Juniper Security Certification Training



The Juniper Networks Certification Program (JNCP) Junos Security certification track is a program that allows participants to demonstrate competence with Juniper Networks technology. Successful candidates demonstrate thorough understanding of security technology in general and Junos software for SRX Series devices.

Choose Your Certification

JNCIA-Junos
Associate

Designed for networking professionals with beginner-intermediate knowledge of networking, this written exam verifies the candidate’s understanding of networking fundamentals, as well as core functionality of the Juniper Networks Junos OS.

JNCIS-SEC
Specialist

Designed for experienced networking professionals with intermediate knowledge of the Juniper Networks Junos OS for SRX Series devices, this written exam verifies the candidate’s understanding of security technologies and related platform configuration and troubleshooting skills.

JNCIP-SEC
Professional

Designed for experienced networking professionals with advanced knowledge of the Juniper Networks Junos OS for SRX Series devices, this written exam verifies the candidate’s understanding of advanced security technologies and related platform configuration and troubleshooting skills.

JNCIE-SEC
Expert

Designed to validate the networking professionals’ ability to deploy, configure, manage and troubleshoot Junos-based security platforms. Successful candidates will perform system configuration on all devices, configure secure management capabilities, install complex policies and attack prevention features, HA capabilities, IPS features.

Prerequisites

There are no prerequisites for this certification exam.

Exam Details

Exam code: JN0-102
Administered by: Pearson VUE
Exam length: Candidates have 90 minutes to complete the exam
Exam type: 65 multiple-choice questions
Scoring: Pass/fail status is available immediately
Junos Software Release: 15.1

The following list is a general view of the skills required to successfully complete the JNCIA-Junos (Associate) certification exam.

Be able to identify the concepts and functionality of various fundamental elements of networking.

  • Collision domains and broadcast domains
  • Function of routers and switches
  • Optical network fundamentals – SONET/SDH, OTN
  • Ethernet networks
  • Layer 2 addressing, including address resolution
  • IPv4 and IPv6 fundamentals
  • Layer 3 / IP addressing, including subnet masks
  • Subnetting and supernetting
  • Decimal to binary conversion
  • Longest match routing
  • Connection-oriented vs. connectionless protocols

Be able to identify the concepts and functionality of the core elements of the Junos OS.

  • Junos device portfolio – product families, general functionality
  • Software architecture
  • Control and forwarding planes
  • Routing Engine and Packet Forwarding Engine
  • Protocol daemons
  • Transit traffic processing
  • Exception traffic

Be able to identify the concepts, operation and functionality of the Junos user interfaces.

  • CLI functionality
  • CLI modes
  • CLI navigation
  • CLI Help
  • Filtering output
  • Active vs. candidate configuration
  • Reverting to previous configurations
  • Modifying, managing, and saving configuration files
  • Viewing, comparing, and loading configuration files
  • J-Web – core/common functionality

Be able to identify the main elements for configuring Junos devices.

  • Factory-default state
  • Initial configuration
  • User accounts
  • Login classes
  • User authentication methods
  • Interface types and properties
  • Configuration groups
  • Additional initial configuration elements – NTP, SNMP, syslog, etc.
  • Configuration archival
  • Logging and tracing
  • Rescue configuration

Describe how to configure basic components of a Junos device.

Be able to identify methods of monitoring and maintaining Junos devices

  • Show commands
  • Monitor commands
  • Interface statistics and errors
  • Network tools – ping, traceroute, telnet, SSH, etc.
  • Real-time performance monitoring (RPM)
  • Junos OS installation
  • Software upgrades
  • Powering on and shutting down Junos devices
  • Root password recovery

Be able to identify basic routing concepts and functionality for Junos devices.

  • Packet forwarding concepts
  • Routing tables
  • Routing vs. forwarding tables
  • Route preference
  • Routing instances
  • Static routing
  • Advantages of / use cases for dynamic routing protocols
Describe how to configure and monitor basic routing elements for a Junos device.

