[2017-Oct.-New]Braindump2go JN0-643 PDF and VCE Dumps Free Download[51-60]
2017 Oct. New JN0-643 Exam Dumps with PDF and VCE Free Updated Today! Following are some JN0-643 Questions:
1.|2017 New JN0-643 Exam Dumps (PDF & VCE) 301Q&As Download:
https://www.braindump2go.com/jn0-643.html
2.|2017 New JN0-643 Exam Questions & Answers Download:
https://drive.google.com/drive/folders/0B75b5xYLjSSNSXllWnNFZnB5NG8?usp=sharing
QUESTION 51
In your 802.1X-enabled network, a RADIUS server fails to respond or authenticate a device.
On an EX Series switch, what are three supported actions? (Choose three.)
A. Traffic can be allowed.
B. Traffic can be denied.
C. Traffic can be redirected to another subnet.
D. Traffic can be redirected to another VLAN.
E. Traffic can be redirected to another port.
Answer: ABD
QUESTION 52
A contractor needs to connect a laptop to your company network, but your company has no wireless access and each office has only a single network port for an employee laptop. You have an IP phone with a data port available and you have access to the switch connected to it. You can also add the contractor’s MAC address to the RADIUS server database.
Referring to the exhibit, which three commands will allow access? (Choose three.)
A. set protocols dot1x authenticator authentication-profile-name radius_profile interface ge- 0/0/16.0 mac-radius
B. set interfaces ge-0/0/16.0 family ethernet-switching port-mode trunk
C. set interfaces ge-0/0/16.0 family ethernet-switching vlan members contractor
D. set protocols dot1x authenticator authentication-profile-name radius_profile interface ge- 0/0/16.0 supplicant multiple
E. set interfaces ge-0/0/16.0 family ethernet-switching vlan members all
Answer: ACD
QUESTION 53
802.1X authentication was recently configured on your ge-0/0/15 port. You issue the command shown in the exhibit.
{master:0}
user@switch> show dot1x interface ge-0/0/15 detail
ge-0/0/15.0
RolE. Authenticator
Administrative statE. Auto
Supplicant modE. Multiple
Number of retries: 3
Quiet perioD. 60 seconds
Transmit perioD. 30 seconds
Mac Radius: Enabled
Mac Radius Restrict: Enabled
Reauthentication: Enabled
Configured Reauthentication interval: 120 seconds
Supplicant timeout: 30 seconds
Server timeout: 30 seconds
Maximum EAPOL requests: 2
Guest VLAN member: guest
Number of connected supplicants: 0
Which two statements are correct? (Choose two.)
A. The reauthentication interval is using the default value.
B. Every user that attempts to connect using this port must be authenticated.
C. Only the first user that connects using this port will be authenticated.
D. Users will only be able to authenticate using MAC RADIUS.
Answer: BD
QUESTION 54
You are asked to place employees that are in the sales group into their own VLAN called Sales_VLAN with a VLAN ID of 123 on port ge-0/0/17. The VLAN must be assigned dynamically. After trying an initial configuration, you see that users in the sales group are not assigned to the Sales_VLAN.
user@switch> show configuration access
radius_server {
10.1.1.252 {
port 1812;
secret “$9$7gdwgGDkTz6oJz69A1INdb”; ## SECRET-DATA
}
profile radius_server {
authentication-order password;
radius {
authentication-server 10.1.1.252;
}
}
user@switch> show configuration protocols dot1x
authenticator {
ge-0/0/17.0 {
supplicant multiple;
}
}
}
user@switch> show configuration vlans
Sales_VLAN {
vlan-id 123;
}
user@switch> show configuration interfaces ge-0/0/17
unit 0 {
family ethernet-switching {
port-mode access;
}
}
Referring to the exhibit, which two configuration statements are needed on the EX Series switch to resolve this problem? (Choose two.)
A. set access profile radius_server authentication-order radius
B. set vlans Sales_VLAN interface ge-0/0/17.0
C. set interfaces ge-0/0/17.0 family ethernet-switching vlan members Sales_VLAN
D. set protocols dot1x authenticator authentication-profile-name radius_server
Answer: AD
QUESTION 55
A non-802.1X printer is connected to ge-0/0/0 on an EX Series switch.
Which configuration statement will authenticate the device against an authentication server?
A. set protocols dot1x authenticator static 22:22:22:22:22:22 interface ge-0/0/0
B. set protocols dot1x authenticator interface ge-0/0/0 supplicant single
C. set protocols dot1x authenticator interface ge-0/0/0 mac-radius restrict
D. set protocols dot1x authenticator interface ge-0/0/0 disable
Answer: C
QUESTION 56
You just added a device on port ge-0/0/12 with the MAC address 00:21:cc:ba:c7:59. All access ports on this device are members of VLAN v20. The RADIUS server is currently not reachable.
{master:0}[edit protocols dot1x]
user@switch# show
authenticator {
authentication-profile-name my-profile;
static {
00:21:cc:ba:c7:00/40 {
interface ge-0/0/12.0;
}
}
interface {
ge-0/0/12.0 {
supplicant multiple;
server-fail deny;
}
ge-1/0/14.0 {
reauthentication 120;
server-fail vlan-name local-only;
}
ge-1/0/15.0 {
supplicant multiple;
mac-radius {
restrict;
}
reauthentication 120;
server-fail vlan-name guest;
}
}
}
Referring to the configuration shown in the exhibit, what happens to traffic sent from this device?
A. The traffic is denied.
B. The traffic is accepted and uses the guest VLAN.
C. The traffic is accepted and uses the local-only VLAN.
D. The traffic is accepted and uses the v20 VLAN.
Answer: D
QUESTION 57
An emergency Class 3 IP phone is connected to an EX Series switch. You want to ensure that the IP phone does not have any problems if PoE power demands on the switch are greater than the PoE power budget.
What should you do to accomplish this task?
A. You must connect the IP phone into one of the ports from ge-0/0/0 to ge-0/0/7.
B. Set the power class on the PoE interface to 3.
C. Set the PoE priority to high.
D. Enable the guard-band parameter.
Answer: C
QUESTION 58
You are implementing PoE on your EX Series switch to provide power to your VoIP phones.
You have a device that does not provide its class information to the switch.
Which power class is assigned for this device?
A. 0
B. 1
C. 2
D. 3
Answer: A
QUESTION 59
Which two statements about the voice VLAN feature are correct? (Choose two.)
A. It can be used to separate untagged data and VLAN tagged VoIP traffic into different VLANs on an access port.
B. It can be used to assign VoIP traffic into a CoS forwarding class.
C. It can be used to separate untagged data and VLAN tagged VoIP traffic into different VLANs on a trunk port.
D. It can be used to apply a policer to VoIP traffic.
Answer: AB
QUESTION 60
NetBIOS snooping information is stored in which database on EX Series switches?
A. RADIUS database
B. LLDP neighbor database
C. MAC table database
D. routing table database
Answer: B
!!!RECOMMEND!!!
1.|2017 New JN0-643 Exam Dumps (PDF & VCE) 301Q&As Download:
https://www.braindump2go.com/jn0-643.html
2.|2017 New JN0-643 Study Guide Video: