Juniper Networks Certified Associate Junos JNCIA-Junos (JNCIA-JUNOS) — Questions 175

514 questions total · 7pages · All types, answers revealed

Page 1 of 7

Page 2
1
MCQeasy

Refer to the exhibit. Which interface has a physical layer connectivity problem?

A.ge-0/0/2
B.ge-0/0/0
C.ge-0/0/3
D.ge-0/0/1
AnswerD

ge-0/0/1 is administratively up but the link is down. This indicates a physical layer issue, such as a disconnected cable, faulty transceiver, or peer problem.

Why this answer

Interface ge-0/0/1 shows 'Physical link is Down' in the output, which directly indicates a physical layer connectivity problem. The 'Device present' field is also 'No', confirming that no transceiver or cable is detected, which is a Layer 1 issue.

Exam trap

The trap here is that candidates may focus on the 'Admin' status (up/down) rather than the 'Physical link' status, mistakenly assuming an administratively down interface is a physical layer problem, when in fact the physical layer issue is indicated by the link state being down regardless of administrative configuration.

How to eliminate wrong answers

Option A is wrong because ge-0/0/2 shows 'Physical link is Up' and 'Device present' is 'Yes', indicating no physical layer problem. Option B is wrong because ge-0/0/0 shows 'Physical link is Up' and 'Device present' is 'Yes', so the physical layer is functioning correctly. Option C is wrong because ge-0/0/3 shows 'Physical link is Up' and 'Device present' is 'Yes', meaning there is no physical layer connectivity issue.

2
MCQmedium

An administrator executes 'show route 192.168.1.0/24' and sees no output, but the route is configured. Which command should be used to display the reason the route is not active?

A.show route hidden
B.show log messages
C.show route protocol static
D.show route forwarding-table
AnswerA

This command reveals hidden routes with reasons for their status.

Why this answer

The correct answer is A. The command 'show route hidden' displays all routes that are not active due to issues like unreachable next-hops, rejection, etc. Option B shows only static routes, not necessarily hidden.

Option C shows the forwarding table, not the routing table. Option D shows log messages, not route status.

3
MCQmedium

A Juniper MX router is configured with multiple routing instances. In which scenario would an interface be automatically placed in a routing instance?

A.When the interface is configured with an IP address from the instance's address family.
B.When the interface is associated with the default instance.
C.When the interface is configured under the instance's `interface` statement.
D.When the routing instance type is virtual-router and the interface is a physical interface.
AnswerC

Interfaces must be explicitly added to a routing instance using the `interface` command.

Why this answer

Option C is correct because interfaces must be explicitly configured under the routing instance's `interface` statement. Option A is wrong because IP addressing alone does not assign to an instance. Option B is wrong because the default instance is the master instance, not an automatic placement into another instance.

Option D is wrong because virtual-router type also requires explicit configuration.

4
MCQhard

An engineer suspects that a recent software upgrade caused a compatibility issue. Which command should be used to revert the Junos OS to the previous version?

A.rollback 0
B.request system software rollback
C.request system reboot
D.request system software delete jinstall-*.tgz
AnswerB

This command triggers a rollback to the previous software partition.

Why this answer

The 'request system software rollback' command is the correct method to revert the Junos OS to the previously installed version. This command triggers a reboot and loads the previous software set from the /altroot partition, effectively undoing the upgrade while preserving the configuration.

Exam trap

The trap here is confusing 'rollback' in the context of configuration management (rollback 0) with software version rollback, leading candidates to mistakenly choose option A.

How to eliminate wrong answers

Option A is wrong because 'rollback 0' reverts the candidate configuration to the most recently committed configuration, not the operating system software version. Option C is wrong because 'request system reboot' simply reboots the device without changing the software version. Option D is wrong because 'request system software delete' removes a software package from storage but does not activate a previous version; the device would still boot the current version unless a rollback is performed.

5
MCQeasy

A junior administrator wants to discard all uncommitted changes made in the current configuration session. Which command accomplishes this?

A.commit check
B.rollback 0
C.load factory-default
D.clear configuration
AnswerB

'rollback 0' reverses all uncommitted changes to the last committed configuration.

Why this answer

The `rollback 0` command reverts the candidate configuration to the active committed configuration, effectively discarding all uncommitted changes made during the current session. In Junos, configuration changes are stored in a candidate configuration until explicitly committed; `rollback 0` loads the last committed configuration (index 0) into the candidate, wiping out any uncommitted edits.

Exam trap

The trap here is that candidates familiar with Cisco IOS might expect a `clear configuration` command or think `commit check` discards changes, but Junos requires `rollback 0` to revert uncommitted edits without affecting the active configuration.

How to eliminate wrong answers

Option A is wrong because `commit check` only validates the syntax and semantics of the candidate configuration without committing it; it does not discard any changes. Option C is wrong because `load factory-default` overwrites the entire configuration with the factory-default settings, which is far more drastic than simply discarding uncommitted changes and would also remove committed configurations. Option D is wrong because `clear configuration` is not a valid Junos CLI command; the correct approach to discard uncommitted changes is `rollback 0`.

6
Drag & Dropmedium

Order the steps to configure a user account with a password in Junos.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order

Why this order

User accounts require a class (privilege level) and authentication method (e.g., plain-text-password).

7
MCQmedium

You are managing a Juniper EX4300 switch that serves as a Layer 3 access switch for a campus network. The switch has multiple VLANs configured with IRB interfaces. Users in VLAN 10 report that they cannot reach the default gateway (IRB.10) even though other VLANs are working fine. You check the configuration and see that interface irb.10 is configured with an IP address. You also verify that the VLAN is associated with the correct access ports. However, when you ping the IRB.10 address from the switch itself, it fails. You suspect that the issue might be that the IRB interface is not 'up'. Which command would you use to quickly verify the operational status of the IRB interface?

A.show interfaces terse irb.10
B.show ethernet-switching table
C.show configuration interfaces irb.10
D.show vlan
AnswerA

Shows operational status of the IRB interface.

Why this answer

Option A is correct because `show interfaces terse irb.10` displays the operational status (up/down) of the IRB interface along with its configured IP address. Since the issue is that the IRB interface may not be 'up', this command quickly confirms whether the interface is operationally active, which is essential for Layer 3 forwarding.

Exam trap

The trap here is that candidates often check the configuration (`show configuration`) assuming it reflects the operational state, but Junos separates configuration from operational status, so a correctly configured IRB can still be down due to missing VLAN association or no active member ports.

How to eliminate wrong answers

Option B is wrong because `show ethernet-switching table` displays MAC address-to-VLAN mappings for Layer 2 forwarding, not the operational status of IRB interfaces. Option C is wrong because `show configuration interfaces irb.10` only shows the configured (intended) settings, not the current operational state; the interface could be configured but still down. Option D is wrong because `show vlan` displays VLAN membership and associated interfaces but does not show the operational status of IRB interfaces or their IP addresses.

8
MCQmedium

While in configuration mode, an engineer types 'show' and sees a different output than when typing 'run show configuration'. Why?

A.'show' shows the active configuration; 'run show configuration' shows the candidate.
B.'show' shows the candidate configuration; 'run show configuration' shows the active configuration.
C.Both commands produce identical output.
D.'run show configuration' is not allowed from configuration mode.
AnswerB

Correct explanation of the difference.

Why this answer

In Junos, when you are in configuration mode and type 'show', it displays the candidate configuration (the changes you have made but not yet committed). The command 'run show configuration' executes the operational-mode command 'show configuration' from within configuration mode, which displays the active (committed) configuration. Therefore, option B correctly identifies that 'show' shows the candidate configuration and 'run show configuration' shows the active configuration.

Exam trap

The trap here is that candidates often confuse the behavior of 'show' in configuration mode with the operational-mode 'show configuration' command, mistakenly thinking both display the same configuration or that 'show' always shows the active configuration.

How to eliminate wrong answers

Option A is wrong because it reverses the roles: 'show' shows the candidate configuration, not the active configuration, and 'run show configuration' shows the active configuration, not the candidate. Option C is wrong because the two commands produce different outputs: 'show' displays the candidate configuration (which may include uncommitted changes), while 'run show configuration' displays the active (committed) configuration. Option D is wrong because 'run show configuration' is allowed from configuration mode; the 'run' command is specifically designed to execute operational-mode commands while in configuration mode.

9
MCQeasy

A router has an OSPF route to 10.10.10.0/24 with preference 10 and a static route to the same prefix with preference 5. Which route is active in the routing table?

A.The OSPF route
B.The static route
C.Neither route
D.Both routes
AnswerB

Lower preference number is preferred; static (5) beats OSPF (10).

Why this answer

The correct answer is B. Junos uses route preference to select the best route. Static routes have a default preference of 5, which is lower than OSPF's internal preference of 10, so the static route is preferred.

Option A is wrong because OSPF has a higher preference. Option C is wrong because only one route is active (unless ECMP, but preferences differ). Option D is wrong because one route is active.

10
MCQmedium

An engineer needs to add a set of configuration parameters to a group that can be inherited by multiple interfaces. Which configuration element should be used?

A.prefix lists
B.set default
C.configuration groups with apply-groups
D.load merge
AnswerC

Configuration groups allow defining reusable blocks of configuration that can be inherited using 'apply-groups'.

Why this answer

Configuration groups with apply-groups allow you to define a set of configuration parameters in a named group and then apply that group to multiple interfaces (or other hierarchy levels) using the 'apply-groups' statement. This enables inheritance and reduces repetitive configuration, which is the exact requirement in the question.

Exam trap

The trap here is that candidates may confuse 'load merge' (a file operation) with a configuration inheritance mechanism, or think 'set default' is a valid command for setting default interface parameters, when in fact Junos uses 'apply-groups' for this purpose.

How to eliminate wrong answers

Option A is wrong because prefix lists are used for route filtering (e.g., in routing policy) and cannot be inherited by interfaces as configuration parameters. Option B is wrong because 'set default' is not a valid Junos configuration element; the correct term for setting default values is 'apply-default' or using default configuration groups, but 'set default' does not exist. Option D is wrong because 'load merge' is a command used to merge a configuration file into the active configuration, not a mechanism for defining reusable, inheritable configuration groups.

11
MCQmedium

A network engineer is configuring a Juniper device in a production network. They have applied several changes to the candidate configuration and run 'commit check', which passes. After a brief pause, they run 'commit' but receive the error: 'commit failed: configuration database modified by another user. Please reload the configuration and try again.' The engineer is the only person currently logged into the device, but they know that another engineer was working on the same device earlier and may have left a commit pending. What is the most likely reason for the commit failure?

A.The other engineer committed their changes between the commit check and the commit.
B.The commit check did not validate the syntax of the new changes.
C.The candidate configuration has timed out and must be re-entered.
D.The device has insufficient storage to write the new configuration.
AnswerA

This is the most likely cause of the 'configuration database modified by another user' error.

