매달, 우리는 1000명 이상의 사람들이 시험 준비를 잘하고 시험을 잘 통과할 수 있도록 도와줍니다.
Data Center, Specialist (JNCIS-DC) 온라인 연습
최종 업데이트 시간: 2026년03월09일
당신은 온라인 연습 문제를 통해 Juniper JN0-481 시험지식에 대해 자신이 어떻게 알고 있는지 파악한 후 시험 참가 신청 여부를 결정할 수 있다.
시험을 100% 합격하고 시험 준비 시간을 35% 절약하기를 바라며 JN0-481 덤프 (최신 실제 시험 문제)를 사용 선택하여 현재 최신 65개의 시험 문제와 답을 포함하십시오.
정답:
Explanation:
Apstra 5.1 provides multiple reference designs that define how intent is modeled and how configuration is produced. In the Freeform reference design, the network designer is responsible for creating and validating the device configurations using constructs such as device contexts, property sets, and config templates. Because configuration is authored rather than generated from a fixed data-center abstraction set, Freeform inherently requires practical knowledge of the device’s configuration model and operational behavior―on Juniper platforms, that means being comfortable with Junos-style configuration and show/verification workflows. This makes statement A correct.
Freeform in Apstra 5.1 is also limited to Juniper devices (Junos and Junos Evolved families). In other words, Freeform blueprints do not provide multi-vendor device onboarding and deployment in that reference design at this software level. That makes statement D correct as written in the question’s choices.
By contrast, the data center reference design in Apstra 5.1 is not limited to Junos-only device families; Apstra qualifies multiple NOS families for data center operation via device profiles and packages, and it renders intent accordingly. Therefore statement B is not correct. Finally, while CLI knowledge is always useful for troubleshooting, the data center reference design does not fundamentally require an operator to hand-author device CLI to deploy a standards-based EVPN-VXLAN fabric; that’s one of the core benefits of the intent-based data center reference design.
Verified Juniper sources (URLs):
https://www.juniper.net/documentation/us/en/software/apstra5.1/apstra-user-guide/topics/concept/freeform.html
https://www.juniper.net/documentation/us/en/software/apstra4.2/apstra-freeform-4.2.1/apstra-freeform-guide/topics/concept/freeform-overview-and-design.html
https://www.juniper.net/documentation/us/en/software/apstra5.1/apstra-user-guide/topics/task/device-profile-import-freeform.html
https://www.juniper.net/documentation/us/en/software/apstra5.1/apstra-user-guide/topics/topic-map/devices-qualified.html
정답:
Explanation:
In Apstra 5.1, capacity planning based on pre-built time-series telemetry (such as link utilization trends) is part of Intent-Based Analytics (IBA). IBA is where Apstra ingests streaming telemetry from fabric devices, stores it as time-series data, and presents it through built-in analytics views (dashboards/widgets) and probes. Because the question specifically calls out “pre-built time series information regarding link utilization,” the correct UI location is the Analytics top-level tab within the blueprint.
The Active tab is primarily oriented to operational state and day-2 workflows (for example, viewing live state, queries, and device-level operational views). The Staged tab is where you modify intent (physical/virtual design, policies, catalog items) prior to committing and deploying. The Dashboard provides a high-level blueprint overview and navigation, but the drill-down and time-series analytics views that support trending and capacity analysis are accessed via Analytics.
In an EVPN-VXLAN fabric using Junos v24.4, link utilization time-series is particularly valuable because underlay congestion can degrade overlay performance (BGP convergence behavior, ECMP distribution effectiveness, and endpoint experience). Apstra’s Analytics tab centralizes these metrics so operators can evaluate utilization baselines, identify sustained hot links, and support proactive actions (rebalancing, adding capacity, or adjusting design intent) without relying on ad-hoc per-device CLI polling.
Verified Juniper sources (URLs):
https://www.juniper.net/documentation/us/en/software/apstra5.1/apstra-custom-telemetry-collection-guide/topics/concept/apstra-telemetry-and-intent-based-analytics.html
정답:
Explanation:
In Apstra 5.1, an IBA probe is a defined analytics pipeline that applies to a scoped set of graph objects (here, interfaces) and evaluates telemetry against logic defined in its processors. The exhibit shows a probe that consumes Interface Counters Average and then applies a Range processor. In the processor configuration, the Anomalous Range is set to “greater than 1,000,000” (bytes per secondC
equivalent for ~1 Mbps depending on the probe’s metric definition), and Raise Anomaly is set to True. Therefore, when ge-0/0/5 receives an average traffic level above the configured threshold, the probe’s condition evaluates as anomalous and Apstra raises a probe anomaly for that interface. That makes statement A correct.
When probe anomalies are raised, Apstra surfaces them in the blueprint’s Analytics area because they are analytics-derived findings (as opposed to configuration drift or deployment workflow issues). As a result, the blueprint’s Analytics tab indicator changes state (commonly to red with a badge count) to signal active analytics anomalies requiring attention. That makes statement B correct.
This event is not classified as a service anomaly (which is associated with higher-level service intent/assurance objects) unless separately mapped by policy/logic, and it does not primarily drive the Active tab indicator, which is focused on operational state views rather than being the primary alert surface for IBA probe anomalies.
정답:
Explanation:
In Apstra 5.1, this screen represents a configuration deviation workflow: Apstra is comparing the intended (golden) configuration it generated from blueprint intent against the actual configuration currently on the device. When an operator makes a change directly on the switch CLI (for example, on a Junos v24.4 leaf), Apstra detects the difference and flags it as drift because it did not originate from the blueprint’s intent model.
Clicking Accept Changes tells Apstra to adopt the device’s current CLI state as the new accepted baseline for that device, effectively incorporating the observed CLI delta into Apstra’s intended configuration for purposes of future comparison and compliance. In other words, Apstra stops treating that specific deviation as an error because it has been acknowledged and absorbed into the “golden config” (the intent-aligned configuration Apstra considers correct for that node). This is commonly used when an emergency change was made on-box and you want Apstra’s source of truth to reflect it, rather than reverting it.
This differs from Apply Full Config, which is used to push Apstra’s intended configuration down to the device to restore compliance. If you do not accept the change, a later commit/apply action can overwrite the CLI-entered configuration to re-align with blueprint intent.
정답:
Explanation:
In Apstra 5.1, the correct operational method to gracefully remove a switch from service for maintenance is to set its Deploy Mode to Drain. Drain is a day-2 operational control that tells Apstra to adjust intent so the fabric can continue operating while the targeted device is logically taken out of service as much as the design allows. This is especially relevant in EVPN-VXLAN leaf-spine fabrics where taking down a spine or a leaf can disrupt underlay BGP adjacencies and overlay reachability if traffic is not shifted first.
This action is performed from the blueprint’s Active view because Drain affects the currently deployed, running fabric state (not a staged design change). Selecting the device under Active and changing Deploy Mode to Drain initiates the workflow that prepares the device for maintenance by reducing its role in forwarding and/or withdrawing dependent services according to the blueprint’s modeled redundancy (for example, shifting server-facing traffic to an MLAG/ESI peer where applicable, or reducing reliance on the device for transit). After the device is drained, an OS upgrade can be performed with less impact, and the device can later be returned to service by switching Deploy Mode back to Deploy and committing the change.
The “Upgrade” action is not the deploy-mode mechanism described for graceful removal; the key is Deploy Mode → Drain from Active, which is explicitly intended for maintenance and decommissioning scenarios.
Verified Juniper sources (URLs):
https://www.juniper.net/documentation/us/en/software/apstra5.1/apstra-user-guide/topics/task/device-drain.html
https://www.juniper.net/documentation/us/en/software/apstra4.2/apstra-drain-mode/apstra-drain-mode-guide/topics/concept/apstra-drain-mode-activate-or-disable-drain.html
정답:
Explanation:
In Apstra 5.1, Security Policies express traffic-permit/deny intent between defined fabric endpoints, and Apstra compiles that intent into ACL enforcement on the appropriate switches (for example, on gateway interfaces for east-west segmentation and on border leaf interfaces for north-south controls). The objects you use to define that policy intent must correspond to fabric connectivity constructs that Apstra understands as endpoints in the blueprint’s logical model.
Two such valid objects are Virtual Networks and Routing Zones. A virtual network represents a tenant segment (typically mapped into EVPN-VXLAN constructs such as VNI and associated IRB gateway when L3 is enabled). Policies between virtual networks are a common way to implement micro-segmentation or tier-based segmentation (web/app/db) within the same tenant boundary. A routing zone represents the L3 tenancy boundary (mapped to a VRF) and can be used to group and control connectivity at the tenant level, especially where policy needs to be expressed for aggregated tenant domains or for controls involving external connectivity.
