Exam Details
JNCIP-SEC exam topics are based on the content of the recommended instructor-led training courses, as well as the additional resources.
Exam code: JN0-635
Written exam
Administered by Pearson VUE
Exam length: 120 minutes
Exam type: 65 multiple choice questions
Pass/fail status is available immediately
Exam Objectives
This list provides a general view of the skill set required to successfully complete the specified certification exam.
Describe the concepts, operation, or functionality of firewall filters and ACLs
Selective packet processing
Troubleshooting with firewall filters
Filter-based forwarding
Given a scenario, demonstrate how to configure, troubleshoot, or monitor firewall filters
Given a scenario, demonstrate how to troubleshoot or monitor security policies or security zones
Tools
Logging and tracing
Other outputs
Describe the concepts, operation, or functionality of Juniper ATP
Collectors
Custom rules
Mitigation
Given a scenario, demonstrate how to configure or monitor Juniper ATP
Describe the concepts, operation, or functionality of edge security features
Hardware support
SecIntel
IPS
Corero DDoS mitigation
ATP
Describe the concepts or operation of security compliance
RBAC
Security Director
AAA and SAML integration
Describe the concepts, operation, or functionality of threat mitigation
Malware identification or mitigation
Malicious lateral traffic identification or mitigation
Zero trust micro segmentation
Given a scenario, demonstrate how to configure or monitor threat mitigation
Describe the concepts, operation, or functionality of the logical systems
Administrative roles
Security profiles
LSYS communication
Describe the concepts, operation, or functionality of the tenant systems
Master and tenant admins
TSYS capacity
Describe the concepts, operation, or functionality of Layer 2 security
Transparent mode
Mixed mode
Secure wire
MACsec
Given a scenario, demonstrate how to configure or monitor Layer 2 security
Describe the concepts, operation, or functionality of advanced NAT functionality
Persistent NAT
DNS doctoring
IPv6 NAT
Given a scenario, demonstrate how to configure, troubleshoot, or monitor advanced NAT scenarios
Describe the concepts, operation, or functionality of advanced IPsec application
Remote access VPNs
Hub-and-spoke VPNs
PKI
ADVPNs
Routing with IPsec
Overlapping IP addresses
Dynamic gateways
IPsec CoS
Given a scenario, demonstrate how to configure, troubleshoot, or monitor advanced IPsec functionality
Preparation
The resources listed on this section are recommended, but do not guarantee passing scores on JNCP exams. Success depends on each candidate’s motivation, experience, and dedication. Candidates may find additional resources not listed on this page helpful as well.
QUESTION 1
Your organization has multiple Active Directory domains to control user access. You must ensure that security policies are passing traffic based upon the users’ access rights.
What would you use to assist your SRX Series devices to accomplish this task?
A. JATP Appliance
B. JIMS
C. JSA
D. Junos Space
Correct Answer: B
QUESTION 2
You are asked to set up notifications if one of your collector traffic feeds drops below 100 kbps.
Which two configuration parameters must be set to accomplish this task? (Choose two.)
A. Set a traffic SNMP trap on the JATP appliance
B. Set a logging notification on the JATP appliance
C. Set a general triggered notification on the JATP appliance
D. Set a traffic system alert on the JATP appliance
Correct Answer: BD
QUESTION 3
You have configured static NAT for a webserver in your DMZ. Both internal and external users can reach the
webserver using the webserver’s IP address. However, only internal users can reach the webserver using the
webserver’s DNS name. When external users attempt to reach the webserver using the webserver’s DNS name, an error message is received.
Which action would solve this problem?
A. Disable Web filtering
B. Use DNS doctoring
C. Modify the security policy
D. Use destination NAT instead of static NAT
Correct Answer: B
QUESTION 4
Which interface family is required for Layer 2 transparent mode on SRX Series devices?
A. LLDP
B. Ethernet switching
C. inet
D. VPLS
Correct Answer: B
Actualkey Juniper JNCIP-SEC JN0-635 Exam pdf, Certkingdom Juniper JNCIP-SEC JN0-635 PDF
Best Juniper JNCIP-SEC JN0-635 Certification, Juniper JNCIP-SEC JN0-635 Training at certkingdom.com