JPR-932 Juniper Networks Certified Internet Expert-SEC (JNCIE-SEC)

JNCIE-SEC Exam Objectives (Exam: JPR-932)

Infrastructure Concepts
Security Forwarding Options
Packet-based
MPLS
inet6
Flow-Based
inet6
Security Zones
Configure security zones
Device Management
User accounts
System services

High Availability
HA Clustering
Active-active
Active-passive
Reth interfaces
Link aggregation
Control and data plane
Dual fabric links
Redundancy groups

Firewall Policies
Security Polices
Policy configuration
Advanced policy options
Schedulers
ALGs
Authorization
Bypass flow forwarding
Logging
Data and control plane logs
Forward logs to the RE
Send logs to external collectors
UTM
Anti-virus
Web filtering

IPSec VPNs
Implementation of IPSec VPNs
Multipoint tunnels
Policy-based VPNs
Route-based VPNs
Traffic selectors
Proxy ID
Traceoptions
Dual and backup tunnels
On-demand tunnels
DRP over a tunnel
Dynamic VPNs
Certificate-based VPNs
PKI
Interoperability with 3rd party devices

NAT
Implementation of NAT
Source NAT
Destination NAT
Static NAT
NAT64
Implementation of NAT with IPSec
Overlapping IPs between sites

Advanced Security Services
AppSecure
AppTrack
AppFW
AppQoS
AppDoS
Application Identification
User Firewall
SSL Forward Proxy
Integration with IPS
IDP
Logs
Custom polices
Automatic updates
L3/L4/L7 DoS
Stateless filters
Screens
Flow options
App DDos
Active Directory Integration

IGPs
OSPF
Multi-area OSPF topologies
Filter and summarize routes
Network and link types
Route selection process
Redistribution
IPv6

BGP
Implementation
Routing policy
Route selection
IPv6

Protocol-Independent Routing
Filter-based Forwarding
Based on Layer 4
Based on IFL
Configuring Routes
Aggregate
Static
Generated
Policies

Extended Implementation Concepts
Transparent mode
Configure transparent mode

Click here to view complete Q&A of JPR-932 exam
Certkingdom Review

Best Juniper JPR-932 Certification, Juniper JPR-932 Training at certkingdom.com

JN0-1360 Juniper Networks Certified Design Specialist, WAN (JNCDS-WAN)

JNCDS-WAN Exam Objectives (Exam: JN0-1360)

WAN Connectivity
Describe the various methods of WAN connectivity
Public/Private/Managed
Service Provider connectivity
Service Provider hand-off methods
Service Provider MPLS services
Enterprise Internet transport
Enterprise Layer 2/Layer 3 handoff services
Enterprise private connections

Network Availability and Traffic Prioritization
Describe network availability concepts
Calculating availability
Physical redundancy
Logical redundancy
Fate sharing (e.g., high availability)
Capacity planning
Describe class of service concepts
Diffserv
CoS processing

Service Provider Core WAN Design
Describe the design considerations of a Service Provider's core WAN
Network segmentation
IGP design
BGP design
MPLS design

Service Provider Edge WAN Design
Describe the design considerations of a Service Provider's edge WAN
Layer 2 Services
Layer 3 services
Metro Ethernet
Subscriber services
Multicast services

Enterprise WAN
Describe the design considerations of an Enterprise WAN
Private WANs
Large Enterprise WAN design
SME WAN design

Data Center WAN
Describe the design considerations of a data center WAN
Gateway and fabric connectivity
L2 WAN extensions
EVPN
VXLAN

WAN Security
Describe the design considerations for security in the WAN
Platform security
BGP Flowspec
MACsec
IPsec
Subscriber access security

WAN Management
Describe the design considerations for WAN management
OOB management design
Junos Space management platform
Best practices

SDN in the WAN
Describe the design considerations of SDN in the WAN
SD-WAN (protocols, considerations, benefits)
Northstar
WANDL
Contrail Cloud CPE

