JN0-635 Security, Professional (JNCIP-SEC) Exam

Exam Details
JNCIP-SEC exam topics are based on the content of the recommended instructor-led training courses, as well as the additional resources.

Exam code: JN0-635
Written exam
Administered by Pearson VUE
Exam length: 120 minutes
Exam type: 65 multiple choice questions
Pass/fail status is available immediately

Exam Objectives
This list provides a general view of the skill set required to successfully complete the specified certification exam.

Describe the concepts, operation, or functionality of firewall filters and ACLs
Selective packet processing
Troubleshooting with firewall filters
Filter-based forwarding

Given a scenario, demonstrate how to configure, troubleshoot, or monitor firewall filters

Given a scenario, demonstrate how to troubleshoot or monitor security policies or security zones
Tools
Logging and tracing
Other outputs

Describe the concepts, operation, or functionality of Juniper ATP
Collectors
Custom rules
Mitigation

Given a scenario, demonstrate how to configure or monitor Juniper ATP

Describe the concepts, operation, or functionality of edge security features
Hardware support
SecIntel
IPS
Corero DDoS mitigation
ATP

Describe the concepts or operation of security compliance

RBAC
Security Director
AAA and SAML integration

Describe the concepts, operation, or functionality of threat mitigation
Malware identification or mitigation
Malicious lateral traffic identification or mitigation
Zero trust micro segmentation

Given a scenario, demonstrate how to configure or monitor threat mitigation

Describe the concepts, operation, or functionality of the logical systems
Administrative roles
Security profiles
LSYS communication

Describe the concepts, operation, or functionality of the tenant systems
Master and tenant admins
TSYS capacity

Describe the concepts, operation, or functionality of Layer 2 security
Transparent mode
Mixed mode
Secure wire
MACsec

Given a scenario, demonstrate how to configure or monitor Layer 2 security

Describe the concepts, operation, or functionality of advanced NAT functionality
Persistent NAT
DNS doctoring
IPv6 NAT

Given a scenario, demonstrate how to configure, troubleshoot, or monitor advanced NAT scenarios

Describe the concepts, operation, or functionality of advanced IPsec application
Remote access VPNs
Hub-and-spoke VPNs
PKI
ADVPNs
Routing with IPsec
Overlapping IP addresses
Dynamic gateways
IPsec CoS

Given a scenario, demonstrate how to configure, troubleshoot, or monitor advanced IPsec functionality

Preparation
The resources listed on this section are recommended, but do not guarantee passing scores on JNCP exams. Success depends on each candidate’s motivation, experience, and dedication. Candidates may find additional resources not listed on this page helpful as well.

QUESTION 1
Your organization has multiple Active Directory domains to control user access. You must ensure that security policies are passing traffic based upon the users’ access rights.
What would you use to assist your SRX Series devices to accomplish this task?

A. JATP Appliance
B. JIMS
C. JSA
D. Junos Space

Correct Answer: B


QUESTION 2
You are asked to set up notifications if one of your collector traffic feeds drops below 100 kbps.
Which two configuration parameters must be set to accomplish this task? (Choose two.)

A. Set a traffic SNMP trap on the JATP appliance
B. Set a logging notification on the JATP appliance
C. Set a general triggered notification on the JATP appliance
D. Set a traffic system alert on the JATP appliance

Correct Answer: BD

QUESTION 3
You have configured static NAT for a webserver in your DMZ. Both internal and external users can reach the
webserver using the webserver’s IP address. However, only internal users can reach the webserver using the
webserver’s DNS name. When external users attempt to reach the webserver using the webserver’s DNS name, an error message is received.
Which action would solve this problem?

A. Disable Web filtering
B. Use DNS doctoring
C. Modify the security policy
D. Use destination NAT instead of static NAT

Correct Answer: B

QUESTION 4
Which interface family is required for Layer 2 transparent mode on SRX Series devices?

A. LLDP
B. Ethernet switching
C. inet
D. VPLS

Correct Answer: B

Actualkey Juniper JNCIP-SEC JN0-635 Exam pdf, Certkingdom Juniper JNCIP-SEC JN0-635 PDF

MCTS Training, MCITP Trainnig

Best Juniper JNCIP-SEC JN0-635 Certification, Juniper JNCIP-SEC JN0-635 Training at certkingdom.com

JN0-635 Security, Professional (JNCIP-SEC) Exam
Scroll to top