Practice Free JN0-460 Exam Online Questions
Question #41
In EVPN, what role do Route Targets (RTs) play?
- A . They define the cryptographic standards for the network
- B . They specify the forwarding paths for multicast traffic
- C . They are used to import and export routes within VPNs
- D . They limit the scalability of EVPN instances
Correct Answer: C
Question #42
Which three steps should be part of the campus fabric deployment? (Choose three.)
- A . Define the physical connections.
- B . Define the networks of interest.
- C . Configure the DNS server.
- D . Choose the topology.
- E . Configure the group-based policy (GBP) tag.
Correct Answer: A, B, D
A, B, D
Explanation:
When deploying a Juniper Mist campus fabric, the following steps are foundational:
Define Physical Connections C Specify switch interlinks between access, distribution, and core layers.
Define Networks of Interest C Identify the VLANs and subnets to be part of the EVPN-VXLAN overlay.
Choose the Topology C Select the desired architecture (3-stage Clos, 5-stage Clos, CRB, or ERB).
These define the intent-based underlay before applying overlay and GBP configurations.
Reference: Juniper Mist Campus Fabric Deployment Guide
A, B, D
Explanation:
When deploying a Juniper Mist campus fabric, the following steps are foundational:
Define Physical Connections C Specify switch interlinks between access, distribution, and core layers.
Define Networks of Interest C Identify the VLANs and subnets to be part of the EVPN-VXLAN overlay.
Choose the Topology C Select the desired architecture (3-stage Clos, 5-stage Clos, CRB, or ERB).
These define the intent-based underlay before applying overlay and GBP configurations.
Reference: Juniper Mist Campus Fabric Deployment Guide
Question #43
How do VXLAN and EVPN work together to support MAC learning in a scalable way?
- A . By relying exclusively on Layer 3 routing protocols
- B . Through dynamic flooding mechanisms in the data plane
- C . Using EVPN as a control plane to distribute MAC addresses over VXLAN tunnels
- D . Implementing static MAC address tables for each VTEP
Correct Answer: C
Question #44
A company has a Mist campus fabric with a single VRF and must configure group-based policy (GBP) tags to isolate different types of endpoints.
What would be an appropriate solution for this scenario?
- A . Assign a separate GBP tag to each endpoint.
- B . Assign GBP tags based on endpoint type.
- C . Assign GBP tags based on endpoint location.
- D . Assign a single GBP tag to all endpoints.
Correct Answer: B
B
Explanation:
Juniper Mist AI for Wired uses group-based policy (GBP) to enforce segmentation within a single VRF, without requiring separate VRFs per user group. GBP tags classify endpoints logically (e.g., employees, guests, IoT devices) and enforce security rules across the EVPN-VXLAN fabric.
“Group-Based Policy (GBP) provides scalable segmentation by assigning tags to endpoints based on attributes such as user type, role, or device type. These GBP tags are then used in policies to control communication between groups.”
Option A is inefficient: assigning unique tags per endpoint is not scalable.
Option C is incorrect: GBP is identity-based segmentation, not location-based.
Option D is incorrect: assigning a single tag defeats the purpose of segmentation.
Option B is correct: the best practice is to assign GBP tags based on endpoint type (e.g., servers, staff, IoT, guests), which then drives policy enforcement.
Reference: Juniper Mist AI for Wired C Group-Based Policy (GBP) Configuration Guide
Juniper Validated Design C GBP with EVPN-VXLAN in Campus Fabrics
B
Explanation:
Juniper Mist AI for Wired uses group-based policy (GBP) to enforce segmentation within a single VRF, without requiring separate VRFs per user group. GBP tags classify endpoints logically (e.g., employees, guests, IoT devices) and enforce security rules across the EVPN-VXLAN fabric.
“Group-Based Policy (GBP) provides scalable segmentation by assigning tags to endpoints based on attributes such as user type, role, or device type. These GBP tags are then used in policies to control communication between groups.”
Option A is inefficient: assigning unique tags per endpoint is not scalable.
Option C is incorrect: GBP is identity-based segmentation, not location-based.
Option D is incorrect: assigning a single tag defeats the purpose of segmentation.
Option B is correct: the best practice is to assign GBP tags based on endpoint type (e.g., servers, staff, IoT, guests), which then drives policy enforcement.
Reference: Juniper Mist AI for Wired C Group-Based Policy (GBP) Configuration Guide
Juniper Validated Design C GBP with EVPN-VXLAN in Campus Fabrics
Question #45
Which two statements are correct about the EVPN-VXLAN control plane? (Choose two.)
- A . The control plane encapsulates the traffic.
- B . The control plane learns the MAC addresses of end-user devices.
- C . The control plane learns the IP addresses of end-user devices.
- D . The control plane rewrites the destination MAC address of the packet.
Correct Answer: B, C
B, C
Explanation:
In an EVPN-VXLAN fabric, the control plane operates over BGP EVPN and is responsible for distributing endpoint reachability information (MAC and IP) among VTEPs. The data plane, by contrast, performs encapsulation and forwarding.