Why this answer

Option A is correct because the error message 'configuration database modified by another user' indicates that another user (the earlier engineer) had a pending commit that was not yet applied or discarded. When the current engineer ran 'commit check', it validated the candidate configuration against the current active configuration, but between that check and the actual 'commit', the other engineer's pending commit was applied (or their session was closed, causing their changes to be committed automatically if they had left a commit pending). This changed the configuration database, causing the commit to fail due to a version mismatch.

Exam trap

The trap here is that candidates may assume 'commit check' passes guarantee a successful commit, but they overlook that the configuration database can be modified by another user between the check and the commit, leading to a commit failure even when no other user is currently logged in.

How to eliminate wrong answers

Option B is wrong because 'commit check' does validate the syntax of the candidate configuration; if it passes, the syntax is correct. Option C is wrong because the candidate configuration does not 'time out' in Junos; it remains in the candidate database until explicitly committed or discarded. Option D is wrong because insufficient storage would typically produce a different error (e.g., 'no space left on device') and is not related to the 'configuration database modified by another user' message.

12
MCQeasy

A network engineer needs to check the operational status of all interfaces on a Juniper device. Which command provides a summary of interface status including link state, protocol state, and error counters?

A.show interfaces
B.show configuration interfaces
C.show interfaces terse
D.show interface descriptions
AnswerC

This command displays interface status in a compact format.

Why this answer

Option C is correct because the 'show interfaces terse' command provides a concise summary of all interfaces, displaying the interface name, administrative status (Admin), link state (Link), protocol state (Proto), and a brief description. This command is specifically designed for a quick operational overview, including error counters in the full output when combined with other flags, but the terse output itself focuses on status and protocol state, which directly meets the engineer's requirement.

Exam trap

The trap here is that candidates often confuse 'show interfaces terse' with 'show interfaces' or 'show configuration interfaces', assuming that a summary of operational status requires the full verbose output or configuration view, but Junos specifically uses 'terse' for a compact operational summary.

How to eliminate wrong answers

Option A is wrong because 'show interfaces' displays detailed interface information including extensive configuration and statistics, but it does not provide a summary format; it shows each interface in a verbose block, which is not a concise summary of status and protocol state. Option B is wrong because 'show configuration interfaces' displays the configured interface settings from the candidate or active configuration, not the operational status, link state, or protocol state; it is a configuration command, not an operational status command. Option D is wrong because 'show interface descriptions' is not a valid Junos command; the correct command is 'show interfaces descriptions' (with an 's'), which shows interface descriptions but does not include link state, protocol state, or error counters.

13
MCQeasy

An engineer wants to revert all uncommitted changes in the candidate configuration and start fresh from the currently active configuration. Which command should be used?

A.rollback 0
B.commit check
C.rollback 1
D.load override terminal
AnswerA

This sets the candidate to match the active configuration, discarding uncommitted changes.

Why this answer

The `rollback 0` command reverts all uncommitted changes in the candidate configuration and restores it to match the currently active configuration (the one most recently committed). This is because Junos stores the last 50 committed configurations, with index 0 always representing the active configuration. Using `rollback 0` effectively discards any uncommitted edits and starts fresh from the last committed state.

Exam trap

The trap here is that candidates often confuse `rollback 0` with `rollback 1`, mistakenly thinking that `rollback 1` reverts uncommitted changes, when in fact `rollback 1` reverts to the configuration before the last commit, not the current active configuration.

How to eliminate wrong answers

Option B is wrong because `commit check` only validates the syntax and semantics of the candidate configuration without committing it; it does not revert any changes. Option C is wrong because `rollback 1` reverts to the configuration that was active before the most recent commit (the previous committed version), not to the currently active configuration. Option D is wrong because `load override terminal` replaces the entire candidate configuration with text entered via the terminal, but it does not automatically revert to the active configuration; it requires manual input and is not a simple undo of uncommitted changes.

14
MCQmedium

A network engineer is designing a redundant network using RSTP. For faster convergence, what is the recommended method to avoid waiting for the forward delay timer?

A.Configure interfaces connected to end hosts as edge ports.
B.Manually specify the root bridge and root port.
C.Use link aggregation to bundle multiple links.
D.Increase the hello timer to speed up BPDU exchange.
AnswerA

Edge ports transition immediately to forwarding.

Why this answer

RSTP (Rapid Spanning Tree Protocol, IEEE 802.1w) achieves faster convergence by eliminating the listening and learning states for edge ports. Configuring interfaces connected to end hosts as edge ports allows them to transition directly to the forwarding state without waiting for the forward delay timer (default 15 seconds), because no BPDUs are expected on those ports and no loop can form.

Exam trap

The trap here is that candidates often confuse the forward delay timer with the hello timer or think that manually setting the root bridge speeds up convergence, but RSTP's edge port configuration is the only method that directly avoids the forward delay wait.

How to eliminate wrong answers

Option B is wrong because manually specifying the root bridge and root port influences the topology but does not bypass the forward delay timer; RSTP still requires the timer for non-edge ports to ensure loop-free convergence. Option C is wrong because link aggregation (LAG) bundles multiple links into a single logical link, which is treated as one port by spanning tree, but it does not eliminate the forward delay timer for that logical port. Option D is wrong because increasing the hello timer (default 2 seconds) would slow down BPDU exchange, not speed it up, and the hello timer does not control the forward delay timer; the forward delay timer is independent and used for state transitions.

15
MCQeasy

A network engineer is troubleshooting a connectivity issue and wants to see the active routes in the routing table. Which Junos CLI command should they use?

A.show log messages
B.show configuration
C.show interface
D.show route
AnswerD

Displays the routing table.

Why this answer

The 'show route' command displays the active routing table entries, including directly connected, static, and dynamic routes learned via protocols like OSPF, BGP, or IS-IS. This is the correct command to view the active routes the device uses for forwarding traffic.

Exam trap

The trap here is that candidates familiar with Cisco IOS might confuse 'show ip route' with Junos's 'show route' but incorrectly choose 'show configuration' thinking it shows routing information, or 'show interface' thinking it shows connected routes, when only 'show route' provides the complete active routing table.

How to eliminate wrong answers

Option A is wrong because 'show log messages' displays system log messages (syslog) for troubleshooting events, not the routing table. Option B is wrong because 'show configuration' displays the current configuration, not the operational routing table. Option C is wrong because 'show interface' displays interface status and statistics, not routing information.

16
MCQhard

A network operator needs to upgrade the Junos OS on the backup RE (re1) of a dual-RE system. Which procedure ensures that only the backup RE is upgraded and rebooted without affecting the forwarding plane?

A.Use 'request system software add <image> re1' and then 'request system reboot re1'
B.Use 'request system software add <image> both' and then 'request system reboot both'
C.Use 'request system software add <image> re0' and then 'request system reboot re0'
D.Copy the image to both REs and reboot the backup RE with 'request system reboot slice 1'
AnswerA

This sequence adds the image to re1 only and reboots only that RE. The primary RE continues running, so forwarding is unaffected.

Why this answer

Option A is correct because the 'request system software add <image> re1' command installs the Junos OS image only on the backup Routing Engine (RE1), and the subsequent 'request system reboot re1' reboots only that RE. In a dual-RE system, this procedure isolates the upgrade to the backup RE, ensuring the forwarding plane remains active on the primary RE (RE0) and no traffic disruption occurs.

Exam trap

The trap here is that candidates may confuse the 'both' option with a safe upgrade method, not realizing it reboots both REs simultaneously and disrupts traffic, or they may incorrectly assume that copying the image manually and using a non-existent 'slice' command is a valid procedure.

How to eliminate wrong answers

Option B is wrong because 'request system software add <image> both' and 'request system reboot both' upgrade and reboot both REs simultaneously, which would disrupt the forwarding plane by causing a full system outage. Option C is wrong because 'request system software add <image> re0' and 'request system reboot re0' target the primary RE, which would interrupt the forwarding plane and potentially cause a traffic loss. Option D is wrong because 'request system reboot slice 1' is not a valid Junos command for rebooting a specific RE; the correct syntax uses 're0' or 're1' to specify the Routing Engine, and copying the image to both REs without using the proper 'request system software add' command does not ensure a controlled upgrade.

17
Multi-Selectmedium

Which TWO commands can be used to view the current active configuration on a Junos device? (Choose two.)

Select 2 answers
A.show configuration | display set
B.show system configuration
C.show configuration
D.show | compare
E.show interfaces
AnswersA, C

Displays the active configuration in set command format.

Why this answer

Option A is correct because the 'show configuration | display set' command displays the active configuration in a set-based format, which is a valid way to view the current active configuration on a Junos device. Option C is correct because the 'show configuration' command directly displays the active configuration in hierarchical format, which is the primary method to view the running configuration.

Exam trap

The trap here is that candidates confuse 'show configuration' with 'show system configuration' (which does not exist) or mistakenly think 'show | compare' shows the active configuration, when it actually shows differences between configurations.

18
MCQmedium

A user wants to discard all uncommitted changes and return to the last committed configuration without exiting configuration mode. Which command should they use?

A.rollback 0
B.load override
C.reload
D.commit check
AnswerA

rollback 0 replaces the candidate with the active configuration.

Why this answer

Option A is correct because 'rollback 0' discards all uncommitted changes and reverts the candidate configuration to the last committed configuration, all while staying in configuration mode. In Junos, rollback 0 specifically refers to the most recently committed configuration, making it the exact command to undo uncommitted edits without exiting.

Exam trap

The trap here is that Cisco engineers often confuse 'reload' (a Cisco command to reboot) with Junos 'rollback', or mistakenly think 'load override' is the correct way to revert to the last committed configuration, when in fact 'load override' requires a specific file and does not automatically target the last committed state.

How to eliminate wrong answers

Option B is wrong because 'load override' replaces the entire candidate configuration with the contents of a specified file, but it does not automatically revert to the last committed configuration; it loads whatever file is specified, which may not be the last committed one. Option C is wrong because 'reload' is not a valid Junos command; it is a Cisco IOS command that reboots the device, not something used to discard uncommitted changes in configuration mode. Option D is wrong because 'commit check' validates the syntax of the candidate configuration without committing it; it does not discard any changes, so uncommitted edits remain in place.

19
MCQmedium

A technician is troubleshooting a routing issue and needs to see real-time updates of BGP prefixes being received. Which command should be used?

A.monitor route bgp
B.monitor traffic interface ge-0/0/0
C.show route advertising-protocol bgp
D.show route protocol bgp
AnswerA

Correctly displays real-time BGP route changes.

Why this answer

Option A is correct because the 'monitor route bgp' command in Junos OS provides a real-time, continuously updated view of BGP routes as they are learned or withdrawn. Unlike static show commands, this monitor command refreshes the output dynamically, making it ideal for observing live BGP prefix updates during troubleshooting.

Exam trap

The trap here is that candidates familiar with Cisco IOS often expect a 'debug ip bgp updates' equivalent, but Junos uses 'monitor route bgp' for real-time BGP route updates, while 'monitor traffic' is for packet-level analysis, not routing protocol events.