“Domain name” and “application signature” are not endpoint objects for Apstra Security Policies in this context. They may exist in other security ecosystems, but Apstra’s security intent model for ACL generation is based on topology and blueprint objects (routing zones, virtual networks, and endpoint definitions), which can then be rendered into Junos v24.4 firewall filterCstyle enforcement on the fabric devices.
Verified Juniper sources (URLs):
https://www.juniper.net/documentation/us/en/software/apstra5.1/apstra-user-guide/topics/topic-map/policy-security.html
https://www.juniper.net/documentation/us/en/software/apstra5.1/apstra-user-guide/topics/concept/routing-zones.html
https://www.juniper.net/documentation/us/en/software/apstra5.1/apstra-user-guide/topics/concept/virtual-networks.html
정답:
Explanation:
The exhibit shows node100 (Generic System) selected, with links from that generic system to two fabric leaf switches (for example, a leaf participating in an ESI pair and another leaf node). In Apstra 5.1, a Generic System represents an endpoint that is not managed as a network device by Apstra (such as a server, appliance, or host), but it is still modeled so Apstra can apply interface intent (LAG vs single link), connectivity templates, and virtual network attachments.
Because the device is shown as a generic system connected on leaf-facing ports inside the fabric topology, this aligns with an internal generic system. Internal generic systems are used for servers or endpoints that reside “inside” the rack/fabric context and consume leaf switch ports as access-facing connections. This is the common representation for endpoints in EVPN-VXLAN data center designs, where the leaf switches provide the VLAN/VNI mapping and, if required, IRB gateway services within the tenant VRF (routing zone).
An external generic system is typically used for devices outside the fabric boundary―most commonly external routers, firewalls, or upstream networks attached at border leafs―where the intent is external connectivity rather than server access. The selected node is neither a peer switch nor an access switch (those are network infrastructure roles), and the UI explicitly labels it as a Generic System, confirming the correct classification as an internal generic system.
정답:
Explanation:
In Apstra 5.1, the Staged > Physical > Links workspace is where you build and validate the cabling (link) intent for the fabric before committing changes. During deployment and day-0/1 build, Apstra can leverage LLDP neighbor discovery from the connected devices to accelerate and validate the cabling map. The indicated toolbar icon in the Links view is used to fetch discovered LLDP data from the devices so Apstra can compare the discovered neighbor relationships with the intended topology and, depending on workflow, help populate or validate link endpoints.
This is particularly important in leaf-spine IP fabrics because correct physical connectivity underpins the entire underlay―interface states, point-to-point addressing, and BGP sessions. In an EVPN-VXLAN design running Junos v24.4, broken or mis-cabled links quickly manifest as missing underlay adjacencies and failed EVPN control-plane signaling. Pulling LLDP discovery into Apstra helps you identify mismatches early (wrong neighbor, wrong port, missing neighbor) and reduces manual cabling errors.
This action is not merely a UI refresh, it does not wipe the cable map, and it does not modify link speeds. Its operational purpose is to import discovered LLDP neighbor information into the blueprint’s physical link view so Apstra can assist with accurate topology validation and deployment readiness.
정답:
Explanation:
In Apstra 5.1, a routing zone is the primary construct used to represent an L3 domain for multitenant isolation. In traditional network operating system terms, that maps to a VRF (Virtual Routing and Forwarding instance). Each routing zone is placed “in its own VRF,” which provides independent routing tables and isolates IP traffic so that different tenants can reuse overlapping IP subnets without conflict. This is central to modern EVPN-VXLAN data center design, where tenants typically require clean separation of routing and policy boundaries.
Within a routing zone, you can create one or more virtual networks (often mapped to VXLAN segments) that provide L2 extension across racks while still being contained by the tenant’s VRF. If L3 gateway services are enabled for those virtual networks, their gateway interfaces (for example, IRB interfaces on Junos v24.4 leaf switches) are associated with the routing zone’s VRF so that inter-subnet routing occurs within the tenant boundary.
This terminology distinction is important: an IRB is an interface construct used to provide L3 gateway functionality for a VLAN/VXLAN segment; a VLAN is a Layer 2 segmentation mechanism; and an access list is a policy enforcement tool. A routing zone, however, defines the tenant’s L3 routing context, which is precisely what a VRF provides on Junos.