“The EVPN control plane uses BGP to exchange MAC and IP address reachability information between VTEPs, enabling efficient forwarding and loop prevention without relying on flood-and-learn behavior.”
Option A: Incorrect ― encapsulation occurs in the data plane, not the control plane.
Option B: Correct ― the control plane distributes MAC-to-VTEP mappings.
Option C: Correct ― the control plane also distributes IP-to-MAC associations (Type 2 and Type 5 EVPN routes).
Option D: Incorrect ― the control plane does not alter packet headers.
Reference: Juniper Mist AI for Wired C EVPN-VXLAN Overview
Juniper Validated Design C EVPN Control and Data Plane Operation Junos OS EVPN-VXLAN Implementation Guide
B, C
Explanation:
In an EVPN-VXLAN fabric, the control plane operates over BGP EVPN and is responsible for distributing endpoint reachability information (MAC and IP) among VTEPs. The data plane, by contrast, performs encapsulation and forwarding.
“The EVPN control plane uses BGP to exchange MAC and IP address reachability information between VTEPs, enabling efficient forwarding and loop prevention without relying on flood-and-learn behavior.”
Option A: Incorrect ― encapsulation occurs in the data plane, not the control plane.
Option B: Correct ― the control plane distributes MAC-to-VTEP mappings.
Option C: Correct ― the control plane also distributes IP-to-MAC associations (Type 2 and Type 5 EVPN routes).
Option D: Incorrect ― the control plane does not alter packet headers.
Reference: Juniper Mist AI for Wired C EVPN-VXLAN Overview
Juniper Validated Design C EVPN Control and Data Plane Operation Junos OS EVPN-VXLAN Implementation Guide
Question #46
In a Juniper Mist campus fabric deployment using EVPN-VXLAN, which component performs the VXLAN encapsulation and de-encapsulation functions?
- A . VLAN
- B . VTEP
- C . EVPN route reflector
- D . GBP tag
Correct Answer: B
B
Explanation:
Comprehensive and Detailed Explanation From Exact Extract:
In EVPN-VXLAN architectures, the VXLAN Tunnel Endpoint (VTEP) is the logical interface responsible for encapsulating and de-encapsulating Layer 2 Ethernet frames into VXLAN packets.
Each participating switch ― typically the access or distribution node ― hosts a VTEP that maps local VLANs to VXLAN Network Identifiers (VNIs).
When a packet leaves a local VLAN, the VTEP encapsulates it in a VXLAN header and routes it through the underlay IP fabric.
When received at the destination VTEP, the frame is de-encapsulated and delivered to the appropriate local VLAN.
“VTEPs in an EVPN-VXLAN campus fabric perform MAC-to-VNI mapping and
encapsulate/decapsulate traffic between virtualized network segments, allowing seamless Layer 2
and Layer 3 connectivity across an IP underlay.”
Reference: Juniper Mist AI for Wired C Campus Fabric EVPN-VXLAN Overview Juniper Validated Design (JVD): Mist AI Campus Fabric Deployment Guide Junos OS EVPN and VXLAN Configuration Guide
B
Explanation:
Comprehensive and Detailed Explanation From Exact Extract:
In EVPN-VXLAN architectures, the VXLAN Tunnel Endpoint (VTEP) is the logical interface responsible for encapsulating and de-encapsulating Layer 2 Ethernet frames into VXLAN packets.
Each participating switch ― typically the access or distribution node ― hosts a VTEP that maps local VLANs to VXLAN Network Identifiers (VNIs).
When a packet leaves a local VLAN, the VTEP encapsulates it in a VXLAN header and routes it through the underlay IP fabric.
When received at the destination VTEP, the frame is de-encapsulated and delivered to the appropriate local VLAN.
“VTEPs in an EVPN-VXLAN campus fabric perform MAC-to-VNI mapping and
encapsulate/decapsulate traffic between virtualized network segments, allowing seamless Layer 2
and Layer 3 connectivity across an IP underlay.”
Reference: Juniper Mist AI for Wired C Campus Fabric EVPN-VXLAN Overview Juniper Validated Design (JVD): Mist AI Campus Fabric Deployment Guide Junos OS EVPN and VXLAN Configuration Guide
Question #47
Which service level expectation (SLE) metric measures congestion on the uplink interface of a switch?
- A . Successful Connect
- B . Asymmetric Uplink
- C . Throughput
- D . Switch Health
Correct Answer: B
B
Explanation:
Juniper Mist’s Wired Assurance includes multiple SLE metrics that monitor the health and performance of wired connections. One of these is Asymmetric Uplink, which measures uplink congestion or imbalance between the transmit (TX) and receive (RX) rates on the switch uplink interfaces.
“The Asymmetric Uplink SLE monitors congestion and traffic imbalance on the switch’s uplink ports. It identifies when the uplink bandwidth utilization or transmit/receive rates are inconsistent with expected patterns, indicating congestion or flow asymmetry.”
Option A (Successful Connect): Tracks client connection success rate, not uplink congestion.