Click here to view complete Q&A of JN0-1360 exam
Certkingdom Review

Best Cisco JN0-1360 Certification, Cisco JN0-1360 Training at certkingdom.com

JN0-690 Junos Troubleshooting

Junos Troubleshooting Exam Objectives (Exam: JN0-691)

Troubleshooting Methodology
Identify the elements to build a framework for approaching troubleshooting Junos devices
General troubleshooting methodology
Broad troubleshooting steps
Identify tools that can be used to troubleshoot Junos devices
CLI
Craft interface
Logging
Traceoptions
Real-time monitoring
Core files
Port mirroring
Identify tools that can be used for device and network monitoring
SNMP
RMON
Sampling

Chassis Monitoring and Troubleshooting
Identify the concepts, tools and features used to monitor and troubleshoot chassis-related components of Junos devices
Chassis
RE and PFE components
Fans and power supplies
System
Storage and file system
Boot media and start-up sequence
System software
Backups
Given a scenario, demonstrate knowledge of how to monitor and troubleshoot the chassis and core system components of Junos devices
show commands
Logging

Control Plane Monitoring and Troubleshooting
Identify the concepts, tools and features used to monitor and troubleshoot the control plane of Junos devices
System processes
User processes
ARP
RIB/FIB
Given a scenario, demonstrate knowledge of how to monitor and troubleshoot the control plane of Junos devices
show commands
clear commands
monitor commands
Logging
Traceoptions

Data Plane Monitoring and Troubleshooting
Identify the concepts, tools and features used to monitor and troubleshoot the data plane of Junos devices
PFE issues
Ethernet interfaces
MTU issues
Link flapping
Forwarding table issues
PFE load balancing
Local vs. transit traffic
Firewall filters and policers
Given a scenario, demonstrate knowledge of how to monitor and troubleshoot the data plane of Junos devices
request commands
show commands
monitor commands
clear commands
Loopback testing

Layer 2 and Layer 3 Protocol Monitoring and Troubleshooting
Identify the concepts, tools and features used to monitor and troubleshoot Layer 3 protocols on Junos devices
Routing table information
Routing loops
OSPF neighbors
OSPF adjacencies
BGP peering and peer groups
BGP neighbor states
Identify the concepts, tools and features used to monitor and troubleshoot Layer 2 protocols on Junos devices
VLAN’s
bridging concepts
xSTP protocols
switching table
Given a scenario, demonstrate knowledge of how to perform basic monitoring and troubleshooting of Layer 3 protocols on Junos devices
show commands
clear commands
Traceoptions
Given a scenario, demonstrate knowledge of how to perform basic monitoring and troubleshooting of Layer 2 protocols on Junos devices
show commands
clear commands
Traceoptions

High Availability (HA) Monitoring and Troubleshooting
Identify the concepts, tools and features used to monitor and troubleshoot HA components for Junos devices
Graceful Routing Engine switchover (GRES)
Graceful restart (GR)
Nonstop active routing/bridging
Virtual router redundancy protocol (VRRP)
Link aggregation groups (LAG)
Unified in-service software upgrade (ISSU)
Given a scenario, demonstrate knowledge of how to perform monitoring and troubleshooting of HA features on Junos devices
monitor commands
show commands
request commands

---

QUESTION 1
Which CLI command is used to restart a software process?

A. restart
B. reboot
C. commit
D. reload

Answer: A

Explanation: To restart a process one have to use restart , reboot is not even a
valid command.
Possible completions:
restart Restart software process

---

QUESTION 2
Which CLI command applies the candidate configuration to the active configuration?

A. load
B. merge
C. copy run start
D. commit

Answer: D

Explanation: Copy run start is a Cisco specific command and is nowhere to be found in Junos.
>commit Commit current set of changes

---

QUESTION 3
Which operational CLI command would you use to troubleshoot hardware-related problems?

