Training
Certification
Navigation
JNCIS-FWV Exam Objectives (Exam: JN0-532)
This list is intended to provide a general view of the skill set required to successfully complete the specified certification exam. Topics listed are subject to change.
VPNs
Network Management
Troubleshooting with Debug & Snoop
Traffic Management
Virtual Systems
NSRP
Dynamic Routing/Routing over VPNs
Attack Prevention
Multicast
VPNs
- Identify IKE Phase 1/Phase2 negotiation sequence and proposals
- Identify/differentiate IPSec standard elements (encapsulations, SA, SPI, etc.)
- List steps for policy-based/route-based VPN configuration
- Relate proxy-ID to VPN setup
- Identify proper configuration for various hub/spoke configurations (policy, int. placement, etc.)
- Identify NHTB requirements/configurations
- Configure/verify AC-VPNs
- Identify PKI components (certificates, CDL, etc.)
- List steps for PKI implementation w/ VPNs
- VPN Variations
- Configure Dynamic Peer VPNs
- Configure Transparent mode VPNs
- Configure Overlapping Networks
- Describe GRE applications/Configure GRE
Network Management
- Configure local management (SSL, SSH, management restrictions).
- Interpret internal counters and logs.
- Configure SYSLOG.
- Discuss logging levels.
- Configure SNMP.
Troubleshooting with Debug/Snoop
- Enable debug/snoop.
- Set debug filters.
- Set snoop filters.
- Use get commands to validates/troubleshoot routing and policies.
- Use debug output to identify routing and policy problems.
- Use get commands to validate/troubleshoot address translation.
- Use debug output to identify problems.
- Use get commands to validate/troubleshoot VPN setup.
Traffic Management
- Describe the bandwidth allocation process.
- Describe queuing functionality.
- List requirements/steps for configuring traffic management.
Virtual Systems
- Define VSYS applications
- Describe root vs. VSYS administration
- Explain VSYS vs. root assignment of routes/NAT pools/etc.
- Configure interface-based VSYS
- Configure inter-VSYS communications, including NAT.
- Use show/debug output to identify VSYS usage.
- Configure VSYS resource allocation
NSRP
- Distinguish active/passive and active/active.
- Describe NSRP operations (HA link, session sync, master election, etc.)
- Configure active/passive and active/active NSRP.
- Validate NSRP operations.
- Adjust operations (secondary link, failover settings).
- Configure redundant interface.
Dynamic Routing/Routing over VPNs
- Configure RIP over VPNs
- Configure OSPF over VPNs
- Configure/verify OSPF routing
- Configure OSPF options
- Configure/verify BGP
- Configure redistribution/filters/route maps
- Configure static routes incl. floating static routes
- Configure/verify source routing
- Configure/verify policy routing
Attack Prevention
- Describe SCREEN functions
- Describe/configure Deep Inspection
- Describe/configure anti-virus functionality
- Configure web filtering
Multicast
- Configure/verify IGMP
- Configure/verify PIM-SM