This list is intended to provide a general view of the skill set required to successfully complete the specified certification exam. Topics listed are subject to change.
- Introduction to SRX-series Services Gateway
- Zones
- SCREEN Options
- Security Policies
- NAT
- IPSec VPNs
- High Availability (HA) Clustering
- Intro to IDP
- Firewall User Authentication Overview
- Introduction to UTM
- Anti-Spam Filtering
- Anti-Virus Protection
- Content Filtering
- Web Filtering
Introduction to SRX-series Services Gateway
- Describe the operation of Junos in security platforms
- Describe the Junos security architecture and packet flow
Zones
- Demonstrate knowledge of the configuration, operation and troubleshooting of zones
- Identify the relationship between zones assignments, interfaces, and routing instances
- List and identify the steps necessary to configure zones
- Compare and contrast device's behavior when handling transit packets -versus packets destined to the device.
- Demonstrate understanding of configuration precedence
- Describe the traffic behavior based on a sample zone configuration
SCREEN Options
- Demonstrate knowledge of the configuration and operation of SCREENs
- Configure SCREENs with necessary parameters based on threats
- Compare and contrast reconnaissance, DoS, and suspicious packets attacks
Security Policies
- Describe the purpose, configuration and operation of a security policy
- Define the purpose of security policy configuration components
- Demonstrate understanding of the default security policy
- Based on policy configurations, describe the impact of security policy changes on sessions in progress
- Describe the purpose of an address book
- Based on policy configurations, compare and contrast scheduled and non-scheduled policies
- Demonstrate understanding of security policy monitoring
NAT
- Demonstrate knowledge of the configuration and operation of NAT
- Describe support of NAT and different NAT types
- Identify NAT scenarios requiring Proxy-ARP configurations
- Identify types of NAT used, based on various NAT configurations and outputs
IPSec VPNs
- Describe the operation of secure VPNs
- Compare and contrast symmetric and asymmetric key encryption
- Describe the DH key exchange process
- Describe IPSec VPN setup, encapsulation and configuration
- List specifics of Security Associations
- Describe the IKE phases functionality and purpose
- Compare and contrast policy-based and route-based IPSec implementations
- Configure route-based and policy-based IPSec VPNs
HA Clustering
- Describe HA functionality, configuration and operation
- Identify chassis cluster interfaces and their functions
- Configure redundancy groups
Intro to IDP
- Describe IDP concepts and configuration
- Identify IDP components
- Identify IDP policy match conditions
- Identify IDP policy actions
- Describe the procedure for updating the attack database
Firewall User Authentication Overview
- Describe firewall user authentication, concepts, and configuration
- Compare and contrast types of firewall user authentication
- Configure access profiles
- Configure client groups
- Describe the behavior when using external authentication servers
- Demonstrate understanding of firewall user authentication monitoring
Demonstrate understanding of firewall user authication monitoringIntroduction to UTM
- Describe the configuration of UTM policies and enforcement of licenses
- Identify UTM components
- Explain how each major feature addresses the challenges of the branch office
Anti-Spam Filtering
- Describe the purpose, configuration and operation of anti-spam filtering
- Define anti-spam filtering terminology and components
- Describe the anti-spam filtering process
- Configure anti-spam filtering using the CLI
- Demonstrate understanding of anti-spam monitoring
Anti-Virus Protection
- Identify the differences between the two types of anti-virus protection
- Describe anti-virus purpose, configuration and operation
- Describe the anti-virus protection process
- Configure anti-virus protection using the CLI
- Demonstrate understanding of anti-virus monitoring
Content Filtering
- Describe the purpose, configuration and operation of content filtering
- Define content filtering terminology and parameters
- Configure content filtering using the CLI
- Demonstrate understanding of content filter monitoring
Web Filtering
- Describe the purpose, configuration and operation of Web filtering
- Define Web filtering terminology and parameters
- Describe the Web filtering process
- Configure Web filtering using the CLI
- Demonstrate understanding of Web filter monitoring
- Identify the differences between the three types of Web filtering