A. show system
B. show chassis
C. show route
D. show cli

Answer: B

Explanation: Show route will only show you routing, show chassis will show you hardware related
information.
>show chassis ?
Possible completions:
alarms Show alarm status
cluster Show chassis cluster information
craft-interface Show craft interface status
environment Show component status and temperature, cooling system speeds
fan Show fan and fan tray information
firmware Show firmware and operating system version for components
forwarding Show forwarding process (fwdd) status
fpc Show Flexible PIC Concentrator status
hardware Show installed hardware components
location Show physical location of chassis
mac-addresses Show media access control addresses
pic Show Physical Interface Card state, type, and uptime
routing-engine Show Routing Engine status
temperature-thresholds Show chassis temperature threshold settings
usb Show chassis USB status

---

QUESTION 4
In the Junos OS, which type of file dumps the program’s environment in the form of memory
pointers, instructions, and register data to a file in the event of a panic or other serious
malfunction?

A. log file
B. backup file
C. configuration file
D. core file

Answer: D

Explanation: Junos will under a panic create a core-dump file, definitely not a backup file.
> show system core-dumps
/var/crash/*core*: No such file or directory
/var/tmp/*core*: No such file or directory
/var/tmp/pics/*core*: No such file or directory
/var/crash/kernel.*: No such file or directory
/tftpboot/corefiles/*core*: No such file or directory

---

QUESTION 5
Which operational CLI command would you use to display information about the system and
software processes?

A. show system
B. show chassis
C. show route
D. show cli

Answer: A

Explanation: Show route will only show you routing, show system will show you software related
information:
>show system ?
Possible completions:
alarms Show system alarm status
audit Show file system MD5 hash and permissions
auto-snapshot Show auto-snapshot status when system booted from alternate slice
autoinstallation Show autoinstallation information
autorecovery Show autorecovery information
boot-messages Show boot time messages
buffers Show buffer statistics
certificate Show installed X509 certificates
commit Show pending commit requests (if any) and commit history
configuration Show configuration information
connections Show system connection activity
core-dumps Show system core files
directory-usage Show local directory information
download Show status of downloads
firmware Show all firmware version information
health Show online diagnostic status
license Show feature licenses information
login Show system login state
memory Show system memory usage
processes Show system process table
queues Show queue statistics
reboot Show any pending halt or reboot requests
resource-cleanup Show resource cleanup information
rollback Show rolled back configuration
services Show service applications information
snapshot Show snapshot information
software Show loaded JUNOS extensions
statistics Show statistics for protocol
storage Show local storage data
threads Show system threads table
uptime Show time since system and processes started
users Show users who are currently logged in
virtual-memory Show kernel dynamic memory usage

Click here to view complete Q&A of JN0-690 exam
Certkingdom Review

Best Cisco JN0-690 Certification, Cisco JN0-690 Training at certkingdom.com

JN0-694 Enterprise Routing and Switching Support, Professional (JNCSP-ENT)

JNCSP-ENT Exam Objectives (Exam: JN0-694)

IGP Troubleshooting
Given a scenario, demonstrate knowledge of how to troubleshoot OSPFv2 and OSPFv3 issues on Junos devices
Routing issues
Neighbor/adjacency issues
Configuration issues

BGP Troubleshooting
Given a scenario, demonstrate knowledge of how to troubleshoot BGP issues on Junos devices
Peering issues
Routing issues
Next hop resolution issues
Configuration issues

Routing Policy Troubleshooting
Given a scenario, demonstrate knowledge of how to troubleshoot routing policy issues on Junos devices
Forwarding table policy issues
Routing instance issues
IGP policy issues
BGP policy issues
Configuration issues

Layer 2 Switching Troubleshooting
Given a scenario, demonstrate knowledge of how to troubleshoot Spanning Tree issues on Junos devices
STP
RSTP
MSTP
VSTP
Configuration issues
Given a scenario, demonstrate knowledge of how to troubleshoot other Layer 2 switching and High Availability issues on Junos devices
VLAN issues
Q-in-Q tunneling and L2PT issues
Layer 2 port security issues
Authentication and access control issues
Virtual chassis
Configuration issues

