JNCIS-SEC (Security)

JNCIS-SEC (Security)

 

 

All Courses Idea

Junos Security Overview

  • Junos security architecture

  • Branch vs. high-end platforms

  • Major hardware components of SRX Series services gateways

  • Packet flow

  • Packet-based vs. session-based forwarding

Zones

  • Zone types

  • Dependencies

  • To-the-device packet behavior

  • Transit packet behavior

  • Zone configuration steps

  • Configuration precedence

  • Monitoring and troubleshooting

Security Policies

  • Policy types (default policy)

  • Policy components

  • Policy ordering

  • To-the-device traffic examination

  • Transit traffic examination

  • Scheduling

  • Rematching

  • ALGs

  • Address books

  • Applications

  • Custom applications

  • Monitoring and troubleshooting

Firewall User Authentication

  • User authentication types

  • Authentication server support

  • Client groups

Screens

  • Attack types and phases

  • Screen options

  • Screen configuration steps

  • Monitoring and troubleshooting

NAT

  • NAT types

  • NAT/PAT processing

  • Address persistence

  • NAT proxy ARP

  • Configuration guidelines

  • NAT configuration steps

  • Monitoring and troubleshooting

IPSec VPNs

  • Secure VPN characteristics and components

  • IPSec tunnel establishment

  • IPSec traffic processing

  • Junos OS IPSec implementation options

  • IPSec VPN configuration steps

  • Monitoring and troubleshooting

High Availability (HA) Clustering

  • HA features and characteristics

  • Deployment requirements and considerations

  • Chassis cluster characteristics and operation

  • Cluster modes

  • Cluster and node IDs

  • Redundancy groups

  • Cluster interfaces

Real-time objects

  • State synchronization

  • Ethernet switching considerations

  • IPSec considerations

  • Manual failover

  • Cluster preparation

  • Cluster configuration steps

  • Monitoring and troubleshooting

Unified Threat Management (UTM)

  • Packet flow and processing

  • Design considerations

  • Policy flow

  • Platform support

  • Licensing

  • Methods

  • Whitelists vs. blacklists

  • Order of operations

  • Traffic examination

  • Configuration steps using the CLI

  • Monitoring and troubleshooting

  • Scanning methods

  • Antivirus flow process

  • Scanning options and actions

  • Configuration steps using the CLI

  • Monitoring and troubleshooting

  • Filtering features and solutions

  • Configuration steps using the CLI

  • Monitoring and troubleshooting