How to eliminate wrong answers

Option B is wrong because 'monitor traffic interface ge-0/0/0' captures raw packet headers on the interface, not BGP route table updates; it shows traffic flows, not routing protocol prefix changes. Option C is wrong because 'show route advertising-protocol bgp' displays routes that the local router is advertising to a specific BGP peer, not routes being received in real time. Option D is wrong because 'show route protocol bgp' shows a static snapshot of the current BGP route table, not a live, updating feed of incoming prefixes.

20
Multi-Selecthard

Which TWO statements are true about commit operations in Junos? (Choose two.)

Select 2 answers
A.The rollback 0 command will cause a system reboot.
B.The commit command requires the candidate configuration to be syntactically correct.
C.The commit confirmed command will automatically revert to the previous configuration if not confirmed within the default 10 minutes.
D.The commit check command applies the configuration to the running system.
E.The commit at command is used to schedule a system reboot.
AnswersB, C

Commit will fail if there are syntax errors.

Why this answer

Option B is correct because the `commit` command in Junos requires the candidate configuration to pass syntax and commit script checks before it is applied to the running system. If the configuration contains errors, the commit will fail, ensuring that only valid configurations are activated.

Exam trap

The trap here is confusing `commit confirmed` with a simple commit, or assuming that `rollback 0` triggers a reboot, which is a common misconception from other network operating systems where rollback might involve a reload.

21
Multi-Selectmedium

Which THREE actions can be performed in operational mode on a Junos device?

Select 3 answers
A.Commit configuration changes
B.Ping a remote host
C.Configure interface IP addresses
D.View system logs
E.Reboot the chassis
AnswersB, D, E

Ping is an operational command.

Why this answer

Operational mode in Junos is used for monitoring, troubleshooting, and managing the device, not for making configuration changes. The 'ping' command is a standard operational mode command that sends ICMP echo requests to a remote host to test network connectivity, making option B correct.

Exam trap

The trap here is that candidates familiar with Cisco IOS may mistakenly think that configuration commands like 'commit' or 'set interface' can be executed in operational mode, but Junos strictly enforces the separation between operational and configuration modes.

22
MCQmedium

A router has two routes to the same destination: one with preference 10 and metric 5, and another with preference 15 and metric 3. Which route will be installed in the forwarding table?

A.The route with preference 10.
B.The route with metric 3.
C.Neither route is installed.
D.Both routes are installed if ECMP is enabled.
AnswerA

Preference is the primary selection criterion.

Why this answer

In Junos, the route preference (administrative distance) is the primary criterion for selecting the best route to a destination. The route with preference 10 is preferred over the route with preference 15, regardless of metric values. The route with preference 10 is installed in the forwarding table.

Exam trap

The trap here is that candidates often confuse metric with preference, assuming a lower metric always wins, but Junos prioritizes preference over metric in route selection.

How to eliminate wrong answers

Option B is wrong because metric is only used as a tiebreaker when preferences are equal; a lower metric (3) does not override a higher preference (15). Option C is wrong because one route will always be installed when there are valid routes to the same destination, unless both are rejected by policy or have the same preference and metric with ECMP disabled. Option D is wrong because ECMP (Equal-Cost Multipath) requires routes to have equal preference and equal metric; here preferences differ (10 vs 15), so ECMP does not apply.

23
MCQeasy

A Juniper device has multiple candidate configurations loaded. The administrator wants to discard all uncommitted changes and revert to the last committed configuration. Which command should be used?

A.rollback 0
B.delete configuration
C.clear configuration
D.load override terminal
AnswerA

Reverts the candidate configuration to the last committed one.

Why this answer

Option A is correct because the 'rollback 0' command reverts the candidate configuration to the last committed configuration, discarding all uncommitted changes. In Junos, the rollback command uses a numeric index where 0 always refers to the most recently committed configuration, effectively undoing any uncommitted edits.

Exam trap

The trap here is that candidates may confuse 'rollback 0' with 'rollback 1', thinking 0 means 'no rollback' or that a higher number is needed to revert changes, when in fact 0 discards uncommitted edits and 1 reverts the last commit.

How to eliminate wrong answers

Option B is wrong because 'delete configuration' is not a valid Junos command; the correct approach to remove configuration is using 'delete' within configuration mode for specific statements, not a global delete. Option C is wrong because 'clear configuration' is not a valid Junos command; 'clear' is used for operational tasks like clearing counters or logs, not for reverting configuration. Option D is wrong because 'load override terminal' is used to replace the entire candidate configuration with text pasted from the terminal, but it does not revert to the last committed configuration; it loads new configuration from scratch.

24
MCQeasy

Refer to the exhibit. A route policy named DENY-RFC1918 is configured. What is the final action of this policy for a route matching 172.20.0.0/16?

A.The route is rejected because it matches the prefix list.
B.The route is accepted because it does not match the prefix list.
C.The route is accepted because term 2 accepts all routes.
D.The route is rejected only if the prefix is exactly 172.16.0.0/12.
AnswerA

Correct; it matches the prefix list and term 1 rejects.

Why this answer

The route policy DENY-RFC1918 uses a prefix list that matches RFC 1918 private addresses, including 172.20.0.0/16 (which falls within the 172.16.0.0/12 range). Since the route matches the prefix list, term 1 applies a 'reject' action, and because no subsequent term explicitly accepts the route, the final action is reject.

Exam trap

The trap here is that candidates often assume a prefix list requires an exact prefix-length match, but in Junos, a route with a longer prefix length (e.g., /16) within the listed prefix (e.g., /12) is considered a match, causing the route to be rejected.

How to eliminate wrong answers

Option B is wrong because the route 172.20.0.0/16 does match the prefix list (it is within 172.16.0.0/12), so it is not accepted by default. Option C is wrong because term 2 only accepts routes that do not match the prefix list; since this route matches, term 2 does not apply. Option D is wrong because the prefix list uses a longer prefix length match (e.g., /16 within /12), not an exact match requirement; the route is rejected regardless of whether it is exactly 172.16.0.0/12.

25
MCQeasy

An engineer has modified the configuration and wants to apply changes but also wants to verify that the changes are syntactically correct before committing. What command should the engineer use?

A.rollback
B.commit confirmed
C.commit check
D.commit
AnswerC

This validates syntax without committing.

Why this answer

The `commit check` command validates the candidate configuration for syntax errors without activating it. This allows the engineer to verify that the changes are syntactically correct before committing, ensuring the configuration is valid and reducing the risk of committing a broken configuration.

Exam trap

The trap here is that candidates confuse `commit check` with `commit confirmed`, thinking both validate syntax, but `commit confirmed` actually commits the configuration and relies on a rollback timer, not a pre-commit syntax check.

How to eliminate wrong answers

Option A is wrong because `rollback` reverts the candidate configuration to a previously committed configuration, not to validate syntax. Option B is wrong because `commit confirmed` commits the configuration but automatically rolls back after a timeout if not confirmed, which does not verify syntax before committing. Option D is wrong because `commit` applies the candidate configuration immediately without any prior syntax validation, which could activate a faulty configuration.

26
MCQeasy

A network administrator is troubleshooting high latency on a link. Which command provides real-time interface statistics?

A.show interfaces extensive
B.monitor interface traffic
C.show interfaces terse
D.show log messages
AnswerB

Provides real-time bandwidth utilization and packet counts.

Why this answer

Option B is correct because 'monitor interface traffic' shows live traffic statistics. Option A shows a static brief summary. Option C shows detailed but static output.

Option D shows historical log messages.

27
MCQeasy

A network administrator needs to remove all configuration changes made since the last commit without affecting the current active configuration. Which command should be used?

A.rollback 1
B.deactivate
C.rollback 0
D.delete
AnswerC

rollback 0 reverts to the last committed configuration, discarding uncommitted changes.

Why this answer

The `rollback 0` command reverts the candidate configuration to the currently active committed configuration, discarding all uncommitted changes without affecting the active configuration. This is the correct way to undo all modifications made since the last commit while keeping the running configuration intact.

Exam trap

The trap here is confusing `rollback 0` with `rollback 1`; candidates often think rollback 1 reverts to the last committed state, but rollback 0 is the correct way to discard uncommitted changes while preserving the active configuration.

How to eliminate wrong answers

Option A is wrong because `rollback 1` reverts to the configuration from the previous commit, not the current active configuration, and would discard the last committed changes. Option B is wrong because `deactivate` only disables a specific configuration statement or hierarchy, it does not remove all uncommitted changes. Option D is wrong because `delete` removes specific configuration statements from the candidate configuration, but it does not revert all uncommitted changes in a single operation.

28
MCQhard

A host in VLAN 10 can ping a host in VLAN 20 without a default gateway configured. What feature is likely enabled on the router that interconnects the VLANs?

A.VLAN translation is configured on the trunk
B.Proxy ARP
C.IP routing is enabled on the router
D.Dynamic ARP Inspection
AnswerB

Proxy ARP enables the router to reply to ARP requests for addresses in other subnets, making the host think the remote host is on the same subnet.

Why this answer

Proxy ARP allows a router to respond to ARP requests on behalf of hosts in different subnets. When a host in VLAN 10 sends an ARP request for a host in VLAN 20, the router responds with its own MAC address if it has a route to the destination. This enables the host to send traffic to the router, which then forwards it to the destination VLAN, even without a default gateway configured on the host.

Exam trap

The trap here is that candidates often assume IP routing alone is sufficient for inter-VLAN communication, forgetting that hosts must have a default gateway or use proxy ARP to send traffic outside their local subnet.

How to eliminate wrong answers

Option A is wrong because VLAN translation modifies VLAN IDs on trunk links and does not enable inter-VLAN communication without a default gateway; it simply maps one VLAN tag to another. Option C is wrong because IP routing is a prerequisite for any inter-VLAN communication, but it alone does not allow a host to reach a different subnet without a default gateway—the host must still know where to send packets. Option D is wrong because Dynamic ARP Inspection (DAI) is a security feature that validates ARP packets to prevent spoofing; it does not facilitate routing or proxy ARP responses.

29
MCQhard

A network administrator needs to temporarily disable a set of configuration statements for testing without deleting them. Which approach should be used?

A.use the 'deactivate' command to mark the statements inactive
B.delete the statements and later re-add from a backup
C.comment out the lines using #
D.set the configuration to a different group and remove apply-groups
AnswerA

'deactivate' makes the configuration inactive without removing it, allowing easy reactivation.

Why this answer

Option A is correct because the 'deactivate' command in Junos allows an administrator to temporarily disable a set of configuration statements without removing them from the configuration. When a statement is deactivated, it is prefixed with 'inactive:' in the configuration hierarchy, and the commit operation ignores it. This is ideal for testing changes, as the statements can be easily re-enabled using the 'activate' command.

Exam trap

The trap here is that candidates familiar with Cisco IOS may assume that commenting out lines with '!' or '#' is a valid method, but Junos uses a structured hierarchy and requires the 'deactivate' command for temporary disabling.

How to eliminate wrong answers

Option B is wrong because deleting configuration statements and later re-adding them from a backup is error-prone, time-consuming, and does not provide a simple toggle mechanism for testing. Option C is wrong because Junos does not support using '#' to comment out configuration lines; the '#' character is used for comments in shell scripts, not in the Junos configuration hierarchy. Option D is wrong because setting the configuration to a different group and removing apply-groups is a complex workaround that affects the entire group configuration and is not a direct method for temporarily disabling individual statements.

30
MCQhard

While in configuration mode, an administrator wants to see the difference between the candidate configuration and the active configuration. Which command accomplishes this?

A.show configuration
B.run show configuration
C.show | compare
D.show system commit
AnswerC

Shows changes between candidate and active.

Why this answer

Option C is correct because the 'show | compare' command, when executed in configuration mode, displays the differences between the candidate configuration and the active (committed) configuration. This pipe filter compares the current candidate configuration against the last committed configuration, highlighting additions, deletions, and changes, which is the exact requirement for seeing the difference.

Exam trap

The trap here is that candidates confuse 'show configuration' (which shows the full candidate config) with 'show | compare' (which shows only the differences), or they mistakenly think 'run show configuration' provides a diff, when it simply runs the same full-config display command from operational mode.

How to eliminate wrong answers

Option A is wrong because 'show configuration' in configuration mode displays the entire candidate configuration, not the difference between candidate and active configurations. Option B is wrong because 'run show configuration' executes the operational mode command 'show configuration' from within configuration mode, which also shows the full candidate configuration, not a comparison. Option D is wrong because 'show system commit' displays the commit history (list of past commits with timestamps and IDs), not a diff between candidate and active configurations.

31
MCQhard

A company runs a Juniper SRX firewall cluster consisting of two nodes (node0 primary, node1 secondary). The cluster has been stable. During maintenance, you modify the configuration on node0 and commit. After the commit, the cluster status shows node1 as 'ineligible'. You suspect a configuration mismatch. What should you do to synchronize the configuration without disrupting traffic?

A.On the primary node, execute 'commit synchronize'.
B.Reboot both nodes to force synchronization.
C.Manually copy the configuration file from primary to secondary.
D.On the secondary node, execute 'commit synchronize'.
AnswerA

This synchronizes the configuration from primary to secondary.

Why this answer

The 'commit synchronize' command on the primary node (node0) pushes the active configuration to the secondary node (node1) and commits it on both nodes, ensuring configuration consistency without requiring a reboot or traffic disruption. In a Juniper SRX cluster, the primary node is the authoritative source for configuration synchronization, and this command is the standard method to resolve a configuration mismatch that causes a node to become 'ineligible'.

Exam trap

The trap here is that candidates may think the secondary node can initiate synchronization (option D) or that a manual file copy (option C) is acceptable, but Juniper clusters require the primary to be the source of truth for configuration synchronization to maintain cluster integrity and avoid split-brain scenarios.

How to eliminate wrong answers

Option B is wrong because rebooting both nodes is an unnecessary and disruptive action that would cause traffic loss; it does not directly synchronize the configuration and may not resolve the mismatch if the secondary's configuration remains out of sync. Option C is wrong because manually copying the configuration file from primary to secondary is not a supported or safe method in a cluster; it bypasses Junos's internal synchronization mechanisms and could lead to file corruption or cluster instability. Option D is wrong because executing 'commit synchronize' on the secondary node (node1) is ineffective; the secondary node cannot push its configuration to the primary, and the command would fail or not achieve synchronization since the primary is the authoritative source for cluster configuration.

32
MCQmedium

Refer to the exhibit. An administrator needs to ensure that all emergency (emerg) messages are logged to the console. Based on the configuration shown, which statement is correct?

A.Emergency messages are logged to the console only.
B.Emergency messages are logged to all destinations.
C.Emergency messages are logged only to the file 'messages'.
D.Emergency messages are logged only to the remote host.
AnswerB

Correct; the console includes emerg (since 'any warning' includes more severe levels), the file includes any any, and the remote host includes critical and above, which includes emerg.

Why this answer

Option B is correct because the configuration shown includes the 'any' facility and 'emerg' severity for the console, file, and remote host destinations. In JUNOS, when a severity level is set for a syslog destination, all messages of that severity and higher are logged. Since 'emerg' is the highest severity, it applies to all configured destinations, not just one.

Exam trap

The trap here is that candidates may assume that configuring 'emerg' for a specific destination limits logging to that destination, but in JUNOS, the severity level applies independently to each destination, and all destinations with that severity configured will receive the messages.

How to eliminate wrong answers

Option A is wrong because the configuration explicitly defines syslog destinations for console, file, and remote host, so emergency messages are not limited to the console only. Option C is wrong because the file destination is configured with 'any emerg', meaning emergency messages are logged to the file, but they are also logged to other destinations. Option D is wrong because the remote host is configured with 'any emerg', but emergency messages are not logged only to the remote host; they are logged to all destinations.

33
MCQhard

An engineer wants to apply a candidate configuration and automatically revert to the previous configuration after 10 minutes if the commit is not confirmed. Which command should be used?

A.commit confirmed 10
B.commit at 10
C.set system commit timer 10
D.commit check
AnswerA

Commit confirmed with a timeout ensures rollback if not confirmed.

Why this answer

The `commit confirmed 10` command commits the candidate configuration and starts a 10-minute timer. If the commit is not explicitly confirmed with another `commit` command within that time, Junos automatically reverts to the previous configuration. This is the correct method for a timed automatic rollback after a commit.

Exam trap

The trap here is confusing the `commit confirmed` timer with the `commit at` scheduling feature, which sets an absolute time for a commit rather than a countdown for automatic rollback.

How to eliminate wrong answers

Option B is wrong because `commit at 10` schedules a commit to occur at the 10th minute of the hour, not a 10-minute confirmation timer. Option C is wrong because `set system commit timer 10` is not a valid Junos command; there is no such configuration statement. Option D is wrong because `commit check` only validates the syntax of the candidate configuration without committing it, so it cannot initiate a confirmed commit or automatic rollback.

34
Multi-Selecthard

Which THREE statements about commit options are true?

Select 3 answers
A.'commit full' reinitializes the system.
B.'commit confirmed' requires a second commit within the timeout to keep the changes.
C.'commit synchronize' commits on both Routing Engines in a chassis cluster.
D.'commit check' validates syntax without committing.
E.'commit and-quit' commits and exits configuration mode.
AnswersB, C, D

If not confirmed, changes are automatically rolled back.

Why this answer

Option B is correct because the 'commit confirmed' command in Junos applies candidate configuration changes temporarily, and if a second commit (or 'commit check') is not performed within the default 10-minute timeout, the system automatically rolls back to the previous configuration. This is used to prevent lockout during remote management changes.

Exam trap

The trap here is that candidates may confuse 'commit full' with a system reboot or reinitialization, or assume 'commit and-quit' is a valid shortcut, when in fact Junos requires separate commit and exit commands.

35
Multi-Selectmedium

Which TWO statements about IPv4 addressing are correct?

Select 2 answers
A.A /24 subnet mask provides 256 usable host addresses.
B.The network 169.254.0.0/16 is used for link-local addressing.
C.The address 192.168.0.0/16 is a public address.
D.The address 10.0.0.0/8 is a public address.
E.The address 127.0.0.1 is a loopback address.
AnswersB, E

Correct. This range is automatically assigned when no DHCP server is available.

Why this answer

Options A and B are correct. 127.0.0.1 is the loopback address, and 169.254.0.0/16 is used for link-local addressing (APIPA). Option C is false because 192.168.0.0/16 is a private address. Option D is false because 10.0.0.0/8 is private.

Option E is false because a /24 subnet mask provides 254 usable host addresses, not 256.

36
MCQeasy

A user needs to access the operational mode on a Junos device. What is the default prompt in operational mode?

A.user@host$
B.user@host%
C.user@host#
D.user@host>
AnswerD

The prompt ends with '>' in operational mode.

Why this answer

In Junos OS, the default prompt in operational mode is `user@host>`. The `>` character indicates that the device is ready to accept operational commands, such as `show` or `ping`, which do not alter the configuration. This is a fundamental distinction in Junos, where operational mode is for monitoring and troubleshooting, while configuration mode uses the `#` prompt.

Exam trap

The trap here is that candidates familiar with Cisco IOS may confuse the Junos operational mode prompt (`>`) with the Cisco user EXEC mode prompt (`>`), but Junos uses the `#` prompt only for configuration mode, not for privileged EXEC mode, leading to selection of option C.

How to eliminate wrong answers

Option A is wrong because `user@host$` is not a valid Junos prompt; the `$` character is commonly used in Unix/Linux shells but not in Junos. Option B is wrong because `user@host%` is also not a standard Junos prompt; the `%` character is sometimes used in other network OS prompts but not in Junos. Option C is wrong because `user@host#` is the prompt for configuration mode, not operational mode; in Junos, the `#` prompt indicates that the user is in configuration mode and can enter configuration commands.

37
MCQhard

A Juniper device is experiencing high CPU utilization due to a routing protocol process. The engineer suspects a specific BGP peer is causing the issue. Which operational command can be used to collect diagnostic information about the routing protocol processes?

A.show system processes extensive
B.request support information
C.show bgp summary
D.monitor traffic interface
AnswerA

Provides detailed process-level CPU and memory statistics, useful for diagnosing high CPU.

Why this answer

Option A is correct because 'show system processes extensive' displays detailed CPU and memory usage for each individual process, including routing protocol daemons like bgpd. This allows the engineer to identify which specific BGP peer or process is consuming excessive CPU resources, rather than just seeing aggregate routing protocol statistics.

Exam trap

The trap here is that candidates often pick 'show bgp summary' thinking it will show CPU usage per peer, but it only shows BGP session state and prefix counts, not process-level CPU metrics.

How to eliminate wrong answers

Option B is wrong because 'request support information' generates a comprehensive archive of system logs and configuration for offline analysis, but it does not provide real-time per-process CPU utilization data needed to pinpoint a specific BGP peer causing high CPU. Option C is wrong because 'show bgp summary' only shows BGP peer state, prefixes received, and uptime, not CPU usage per process or per peer. Option D is wrong because 'monitor traffic interface' captures live packet-level traffic on an interface, which is useful for debugging packet flows but does not reveal routing protocol process CPU consumption.

38
MCQmedium

A network administrator is configuring a new interface and wants to ensure that the interface is enabled and can pass traffic. Which configuration element is required?

A.set interfaces ge-0/0/0 enable
B.set interfaces ge-0/0/0 unit 0 family inet address 192.168.1.1/24
C.set interfaces ge-0/0/0 unit 0 family inet
D.set interfaces ge-0/0/0 disable
AnswerB

Configuring an IP address on the interface implicitly enables it.

Why this answer

Option B is correct because in Junos, an interface is administratively enabled by default (no explicit 'enable' command is needed), but to pass traffic it requires a logical unit with a configured protocol family and an IP address. The command 'set interfaces ge-0/0/0 unit 0 family inet address 192.168.1.1/24' creates unit 0, assigns the IPv4 address, and implicitly enables the interface for traffic forwarding. Without an address under a family, the interface cannot pass IP traffic even if it is administratively up.

Exam trap

The trap here is that candidates familiar with Cisco IOS may expect an explicit 'no shutdown' command (or an 'enable' keyword) to bring an interface up, but Junos interfaces are enabled by default, and the critical missing piece is the IP address under the logical unit, not an administrative enable command.

How to eliminate wrong answers

Option A is wrong because Junos does not have an 'enable' knob at the interface level; interfaces are administratively enabled by default, and the correct way to disable them is with 'disable'. Option C is wrong because 'set interfaces ge-0/0/0 unit 0 family inet' only enables the IPv4 protocol family on the logical unit but does not assign an IP address, so the interface cannot pass traffic (no local route or ARP entry is generated). Option D is wrong because 'set interfaces ge-0/0/0 disable' explicitly disables the interface, preventing it from passing any traffic, which is the opposite of the requirement.

39
MCQmedium

A network engineer needs to upgrade Junos on an MX router with dual Routing Engines (RE0 and RE1). What is the recommended procedure to minimize downtime?

A.Upgrade the primary RE first, then the backup
B.Reboot both REs at the same time after copying the image
C.Upgrade the backup RE, perform a graceful switchover (RESTART ROUTING), then upgrade the former primary
D.Upgrade both REs simultaneously using the same image
AnswerC

This is the standard upgrade procedure for dual RE systems, minimizing traffic impact.

Why this answer

Option C is correct because it minimizes downtime by first upgrading the backup RE (RE1), then performing a graceful Routing Engine switchover (using the 'request chassis routing-engine master switch' command or equivalent), which causes the upgraded backup to become the new primary without disrupting traffic. After the switchover, the former primary (now the backup) can be upgraded and rebooted, ensuring that at least one RE is always processing traffic and routing protocols like BGP and OSPF maintain their adjacencies.

Exam trap

The trap here is that candidates assume upgrading the primary first is safer or more logical, but Junos requires upgrading the backup first and performing a graceful switchover to maintain control plane continuity and avoid traffic loss.

How to eliminate wrong answers

Option A is wrong because upgrading the primary RE first forces a reboot of the active RE, causing immediate traffic disruption and routing protocol convergence delays, which defeats the purpose of dual REs for high availability. Option B is wrong because rebooting both REs simultaneously removes all redundancy and causes a complete outage, as no RE is available to forward traffic or maintain routing state. Option D is wrong because upgrading both REs at the same time (even with the same image) requires simultaneous reboots, which again eliminates redundancy and leads to downtime; Junos does not support in-service software upgrade (ISSU) across both REs in parallel.

40
MCQeasy

A network administrator wants to see the current CPU load average over the last 1, 5, and 15 minutes on a Juniper device. Which command displays this information?

A.show chassis routing-engine
B.show system uptime
C.show system processes
D.show system statistics
AnswerB

The 'show system uptime' command displays system load averages for 1, 5, and 15 minutes. This is the standard way to monitor CPU load averages.

Why this answer

The 'show system uptime' command displays the system's uptime along with the load averages for the last 1, 5, and 15 minutes. This is the standard Junos command for viewing CPU load averages, which are calculated based on the number of processes in the run queue over those time intervals.

Exam trap

The trap here is that candidates often confuse 'show chassis routing-engine' (which shows current CPU utilization) with the load average command, not realizing that load averages are a separate time-weighted metric displayed by 'show system uptime'.

How to eliminate wrong answers

Option A is wrong because 'show chassis routing-engine' displays the status and resource utilization of the Routing Engine (including CPU and memory), but it does not show the load average over 1, 5, and 15 minutes; it shows current CPU utilization percentage. Option C is wrong because 'show system processes' lists all running processes with their PID, memory, and CPU usage, but it does not aggregate the load average over time intervals. Option D is wrong because 'show system statistics' displays various system-wide counters and statistics (e.g., packet counts, memory usage), but it does not include CPU load averages.

41
MCQeasy

A user wants to ensure that a configuration change is applied across both Routing Engines in a dual-RE system. Which command must be used?

A.commit and-quit
B.commit confirmed
C.commit full
D.commit synchronize
AnswerD

Correctly applies the commit to both Routing Engines.

Why this answer

Option D is correct because the 'commit synchronize' command applies the candidate configuration to both Routing Engines simultaneously in a dual-RE system. This ensures configuration consistency across the master and backup RE, which is critical for high availability and seamless failover in Junos.

Exam trap

The trap here is that candidates often confuse 'commit synchronize' with 'commit full' or 'commit confirmed', assuming any commit command applies to both REs, but only 'commit synchronize' explicitly ensures dual-RE consistency.

How to eliminate wrong answers

Option A is wrong because 'commit and-quit' is used to commit the configuration and exit the configuration mode, but it does not synchronize changes to the backup RE. Option B is wrong because 'commit confirmed' is used to roll back a commit automatically if not confirmed within a specified time (for safe testing), not for synchronizing across REs. Option C is wrong because 'commit full' forces a full commit of the entire configuration, but it does not inherently synchronize to the backup RE; it is used to rebuild the configuration database from scratch.

42
MCQeasy

A junior administrator wants to view the current active configuration on a Juniper device. Which operational mode command should be used?

A.show configuration | display set
B.show system services
C.show interfaces terse
D.show configuration
AnswerD

This command displays the current active configuration in hierarchy format.

Why this answer

The 'show configuration' command displays the current active configuration in the candidate configuration format, which is the configuration that is currently committed and running on the Juniper device. Option D is correct because it directly retrieves the active configuration from the /config/juniper.conf file, which is the authoritative source for the operational configuration.

Exam trap

The trap here is that candidates confuse the 'show configuration' command with the 'show | display set' pipe modifier, thinking the latter is a separate command to view the active configuration, when in fact it is just an output formatting option.

How to eliminate wrong answers

Option A is wrong because 'show configuration | display set' displays the configuration in a set-based format, which is a representation of the configuration but not the default active configuration view; it is a pipe modifier that changes the output format, not the command to view the active configuration. Option B is wrong because 'show system services' displays the status of system services like SSH, Telnet, or FTP, not the device's configuration. Option C is wrong because 'show interfaces terse' displays a summary of interface status and configuration, but it does not show the full active configuration of the device.

43
MCQmedium

A static route is configured with next-hop 10.0.0.1, but the route does not appear in the routing table. The interface ge-0/0/0 has IP 192.168.1.2/24 and is up. What is the most likely reason?

A.The static route has a preference of 5.
B.The route is hidden due to an import policy.
C.The static route is configured with the 'discard' option.
D.The next-hop IP is not on a directly connected subnet.
AnswerD

The next-hop is not reachable via a directly connected interface, so the route is not installed unless 'resolve' is used.

Why this answer

The next-hop 10.0.0.1 is not on a directly connected subnet (192.168.1.0/24). For a static route to be installed, the next-hop must be reachable via a directly connected interface unless the 'resolve' option is used. Option A is not a problem.

Option C is unlikely. Option D would not prevent route installation if next-hop is reachable.

44
Multi-Selecteasy

Which TWO commands can be used to view the current active configuration on a Juniper device?

Select 2 answers
A.show interfaces terse
B.show|display set | match
C.show active configuration
D.show configuration
E.show configuration | display inherited
AnswersD, E

Displays the candidate configuration, which is the current active if no uncommitted changes.

Why this answer

Option D is correct because 'show configuration' displays the current active configuration in the default hierarchical format. Option E is correct because 'show configuration | display inherited' shows the active configuration with inherited configuration groups (e.g., from 'groups' or 'apply-groups') expanded inline, revealing the full effective configuration as applied to the device.

Exam trap

The trap here is that candidates may confuse 'show active configuration' (which does not exist) with the correct 'show configuration', or mistakenly think 'show interfaces terse' or a malformed pipe command can display configuration.

45
MCQeasy

A network engineer notices that a device is not sending SNMP traps to the NMS. Which operational command should be used to verify SNMP configuration?

A.show system uptime
B.show route
C.show snmp
D.show interfaces terse
AnswerC

Displays SNMP configuration and trap settings.

Why this answer

The 'show snmp' command in Junos displays the current SNMP configuration, including community strings, trap destinations, and enabled trap groups. Since the issue is that the device is not sending SNMP traps, this command allows the engineer to verify that trap destinations are correctly configured and that the appropriate trap groups are enabled. Other commands like 'show system uptime' or 'show route' do not provide any SNMP-specific configuration details.

Exam trap

The trap here is that candidates often confuse 'show snmp' with 'show snmp statistics' or 'show snmp mib walk', but the question specifically asks for verifying configuration, not statistics or MIB data, making 'show snmp' the correct operational command.

How to eliminate wrong answers

Option A is wrong because 'show system uptime' displays the system uptime and load averages, not SNMP configuration or trap settings. Option B is wrong because 'show route' displays the routing table and is used for verifying network reachability, not SNMP trap configuration. Option D is wrong because 'show interfaces terse' shows a summary of interface status and configuration, which is unrelated to SNMP trap settings.

46
Multi-Selecthard

Which THREE statements about the 'request system snapshot' command are true? (Choose three.)

Select 3 answers
A.It creates a recovery media for the device.
B.It compresses the backup to save space.
C.It backs up the current Junos OS and configuration to alternate media.
D.It copies the active partition to the alternate partition on the same media.
E.It can be used to restore the software and configuration in case of failure.
AnswersA, C, E

Correct: Snapshots create bootable recovery media.

Why this answer

Option A is correct because the 'request system snapshot' command creates a bootable recovery media (e.g., USB or compact flash) that contains a copy of the current Junos OS and configuration. This allows the device to boot from that media in case of a system failure, effectively serving as a recovery tool.

Exam trap

The trap here is that candidates confuse 'request system snapshot' with 'request system snapshot partition', which copies the active partition to the alternate partition on the same media, not to external media.

47
Multi-Selecteasy

Which TWO statements describe correct methods to enter configuration mode? (Choose two.)

Select 2 answers
A.Type 'edit' at the operational mode prompt.
B.Type 'configure exclusive' at the operational mode prompt.
C.Type 'configure' at the operational mode prompt.
D.Type 'cli' at the operational mode prompt.
E.Type 'expert' at the operational mode prompt.
AnswersA, C

This command enters configuration mode.

Why this answer

Option A is correct because the 'edit' command at the operational mode prompt transitions the user into configuration mode, allowing changes to the candidate configuration. Option C is correct because the 'configure' command also enters configuration mode, with the default behavior being a shared session unless 'exclusive' or 'private' is specified. Both commands are standard methods to enter configuration mode in Junos OS.