Multicast Troubleshooting
Given a scenario, demonstrate knowledge of how to troubleshoot multicast issues on Junos devices
RP issues
SPT issues
PIM issues
IGMP issues
Configuration issues

Class of Service (CoS) Troubleshooting
Given a scenario, demonstrate knowledge of how to troubleshoot CoS issues
Classification and rewrite issues
Policer issues
Queuing/scheduling issues
Packet drop issues
Configuration issues

---

QUESTION 1
You are implementing Q-in-Q tunneling on an EX Series switch. You want the tunnel to support all
C-VLANs; however, only some VLANs are able to send traffic across the tunnel. Switch-1 has the
following configuration:
[edit vlans]
user@Switch-1# show
v100 {
vlan-id 100;
interface {
ge-0/0/0.10;
ge-0/0/1.20;
}
dot1q-tunneling {
customer-vlans [ ];
}
}
What would solve this problem?

A. Add family ethernet-switching to the tunnel-side interface on Switch-1.
B. Implement RSTP.
C. Q-in-Q tunneling will not work in this scenario; use a Layer 2 VPN instead.
D. Remove the customer-vlans statement.

Answer: C

Explanation:

---

QUESTION 2
You are troubleshooting a problem where an OSPF adjacency between two neighboring routers will not form.
What are two reasons for this problem? (Choose two.)

A. One or both of the connected interfaces are missing the family inet statement.
B. One or both of the connected interfaces are missing the family iso statement.
C. The connected interfaces are not on the same subnet.
D. Another IGP is running on one or both of the routers, overriding OSPF.

Answer: B,D

Explanation:

---

QUESTION 3
Your Junos device is dropping certain traffic flows, while allowing other traffic flows to pass through the device unaffected.
Which CoS component is causing this problem?

A. BA classification
B. RED
C. MF classification
D. Rewrite rules

Answer: D

Explanation:

---

QUESTION 4
Two neighboring routers are able to form an OSPF adjacency, but are not able to establish an IBGP neighborship.
What are two reasons for the IBGP neighborship problem? (Choose two.)

A. One of the devices has a misconfigured BGP peer address.
B. One or both of the connected interfaces are missing the family iso statement.
C. OSPF has a lower route preference than BGP.
D. A firewall filter on one of the interfaces is blocking TCP traffic.

Answer: B,C

Explanation:

Click here to view complete Q&A of JN0-694 exam
Certkingdom Review

Best Cisco JN0-694 Certification, Cisco JN0-694 Training at certkingdom.com

JN0-380 Wireless LAN, Specialist (JNCIS-WLAN)

JNCIS-WLAN Exam Objectives (Exam: JN0-380)

Wireless LAN Overview
Identify concepts, general features and functionality of the Juniper Networks wireless LAN product line
WLAN standards
WLC protocols
WLAN authentication, authorization and encryption
Hardware - APs, controllers, servers
Software - RingMaster
Licensing

Planning
Describe the elements of coverage area model and requirements
RF environment
Device requirements
Site visit
Describe the elements of predictive planning with RingMaster
AutoCAD file requirements
Site creation
Area planning
Identify various other planning parameters
Sites, buildings and floors
Coverage areas
RF obstacles
APs
Redundancy options
Data and VoIP capacity options

Initial Setup and Installation
Identify wireless LAN hardware, software and licensing requirements
WLAN controllers (WLCs)
RingMaster
Demonstrate knowledge of how to perform setup and initial installation of Juniper Networks wireless LAN hardware and software
AP boot and configuration options
WLC configuration using QuickStart and RingMaster
RingMaster installation and setup

Deployment and Configuration
Describe the elements of planning and data gathering for a deployment project
Data forwarding models
Centralized vs. distributed controllers
Capacity planning and bandwidth considerations
Redundancy planning
Coverage details
Network details
Site visit
Demonstrate knowledge of how to implement services for the Juniper Networks wireless LAN
Service types and characteristics
Radio profile
Service profile
AAA server definitions
Network access rules
Service mapping

