Exam Details
Exam Code
:JN0-690Exam Name
:Junos TroubleshootingCertification
:JNCSP-SECVendor
:JuniperTotal Questions
:70 Q&AsLast Updated
:May 12, 2024
Juniper JNCSP-SEC JN0-690 Questions & Answers
-
Question 1:
-- Exhibit -[edit]
user@R1# run show interfaces ge-1/1/2 terse
Interface Admin Link Proto Local Remote
ge-1/1/2 up up
ge-1/1/2.0 up up aenet --> ae0.0
[edit]
user@R1# run show interfaces ge-1/1/3 terse
Interface Admin Link Proto Local Remote
ge-1/1/3 up up
ge-1/1/3.0 up up aenet --> ae0.0
[edit]
user@R1# run show interfaces ae0 terse
Interface Admin Link Proto Local Remote
ae0 up down
ae0.0 up down bridge
[edit]
user@R1# show interfaces ae0
aggregated-ether-options {
lacp {
periodic slow;
system-priority 200;
}
}
unit 0 {
family bridge {
interface-mode trunk;
vlan-id-list 100;
}
}
**************************************************************************
[edit]
user@R2# run show interfaces ge-1/1/2 terse
Interface Admin Link Proto Local Remote
ge-1/1/2 up up
ge-1/1/2.0 up up aenet --> ae0.0
[edit]
user@R2# run show interfaces ge-1/1/3 terse
Interface Admin Link Proto Local Remote
ge-1/1/3 up up
ge-1/1/3.0 up up aenet --> ae0.0
[edit]
user@R2# run show interfaces ae0 terse
Interface Admin Link Proto Local Remote
ae0 up down
ae0.0 up down bridge
[edit]
user@R2# show interfaces ae0
aggregated-ether-options {
lacp {
periodic fast;
system-priority 100;
}
}
unit 0 {
family bridge {
interface-mode trunk;
vlan-id-list 100;
}
}
-- Exhibit -
You have configured a LAG and are now enabling LACP on the ae0 interface. You have configured and committed the configuration as shown in the exhibit. However, the exhibit also shows that the ae0 interface is now in the up/down state.
What must you do to resolve this problem?
A. Configure both routers' ae0 LACP configuration to periodic fast.
B. Change the LACP system-priority of R1 to 300.
C. Configure R1's LACP configuration as active.
D. Configure R2's LACP configuration as passive.
-
Question 2:
-- Exhibit -user@router> show system switchover Graceful switchover: On Configuration databasE. Ready Kernel databasE. Version incompatible Peer statE. Steady State -- Exhibit -
You have enabled graceful Routing Engine switchover (GRES). During verification, you switched mastership and all interfaces went down.
Referring to the output shown in the exhibit, why did the interfaces go down?
A. The synchronization failed because the Junos OS version on the backup is incompatible with the version running on the master.
B. The synchronization failed because the Junos OS version on the backup does not support GRES.
C. The synchronization failed because the Routing Engine models are different between the master and backup.
D. The synchronization failed because the master Routing Engine cannot communicate with the backup Routing Engine.
-
Question 3:
-- Exhibit -
[edit]
user@router# show interfaces
ge-1/1/2 {
gigether-options {
802.3ad ae0;
}
}
ge-1/1/3 {
gigether-options {
802.3ad ae0;
}
}
ae0 {
unit 0 {
family bridge {
interface-mode trunk;
vlan-id-list 100;
}
}
}
-- Exhibit -
You are asked to configure a LAG. You configure and commit the configuration as shown in the exhibit. When verifying your ae0 interface, you encounter the following error:
[edit] user@router# run show interfaces ae0 error: device ae0 not found
Which command would you use to resolve this problem?
A. set interfaces ae0 aggregated-ether-options lacp active
B. set chassis alarm ethernet link-down ignore
C. set chassis network-services ethernet
D. set chassis aggregated-devices ethernet device-count 1
-
Question 4:
Click the Exhibit button.
-- Exhibit -[edit]
user@router# show interfaces
ge-1/1/2 {
vlan-tagging;
unit 100 {
vlan-id 100;
family inet {
address 192.168.0.1/30;
}
}
}
lo0 {
unit 0 {
family inet {
address 10.10.10.1/32;
}
}
}
[edit]
user@router# show protocols ospf
area 0.0.0.0 {
interface ge-1/1/2.0 {
interface-type p2p;
metric 250;
}
interface lo0.0;
}
[edit]
user@router# run show ospf interface
Interface State Area DR ID BDR ID Nbrs
lo0.0 DR 0.0.0.0 10.10.10.1 0.0.0.0 0
[edit]
user@router#
-- Exhibit -
Referring to the exhibit, why does only the loopback interface appear in the show ospf interface output?