Be able to identify the concepts and functionality of routing policy and firewall filters on Junos devices.

  • Default routing policies
  • Import and export policies
  • Routing policy flow
  • Effect of policies on routes and routing tables
  • Policy structure and terms
  • Policy match criteria, match types, and actions
  • Firewall filter concepts
  • Filter match criteria and actions
  • Effect of filters on packets
  • Unicast reverse-path-forwarding (RPF)
Describe how to configure and monitor routing policies and firewall filters on a Junos device.

INE Training Videos

INE's JNCIA: Introduction to the Junos Operation System course will cover the topics you need to review in order to prepare for this certification exam.


Description: This course will cover the basics of the JUNOS Operating System to include coverage of the architecture of the Junos OS, Command Line Interface (CLI) navigation techniques, configuration management, modes, and maintenance, interface configuration, user configuration, Junos OS password recovery, the J-Web interface, how to perform Junos OS upgrades, NTP/SNMP/System Logging and Tracing, and core Junos OS network utilities.
Instructor: Travis Bonfigli
Length: 6 hours 36 minutes

Watch Now


INE's JNCIA: Junos JN0-102 Technology Course covers networking fundamentals and is ideal for those preparing for the JNCIA JN0-102 exam.


Description: This course is aimed at those preparing for the Juniper JNCIA -JN0-102 exam, it is also ideal for those that are new networking and/or works with Juniper Junos router(s), switch(s) looking to expand on their fundamentals.
Instructor: Philip Inshanally
Length: 6 hours 04 minutes

Watch Now


Register For The Exam

Create a Juniper Networks account to register for your exam. Once you are logged into your account, you will be able to access a list of testing centers in your area where you can take the exam.


Recertification policy: The JNCIA-Junos certification is valid for three years. For information on how to get recertified, click here.

Prerequisite Certification

You must have a JNCIA-Junos certification before sitting for the JNCIS-SEC certification exam.

Exam Details

Exam code: JN0-333
Administered by: Pearson VUE
Exam length: Candidates have 90 minutes to complete the exam
Exam type: Written exam - 65 multiple-choice questions
Scoring: Pass/fail status is available immediately
Junos Software Release: 15.1

The following list is a general view of the skills required to successfully complete the JNCIS-SEC certification exam.

Be able to identify concepts, general features, and functionality of Junos OS security.

  • Junos security architecture
  • Branch vs. high-end platforms
  • Major hardware components of SRX Series services gateways
  • Packet flow
  • Packet-based vs. session-based forwarding

Be able to identify the concepts, benefits, or operation of zones.

  • Zone types
  • Dependencies
  • Host inbound packet behavior
  • Screens
  • Transit packet behavior

Demonstrate knowledge of how to configure, monitor, or troubleshoot zones

  • Zone configuration steps
  • Hierarchy priority (inheritance)
  • Screens
  • Monitoring and troubleshooting

Be able to identify the concepts, benefits, or operation of security policies.

  • Policy types
  • Policy components
  • Policy ordering
  • Host inbound traffic examination
  • Transit traffic examination
  • Scheduling
  • Rematching
  • ALGs
  • Address books
  • Applications

Demonstrate knowledge of how to configure, monitor, or troubleshoot security policies

  • Policies
  • ALGs
  • Address books
  • Custom applications
  • Monitoring and troubleshooting

Be able to identify the concepts, benefits, or operation of NAT.

  • NAT types
  • NAT/PAT processing
  • DNS doctoring
  • Cone NAT
  • IPv4 to IPv6
  • Address persistence
  • NAT proxy ARP

Demonstrate knowledge of how to configure, monitor, or troubleshoot NAT

  • NAT configuration steps
  • Monitoring and troubleshooting

Be able to identify the concepts, benefits, or operation of IPsec VPNs

  • Secure VPN characteristics and components
  • IPSec tunnel establishment
  • IPSec traffic processing
  • Group VPN
  • ADVPN
  • PKI
  • Dynamic VPN
  • Junos OS IPsec implementation options

Demonstrate knowledge of how to configure, monitor, or troubleshoot IPsec VPNs

  • IPSec VPN configuration steps
  • Monitoring and troubleshooting

Be able to identify the concepts, benefits, or operation of HA.

  • HA features and characteristics
  • Deployment requirements and considerations
  • Chassis cluster characteristics and operation
  • Cluster modes
  • Cluster and node IDs
  • Redundancy groups
  • Cluster interfaces
  • Real-time objects
  • State synchronization
  • Ethernet switching considerations
  • IPSec considerations
  • Manual failover

Demonstrate knowledge of how to configure, monitor, or troubleshoot clustering

  • Cluster preparation
  • Cluster configuration steps
  • Monitoring and troubleshooting

Be able to identify concepts, general features or functionality of virtualized security using SRX.

  • Installation
  • Clustering with vSRX
  • Deployment scenarios
  • Troubleshooting

INE Training Videos

INE's Junos Security (JSEC) Technology Course covers all the topics you need to review in order to prepare for this certification exam.


Description: This course focuses on Juniper Security platform that will help you understand how the security devices work in depth and will prepare yourself to the Juniper Security Specialist certification. This course shows the architecture and best deployment methods for Juniper SRXs devices. After completing this course, you will be ready to deploy, manage and troubleshooting Juniper SRX devices and security products.
Instructor: Mauricio Spinelli
Length: 2 hours 48 minutes

Watch Now


Register For The Exam

Create a Juniper Networks account to register for your exam. Once you are logged into your account, you will be able to access a list of testing centers in your area where you can take the exam.


Recertification policy: The JNCIS-SEC certification is valid for three years. For information on how to get recertified, click here.

Prerequisite Certification

You must have a JNCIS-SEC certification before sitting for the JNCIP-SEC certification exam.

Exam Details

Exam code: JN0-634
Administered by: Pearson VUE
Exam length: Candidates have 120 minutes to complete the exam
Exam type: Written exam - 65 multiple-choice questions
Scoring: Pass/fail status is available immediately
Junos Software Release: 15.1

The following list is a general view of the skills required to successfully complete the JNCIP-SEC certification exam.

Be able to describe the concepts, operation, or functionality of AppSecure.

  • Application Identification
  • Custom Applications
  • Application Signatures
  • Application Tracking
  • AppQoS
  • AppFirewall

Given a scenario, demonstrate how to configure or monitor AppSecure

Describe the concepts, operation, or functionality of Security Director logging and reporting.

  • Security Director logging and reporting Installation
  • Security policy design and application
  • Analyzing data

Given a scenario, demonstrate how to configure or monitor Security Director logging and reporting information

Be able to describe the concepts, operation, or functionality of Sky ATP.

  • Functions and processing flow
  • Analysis and actions
  • Monitoring and reporting

Given a scenario, demonstrate how to configure or monitor Sky ATP

Be able to describe the concepts, operations, or functionality of UTM.

  • Processing Order
  • Content Filtering
  • Anti-virus
  • Anti-Spam
  • Web Filtering

Given a scenario, demonstrate how to configure or monitor UTM functions

Be able to describe the concepts, operation, or functionality of IPS

  • Processing order
  • Signatures
  • Policy
  • Templates

Given a scenario, demonstrate how to configure or monitor IPS functions

Be able to describe the concepts, operation, or functionality of SDSN.

  • SDSN fundamentals
  • Policy Enforcer
  • SDSN components

Given a scenario, demonstrate how to configure or monitor SDSN deployments

Be able to describe the concepts, operation, or functionality of the user firewall

  • Integrated user firewall
  • Integrated user firewall
  • Authentication sources

Given a scenario, demonstrate how to configure or monitor the user firewall

Be able to describe the concepts, operation, or functionality of Layer 2 security

  • Transparent mode
  • Mixed mode
  • Secure wire
  • MacSec

Given a scenario, demonstrate how to configure or monitor Layer 2 security

INE Training Videos

INE's JNCIP-SEC Technology Course: JN0-634 prepares candidates for the JNCIP-Security (JN0-634) exam. This certification is designed for experienced networking professionals to gain expertise in Juniper Networks, Junos OS software for SRX Series (15.1X49-D70.3), Juniper Space Security Director (16.2), Juniper Log Director (16.2R2) and Policy Enforcer.