Domains and High Availability
Describe the concepts, benefits and operation of domains and high availability
Mobility Domain seed
Synchronization
Redundancy and interleaving
Security
Clustering guidelines
Cluster AP affinity groups
Demonstrate knowledge of how to configure and monitor domains and high availability
Mobility Domain
Clusters
Network Domain

Architecture
Describe various architecture considerations for a Juniper Networks wireless LAN environment
Voice support - SIP recognition, call admission control, QoS
Mesh services - mesh APs, wireless bridging
Spectrum analysis
Remote AP
Client load balancing
Bandwidth control
NAT/PAT implementation options
Advanced RADIUS implementation
Location detection
VLAN pooling
High-latency network support
Adaptive channel (Auto-tune enhancements)
Transmit beam-forming
IPv6 support

Wireless LAN Services
Describe the concepts, operation and functionality of various wireless LAN services
Open, 802.1x, Web Portal, voice, and mesh concepts and characteristics
Services configuration options
Describe and configure 802.1x options
Pass through mode vs offload mode
EAP Protocols
Describe and configure Web portal options
Local vs external Web portal configuration
Certificate and encryption options

Security
Describe the steps and components for securing a WLAN
Threat evaluation
Access control
Securing and separating services
Client protection
Intrusion detection and protection systems (IDS/IPS)
802.1x
Certificates

Management and Reporting
Demonstrate knowledge of how to manage a Juniper Networks wireless LAN environment
RingMaster server and client
WLCs
Hardware upgrades
System recovery
Configuration management (backup and restore)
Demonstrate knowledge of how to implement RingMaster reporting
Report definition and generation
Scheduling

Integration
Describe how the WLS can integrate with other network technologies
RADIUS
DHCP options
LDAP
Snoop
DNS for APs and WLCs

Monitoring and Troubleshooting
Demonstrate knowledge of how to monitor the Juniper Networks wireless LAN environment
SNMP
Polling
Dashboard
System status
Clients
Traffic
Alarms
Security
Event log
Demonstrate knowledge of how to troubleshoot the Juniper Networks wireless LAN environment
Troubleshooting process and flow
Network troubleshooting tools
Trace messages
MSS commands
AP issues
Client issues
Controller issues
Configuration issues
RingMaster issues
Network integration issues
Services issues
Clustering issues

---

QUESTION 1
Which RingMaster license is needed to enable the RingMaster API?

A. base license
B. USM license
C. Agent license
D. AP license

Answer: C

Explanation:

---

QUESTION 2
A small business is using Radio Frequency (RF) planning to establish and limit the number of
access points (APs) needed for a coverage area. The company is trying to decide what to use for
the baseline association rate for clients to connect to the access points.
Which two statements are correct? (Choose two.)

A. A baseline association rate of 54 Mbps requires more APs than a baseline association rate of
18 Mbps.
B. A baseline association rate of 18 Mbps requires more APs than a baseline association rate of
54 Mbps.
C. A baseline association rate of 54 Mbps requires the client to be farther away from the AP to
reach the targeted rate.
D. A baseline association rate of 18 Mbps requires the client to be farther away from the AP to
reach the targeted rate.

Answer: A,D

Explanation:

---

QUESTION 3
You are using the RF Planning tool in RingMaster to configure a data capacity plan for a client.
Which three settings are required on the Data Capacity Options page? (Choose three.)

A. AP authentication mode
B. Per Station Throughput
C. Expected Station Count
D. Coverage Area
E. Station Oversubscription Ratio

Answer: B,C,E

Explanation:

---

QUESTION 4
Multiple users are complaining that their wireless connections are not working.
Which RingMaster screen would the administrator use for troubleshooting?

A. Alarms
B. Clients
C. Monitor
D. Verification

Answer: C

Explanation:

---

QUESTION 5
A network administrator must perform a software upgrade of a factory-default wireless LAN
controller (WLC) using the CLI.
Which three actions are required? (Choose three.)