Option C (Throughput): Relates to end-to-end data transfer rate, not specifically uplink congestion.
Option D (Switch Health): Measures hardware, software, and PoE health, not link congestion.
Option B (Asymmetric Uplink): Correct ― this SLE directly reflects uplink interface congestion or imbalance.
Reference: Juniper Mist AI for Wired C Wired SLE Metrics Overview Juniper Mist AI for Wired C Asymmetric Uplink SLE Description
Juniper Mist Documentation C Troubleshooting with SLE Analytics
B
Explanation:
Juniper Mist’s Wired Assurance includes multiple SLE metrics that monitor the health and performance of wired connections. One of these is Asymmetric Uplink, which measures uplink congestion or imbalance between the transmit (TX) and receive (RX) rates on the switch uplink interfaces.
“The Asymmetric Uplink SLE monitors congestion and traffic imbalance on the switch’s uplink ports. It identifies when the uplink bandwidth utilization or transmit/receive rates are inconsistent with expected patterns, indicating congestion or flow asymmetry.”
Option A (Successful Connect): Tracks client connection success rate, not uplink congestion.
Option C (Throughput): Relates to end-to-end data transfer rate, not specifically uplink congestion.
Option D (Switch Health): Measures hardware, software, and PoE health, not link congestion.
Option B (Asymmetric Uplink): Correct ― this SLE directly reflects uplink interface congestion or imbalance.
Reference: Juniper Mist AI for Wired C Wired SLE Metrics Overview Juniper Mist AI for Wired C Asymmetric Uplink SLE Description
Juniper Mist Documentation C Troubleshooting with SLE Analytics
Question #48
Which two devices support Group Based policy?
- A . EX4100
- B . EX4300
- C . EX9200
- D . EX4400
Correct Answer: AD
Question #49
Which campus fabric architecture supports Layer 3 gateways at the distribution layer?
- A . campus fabric core/distribution C centrally-routed bridging (CRB)
- B . campus fabric IP Clos
- C . campus fabric core/distribution C edge-routed bridging (ERB)
- D . EVPN multihoming
Correct Answer: C
C
Explanation:
In Juniper’s campus fabric architectures, the location of the Layer 3 gateway (IRB) differentiates between CRB and ERB models:
Centrally-Routed Bridging (CRB): L3 gateways are placed at the core layer.
Edge-Routed Bridging (ERB): L3 gateways are placed at the distribution layer, closer to the edge. “In the ERB model, Layer 2 gateways are deployed at the access layer, and Layer 3 gateways are deployed at the distribution layer.”
Option A (CRB): Incorrect ― L3 is at the core, not distribution.
Option B (IP Clos): Incorrect ― in 3-stage Clos, L3 is pushed to the access layer.
Option D (EVPN multihoming): Incorrect ― this is about redundancy, not gateway placement.
Option C (ERB): Correct ― L3 gateways sit at the distribution layer in the ERB architecture.
Reference: Juniper Mist AI for Wired C Campus Fabric Architecture Models Juniper Validated Design C Core/Distribution CRB vs ERB Gateways Junos OS EVPN-VXLAN Campus Fabric Deployment Guide
C
Explanation:
In Juniper’s campus fabric architectures, the location of the Layer 3 gateway (IRB) differentiates between CRB and ERB models:
Centrally-Routed Bridging (CRB): L3 gateways are placed at the core layer.
Edge-Routed Bridging (ERB): L3 gateways are placed at the distribution layer, closer to the edge. “In the ERB model, Layer 2 gateways are deployed at the access layer, and Layer 3 gateways are deployed at the distribution layer.”
Option A (CRB): Incorrect ― L3 is at the core, not distribution.
Option B (IP Clos): Incorrect ― in 3-stage Clos, L3 is pushed to the access layer.
Option D (EVPN multihoming): Incorrect ― this is about redundancy, not gateway placement.
Option C (ERB): Correct ― L3 gateways sit at the distribution layer in the ERB architecture.
Reference: Juniper Mist AI for Wired C Campus Fabric Architecture Models Juniper Validated Design C Core/Distribution CRB vs ERB Gateways Junos OS EVPN-VXLAN Campus Fabric Deployment Guide
Question #50
Which API is used within the Juniper Mist solution?
- A . REST
- B . SOAP
- C . JSON-RPC
- D . XML
Correct Answer: A
A
Explanation:
Juniper Mist is built on a fully open and RESTful API architecture, allowing programmatic access to all functions.
Administrators and developers can automate switch provisioning, monitoring, and troubleshooting directly via the REST API.
This open design supports JSON data formatting and HTTPS authentication, ensuring secure
integration with external systems.
Reference: Juniper Mist API Developer Guide
A
Explanation:
Juniper Mist is built on a fully open and RESTful API architecture, allowing programmatic access to all functions.
Administrators and developers can automate switch provisioning, monitoring, and troubleshooting directly via the REST API.
This open design supports JSON data formatting and HTTPS authentication, ensuring secure
integration with external systems.
Reference: Juniper Mist API Developer Guide