Description: This course includes in-depth lectures and hands-on exercises to enhance the candidate’s understanding of advanced security technologies and related platform configuration and troubleshooting skills. The major part of this course is based on hands-on configuration and troubleshooting exercises which reinforce the concepts learned in theory of a respective topic. After completing this course, the candidate will not only be more than ready for the JNCIP-SEC written exam, but will also gain solid working knowledge on industry's latest technologies offered by Juniper Networks.
Instructor: Muhammad Ausaf Ali Yousaf
Length: 9 hours 01 minute

Watch Now


Register For The Exam

Create a Juniper Networks account to register for your exam. Once you are logged into your account, you will be able to access a list of testing centers in your area where you can take the exam.


Recertification policy: The JNCIP-SEC certification is valid for three years. For information on how to get recertified, click here.

Prerequisite Certification

You must have a JNCIP-SEC certification before sitting for the JNCIE-SEC certification exam.

Exam Details

Exam code: JPR-933
Administered by: Juniper Networks testing centers
Exam length: Candidates have 8 hours to complete the exam
Exam type: Hands-on lab exam
Junos Software Release:
-vSRX Services Gateway: 18.2
-vQFX Ethernet Switch: 17.4
-Junos Space Security Director: 18.2

The following list is a general view of the skills required to successfully complete the JNCIE-SEC certification exam.

NAT

  • Source, destination, static-based
  • Overlapping address space
  • NAT64 or NAT46

Security Zones

  • Zone-based architecture
  • How to secure traffic destined to the SRX Series device

Security Policy

  • Route-based VPN
  • Asynchronous routing
  • Selective packet mode

IPSec VPN

  • Interoperability
  • VPN topologies

SRX Series Device Setup

  • Deployment modes
  • System services and access control
  • High availability chassis clustering

Traffic Analysis

  • Tools (for example, Wireshark)
  • Malicious traffic detection

Network Security Monitoring

  • Attack logging and analysis
  • Attack mitigation

Security Operations

  • Security policies

Junos Space Security Director

  • Report generation
  • Device management

AppSecure Services

  • AppFW, AppQoS, AppTrack, APBR

UTM

  • Antivirus, antispam, web filtering, content filtering

IDP or IPS

  • Signature management
  • Custom IDP signature
  • IDP policy

Screens

  • Attack detection or prevention
  • Screen options

UserFW

  • Integrated user firewall
  • Captive portal
  • Juniper Identity Management Service (JIMS)

SSL Proxy

  • Client protection
  • Server protection

SDSN or Sky STP

  • Security intelligence feeds
  • Anti-malware protection
  • Firewall filters
  • Infected host feed
  • GeoIP
  • Threat intelligence feeds

INE Training Videos

INE's JNCIE-SEC Advanced Technology Course: JPR-932 covers all the topics you need to review in order to prepare for this certification exam.


Description: The Juniper Networks Certified Expert Security (JNCIE-SEC) Advanced Technology Course is the first step toward understanding JNCIE Security technologies and is an extensive hands-on and theory course designed for candidates with basic JunOS Security knowledge to excel in the JNCIE-SEC Lab exam. Each technology you need to know for the JNCIE-Security Lab is described in detail in an instructor-led demonstration with real-world scenarios.
Instructor: Muhammad Ausaf Ali Yousaf
Length: 14 hours 51 minutes

Watch Now


Register For The Exam

Create a Juniper Networks account to register for your exam. Once you are logged into your account, you will be able to access a list of testing centers in your area where you can take the exam.


Recertification policy: The JNCIE-SEC certification is valid for three years. For information on how to get recertified, click here.