Security, Professional (JNCIP-SEC)

Register Now

The Security enables you to demonstrate a thorough understanding of security technology in general and Junos OS software for SRX Series devices. JNCIP-SEC, the professional-level certification in this track, is designed for networking professionals with advanced knowledge of the Juniper Networks Junos OS for SRX Series devices. The written exam verifies your understanding of advanced security technologies and related platform configuration and troubleshooting skills.

This track contains four certifications:

  • JNCIA-SEC: Security, Associate. For details, see JNCIA-SEC.
  • JNCIS-SEC: Security, Specialist. For details, see JNCIS-SEC.
  • JNCIP-SEC: Security, Professional. For details, see the sections below.
  • JNCIE-SEC: Secuirty, Expert. For details, see JNCIE-SEC.

Exam Preparation

We recommend the following resources to help you prepare for your exam. However, these resources aren't required, and using them doesn't guarantee you'll pass the exam.

Exam Objectives

Here’s a high-level view of the skillset required to successfully complete the JNCIP-Sec certification exam.

Exam Objective

Description

Firewall Filters

Describe the concepts, operation, or functionality of firewall filters and ACLs

  • Selective packet processing
  • Troubleshooting with firewall filters
  • Filter-based forwarding

Given a scenario, demonstrate how to configure, troubleshoot, or monitor firewall filters

Troubleshooting Security Policy and Zones

Given a scenario, demonstrate how to troubleshoot or monitor security policies or security zones

  • Tools
  • Logging and tracing
  • Other outputs

Advanced Threat Protection

Describe the concepts, operation, or functionality of Juniper ATP

  • Collectors
  • Custom rules
  • Mitigation

Given a scenario, demonstrate how to configure or monitor Juniper ATP

Edge Security

Describe the concepts, operation, or functionality of edge security features

  • Hardware support
  • SecIntel
  • IPS
  • Corero DDoS mitigation
  • ATP

Compliance

Describe the concepts or operation of security compliance

  • RBAC
  • Security Director
  • AAA and SAML integration

Threat Mitigation

Describe the concepts, operation, or functionality of threat mitigation

  • Malware identification or mitigation
  • Malicious lateral traffic identification or mitigation
  • Zero trust micro segmentation

Given a scenario, demonstrate how to configure or monitor threat mitigation

Logical and Tenant Systems

Describe the concepts, operation, or functionality of the logical systems

  • Administrative roles
  • Security profiles
  • LSYS communication

Describe the concepts, operation, or functionality of the tenant systems

  • Master and tenant admins
  • TSYS capacity

Layer 2 Security

Describe the concepts, operation, or functionality of Layer 2 security

  • Transparent mode
  • Mixed mode
  • Secure wire
  • MACsec

Given a scenario, demonstrate how to configure or monitor Layer 2 security

Advanced Network Address Translation

Describe the concepts, operation, or functionality of advanced NAT functionality

  • Persistent NAT
  • DNS doctoring
  • IPv6 NAT

Given a scenario, demonstrate how to configure, troubleshoot, or monitor advanced NAT scenarios

Advanced IPsec

Describe the concepts, operation, or functionality of advanced IPsec application

  • Remote access VPNs
  • Hub-and-spoke VPNs
  • PKI
  • ADVPNs
  • Routing with IPsec
  • Overlapping IP addresses
  • Dynamic gateways
  • IPsec CoS

Given a scenario, demonstrate how to configure, troubleshoot, or monitor advanced IPsec functionality

Exam Details

Exam questions are derived from the recommended training and the exam resources listed above. Pass/fail status is available immediately after taking the exam. The exam is only provided in English.

JN0-635

120 minutes

Written exam, plus 65 multiple-choice questions

Recertification

Juniper certifications are valid for three years. For more information, see Recertification.