Exam trap

The trap here is that candidates may confuse 'configure exclusive' as a distinct method to enter configuration mode, but the question asks for two correct statements, and 'configure exclusive' is a valid command; however, it is not listed as a correct option in this specific question, so it must be eliminated along with the clearly wrong options D and E.

48
MCQhard

A technician notices that the /var partition on a Junos device is 95% full. Which action will immediately free up disk space without affecting device operation?

A.Delete unused software packages using 'request system software delete'
B.Reboot the device
C.Remove the /var/log directory
D.Clear log files using 'clear log messages'
AnswerD

Clearing log files immediately frees space in /var with no impact on operations.

Why this answer

Option D is correct because the 'clear log messages' command immediately removes the contents of the active log files (e.g., messages, interactive-commands) without requiring a reboot or affecting running processes. This directly frees up space in /var/log, which is a primary consumer of the /var partition, while leaving the directory structure intact so logging continues normally.

Exam trap

The trap here is that candidates may think rebooting (Option B) clears all temporary files and logs, but Junos does not automatically delete persistent log files on reboot; only volatile /tmp is cleared, so /var remains full.

How to eliminate wrong answers

Option A is wrong because 'request system software delete' removes inactive software packages from /var/sw/pkg, but if the /var partition is 95% full due to log files, this action may not free significant space and could be unnecessary; also, it does not immediately address the most common cause of /var fullness. Option B is wrong because rebooting the device does not delete any files; it only clears temporary runtime data in /tmp and /var/tmp, but persistent log files in /var/log remain, so disk space is not freed. Option C is wrong because removing the /var/log directory would break logging functionality, cause loss of forensic data, and potentially disrupt system operations (e.g., syslogd may fail to start), which violates the requirement of not affecting device operation.

49
Multi-Selecthard

Which two commands can be used to capture the current interface statistics and save them for later analysis? (Choose two.)

Select 2 answers
A.file archive interface-statistics
B.request system statistics interface
C.show interfaces statistics | save /var/log/iface_stats.txt
D.show interfaces extensive | save /var/log/iface_extensive.txt
E.monitor interface traffic | save /var/log/iface_traffic.txt
AnswersC, D

Saves interface statistics output to a file.

Why this answer

Option C is correct because the 'show interfaces statistics' command displays current interface counters (e.g., input/output packets, errors, discards) and piping the output to '| save /var/log/iface_stats.txt' writes the snapshot to a file for later analysis. This allows you to capture a point-in-time record of interface statistics without ongoing monitoring.

Exam trap

The trap here is that candidates may confuse 'monitor interface traffic' (a real-time, continuous command) with 'show interfaces statistics' (a static snapshot), or assume that 'request system statistics interface' is a valid Junos command when it is not, leading them to select option B or E incorrectly.

50
MCQhard

You are the network administrator for a large enterprise with a Juniper MX480 router running Junos 18.2R3. The router has two Routing Engines (RE0 and RE1) in a graceful Routing Engine switchover (GRES) configuration. During a scheduled maintenance window, you need to upgrade the Junos OS to a newer version while minimizing traffic loss. The upgrade process requires a reboot of both REs. You have staged the software on both REs. Which sequence of commands should you use to perform the upgrade with minimal disruption?

A.On both REs: request system software add <image>; then request system reboot both REs simultaneously.
B.On RE0: request system software add <image> re0; on RE1: request system software add <image> re1; then request system reboot both.
C.On RE0 (primary): request system software add <image> re0; request system reboot re0. After reboot, on RE1: request system software add <image> re1; request system reboot re1.
D.On RE1 (backup): request system software add <image> re1; request system reboot re1. After reboot, request chassis routing-engine master switch. On RE0 (now backup): request system software add <image> re0; request system reboot re0.
AnswerD

Correct: Follows best practice for minimal disruption.

Why this answer

Option D is correct because it performs a hitless upgrade by first upgrading and rebooting the backup RE (RE1), then performing a graceful mastership switch using 'request chassis routing-engine master switch', and finally upgrading and rebooting the former primary (now backup) RE0. This sequence ensures that during each RE reboot, the other RE remains active and continues forwarding traffic, leveraging GRES to maintain state and minimize packet loss.

Exam trap

The trap here is that candidates assume 'request system reboot both' or rebooting the primary first is acceptable, not realizing that GRES requires a sequential upgrade with a manual mastership switch to avoid a full outage.

How to eliminate wrong answers

Option A is wrong because rebooting both REs simultaneously would cause a complete loss of routing and forwarding capability, defeating the purpose of GRES and causing significant traffic disruption. Option B is wrong because issuing 'request system reboot both' still reboots both REs at the same time, even though the software is staged individually, resulting in the same outage as Option A. Option C is wrong because rebooting the primary RE (RE0) first without first switching mastership to the backup causes the backup to take over abruptly, but more critically, the backup RE1 still has the old software and must be rebooted later, leading to a second outage window; the sequence does not leverage GRES to minimize disruption.

51
MCQhard

Refer to the exhibit. An administrator wants to ensure that log messages are stored even if the remote syslog server becomes unavailable. What additional configuration is required?

A.set system syslog archive world-readable
B.set system syslog host 10.10.10.1 facility-override
C.set system syslog rate-limit 1000
D.set system syslog file messages any any
AnswerD

C configures a local file for logging.

Why this answer

Option D is correct because configuring a local log file with `set system syslog file messages any any` ensures that log messages are stored locally on the device, even if the remote syslog server becomes unavailable. This provides a persistent local copy of logs that can be reviewed later, independent of the remote server's reachability.

Exam trap

The trap here is that candidates often confuse remote syslog configuration (host) with local logging (file), assuming that simply configuring a remote server is sufficient for all logging needs, but Junos requires an explicit local file to store logs locally when the remote server is unavailable.

How to eliminate wrong answers

Option A is wrong because `set system syslog archive world-readable` only changes file permissions on archived log files, not the ability to store logs locally when the remote server is down. Option B is wrong because `set system syslog host 10.10.10.1 facility-override` modifies the facility tag of messages sent to the remote server, but does not create any local storage. Option C is wrong because `set system syslog rate-limit 1000` controls the rate at which log messages are generated, not where they are stored, and does not address local logging.

52
MCQmedium

A network engineer is in configuration mode and wants to see the configuration in a format that can be directly pasted into another router to reproduce the configuration. Which output modifier should they use?

A.| display inheritance
B.| display set
C.| display xml
D.| count
AnswerB

Produces 'set' commands that can be directly pasted into another Junos device.

Why this answer

The '| display set' output modifier converts the current Junos configuration into a series of 'set' commands. This format is directly pasteable into another router's CLI to reproduce the exact configuration, making it ideal for configuration migration or backup restoration.

Exam trap

The trap here is that candidates familiar with Cisco IOS often expect 'show running-config' to output pasteable commands, but Junos requires the explicit '| display set' modifier to achieve the same effect, leading them to choose '| display xml' or '| display inheritance' due to unfamiliarity with Junos output modifiers.

How to eliminate wrong answers

Option A is wrong because '| display inheritance' shows inherited configuration data from groups or hierarchy levels, not a pasteable command format. Option C is wrong because '| display xml' outputs the configuration in XML format, which is not directly executable as CLI commands. Option D is wrong because '| count' simply counts the number of lines in the output, providing no configuration reproduction capability.

53
MCQeasy

Refer to the exhibit. What does this command accomplish?

A.Displays help for syslog messages that include 'error'.
B.Displays all syslog messages.
C.Displays syslog messages containing the word 'error'.
D.Displays the error log file.
AnswerA

The 'help syslog messages' command provides descriptions of syslog message types; the pipe filters to those with 'error' in the description.

Why this answer

The command 'show log messages | match error' uses a pipe to filter the output of the 'show log messages' command, displaying only lines that contain the string 'error'. However, the question asks what the command accomplishes, and the correct answer is A because the '| match' filter is essentially a help mechanism to find relevant syslog messages, and the exhibit likely shows 'show log messages | match error' which is a common way to display help for syslog messages that include 'error'. The command does not display all syslog messages (B), does not display only messages containing the word 'error' as a whole word (C), and does not display an error log file (D).

Exam trap

The trap here is that candidates often assume 'match error' performs a whole-word search or that there is a dedicated error log file, when in reality it is a substring match on the default messages log file.

How to eliminate wrong answers

Option B is wrong because 'show log messages' alone displays all syslog messages, but the pipe with 'match error' filters the output, so it does not display all messages. Option C is wrong because the 'match' filter performs a substring match, not a whole-word match; it would also match messages containing 'error' as part of a larger word (e.g., 'error-handling'), so it does not strictly display only messages containing the word 'error'. Option D is wrong because there is no separate 'error log file' in Junos; syslog messages are stored in the messages log file, and this command filters that file, not a dedicated error log.

54
Drag & Dropmedium

Arrange the steps to configure a DHCP server on a Junos router.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order

Why this order

DHCP server configuration involves defining pools, options, and exclusions.

55
MCQeasy

An administrator wants to navigate to the configuration mode to make changes to the device. Which command should be used?

A.set
B.edit
C.configure
D.cli
AnswerC

Enters configuration mode.

Why this answer

The correct command to enter configuration mode on a Juniper device is 'configure'. This command transitions the CLI from operational mode to configuration mode, allowing the administrator to make changes to the device's configuration. In JUNOS, the CLI has two distinct modes: operational mode (for monitoring and troubleshooting) and configuration mode (for modifying the active or candidate configuration).

Exam trap

The trap here is that Cisco engineers often confuse 'configure terminal' (Cisco IOS) with JUNOS commands, mistakenly thinking 'set' or 'edit' are the entry points to configuration mode, when in fact 'configure' is the required command to enter configuration mode from operational mode.

How to eliminate wrong answers

Option A is wrong because 'set' is a configuration mode command used to add or modify configuration statements, not a command to enter configuration mode itself. Option B is wrong because 'edit' is a configuration mode command that navigates to a specific hierarchy level within the configuration, not a command to enter configuration mode from operational mode. Option D is wrong because 'cli' is used to access the JUNOS CLI from the shell or to restart the CLI process, not to enter configuration mode.

56
Drag & Dropmedium

Arrange the steps to perform a system backup (snapshot) on a Junos device.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order

Why this order

Snapshot creates a bootable backup of the Junos system. The steps are straightforward.

57
Multi-Selecteasy

Which TWO statements correctly describe the function of the 'commit' command in Junos OS? (Choose two.)

Select 2 answers
A.It validates the candidate configuration for syntax errors.
B.It schedules the configuration to be applied at a later time.
C.It discards the candidate configuration after saving.
D.It saves the candidate configuration to the active configuration.
E.It automatically reboots the device to apply the changes.
AnswersA, D

Commit performs syntax validation before applying.

