This list is intended to provide a general view of the skill sets required to successfully complete the JNCIE-SEC exam. Topics listed are subject to change.
- Infrastructure Concepts
- High Availability
- Firewall Policies
- IPsec VPNs
- NAT
- Attack Prevention
- Extended Implementation Concepts
Infrastructure Concepts
- Security Zones
- Configure security zones
- Device Management
- User accounts
- System services
High Availability
- HA Clustering
- Active-active
- Active-passive
- Reth interfaces
- Link aggregation
- Control and data plane
- Dual fabric links
- Redundancy groups
Firewall Policies
- Security Polices
- Policy configuration
- Advanced policy options
- Schedulers
- ALGs
- Authorization
- Bypass flow forwarding
- Logging
- Data and control plane logs
- Forward logs to the RE
- Send logs to external collectors
- UTM
- Anti-virus
- Web filtering
IPsec VPNs
- Implementation of IPsec VPNs
- Multipoint tunnels
- Policy and route-based VPNs
- Traceoptions
- Dual and backup tunnels
- On-demand tunnels
- DRP over a tunnel
- Dynamic VPNs
- Certificate-based VPNs
- PKI
- Interoperability with 3rd party devices
NAT
- Implementation of NAT
- Source NAT
- Destination NAT
- Static NAT
- Implementation of NAT with IPSec
- Overlapping IPs between sites
Attack Prevention
- IDP
- Logs
- Custom polices
- Automatic updates
- L3/L4/L7 DoS
- Stateless filters
- Screens
- Flow options
- App DDos
Extended Implementation Concepts
- Transparent mode
- Configure transparent mode
