about spoofed MAC addresses on your LAN.
Which two Layer 2 security features should you enable to minimize this concern? (Choose two.)

  • A. dynamic ARP inspection
  • B. IP source guard
  • C. static ARP
  • D. DHCP snooping

Answer: A,D

Explanation:
A is correct because dynamic ARP inspection (DAI) is a Layer 2 security feature that prevents ARP spoofing attacks. ARP spoofing is a technique that allows an attacker to send fake ARP messages to associate a spoofed MAC address with a legitimate IP address. This can result in traffic redirection, man-in-the-middle attacks, or denial-of-service attacks. DAI validates ARP packets by checking the source MAC address and IP address against a trusted database, which is usually built by DHCP snooping1. DAI discards any ARP packets that do not match the database or have invalid formats1.
C is correct because DHCP snooping is a Layer 2 security feature that prevents DHCP spoofing attacks.
DHCP spoofing is a technique that allows an attacker to act as a rogue DHCP server and offer fake IP addresses and other network parameters to unsuspecting clients. This can result in traffic redirection, man-in-the-middle attacks, or denial-of-service attacks. DHCP snooping filters DHCP messages by classifying switch ports as trusted or untrusted. Trusted ports are allowed to send and receive any DHCP messages, while untrusted ports are allowed to send only DHCP requests and receive only valid DHCP replies from trusted ports2. DHCP snooping also builds a database of MAC addresses, IP addresses, lease times, and binding types for each client2.


NEW QUESTION # 83
......

JN0-351 Questions PDF [2026] Use Valid New dump to Clear Exam: https://actual4test.practicetorrent.com/JN0-351-practice-exam-torrent.html

Related Articles

more
Juniper JN0-351 Certification Practice Exam

We offer you the latest exam questions in three versions which you can choose as you like. The pdf version supports the printing and is easy to be read. You can try the free demo questions to check the validity. Our practice material is the key to success.

Tags

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 PracticeTorrent NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy