Training

Certification

Navigation
JNCIE-SEC Exam Objectives (Exam: JPR-932)

This list is intended to provide a general view of the skill sets required to successfully complete the JNCIE-SEC exam. Topics listed are subject to change.

Infrastructure Concepts
High Availability
Firewall Policies
IPSec VPNs
NAT
Advanced Security Services
IGPs
BGP
Protocol-Independent Routing
Extended Implementation Concepts

Infrastructure Concepts

  • Security Forwarding Options
    • Packet-based
      • MPLS
      • inet6
    • Flow-Based
      • inet6
  • Security Zones
    • Configure security zones
  • Device Management
    • User accounts
    • System services

High Availability

  • HA Clustering
    • Active-active
    • Active-passive
    • Reth interfaces
    • Link aggregation
    • Control and data plane
    • Dual fabric links
    • Redundancy groups

Firewall Policies

  • Security Polices
    • Policy configuration
    • Advanced policy options
    • Schedulers
    • ALGs
    • Authorization
    • Bypass flow forwarding
  • Logging
    • Data and control plane logs
    • Forward logs to the RE
    • Send logs to external collectors
  • UTM
    • Anti-virus
    • Web filtering

IPSec VPNs

  • Implementation of IPSec VPNs
    • Multipoint tunnels
    • Policy-based VPNs
    • Route-based VPNs
      • Traffic selectors
      • Proxy ID
    • Traceoptions
    • Dual and backup tunnels
    • On-demand tunnels
    • DRP over a tunnel
    • Dynamic VPNs
    • Certificate-based VPNs
    • PKI
    • Interoperability with 3rd party devices

NAT

  • Implementation of NAT
    • Source NAT
    • Destination NAT
    • Static NAT
    • NAT64
  • Implementation of NAT with IPSec
    • Overlapping IPs between sites

Advanced Security Services

  • AppSecure
    • AppTrack
    • AppFW
    • AppQoS
    • AppDoS
    • Application Identification
    • User Firewall
    • SSL Forward Proxy
    • Integration with IPS
  • IDP
    • Logs
    • Custom polices
    • Automatic updates
  • L3/L4/L7 DoS
    • Stateless filters
    • Screens
    • Flow options
    • App DDos
  • Active Directory Integration

IGPs

  • OSPF
    • Multi-area OSPF topologies
    • Filter and summarize routes
    • Network and link types
    • Route selection process
    • Redistribution
    • IPv6

BGP

  • Implementation
    • Routing policy
    • Route selection
    • IPv6

Protocol-Independent Routing

  • Filter-based Forwarding
    • Based on Layer 4
    • Based on IFL
  • Configuring Routes
    • Aggregate
    • Static
    • Generated
    • Policies

Extended Implementation Concepts

  • Transparent mode
    • Configure transparent mode