Why this answer

Option A is correct because the 'commit' command in Junos OS first validates the candidate configuration for syntax errors before applying it. If syntax errors are found, the commit fails and the candidate configuration is not applied, ensuring the device does not enter an inconsistent state. This validation step is a core part of Junos's transactional configuration model, where changes are staged in a candidate configuration and then committed atomically.

Exam trap

The trap here is that candidates familiar with Cisco IOS may mistakenly think 'commit' requires a reboot (like 'write memory' followed by reload) or that it discards changes, whereas Junos applies changes dynamically and retains the candidate configuration for further editing.

58
MCQhard

Refer to the exhibit. The administrator applied a firewall filter named BLOCK-ICMP on the inbound direction of ge-0/0/0. However, pings from the router to 10.0.0.2 are successful. Why is this?

A.The filter configuration is incorrect; the name should be within quotes.
B.The filter is applied to output traffic, not input traffic.
C.The BLOCK-ICMP filter allows ICMP by default.
D.The filter is applied to transit traffic only; locally generated traffic bypasses the input filter.
AnswerD

Locally generated packets exit via the output path, not input filter.

Why this answer

Option D is correct because in Junos, firewall filters applied to the input direction of an interface only affect transit traffic—packets that enter the interface and are destined for another device. Locally generated traffic, such as ICMP echo requests originated by the router itself, is not subject to input firewall filters; it is instead controlled by the loopback interface's firewall filter or the output filter. Since the ping originates from the router's control plane, it bypasses the input filter on ge-0/0/0, allowing the ping to 10.0.0.2 to succeed.

Exam trap

The trap here is that candidates often assume input firewall filters apply to all traffic entering an interface, including packets generated by the router itself, but Junos explicitly exempts locally originated traffic from input filters on physical interfaces.

How to eliminate wrong answers

Option A is wrong because Junos does not require firewall filter names to be enclosed in quotes; names without spaces or special characters are valid without quotes. Option B is wrong because the filter is explicitly applied to the 'input' direction (as stated in the question), not output traffic, and the issue is not about direction misapplication. Option C is wrong because firewall filters in Junos do not have an implicit 'allow' for any protocol; the default action at the end of a filter is to deny all traffic unless a term explicitly permits it, so ICMP would be blocked for transit traffic.

59
MCQeasy

An administrator wants to view the current operational status of interface ge-0/0/1 on a Junos device. Which command displays this information?

A.show interfaces terse ge-0/0/1
B.show configuration interfaces ge-0/0/1
C.monitor interface ge-0/0/1
D.show interface ge-0/0/1
AnswerA

Shows operational status in concise format.

Why this answer

The 'show interfaces terse ge-0/0/1' command displays a concise, one-line summary of the operational status of the specified interface, including its administrative and link state, protocol status, and configured IP addresses. This is the correct command for viewing the current operational status because 'terse' filters the output to show only the essential operational details without configuration data.

Exam trap

The trap here is that Cisco engineers often expect 'show interface' (singular) to work, but Junos strictly requires the plural 'interfaces' for operational commands, and candidates may confuse 'show configuration' (which shows config) with 'show interfaces terse' (which shows operational status).

How to eliminate wrong answers

Option B is wrong because 'show configuration interfaces ge-0/0/1' displays the configured settings for the interface, not its current operational status; it shows what is configured, not whether the interface is up or down. Option C is wrong because 'monitor interface ge-0/0/1' is used for real-time, continuous monitoring of interface statistics and traffic, not for a single snapshot of operational status. Option D is wrong because 'show interface ge-0/0/1' is not a valid Junos command; the correct syntax uses the plural 'interfaces' (e.g., 'show interfaces ge-0/0/1'), and this option omits the 's', which would result in a CLI error.

60
MCQhard

During troubleshooting, an engineer notices that BGP sessions are flapping. They suspect that the issue might be related to the maximum number of routes allowed. To see if the BGP import policy is rejecting routes, which operational command would provide immediate insight?

A.show version
B.show interfaces terse
C.show route protocol bgp
D.show bgp neighbor x.x.x.x
AnswerD

Displays BGP neighbor details including prefix counts and policy statistics.

Why this answer

Option D is correct because the 'show bgp neighbor x.x.x.x' command displays detailed BGP session information, including the number of received and accepted routes, as well as any prefix-limit or policy-related rejections. If the BGP import policy is rejecting routes due to exceeding the maximum allowed, this command will show the 'received prefixes' count alongside the 'accepted prefixes' count, immediately revealing if routes are being dropped. This provides direct insight into whether the flapping is caused by route limit enforcement.

Exam trap

The trap here is that candidates often think 'show route protocol bgp' will show all BGP routes including rejected ones, but it only shows routes that passed the import policy and were installed in the routing table, missing the critical rejection information that 'show bgp neighbor' provides.

How to eliminate wrong answers

Option A is wrong because 'show version' displays only the Junos OS version, system uptime, and hardware model, which is irrelevant to BGP route acceptance or policy rejection. Option B is wrong because 'show interfaces terse' shows interface status and IP addresses but provides no BGP-specific information such as route counts or policy actions. Option C is wrong because 'show route protocol bgp' displays the routing table entries learned via BGP, but it does not show rejected routes or the reason for rejection; it only shows routes that have already been accepted and installed, so it cannot reveal if the import policy is discarding routes.

61
Multi-Selectmedium

Which THREE statements are true about the commit operation on Junos?

Select 3 answers
A.The commit operation validates the configuration before applying.
B.The commit operation can be confirmed with a time delay.
C.The candidate configuration is activated immediately upon commit.
D.The commit operation always requires a reboot.
E.A commit check can be performed without committing.
AnswersA, B, C

Junos performs validation checks (syntax, semantics) before applying the commit. If validation fails, the commit is rejected.

Why this answer

Option A is correct because the `commit` operation in Junos first validates the candidate configuration for syntax and semantic errors before applying it. If validation fails, the commit is aborted and the candidate configuration remains unchanged, ensuring operational stability.

Exam trap

The trap here is that candidates may think a commit always requires a reboot (Option D) due to experience with other vendors, or they may incorrectly believe that a commit check cannot be performed without committing (Option E), when in fact `commit check` is a standard Junos command that validates without applying.

62
MCQmedium

An administrator is in configuration mode and wants to see only the interfaces configuration block while editing. Which command will display just that section?

A.show interfaces
B.show
C.display set | match interfaces
D.run show interfaces
AnswerA

'show interfaces' in configuration mode shows the interfaces configuration block.

Why this answer

Option A is correct because in Junos configuration mode, the 'show interfaces' command displays only the interfaces configuration block without leaving configuration mode. This is a Junos-specific feature where 'show' commands within configuration mode show the current candidate configuration, not operational state. The command filters the output to show only the 'interfaces' hierarchy, allowing the administrator to review just that section.

Exam trap

The trap here is that candidates familiar with Cisco IOS might expect 'show running-config | section interfaces' or 'show run interface' and mistakenly choose 'run show interfaces' (Option D), which in Junos shows operational state, not configuration, or they might think 'show' alone (Option B) is sufficient, not realizing it shows the entire configuration from the current level.

How to eliminate wrong answers

Option B is wrong because 'show' alone displays the entire candidate configuration from the current hierarchy level, not just the interfaces block, which would be too verbose if the administrator is at the top of the configuration tree. Option C is wrong because 'display set | match interfaces' is a valid pipe filter but 'display set' is a configuration mode command that converts the configuration to set format; however, the correct syntax would be 'show | display set | match interfaces', and the option as written is incomplete and would not work as intended. Option D is wrong because 'run show interfaces' executes the operational mode command 'show interfaces', which displays the current operational status of interfaces (like link state, IP addresses), not the configuration block, and it temporarily exits configuration mode to run the command.

63
MCQhard

After a software upgrade, BGP sessions are not establishing. The engineer runs 'show bgp summary' and sees that all sessions are in Idle state. What is the most likely cause?

A.The BGP group configuration is missing
B.The interface is administratively down
C.The router has a full BGP table
D.The firewall filter is blocking ICMP
AnswerA

Without proper configuration, BGP cannot start.

Why this answer

The Idle state in BGP indicates that the session has not started the connection process, often because the BGP configuration is incomplete or missing. If the BGP group configuration is missing, the router has no peers to initiate sessions with, so all sessions remain in Idle. This is the most likely cause when all sessions are in Idle after a software upgrade, as configuration elements may be lost or not applied.

Exam trap

The trap here is that candidates often associate Idle state with connectivity issues like interface down or firewall filters, but Idle specifically indicates the BGP process has not been initiated due to missing or incomplete configuration, not a network problem.

How to eliminate wrong answers

Option B is wrong because an administratively down interface would cause the BGP session to be stuck in Active or Connect state, not Idle, as the router would still attempt to establish a TCP connection. Option C is wrong because a full BGP table does not prevent session establishment; it may cause memory or processing issues but the session state would be Established or possibly Idle due to resource exhaustion, not universally Idle. Option D is wrong because a firewall filter blocking ICMP would not affect BGP session establishment, as BGP uses TCP port 179, not ICMP; blocking ICMP could impact path MTU discovery but not the TCP handshake itself.

64
Multi-Selectmedium

Which two factors determine whether a route is active for a given destination when multiple routes from different protocols exist? (Choose two.)

Select 2 answers
A.Metric
B.Route preference
C.Route origin
D.Next-hop reachability
E.Local preference
AnswersB, D

Route preference is used to compare routes from different protocols; lower preference is preferred.

Why this answer

B is correct because Junos uses route preference (administrative distance) as the primary tiebreaker when multiple routing protocols offer routes to the same destination. The route with the lowest preference value is installed into the routing table as the active route. D is correct because even if a route has the best preference, it must have a reachable next hop to be considered active; if the next hop is unreachable, the route is hidden and not used.

Exam trap

The trap here is that candidates often confuse metric with preference, thinking metric is used to compare routes from different protocols, but Junos uses preference as the first tiebreaker, and metric only applies within the same protocol.

65
MCQeasy

An engineer wants to configure a static route that will be used only if the primary route (learned via OSPF) becomes unavailable. Which feature should be used?

A.Floating static route with a higher preference.
B.Static route with a lower metric.
C.Reverse path forwarding.
D.Routing policy.
AnswerA

A higher preference (e.g., 15) makes the static route less preferred than OSPF (10), so it acts as a backup.

Why this answer

Option B is correct because a floating static route uses a higher preference so it is less preferred than OSPF and only becomes active when OSPF fails. Option A is wrong because metric is not comparable across protocols. Option C is wrong because RPF is unrelated.

Option D is wrong because routing policy is too broad and not the specific feature.

66
MCQmedium

Which field in an Ethernet frame is used by a switch to learn which source MAC address belongs to which port?

A.Ethertype field
B.Destination MAC address
C.VLAN ID field
D.Source MAC address
AnswerD

The switch learns the source MAC and associates it with the incoming port.

Why this answer

A switch learns MAC address-to-port mappings by examining the source MAC address field of incoming Ethernet frames. When a frame arrives on a port, the switch records the source MAC address and associates it with that port in its MAC address table, enabling future frames destined for that MAC to be forwarded only to the correct port.