A. The interface-type is not configured properly on the ge-1/1/2 interface.
B. The incorrect logical unit for the ge-1/1/2 interface is configured under the OSPF hierarchy.
C. The ge-1/1/2 interface is configured under the wrong OSPF area.
D. The metric configured on ge-1/1/2 is not valid.
-
Question 5:
Click the Exhibit button.
You recently added an EBGP neighbor to R1 and you are receiving a single BGP route for their internal network. You notice that on R2 the route learned from C1 is being marked as hidden because the next hop is unusable.
Referring to the exhibit, what should you do to resolve the problem?
A. Create a next-hop-self import policy on R2 and apply this policy to IBGP.
B. Create a next-hop-self export policy on R1 and apply this policy to IBGP.
C. Create a next-hop-self import policy on R1 and apply this policy to EBGP.
D. Create a next-hop-self import policy and apply this policy to IBGP.
-
Question 6:
Click the Exhibit button.
-- Exhibit -May 20 22:27:04.010297 OSPF rcvd Hello 192.168.0.2 -> 224.0.0.5 (ge-1/1/2.0 IFL 343 area 0.0.0.0) May 20 22:27:04.010320 Version 2, length 44, ID 10.10.10.1, area 0.0.0.1 May 20 22:27:04.010342 checksum 0x166d, authtype 0 May 20 22:27:04.010365 mask 255.255.255.252, hello_ivl 10, opts 0x12, prio 128 May 20 22:27:04.010387 dead_ivl 40, DR 192.168.0.2, BDR 0.0.0.0 May 20 22:27:07.891698 OSPF periodic xmit from 192.168.0.1 to 224.0.0.5 (IFL 2684276180 area 0.0.0.0) May 20 22:27:12.749988 OSPF packet ignored: area mismatch (0.0.0.1) from 192.168.0.2 on intf ge- 1/1/2.0 area 0.0.0.0 May 20 22:27:12.750071 OSPF rcvd Hello 192.168.0.2 -> 224.0.0.5 (ge-1/1/2.0 IFL 343 area 0.0.0.0) May 20 22:27:12.750095 Version 2, length 44, ID 10.10.10.1, area 0.0.0.1 May 20 22:27:12.750116 checksum 0x166d, authtype 0 May 20 22:27:12.750139 mask 255.255.255.252, hello_ivl 10, opts 0x12, prio 128 May 20 22:27:12.750161 dead_ivl 40, DR 192.168.0.2, BDR 0.0.0.0 May 20 22:27:14.393182 OSPF rcvd Hello 192.168.0.2 -> 224.0.0.5 (ge-1/1/2.0 IFL 343 area 0.0.0.0) May 20 22:27:14.393262 Version 2, length 44, ID 10.10.10.1, area 0.0.0.0 May 20 22:27:14.393284 checksum 0x0, authtype 0 May 20 22:27:14.393307 mask 255.255.255.252, hello_ivl 50, opts 0x12, prio 128 May 20 22:27:14.393368 dead_ivl 200, DR 0.0.0.0, BDR 0.0.0.0 May 20 22:27:14.393399 OSPF packet ignored: our router ID received from 192.168.0.2 on intf ge- 1/1/2.0 area 0.0.0.0 -- Exhibit -
Referring to the exhibit, which two OSPF adjacency problems are present? (Choose two.)
A. hello interval mismatch
B. duplicate router ID
C. area type mismatch
D. area number mismatch
-
Question 7:
-- Exhibit -Local traffic capture on r1:
Address resolution is OFF.
Listening on ge-5/3/0.0, capture size 1514 bytes
22:16:33.610374 Out IP (tos 0xc0, ttl 1, id 34562, offset 0, flags [none], proto: OSPF (89), length: 76) 10.1.2.1 > 224.0.0.5: OSPFv2, Hello, length 56 [len 44]
Router-ID 1.1.1.1, Backbone Area, Authentication TypE. none (0) Options [External, LLS] Hello Timer 10s, Dead Timer 40s, Mask 255.255.255.252, Priority 128 LLS: checksum: 0xfff6, length: 3 Extended Options (1), length: 4
Options: 0x00000001 [LSDB resync]
[edit]
user@r1# run show ospf interface
Interface State Area DR ID BDR ID Nbrs
ge-5/3/0.0 PtToPt 0.0.0.0 0.0.0.0 0.0.0.0 0
lo0.1 DR 0.0.0.0 1.1.1.1 0.0.0.0 0
[edit]
user@r1# run show ospf neighbor
Local traffic capture on r2:
Address resolution is OFF.
Listening on ge-5/3/1.0, capture size 1514 bytes
22:16:42.238030 Out IP6 (class 0xc0, hlim 1, next-header: OSPF (89), length: 36) fe80::6687:88ff:fe6c:6769 > ff02::5: OSPFv3, Hello, length 36 Router-ID 2.2.2.2, Backbone Area Options [V6, External, Router]
Hello Timer 10s, Dead Timer 40s, Interface-ID 0.0.0.1, Priority 128 Neighbor List:
user@r2# run show ospf interface
OSPF instance is not running
-- Exhibit -
Click the Exhibit button.
Referring to the exhibit, routers r1 and r2 are connected to each other by interfaces ge-5/3/0 and ge- 5/3/1 respectively. They do not become OSPF neighbors.
Which two statements are true? (Choose two.)
A. r1 is configured for OSPFv3.
B. r1 is configured for OSPFv2.
C. r2 is configured for OSPFv2.
D. r2 is configured for OSPFv3.
-
Question 8:
Click the Exhibit button.
-- Exhibit -user@R1> show configuration interfaces lo0
unit 5 {
family inet {
filter {
input JUNOS;
}
address 5.5.5.5/32;
}
}
user@R1> show configuration firewall family inet filter JUNOS term term1 { from {
protocol tcp;
port [ telnet ftp ftp-data snmp ssh syslog http tacacs 64644 1024-65535 ]; } then {
log;
accept;
}
}
term default {
then {
discard;
}
}
-- Exhibit -
Referring to the exhibit, which three statements are true? (Choose three.)
A. R1 will drop all traffic with destination address 5.5.5.5.
B. R1 will drop all OSPF packets.
C. R1 will drop all non-TCP transit traffic.
D. R1 will accept telnet traffic.
E. R1 will drop all BGP packets.
-
Question 9:
Click the Exhibit button.
-- Exhibit -user@r2# run show route 100.1.1.0/24 detail
inet.0: 5 destinations, 5 routes (5 active, 0 holddown, 0 hidden) 100.1.1.0/24 (1 entry, 1 announced) *Static PreferencE. 5
Next hop typE. Reject
Address: 0x8f7b5a4
Next-hop reference count: 2
StatE.
Local AS: 65001
AgE. 59
Task: RT
Announcement bits (1): 2-KRT
AS path: 65005 I
user@r2# show protocols bgp
group ibgp {
type external;
export to-bgp;
neighbor 10.1.2.1 {
local-address 10.1.2.2;
family inet {
unicast;
}
family inet6 {
unicast;
}
peer-as 65005;
}
}
user@r2# run show bgp summary
Groups: 1 Peers: 1 Down peers: 0
Table Tot Paths Act Paths Suppressed History Damp State Pending inet6.0 0 0 0 0 0 0
inet.0
0 0 0 0 0 0
Peer AS InPkt OutPkt OutQ Flaps Last Up/Dwn State|#Active/Received/Accepted/Damped...
10.1.2.1 65005 31 31 0 0 12:08 Establ
inet6.0: 0/0/0/0
inet.0: 0/0/0/
user@r2# show policy-options
policy-statement to-bgp {
from protocol static;
then accept;
}
user@r2# run show route advertising-protocol bgp 10.1.2.1
[edit] user@r2# -- Exhibit -
Referring to the exhibit, router r2 does not advertise the static route to peer 10.1.2.1. What is the problem?
A. The export policy is incorrect.
B. The static route has Next hop typE. Reject.
C. The export policy should be applied under the [edit protocols bgp group ibgp neighbor 10.1.2.1] hierarchy.
D. An AS path loop is detected.
-
Question 10:
Click the Exhibit button.
-- Exhibit -user@R1> show configuration interfaces
xe-1/1/0 {
unit 0 {
family inet {
address 17.1.1.1/24;
}
family mpls;
}
}
user@R1> ping 17.1.1.2 size 1473 do-not-fragment
PING 17.1.1.2 (17.1.1.2): 1473 data bytes
ping: sendto: Message too long
ping: sendto: Message too long
ping: sendto: Message too long
user@R1> ping 17.1.1.2 logical-system R1 size 1472 do-not-fragment PING 17.1.1.2 (17.1.1.2): 1472 data bytes
1480 bytes from 17.1.1.2: icmp_seq=0 ttl=64 time=0.933 ms 1480 bytes from 17.1.1.2: icmp_seq=1 ttl=64 time=0.838 ms 1480 bytes from 17.1.1.2: icmp_seq=2 ttl=64 time=4.688 ms
-- Exhibit -
You are using the ping command to troubleshoot a suspected MTU problem.
A. Referring to the exhibit, which two statements are true? (Choose two.)The first ping fails because the do-not-fragment option is set.
B. The first ping fails because the Junos OS takes into account Layer 2 headers while calculating the MTU.
C. The first ping fails because the Junos OS takes into account ICMP and IP headers while calculating the MTU.
D. The first ping fails because the Junos OS takes into account the CRC header while calculating the MTU.
Tips on How to Prepare for the Exams
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Juniper exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your JN0-690 exam preparations and Juniper certification application, do not hesitate to visit our Vcedump.com to find your solutions here.