JNCIS-SEC (Juniper Networks Certified Internetwork Specialist – Security)

Course details

Junos Security Overview

Junos security architecture

– Branch vs. high-end platforms

– Major hardware components of SRX Series services

– Packet flow

– Packet-based vs. session-based forwarding

Zones

Zone types

Dependencies

Host inbound packet behavior

Transit packet behavior

Zone configuration steps

Hierarchy priority (Inheritance)

Monitoring and troubleshooting

Security Policies

Policy types (default policy)

Policy components

Policy ordering

Host inbound traffic examination

Transit traffic examination

Scheduling

Rematching

ALGs

Address books

Applications

Policies

ALGs

Address books

Custom applications

Monitoring and troubleshooting

NAT

NAT types

NAT/PAT processing

Address persistence

NAT proxy

Configuration

NAT configuration

Monitoring and troubleshooting

IPSec

Secure VPN characteristics and components

IPSec tunnel

IPSec traffic processing

Junos OS IPSec implementation

IPSec VPN configuration steps

Monitoring and troubleshooting

High Availability (HA) Clustering

HA features and characteristics

Deployment requirements and considerations

Chassis cluster characteristics and operation

Cluster modes

Cluster and node IDs

Redundancy groups

Cluster interfaces

Real-time objects

State synchronization

Ethernet switching considerations

IPSec considerations

Manual failover

Cluster preparation

Cluster configuration steps

Monitoring and troubleshooting

Unified Threat Management (UTM)

Packet flow and processing

Design

Policy

Platform

Methods

Whitelists vs.

Order of

Traffic

Configuration steps using the

Monitoring and

Scanning

Antivirus flow

Scanning options and

Configuration steps using the

Monitoring and troubleshooting

Scanning methods

Antivirus flow process

Scanning options and actions

Configuration steps using the CLI

Monitoring and troubleshooting

Filtering features and solutions

Configuration steps using the CLI

Monitoring and troubleshooting