Exam trap

The trap here is that candidates often confuse the role of the destination MAC address (used for forwarding decisions) with the source MAC address (used for learning), especially when they recall that switches forward frames based on destination MAC, but forget that learning is done from the source MAC.

How to eliminate wrong answers

Option A is wrong because the Ethertype field indicates the upper-layer protocol (e.g., IPv4 or IPv6) encapsulated in the frame, not the source or destination MAC address, and is not used for MAC learning. Option B is wrong because the destination MAC address is used by the switch to look up the forwarding decision (which port to send the frame out of) after the MAC address table is built, not to learn which port a source MAC belongs to. Option C is wrong because the VLAN ID field (part of the 802.1Q tag) identifies the VLAN membership of the frame, but MAC learning is performed per VLAN using the source MAC address, not the VLAN ID itself.

67
MCQmedium

A company has multiple Juniper devices and wants to standardize configuration snapshots for backup and audit purposes. What is the best practice?

A.Run 'commit and-quit' to save the configuration to the flash
B.Use 'show configuration | save /var/tmp/config.txt' and then transfer the file via SCP to a backup server
C.Use the 'file archive' command to create a backup of the configuration
D.Use the 'show configuration | no-more' command and copy the output manually
AnswerB

This automates the backup and stores a retrievable file.

Why this answer

Option B is correct because it uses the 'show configuration | save' command to write the current active configuration to a file in /var/tmp, which can then be securely transferred via SCP to a backup server. This is the standard Junos method for creating a portable, text-based snapshot of the configuration for backup and audit purposes, as it preserves the exact configuration syntax and can be easily compared or restored.

Exam trap

The trap here is that candidates may confuse the 'commit and-quit' command (which commits and exits) with a backup mechanism, or assume that 'file archive' is the correct tool for capturing configuration output, when in fact Junos requires explicit piping of the configuration output to a file for reliable backups.

How to eliminate wrong answers

Option A is wrong because 'commit and-quit' is not a valid Junos command; the correct command is 'commit and-quit' (with a space) which commits the configuration and exits the configuration mode, but it does not save a separate snapshot file to flash—it only activates the candidate configuration. Option C is wrong because the 'file archive' command is used to compress or archive files, not to capture the active configuration; it operates on existing files, not on the output of a 'show' command. Option D is wrong because 'show configuration | no-more' only displays the configuration without paging, but it does not save the output to a file; manually copying the output is error-prone and not a scalable or auditable practice for standardized backups.

68
MCQmedium

Refer to the exhibit. The network administrator made a change that caused connectivity loss. They need to revert to the configuration before the most recent commit. Which command would accomplish this?

A.rollback 0
B.rollback 3
C.rollback 2
D.rollback 1
AnswerA

C reverts to config before last commit.

Why this answer

The correct answer is A, rollback 0. In Junos, the rollback command reverts the active configuration to a previously committed configuration file. The most recent commit is stored as rollback 0, so issuing 'rollback 0' restores the configuration that was active before the last commit, effectively undoing the change that caused connectivity loss.

Exam trap

The trap here is that candidates often confuse rollback 0 with the current active configuration, when in fact rollback 0 is the most recent commit, and rollback 1 is the configuration before that commit, so to revert the last change you need rollback 0, not rollback 1.

How to eliminate wrong answers

Option B (rollback 3) is wrong because rollback 3 refers to the configuration from three commits ago, not the most recent commit. Option C (rollback 2) is wrong because rollback 2 refers to the configuration from two commits ago. Option D (rollback 1) is wrong because rollback 1 refers to the configuration immediately before the last commit, which is the same as the current active configuration after the last commit, not the configuration before the most recent commit.

The key distinction is that rollback 0 is the most recent commit, while rollback 1 is the previous commit.

69
MCQeasy

Based on the exhibit, which protocol is enabled on interface ge-0/0/0.0?

A.IS-IS
B.BGP
C.MPLS
D.OSPF
AnswerC

Correct: MPLS is listed under Protocols.

Why this answer

The exhibit shows that interface ge-0/0/0.0 has the 'family mpls' statement configured under it, which enables MPLS on that interface. MPLS is explicitly enabled at the protocol family level, allowing the interface to participate in MPLS label switching.

Exam trap

The trap here is that candidates often confuse 'family mpls' with enabling a routing protocol like OSPF or IS-IS, not realizing that MPLS is a separate protocol family configured directly on the interface, not under the routing protocol hierarchy.

How to eliminate wrong answers

Option A is wrong because IS-IS is a routing protocol that would be enabled under the 'protocols isis' hierarchy, not by configuring 'family mpls' on the interface. Option B is wrong because BGP is a routing protocol configured under 'protocols bgp' and requires an address family (e.g., inet unicast) to be enabled, not 'family mpls'. Option D is wrong because OSPF is enabled under 'protocols ospf' and uses 'interface' statements within that hierarchy, not by setting 'family mpls' on the interface.

70
Drag & Dropmedium

Order the steps to reset the root password on a Junos device via the console.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order

Why this order

Root password recovery requires boot interruption and selecting the recovery option from the boot menu.

71
MCQmedium

A device is configured with multiple routing instances. An engineer needs to view the ARP table for a specific routing instance. Which command should be used?

A.show arp routing-instance <instance-name>
B.show arp
C.show arp instance <instance-name>
D.show route table <instance-name>.inet.0
AnswerC

B displays ARP for the specified instance.

Why this answer

Option C is correct because the `show arp instance <instance-name>` command is the Junos OS syntax to display the ARP table for a specific routing instance. In Junos, routing instances create separate forwarding tables, and the ARP cache is per-instance; this command targets the instance's ARP entries directly.

Exam trap

The trap here is that candidates often confuse the Junos command syntax with Cisco IOS, where `show arp vrf <name>` is used, leading them to incorrectly choose option A (`show arp routing-instance`) instead of the correct Junos syntax `show arp instance`.

How to eliminate wrong answers

Option A is wrong because `show arp routing-instance <instance-name>` is not a valid Junos command; the correct keyword is `instance`, not `routing-instance`. Option B is wrong because `show arp` displays the ARP table only for the default routing instance (inet.0), not for a specific non-default instance. Option D is wrong because `show route table <instance-name>.inet.0` shows the routing table, not the ARP table; ARP is a Layer 2 resolution mechanism, separate from the routing table.

72
Multi-Selecteasy

Which TWO statements about static routes in Junos OS are correct? (Choose two.)

Select 2 answers
A.Two static routes to the same destination with the same preference will result in an active/backup scenario.
B.A static route can have a next-hop specified as an interface name for point-to-point interfaces.
C.A static route can use the 'reject' next-hop to drop traffic matching the route.
D.The default preference for a static route is 10.
E.A static route must always include a next-hop address.
AnswersB, C

For point-to-point interfaces like serial, you can use interface name as next-hop.

Why this answer

Options A and D are correct. A: A static route with a next-hop of 'reject' installs a reject route to prevent traffic. D: A static route can have a next-hop that is an interface name (e.g., ge-0/0/0) for point-to-point interfaces.

B is incorrect; the default preference is 5, not 10. C is incorrect; a static route can be configured without a next-hop (though not typical) but the statement is too absolute. E is incorrect; two static routes to the same destination with equal preferences result in ECMP, not active/backup.

73
MCQeasy

An engineer notices that a Juniper device is not saving configuration changes across reboots. What is the most likely cause?

A.The rescue configuration is not set.
B.The device is booting from factory-default configuration.
C.The candidate configuration was not committed.
D.The command 'request system reboot' was used instead of 'commit'.
AnswerC

Changes are only saved after a commit; otherwise they are lost on reboot.

Why this answer

In Junos OS, configuration changes are stored in a candidate configuration and only become active and persistent across reboots after a 'commit' operation. Without a commit, the changes remain in the candidate buffer and are discarded upon reboot, causing the device to revert to the last committed configuration.

Exam trap

The trap here is that candidates familiar with Cisco IOS may assume changes are saved automatically or with a 'copy running-config startup-config' equivalent, but Junos requires an explicit 'commit' to make changes persistent across reboots.

How to eliminate wrong answers

Option A is wrong because the rescue configuration is a separate, manually saved configuration used for recovery; its absence does not prevent normal configuration saves from persisting across reboots. Option B is wrong because booting from factory-default would require a specific action (e.g., 'request system zeroize' or loading factory-default), and the device normally boots from the last committed configuration, not factory-default. Option D is wrong because 'request system reboot' is a command to reboot the device, not a configuration command; it does not replace the need for 'commit' to save changes.

74
MCQeasy

Refer to the exhibit. Why is the route for 192.168.1.0/24 hidden?

A.The route has a higher metric
B.The route has a lower preference
C.The route is not committed
D.The next-hop is unreachable
AnswerD

Hidden static routes indicate that the next-hop is not reachable.

Why this answer

The route is hidden because its next-hop is unreachable. Option B is correct. Option A is incorrect because the metric is the same as other static routes.

Option C is incorrect because the route appears in the routing table. Option D is incorrect because the preference is 10, same as other routes.

75
MCQhard

Refer to the exhibit. An engineer configures interface ge-0/0/0 with both IPv4 and IPv6 addresses. The engineer notices that the interface is operationally up, but the IPv6 address is not pingable from a directly connected host. The host has an IPv6 address in the same subnet. What is the most likely cause?

A.The interface MTU is too small for IPv6 packets.
B.The interface does not have IPv6 neighbor discovery enabled.
C.The IPv6 address is not configured under the correct unit.
D.The interface has an IPv4 address, which prevents IPv6 from working.
AnswerB

IPv6 requires neighbor discovery to be enabled; without it, the router may not respond to NS/NA messages.

Why this answer

IPv6 neighbor discovery (ND) is required for address resolution and duplicate address detection on a link. If ND is not enabled on the interface, the router cannot respond to Neighbor Solicitation messages from the host, making the IPv6 address unreachable even though the interface is operationally up. In Junos, ND is enabled by default on IPv6-enabled interfaces, but it can be disabled with the 'no-neighbor-discovery' configuration statement.

Exam trap

The trap here is that candidates may assume IPv6 works automatically once an address is configured, overlooking that neighbor discovery is a separate protocol that must be enabled for basic connectivity on multi-access links.

How to eliminate wrong answers

Option A is wrong because the interface MTU being too small would typically cause fragmentation issues or packet drops, not a complete failure to ping; IPv6 requires a minimum MTU of 1280 bytes, and the default Ethernet MTU of 1500 bytes is sufficient. Option C is wrong because if the IPv6 address were not configured under the correct unit, the interface would not show the address in the configuration or operational state, and the question states the address is configured. Option D is wrong because IPv4 and IPv6 can coexist on the same interface (dual-stack) without interference; an IPv4 address does not prevent IPv6 from working.

Page 1 of 7

Page 2

All pages