Verified Juniper sources (URLs):
https://www.juniper.net/documentation/us/en/software/apstra5.0/apstra-user-guide/topics/concept/routing-zones.html
https://www.juniper.net/documentation/us/en/software/apstra4.2/apstra-user-guide/topics/concept/routing-zones.html
정답:
Explanation:
In Apstra 5.1, “resources” (such as ASNs, IP addressing, and VNIs) are allocated to blueprint elements using resource pools. The blueprint does not require you to manually craft every individual resource value; instead, Apstra’s workflow is to have you indicate which pool(s) should be used for the blueprint, and then Apstra automatically pulls and assigns the required values. This automation is fundamental to Apstra’s intent-based model: once the blueprint knows which pools to consume, it can deterministically allocate unique values across the fabric and generate consistent Junos configuration for the assigned devices.
Option D best matches this behavior because it reflects the documented mechanism: required resources are automatically pulled from the selected pool(s) and assigned in a fast, bulk transaction. This is what enables repeatable deployments―especially in EVPN-VXLAN data center fabrics― because resource collisions and manual tracking are avoided.
Option A is not the defining prerequisite for resource assignment; device profile and device assignment are important overall build steps, but the correctness of resource assignment is tied to pool selection and availability rather than being strictly gated by those tasks. Option B is incorrect because pools can be created and managed beyond only “global” contexts, and Apstra also supports creating additional pools from within the blueprint when needed. Option C is misleading because resources are governed by pools and allocation, not only by manual creation under a single tab.
Verified Juniper sources (URLs):
https://www.juniper.net/documentation/us/en/software/apstra5.1/apstra-user-guide/topics/concept/resources.html
https://www.juniper.net/documentation/us/en/software/apstra5.1/apstra-user-guide/topics/concept/freeform-resource-management.html
https://www.juniper.net/documentation/us/en/software/apstra5.1/apstra-user-guide/topics/ref/resource-pools-api.html
정답:
Explanation:
In Apstra 5.1, servers that connect to leaf switches are represented as generic systems so Apstra can model links, apply connectivity templates, attach virtual networks, and validate intent. The selection of generic system type depends on whether the endpoint is considered part of the rack’s internal topology or an external attachment. When you add a new server inside an existing rack type, that server is treated as a component of the rack topology (that is, it lives “within” the rack alongside leaf switches and any other rack-internal endpoints). Apstra documentation refers to such systems as internal generic systems.
Internal generic systems are not managed like switches (no full device management), but they are first-class topology objects: they occupy ports on leaf switches, can be tagged with roles, and can be associated with link definitions that drive correct interface intent (LAG vs single link, VLAN tagging, and virtual network association). This modeling is essential in EVPN-VXLAN fabrics because correct endpoint attachment on leaf ports determines VLAN/VNI mapping and the resulting Junos v24.4 configuration rendered by Apstra.
External generic systems, by contrast, represent devices outside the rack topology (often used for external routers, firewalls, or other non-rack-contained endpoints). Because the question explicitly places the server inside an existing rack type, the correct choice is Internal generic.
Verified Juniper sources (URLs):
https://www.juniper.net/documentation/us/en/software/apstra5.1/apstra-user-guide/topics/topic-map/internal-generic-system-create.html
정답:
Explanation:
In Apstra 5.1, the Active view represents the operational state of the deployed fabric (as opposed to the intended state being edited in Staged). Within Active, the Query function is designed for day-2 operations where an operator needs to quickly locate endpoint-related information and validate forwarding/neighbor state derived from the fabric. The query choices exposed in the UI are focused on operational lookup primitives rather than design objects. Specifically, Apstra supports querying MAC and ARP (and also VMs when virtual infrastructure integration is present).
MAC queries help identify where a Layer 2 endpoint is being learned in the fabric―useful for troubleshooting EVPN-VXLAN fabrics where MAC learning and advertisement can determine reachability and mobility behavior. ARP queries help identify IP-to-MAC bindings and validate whether hosts are being resolved correctly, which is critical when troubleshooting first-hop behavior (for example, IRB gateway adjacency, endpoint onboarding, or unexpected IP conflicts).
By contrast, “Virtual Network” and “Routing Zone” (VRF) are primarily design constructs managed in Staged and validated/assured by analytics and intent checks; they are not the direct query selectors in the Active > Query tool. Therefore, the two correct Active-query aspects from the given options are ARP and MAC.
