Exam Details
JNCIP-SEC exam topics are based on the content of the recommended
instructor-led training courses, as well as the additional resources.
Exam code: JN0-635
Written exam
Administered by Pearson VUE
Exam length: 120 minutes
Exam type: 65 multiple choice questions
Pass/fail status is available immediately
Exam Objectives
This list provides a general view of the skill set required to successfully
complete the specified certification exam.
Describe the concepts, operation, or functionality of firewall filters and
ACLs
Selective packet processing
Troubleshooting with firewall filters
Filter-based forwarding
Given a scenario, demonstrate how to configure, troubleshoot, or monitor
firewall filters
Given a scenario, demonstrate how to troubleshoot or monitor security
policies or security zones
Tools
Logging and tracing
Other outputs
Describe the concepts, operation, or functionality of Juniper ATP
Collectors
Custom rules
Mitigation
Given a scenario, demonstrate how to configure or monitor Juniper ATP
Describe the concepts, operation, or functionality of edge security features
Hardware support
SecIntel
IPS
Corero DDoS mitigation
ATP
Describe the concepts or operation of security compliance
RBAC
Security Director
AAA and SAML integration
Describe the concepts, operation, or functionality of threat mitigation
Malware identification or mitigation
Malicious lateral traffic identification or mitigation
Zero trust micro segmentation
Given a scenario, demonstrate how to configure or monitor threat mitigation
Describe the concepts, operation, or functionality of the logical systems
Administrative roles
Security profiles
LSYS communication
Describe the concepts, operation, or functionality of the tenant systems
Master and tenant admins
TSYS capacity
Describe the concepts, operation, or functionality of Layer 2 security
Transparent mode
Mixed mode
Secure wire
MACsec
Given a scenario, demonstrate how to configure or monitor Layer 2 security
Describe the concepts, operation, or functionality of advanced NAT
functionality
Persistent NAT
DNS doctoring
IPv6 NAT
Given a scenario, demonstrate how to configure, troubleshoot, or monitor
advanced NAT scenarios
Describe the concepts, operation, or functionality of advanced IPsec
application
Remote access VPNs
Hub-and-spoke VPNs
PKI
ADVPNs
Routing with IPsec
Overlapping IP addresses
Dynamic gateways
IPsec CoS
Given a scenario, demonstrate how to configure, troubleshoot, or monitor
advanced IPsec functionality
Preparation
The resources listed on this section are recommended, but do not guarantee
passing scores on JNCP exams. Success depends on each candidate’s motivation,
experience, and dedication. Candidates may find additional resources not listed
on this page helpful as well.
QUESTION 1
Your organization has multiple Active Directory domains to control user
access. You must ensure that security policies are passing traffic based upon
the users’ access rights.
What would you use to assist your SRX Series devices to accomplish this task?
A. JATP Appliance
B. JIMS
C. JSA
D. Junos Space
Correct Answer: B
QUESTION 2
You are asked to set up notifications if one of your collector traffic feeds
drops below 100 kbps.
Which two configuration parameters must be set to accomplish this task? (Choose
two.)
A. Set a traffic SNMP trap on the JATP appliance
B. Set a logging notification on the JATP appliance
C. Set a general triggered notification on the JATP appliance
D. Set a traffic system alert on the JATP appliance
Correct Answer: BD
QUESTION 3
You have configured static NAT for a webserver in your DMZ. Both internal
and external users can reach the
webserver using the webserver’s IP address. However, only internal users can
reach the webserver using the
webserver’s DNS name. When external users attempt to reach the webserver using
the webserver’s DNS name, an error message is received.
Which action would solve this problem?
A. Disable Web filtering
B. Use DNS doctoring
C. Modify the security policy
D. Use destination NAT instead of static NAT
Correct Answer: B
QUESTION 4
Which interface family is required for Layer 2 transparent mode on SRX
Series devices?
A. LLDP
B. Ethernet switching
C. inet
D. VPLS
Correct Answer: B
Actualkey Juniper JNCIP-SEC JN0-635 Exam pdf, Certkingdom Juniper JNCIP-SEC JN0-635 PDF
Best Juniper JNCIP-SEC JN0-635 Certification, Juniper JNCIP-SEC JN0-635 Training at certkingdom.com
