Juniper Networks Certified Internet Specialist – SEC Certification

Designed for experienced networking professionals with intermediate knowledge of the Juniper Networks Junos software for SRX Series devices, this written exam verifies the candidate’s understanding of security technologies and related platform configuration and troubleshooting skills.

Zones

• Demonstrate knowledge of the configuration, operation and troubleshooting of zonesIdentify the relationship between zones assignments, interfaces, and routing instances
• List and identify the steps necessary to configure zones
• Compare and contrast device’s behavior when handling transit packets -versus packets destined to the device.
• Demonstrate understanding of configuration precedence
• Describe the traffic behavior based on a sample zone configuration

SCREEN Options

• Demonstrate knowledge of the configuration and operation of SCREENsConfigure SCREENs with necessary parameters based on threats
• Compare and contrast reconnaissance, DoS, and suspicious packets attacks

Security Policies

• Describe the purpose, configuration and operation of a security policy
• Define the purpose of security policy configuration components
• Demonstrate understanding of the default security policty
• Based on policy configurations, describe the impact of security policy changes on sessions in progress
• Describe the purpose of an address book
• Based on policy configurations, compare and contrast scheduled and non-scheduled policies
• Demonstrate understanding of security policy monitoring

NAT

• Demonstrate knowledge of the configuration and operation of NATDescribe support of NAT and different NAT types
• Identify NAT scenarios requiring Proxy-ARP configurations
• Identify types of NAT used, based on various NAT configurations and outputs

IPSec VPNs

• Describe the operation of secure VPNsCompare and contrast symmetric and asymmetric key encryption
• Describe the DH key exchange process
• Describe IPSec VPN setup, encapsulation and configuration
• List specifics of Security Associations
• Describe the IKE phases functionality and purpose
• Compare and contrast policy-based and route-based IPSec implementations
• Configure route-based and policy-based IPSec VPNs

HA Clustering

• Describe HA functionality, configuration and operation
• Identify chassis cluster interfaces and their functions
• Configure redundancy groups

Intro to IDP

• Describe IDP concepts and configuration
• Identify IDP components
• Identify IDP policy match conditions
• Identify IDP policy actions
• Describe the procedure for updating the attack database

Firewall User Authentication Overview

• Describe firewall user authentication, concepts, and configuration
• Compare and contrast types of firewall user authentication
• Configure access profiles
• Configure client groups
• Describe the behavior when using external authentication servers

Demonstrate understanding of firewall user authentication monitoring Introduction to UTM

• Describe the configuration of UTM policies and enforcement of licenses
• Identify UTM components
• Explain how each major feature addresses the challenges of the branch office

Anti-Spam Filtering

• Describe the purpose, configuration and operation of anti-spam filtering
• Define anti-spam filtering terminology and components
• Describe the anti-spam filtering process
• Configure anti-spam filtering using the CLI
• Demonstrate understanding of anti-spam monitoring

Anti-Virus Protection

• Identify the differences between the two types of anti-virus protection
• Describe anti-virus purpose, configuration and operation
• Describe the anit-virus protection process
• Configure anti-virus protection using the CLI
• Demonstrate understanding of anti-virus monitoring

Content Filtering

• Describe the purpose, configuration and operation of content filtering
• Degine content filtering terminology and parameters
• Configure content filtering using the CLI
• Demonstrate understanding of content filter monitoring

Web Filtering

• Describe the purpose, configuration and operation of Web filtering
• Define Web filtering terminology and parameters
• Describe the Web filtering process
• Configure Web filtering using the CLI
• Demonstrate understanding of Web filter monitoring
• Identify the differences between the three types of Web filtering

90 minutes

75 multiple-choice questions