When a new switch is added to Juniper Apstra software, it initially shows the ''0 OS-Quarantined'' status, which means that the device is not yet managed by Apstra and has not been assigned to any blueprint. The proper next step to make the device ready for use in a blueprint is to acknowledge the device, which is a manual action that confirms the device identity and ownership.Acknowledging the device changes its status to ''OOS-Ready'', which means that the device is ready to be assigned to a blueprint and deployed12.Reference:

Managing Devices

AOS Device Configuration Lifecycle

According to the Juniper documentation1, a template is a configuration template that defines a network's policy intent and structure. A template can be either rack-based or pod-based, depending on the type and number of racks and pods in the network design. A template includes the following details:

Policies: These are the parameters that apply to the entire network, such as the overlay control protocol, the ASN allocation scheme, and the underlay type.

Structure: This is the physical layout of the network, such as the type and number of racks, pods, spines, and leaves. The structure also defines the leaf-to-spine interconnection, which is the number and type of links between the leaf and spine devices. The leaf-to-spine interconnection can be either single or dual, depending on the redundancy and bandwidth requirements.

Therefore, the correct answer is A. the leaf-to-spine interconnection. This is a component that is defined in a template, as it determines the physical connectivity of the network. The speed of the links, the number of spine devices, and the definition of IP pools are not components that are defined in a template, as they are either derived from the device profiles, the resource pools, or the blueprint settings.Reference:Templates Introduction | Apstra 4.2 | Juniper Networks

BGP is the protocol used to advertise EVPN routes. EVPN routes are a new type of BGP network layer reachability information (NLRI) that carry MAC address and IP prefix information for Ethernet VPNs. EVPN routes are exchanged between PEs using BGP multiprotocol extensions (MP-BGP) over MPLS, VXLAN, SR, or SRv6 tunnels. EVPN routes enable PEs to learn the reachability of MAC addresses and IP prefixes of different sites within the same EVPN instance. EVPN routes also support various features such as fast convergence, redundancy, aliasing, and inter-subnet routing. The other options are incorrect because:

A) OSPF is wrong because OSPF is an interior gateway protocol (IGP) that is used to advertise IP routes within an autonomous system. OSPF is not used to advertise EVPN routes, which are a type of BGP NLRI that carry MAC address and IP prefix information for Ethernet VPNs.

C) IS-IS is wrong because IS-IS is an interior gateway protocol (IGP) that is used to advertise IP routes and MPLS labels within an autonomous system. IS-IS is not used to advertise EVPN routes, which are a type of BGP NLRI that carry MAC address and IP prefix information for Ethernet VPNs.

D) RIP is wrong because RIP is an interior gateway protocol (IGP) that is used to advertise IP routes within an autonomous system. RIP is not used to advertise EVPN routes, which are a type of BGP NLRI that carry MAC address and IP prefix information for Ethernet VPNs.Reference:

EVPN Fundamentals

RFC 9136 - IP Prefix Advertisement in Ethernet VPN (EVPN)

EVPN Type-5 Routes: IP Prefix Advertisement

Understanding EVPN Pure Type 5 Routes

Juniper Apstra supports three deploy modes for devices:Deploy,Drain, andReady.These modes determine the configuration and state of the devices in the data center fabric12.

Deploy: This mode applies the full Apstra-rendered configuration to the device, according to the Apstra Reference Design.The device state becomesIS-ACTIVEand the device is ready to carry traffic in the fabric12.

Drain: This mode adds a ''drain'' configuration to the device, which prevents any new traffic from entering the device.The device state becomesIS-READYand the device is prepared for maintenance or decommissioning12.

Ready: This mode removes the Apstra-rendered configuration from the device, leaving only the basic configuration such as device hostname, interface descriptions, and port speed/breakout.The device state becomesIS-READYand the device is not part of the fabric12.Reference:

Device Configuration Lifecycle

Set Deploy Mode (Datacenter)

Juniper Apstra role-based access control (RBAC) is a feature that allows you to specify access permissions for different users based on their roles.RBAC servers are remote network servers that authenticate and authorize network access based on roles assigned to individual users within an enterprise1.Juniper Apstra has four predefined user roles: administrator, device_ztp, user, and viewer2. The administrator role is the most powerful role, and it can see all permissions and perform all actions in the Apstra software application.The administrator role can also create, clone, edit, and delete user roles, except for the four predefined user roles, which cannot be modified2. Therefore, the statement that the administrator role can see all permissions is correct.

The following three statements are incorrect in this scenario:

The viewer role is predefined and can be deleted. This is not true, because the viewer role is one of the four predefined user roles, and it cannot be deleted.The viewer role is the most restricted role, and it can only view the network information and configuration, but not make any changes2.

The user role can create roles. This is not true, because the user role is one of the four predefined user roles, and it cannot create roles.The user role can perform most of the network configuration and management tasks, but it cannot access the platform settings or the user management features2.

The administrator role is the only predefined role. This is not true, because there are four predefined user roles, not just one.The other three predefined user roles are device_ztp, user, and viewer2.

Providers --- Apstra 3.3.0 documentation

User/Role Management (Platform)