JNCIP-SEC(JN0-637)考试介绍

goodluck

Announcement
On June 10, 2024, there will be a new exam for the Juniper Networks Certified Professional, Security (JNCIP-SEC) certification. View the information for the new Security, Professional (JN0-637) exam.

The Security Track enables you to demonstrate a thorough understanding of security technology in general and Junos OS software for SRX Series devices. JNCIP-SEC, the professional-level certification in this track, is designed for networking professionals with advanced knowledge of the Juniper Networks Junos OS for SRX Series devices. The written exam verifies your understanding of advanced security technologies and related platform configuration and troubleshooting skills.

This track contains four certifications:

JNCIA-SEC: Security, Associate. For details, see JNCIA-SEC.
JNCIS-SEC: Security, Specialist. For details, see JNCIS-SEC.
JNCIP-SEC: Security, Professional. For details, see the sections below.
JNCIE-SEC: Security, Expert. For details, see JNCIE-SEC.
Exam Preparation
We recommend the following resources to help you prepare for your exam. However, these resources aren't required, and using them doesn't guarantee you'll pass the exam.

Recommended Training

Advanced Juniper Security
Exam Resources

Industry/product knowledge
Juniper TechLibrary
Additional Preparation

Juniper Learning Portal


Exam Objectives

Here’s a high-level view of the skillset required to successfully complete the JNCIP-SEC certification exam.

Exam Objective	Description
Firewall Filters	Describe the concepts, operation, or functionality of firewall filters. Selective packet processing Troubleshooting with firewall filters Filter-based forwarding Given a scenario, demonstrate how to configure, troubleshoot, or monitor firewall filters.
Troubleshooting Security Policy and Zones	Given a scenario, demonstrate how to troubleshoot or monitor security policies or security zones. Tools Logging/tracing Other outputs
Advanced Threat Protection	Describe the concepts, operation, or functionality of Juniper Advanced Threat Prevention (on-premises appliance or Cloudbased service). Collectors Custom rules Mitigation Given a scenario, demonstrate how to configure or monitor Juniper Advanced Threat Prevention.
Edge Security	Describe the concepts, operation, or functionality of edge security features. Hardware support Security Intelligence (SecIntel) Intrusion prevention system (IPS) Corero DDoS Mitigation Advanced threat prevention (ATP)
Compliance	Describe the concepts or operation of security compliance. Role-based access control (RBAC) Junos Space® Security Director Authentication, Authorization, and Accounting (AAA) and Security Assertion Markup Language (SAML) integration
Threat Mitigation	Describe the concepts, operation, or functionality of threat mitigation. Malware identification or mitigation Malicious lateral traffic identification or mitigation Zero trust microsegmentation Given a scenario, demonstrate how to configure or monitor threat mitigation.
Logical and Tenant Systems	Describe the concepts, operation, or functionality of the logical systems. Administrative roles Security profiles Logical systems (LSYS) communication Describe the concepts, operation, or functionality of the tenant systems. Master and tenant admins Tenant systems (TSYS) capacity
Layer 2 Security	Describe the concepts, operation, or functionality of Layer 2 security. Transparent mode Mixed mode Secure wire Media Access Control Security (MACsec) Given a scenario, demonstrate how to configure or monitor Layer 2 security.
Advanced Network Address Translation (NAT)	Describe the concepts, operation, or functionality of advanced NAT functionality. Persistent NAT Domain name system (DNS) doctoring IPv6 NAT Given a scenario, demonstrate how to configure, troubleshoot, or monitor advanced NAT scenarios.
Advanced IPsec	Describe the concepts, operation, or functionality of advanced IPsec applications. Remote access VPNs Hub-and-spoke VPNs Public Key Infrastructure (PKI) Auto Discovery VPNs (ADVPNs) Routing with IPsec Overlapping IP addresses Dynamic gateways IPsec class of service (CoS) Given a scenario, demonstrate how to configure, troubleshoot, or monitor advanced IPsec functionality.

Exam Details

Exam questions are derived from the recommended training and the exam resources listed above. Pass/fail status is available immediately after taking the exam. The exam is only provided in English.

Exam Code

JN0-636

Prerequisite Certification

JNCIS-SEC

Delivered by

Pearson VUE

Exam Length

90 minutes

Exam Type

65 multiple-choice questions

Software Versions
Junos OS 22.2
SD 22.1


Recertification

Juniper certifications are valid for three years. For more information, see Recertification.

thamky

mawr1985

aoka

THANKS