01. You are asked to create a new firewall filter to evaluate Layer 3 traffic that is being sent between VLANs. In this scenario, which two statements are correct?
(Choose two)
a) You should create a family Ethernet-switching firewall filter with the appropriate match criteria and actions.
b) You should apply the firewall filter to the appropriate VLAN.
c) You should create a family inet firewall filter with the appropriate match criteria and actions.
d) You should apply the firewall filter to the appropriate IRB interface.
02. Which statement is correct about the IS-IS ISO NET address?
a) You can only define a single ISO NET address per device.
b) An ISO NET address must be unique for each device in the network.
c) An ISO NET address defined with a system ID of 0000.0000.0000 must be selected as the DIS.
d) The Area ID must match on all devices within a L2 area.
03. An update to your organization's network security requirements document requires management traffic to be isolated in a non-default routing-instance. You want to implement this requirement on your Junos-based devices.
Which two commands enable this behavior?
(Choose two)
a) set routing—instances mgmtjunoa interface ge-0/0/0.0
b) set routing—instances mgmt_junos interface em1
c) set system management—instance
d) set routing—instances mgmt_junos
04. When load balancing is configured on a Junos device using the load-balance per-packet parameter, which three parameters are used to distinguish traffic flows?
(Choose three)
a) incoming interface
b) destination address
c) destination port
d) source address
e) source port
05. Which statement is correct about controlling the routes installed by a RIB group?
a) An import policy is applied to the RIB group.
b) Only routes in the last table are installed.
c) A firewall filter must be configured to install routes in the RIB groups.
d) An export policy is applied to the RIB group.
06. What is the maximum allowable MTU size for a default GRE tunnel without IPv4 traffic fragmentation?
a) 1496 bytes
b) 1480 bytes
c) 1500 bytes
d) 1476 bytes
07. Which two statements are true about the default VLAN on Juniper switches?
(Choose two)
a) The default VLAN is set to a VLAN ID of 1 by default
b) The default VLAN ID is not assigned to any interface.
c) The default VLAN ID is not visible.
d) The default VLAN ID can be changed.
08. Which instance type is used to separate large networks into smaller administrative entities?
a) VRF
b) nonforwarding
c) virtual router
d) FBF
09. You implemented the MAC address limit feature with the shutdown action on all interfaces on your switch. In this scenario, which statement is correct when a violation occurs?
a) By default, you must manually clear the violation for the interface to send and receive traffic again.
b) By default, the violation will automatically be cleared after 300 seconds and the interface will resume sending and receiving traffic for all learned devices.
c) By default, the interface will continue to send and receive traffic for all connected devices after a violation has occurred.
d) By default, devices that are learned before the violation occurs are still allowed to send and receive traffic through the specific interface.
10. What are two optional methods of monitoring tunnel links?
a) GRE keepalives
b) ICMP keepalives
c) TCP 3-way handshake
d) Bidirectional Forwarding Detection
Before you write the Juniper JNCIS Routing and Switching (JN0-351) certification exam, you may have certain doubts in your mind regarding the pattern of the test, the types of questions asked in it, the difficulty level of the questions and time required to complete the questions. These Juniper Networks Certified Specialist Enterprise Routing and Switching (JNCIS-ENT) sample questions and demo exam help you in removing these doubts and prepare you to take the test.