Security, Professional (JNCIP-SEC) Certification Overview
|
Security, Professional (JNCIP-SEC) Certification Overview
|
|
|
|
|
|
|
The Security Track enables you to
demonstrate a thorough understanding of security technology in general and Junos OS
software for SRX Series devices. JNCIP-SEC, the professional-level certification in
this track, is designed for networking professionals with advanced knowledge of the
Juniper Networks Junos OS for SRX Series devices. The written exam verifies your
understanding of advanced security technologies and related platform configuration
and troubleshooting skills.
This track contains four certifications:
- JNCIA-SEC: Security, Associate. For details, see JNCIA-SEC.
- JNCIS-SEC: Security, Specialist. For details, see JNCIS-SEC.
- JNCIP-SEC: Security, Professional. For details, see the sections below.
- JNCIE-SEC: Security, Expert. For details, see JNCIE-SEC.
Exam Preparation
We recommend the following resources to help you prepare for your exam. However, these resources
aren't required, and using them doesn't guarantee you'll pass the exam.
Exam Objectives
Here’s a high-level view of the skillset required to successfully complete the JNCIP-SEC
certification exam.
| Exam Objective |
Description |
| Troubleshooting Security Policies and Security Zones
|
Given a scenario, demonstrate how to
troubleshoot or monitor security policies or security
zones.
- Tools
- Logging or tracing
- Other outputs
|
| Logical Systems and Tenant Systems |
Describe the concepts, operations, or
functionalities of logical systems.
- Administrative roles
- Security profiles
- Logical system communication
Describe the concepts, operations, or functionalities of
tenant systems.
- Primary system and tenant system
administrators
- Tenant system capacity
|
| Layer 2 Security |
Describe the concepts, operations, or
functionalities of Layer 2 Security.
- Transparent mode
- Mixed mode
- Secure wire
- MACsec
- Ethernet VPN-Virtual Extensible LAN
(EVPN-VXLAN) security
Given a scenario, demonstrate how to configure or
monitor Layer 2 Security.
|
| Advanced Network Address Translation (NAT) |
Describe the concepts, operations, or
functionalities of advanced NAT.
- Persistent NAT
- Domain Name System (DNS) doctoring
- IPv6 NAT
Given a scenario, demonstrate how to configure,
troubleshoot, or monitor advanced NAT scenarios.
|
| Advanced IPsec VPNs |
Describe the concepts, operations, or
functionalities of advanced IPsec VPNs.
- Hub-and-spoke VPNs
- Public Key Infrastructure (PKI)
- Auto discovery VPNs (ADVPNs)
- Routing with IPsec
- Overlapping IP addresses
- Dynamic gateways
- IPsec Class of Service (CoS)
Given a scenario, demonstrate how to configure,
troubleshoot, or monitor advanced IPsec VPNs.
|
| Advanced Policy-Based Routing (APBR) |
Describe the concepts, operations, or
functionalities of advanced policy-based routing.
- Profiles
- Policies
- Routing instances
- APBR options
Given a scenario, demonstrate how to configure or
monitor advanced policy-based routing.
|
| Multinode High Availability (HA) |
Describe the concepts, operations, or
functionalities of multinode HA.
- Concepts
- Chassis cluster versus multinode HA
- Deployment modes
- Services redundancy group (SRG)
- Interchassis link
- Active/active mode
- Active/passive mode
- Active node behavior (determination and
enforcement)
Given a scenario, demonstrate how to configure or
monitor multinode HA.
|
| Automated Threat Mitigation |
Describe the concepts, operations, or
functionalities of Automated Threat Mitigation.
- Third-party or multicloud integration
- Secure Enterprise
|
Exam Details
Exam questions are derived from the recommended training and the exam resources listed above.
Pass/fail status is available immediately after taking the exam. The exam is only provided in
English.
Prerequisite Certification
Exam Type
- 65 multiple-choice questions
Recertification
Juniper certifications are valid for three years. For more information, see Recertification.
|
|