A. Set the inactive boot partition to the active boot partition.
B. Add an upgraded license for the new image.
C. Copy the new image to the inactive boot partition using TFTP.
D. Reboot the controller.
E. Upgrade the connected access points (APs) before upgrading the controller.

Answer: A,C,D

Explanation:

Click here to view complete Q&A of JN0-380 exam
Certkingdom Review

Best Cisco JN0-380 Certification, Cisco JN0-380 Training at certkingdom.com

650-148 ISEE Cisco IronPort Sales Specialist — Email

Exam Number 650-148
Last day to test: December 31, 2016
Duration 45 minutes (25-30 questions)
Available Languages English

The 650-148 ISSE Cisco IronPort Sales Specialist — Email exam tests your knowledge of how to position and sell Cisco IronPort email security solutions.

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

---

QUESTION 1
Which of the following is a good feature to enable during email security appliance (ESA)
evaluations?

A. Bounce verification
B. Unwanted Market Message Detection
C. Mail Flow Central
D. Centralized Management

Answer: A

Explanation:

---

QUESTION 2
Your prospect says they aren't willing to make big changes to their networks to try a Cisco IronPort
solution. That's a problem because Cisco IronPort appliances can't be tested unless they are the
primary gateway or filter?

A. True for both ESA and WSA
B. False for both ESA and WSA
C. True for ESA but not WSA
D. True for WSA but not ESA

Answer: B

Explanation:

---

QUESTION 3
Most of the features on the M-Series management appliance are specifically for

A. ScanSafe customers
B. Email Security Customers
C. Web Security Customers

Answer: B

Explanation:

---

QUESTION 4
Multi-scan is associated with which of the following?

A. Anti-Spam Engine
B. Reputation Filtering
C. Anti-Virus Engine

Answer: C

Explanation:

Click here to view complete Q&A of 650-148 exam
Certkingdom Review

Best Cisco 650-148 Certification, Cisco 650-148 Training at certkingdom.com

650-669 CSPVDMD Cisco SP Video Digital Media Design for SE for Validating Knowledge

650-669 CSPVDMD Cisco SP Video Digital Media Design for SE
for Validating Knowledge (not for Cisco Certification)


2013 Cisco Systems, Inc. This document is Cisco Public. Page 1
Cisco SP Video Digital Media Design for SE (650-669)
Exam Description: The 650-669 Cisco SP Video Digital Media Design for SE (CSPVDMD) exam is a 45-minute test with 25–35 questions. The exam tests a candidate's knowledge on designing a digital media solution, configuring and testing the solution, and comparing it against competitive solutions by articulating key differentiators. Candidates can prepare for this exam by taking the Authorized Service Provider Video Partner Digital Media track of training, including Phases I, II, and III.

The following topics are general guidelines for the content that is likely to be included on the exam. However, other related topics may also appear on any specific instance of the exam. To better reflect the contents of the exam and for clarity purposes, these guidelines may change at any time without notice.

100% 1.0 SE Cisco SP Video Digital Media Design
QUESTION 1
Which two video formats are supported by the Cisco OCMG? (Choose two.}

A. ATSC
B. 3G
C. HD
D. DVB-C

Answer: C,D

Explanation:

---

QUESTION 2
When configuring backup on the Cisco ROSA EM. What information must be entered for each
device that is connected to a video router?

A. the physical port connections of the backup equipment to the router
B. the physical port connections of the primary equipment to the router
C. the physical port connections of the backup and primary equipment to the router relations
D. relations between the router and the primary and backup equipment in the DHB

Answer: C

Explanation:

---

QUESTION 3
Which two SDI input hardware configurations are available on one Cisco DCM IP gateway card?
(Choose two.)

A. 3 input and 3 output
B. 6 input
C. 6 input and 6 output
D. 12 input
E. 12 output

Answer: A,C

Explanation:

Click here to view complete Q&A of 650-669 exam
Certkingdom Review

Best Cisco 650-669 Certification, Cisco 650-669 Training at certkingdom.com