Security, Professional (JNCIP-SEC)

Register Now

The Security Track enables you to demonstrate a thorough understanding of security technology in general and Junos OS software for SRX Series devices. JNCIP-SEC, the professional-level certification in this track, is designed for networking professionals with advanced knowledge of the Juniper Networks Junos OS for SRX Series devices. The written exam verifies your understanding of advanced security technologies and related platform configuration and troubleshooting skills.

This track contains four certifications:

  • JNCIA-SEC: Security, Associate. For details, see JNCIA-SEC.
  • JNCIS-SEC: Security, Specialist. For details, see JNCIS-SEC.
  • JNCIP-SEC: Security, Professional. For details, see the sections below.
  • JNCIE-SEC: Security, Expert. For details, see JNCIE-SEC.

Exam Preparation

We recommend the following resources to help you prepare for your exam. However, these resources aren't required, and using them doesn't guarantee you'll pass the exam.

Recommended Training

Exam Resources

Additional Preparation

Exam Objectives

Here’s a high-level view of the skillset required to successfully complete the JNCIP-SEC certification exam.

Exam Objective

Description

Troubleshooting Security Policies and Security Zones

Given a scenario, demonstrate how to troubleshoot or monitor security policies or security zones.

  • Tools
  • Logging or tracing
  • Other outputs

Logical Systems and Tenant Systems

Describe the concepts, operations, or functionalities of logical systems.

  • Administrative roles
  • Security profiles
  • Logical system communication

 

Describe the concepts, operations, or functionalities of tenant systems.

  • Primary system and tenant system administrators
  • Tenant system capacity

Layer 2 Security

Describe the concepts, operations, or functionalities of Layer 2 Security.

  • Transparent mode
  • Mixed mode
  • Secure wire
  • MACsec
  • Ethernet VPN-Virtual Extensible LAN (EVPN-VXLAN) security

 

Given a scenario, demonstrate how to configure or monitor Layer 2 Security.

Advanced Network Address Translation (NAT)

Describe the concepts, operations, or functionalities of advanced NAT.

  • Persistent NAT
  • Domain Name System (DNS) doctoring
  • IPv6 NAT

 

Given a scenario, demonstrate how to configure, troubleshoot, or monitor advanced NAT scenarios.

Advanced IPsec VPNs

Describe the concepts, operations, or functionalities of advanced IPsec VPNs.

  • Hub-and-spoke VPNs
  • Public Key Infrastructure (PKI)
  • Auto discovery VPNs (ADVPNs)
  • Routing with IPsec
  • Overlapping IP addresses
  • Dynamic gateways
  • IPsec Class of Service (CoS)

 

Given a scenario, demonstrate how to configure, troubleshoot, or monitor advanced IPsec VPNs.

Advanced Policy-Based Routing (APBR)

Describe the concepts, operations, or functionalities of advanced policy-based routing.

  • Profiles
  • Policies
  • Routing instances
  • APBR options

 

Given a scenario, demonstrate how to configure or monitor advanced policy-based routing.

Multinode High Availability (HA)

Describe the concepts, operations, or functionalities of multinode HA.

  • Concepts
  • Chassis cluster versus multinode HA
  • Deployment modes
  • Services redundancy group (SRG)
  • Interchassis link
  • Active/active mode
  • Active/passive mode
  • Active node behavior (determination and enforcement)

 

Given a scenario, demonstrate how to configure or monitor multinode HA.

Automated Threat Mitigation

Describe the concepts, operations, or functionalities of Automated Threat Mitigation.

  • Third-party or multicloud integration
  • Secure Enterprise

Exam Details

Exam questions are derived from the recommended training and the exam resources listed above. Pass/fail status is available immediately after taking the exam. The exam is only provided in English.

Exam Code

JN0-637

Prerequisite Certification

Delivered by

Exam Length

90 minutes

Exam Type

65 multiple-choice questions

Software Versions

  • Junos OS 22.2
  • SD 22.1

Recertification

Juniper certifications are valid for three years. For more information, see Recertification.