Verified Juniper sources (URLs):
https://www.juniper.net/documentation/us/en/software/apstra5.1/apstra-user-guide/topics/task/query-active.html
정답:
Explanation:
In Apstra 5.1, “resources” are the identifier values consumed by the fabric design and rendered into device configuration―examples include ASNs, IP addresses, VNIs, VLAN-related identifiers (where applicable), and similar allocation-driven values. These values are provided through resource pools, which are the authoritative containers Apstra draws from when assigning resources to blueprint roles (for example, leaf ASNs, spine ASNs, loopbacks, point-to-point subnets, and VNI ranges). A key architectural feature is that resource pools are not confined to one blueprint. Apstra supports pools with different scopes to match operational needs: some pools are managed centrally and reused across multiple blueprints, while other pools are created and used within the context of a specific blueprint when you want strict separation and lifecycle alignment with that blueprint.
This is why the correct statement is that a pool’s scope can be global or blueprint-specific. Global pools are appropriate when you want consistent allocation policy across fabrics (for example, enterprise-wide ASN ranges). Blueprint-specific pools are appropriate when you want per-fabric independence or when allocations are generated dynamically within the blueprint. This scope behavior is independent of Junos v24.4; Junos receives the final rendered values, but the pool scoping and allocation control are Apstra design-time constructs that ensure deterministic, conflict-free assignments at scale.
Verified Juniper sources (URLs):
https://www.juniper.net/documentation/us/en/software/apstra5.1/apstra-user-guide/topics/concept/resources.html
https://www.juniper.net/documentation/us/en/software/apstra5.1/apstra-user-guide/topics/concept/freeform-resource-management.html
https://www.juniper.net/documentation/us/en/software/apstra5.1/apstra-user-guide/topics/ref/resource-pools-api.html
정답:
Explanation:
Apstra 5.1 Security Policies are intended to enforce permit/deny controls for traffic between defined endpoints such as routing zones, virtual networks, and IP endpoints. Apstra expresses this security intent in an implementation-independent way, then renders and deploys the equivalent enforcement configuration onto the appropriate devices and interfaces. In Apstra terminology, the outcome is an ACL applied at enforcement points, such as virtual network interfaces (SVIs/IRBs) for east-west controls and border leaf interfaces for external-to-internal controls.
Therefore, the two correct policy types in this context are access control lists (ACLs) and firewall filters. “ACL” is the abstract policy object Apstra compiles and applies, while on Junos v24.4 the concrete enforcement mechanism for stateless packet filtering on interfaces is typically implemented as a firewall filter. Apstra automatically places these rendered ACLs/filters where needed: when you add VXLAN endpoints (such as expanding a rack/leaf in a VN), the ACL is placed on the corresponding VN interface; when you add external connectivity points, relevant ACLs are placed on the border leaf enforcement points. This automation ensures that security intent remains consistent as the fabric scales or changes, reducing the risk of manual rule drift. In contrast, filter-based forwarding / policy-based routing changes forwarding decisions rather than expressing permit/deny security intent, and is not the primary mechanism used by Apstra Security Policies for reachability control.
정답:
Explanation:
In Apstra 5.1, Intent-Based Analytics (IBA) is built on Apstra’s graph-based source of truth, where devices, interfaces, links, routing constructs, and services are represented as nodes with relationships. An IBA probe is effectively a processing pipeline (a directed acyclic graph of stages and processors) that ingests telemetry and then performs calculations, aggregations, and anomaly detection. To make any of that work, the probe must first determine which specific objects in the graph―for example, which leaf switches, which uplinks, which BGP sessions, or which interface counters―should be included in the analysis.
The probe element that selects those objects is the graph query. A graph query is evaluated against Apstra’s graph database to return a set of matching nodes/relationships; those query results then become the scope for ingestion and subsequent processing. In other words, the graph query defines “apply this probe to these devices/interfaces/sessions,” and it also provides the context used to bind telemetry identities (key-value pairs describing the metric source) to the correct logical objects in the blueprint. This is why Apstra documentation describes early probe processors producing outputs whose cardinality aligns with the number of results returned by the specified graph query(s). Without a graph query, the probe would not have a deterministic, intent-aligned target set for analytics, and the same probe definition could not be reliably reused across fabrics or blueprints.