2017 Oct. New JN0-643 Exam Dumps with PDF and VCE Free Updated Today! Following are some JN0-643 Questions:

1.|2017 New JN0-643 Exam Dumps (PDF & VCE) 301Q&As Download:

https://www.braindump2go.com/jn0-643.html

2.|2017 New JN0-643 Exam Questions & Answers Download:

https://drive.google.com/drive/folders/0B75b5xYLjSSNSXllWnNFZnB5NG8?usp=sharing

 

QUESTION 111
A Layer 2 transparent firewall separates two OSPFv3 routers.
For the two OSPFv3 routers to form an adjacency, which protocol must be permitted on the firewall?

A.    IPv4 protocol 89
B.    IPv6 protocol 89
C.    TCP port 89
D.    UDP port 89

Answer: B

QUESTION 112
In MSTP, which two factors determine the root bridge in each region? (Choose two.)

A.    The switch with the higher priority becomes the root bridge.
B.    The switch with the lower priority becomes the root bridge.
C.    The switch with the lower MAC address becomes the root bridge when priorities are tied.
D.    The switch with the higher MAC address becomes the root bridge when priorities are tied.

Answer: BC

QUESTION 113
Which two LSA types are only generated by an ABR router? (Choose two.)

A.    ASBR summary LSA (Type 4)
B.    ASBR LSA (Type 5)
C.    Summary LSA (Type 3)
D.    Router LSA (Type 1)

Answer: AC

QUESTION 114
Which two statements about MVRP on EX Series switches are true? (Choose two.)

A.    MVRP can add VLANs on access interfaces.
B.    MVRP can add VLANs on trunk interfaces.
C.    MVRP adds VLANs on MVRP-enabled interfaces by default.
D.    MVRP is in transparent mode on MVRP-enabled interfaces by default.

Answer: BC

QUESTION 115
A company’s security policy does not allow outside computers or smart phones into their work areas. All company-provided computers are strictly controlled using 802.1X authentication on all of their switches. All computers obtain DHCP IP addresses from centralized servers and all switches have IP spoofing enabled. However, one of the computers was able to send IP spoofed packets.
Why did the IP spoof feature fail to prevent the spoofed packets from being forwarded?

A.    The IP source guard database timeout was set too low.
B.    The DHCP snooping feature was not enabled on any of the switches.
C.    IP source guard does not prevent IP spoof attacks; you need to configure the Dynamic ARP Inspection feature.
D.    802.1X feature was not enabled on the port that was directly connected to the infected computer.

Answer: B

QUESTION 116
What is a valid router ID configuration for OSPFv3 in the Junos OS?

A.    set routing-options router-id 2001:1:2::1
B.    set protocols ospf3 router-id fe80:223:2887:ab31::1
C.    set routing-options router-id 224.1.0.1
D.    set protocols ospf3 router-id 10.8.3.9

Answer: C

QUESTION 117
You are setting up a new switch in your network that is using MSTP. You have configured all access ports as edge ports, and you want to make sure that the access ports can never transition to nonedge ports.
How can you meet this requirement?

A.    Configure the interfaces as shared.
B.    Configure the hello-time option as zero.
C.    Configure the interfaces as a no-root-port.
D.    Configure bpdu-block-on-edge.

Answer: D

QUESTION 118
When using PIM-SM in ASM mode, which two events trigger the creation of a shortest-path tree? (Choose two.)

A.    Multicast traffic received at the receiver’s designated router (DR).
B.    PIM join received at the receiver’s designated router (DR).
C.    PIM join received at the source designated router (DR).
D.    PIM registers received by the rendezvous point (RP).

Answer: AD

QUESTION 119
A coffee shop offering free Internet service to customers wants to implement the following security policies:
1. Every customer must agree to a set of terms and conditions before accessing the Internet.
2. Log out customers that are logged in for more than one hour.
3. Log out customers that are idle for more than 5 minutes.
4. Authenticate employee desktop computers with known hardware addresses in the office of the coffee shop to access the Internet without the above restrictions.
The following configuration has been applied to the switch:
set access radius-server 172.16.14.26 port 1812
set access radius-server 172.16.14.26 secret Am@zingC00f33
set access profile dot1x authentication-order radius
set access profile dot1x radius authentication-server 172.27.14.226
What would you add to implement these policies?

A.    set protocols dot1x authenticator interface ge-0/0/12.0 supplicant multiple
set protocols dot1x authenticator interface ge-0/0/12.0 mac-radius
set protocols dot1x authenticator authentication-profile-name dot1x
set services captive-portal authentication-profile-name dot1x
set services captive-portal interface ge-0/0/12.0
set services captive-portal secure-authentication https
set services captive-portal custom-options header-message “Welcome to Our Coffee Shop”
set services captive-portal custom-options banner-message “Terms and Conditions of Use”
B.    set protocols dot1x authenticator interface ge-0/0/12.0 supplicant multiple
set protocols dot1x authenticator authentication-profile-name dot1x
set services captive-portal authentication-profile-name dot1x
set services captive-portal interface ge-0/0/12.0
set services captive-portal secure-authentication https
set services captive-portal custom-options header-message “Welcome to Our Coffee Shop”
set services captive-portal custom-options banner-message “Terms and Conditions of Use”
C.    set protocols dot1x authenticator interface ge-0/0/12.0 supplicant multiple
set protocols dot1x authenticator interface ge-0/0/12.0 mac-radius
set protocols dot1x authenticator authentication-profile-name dot1x
set services captive-portal authentication-profile-name dot1x
set services captive-portal interface ge-0/0/12.0
set services captive-portal interface ge-0/0/12.0 idle-timeout 300
set services captive-portal interface ge-0/0/12.0 user-timeout 3600
set services captive-portal secure-authentication https
set services captive-portal custom-options header-message “Welcome to Our Coffee Shop”
set services captive-portal custom-options banner-message “Terms and Conditions of Use”
D.    set protocols dot1x authenticator interface ge-0/0/12.0 supplicant multiple
set protocols dot1x authenticator interface ge-0/0/12.0 mac-radius
set protocols dot1x authenticator interface ge-0/0/12.0 idle-timeout 300
set protocols dot1x authenticator interface ge-0/0/12.0 user-timeout 3600
set protocols dot1x authenticator authentication-profile-name dot1x
set services captive-portal authentication-profile-name dot1x
set services captive-portal interface ge-0/0/12.0
set services captive-portal secure-authentication https
set services captive-portal custom-options header-message “Welcome to Our Coffee Shop”
set services captive-portal custom-options banner-message “Terms and Conditions of Use”

Answer: A

QUESTION 120
What is an IP multicast routing protocol?

A.    RSVP
B.    OSPF
C.    PIM
D.    CDP

Answer: A


!!!RECOMMEND!!!
 

1.|2017 New JN0-643 Exam Dumps (PDF & VCE) 301Q&As Download:

https://www.braindump2go.com/jn0-643.html

 

2.|2017 New JN0-643 Study Guide Video:

https://youtu.be/UbAtE6Yycr8