JNCIS Security Certification Boot Camp (JSEC, JUTM)

Mokymo trukmė - 4 dienos

Apžvalga

Learn to configure and monitor SRX Series devices while preparing for the JNCIS-SEC exam in this accelerated Boot Camp.

In this accelerated Boot Camp, you will gain the knowledge needed to succeed on the Juniper Networks Certified Internet Specialist - Security (JNCIS-SEC) exam, and you will gain hands-on experience configuring and monitoring the Junos OS for SRX Series devices.

During the first half of class, you will review SRX Series Services Gateway configuration, operation, and implementation in a typical network environment. Key topics include security zones, security policies, intrusion detection and prevention (IDP), Network Address Translation (NAT), High Availability (HA) clusters, and basic implementation, configuration, and management.

In the second half, you will cover web filtering, antivirus (AV), anti-spam, and content filtering. Also, through demonstrations and hands-on labs, you will gain experience configuring and monitoring the Unified Threat Management (UTM) features of the Junos OS.

Your Boot Camp package includes a free JN0-332 exam voucher.

Reikiamos dalyvių žinios prieš mokymo pradžią

  • Introduction to the Junos Operating System (IJOS)
  • Junos Routing Essentials (JRE)

    arba

  • Junos Foundations: JNCIA-Junos Boot Camp (IJOS, JRE)

Po mokymo dalyviai mokės:


  • Describe traditional routing and security and the current trends in internetworking.
  • Provide an overview of SRX Series devices and software architecture.
  • Describe the logical packet flow and session creation performed by SRX Series devices.
  • Describe, configure, and monitor zones.
  • Describe, configure, and monitor security policies.
  • Describe, configure, and monitor firewall user authentication.
  • Describe various types of network attacks.
  • Configure and monitor SCREEN options to prevent network attacks.
  • Explain, implement, and monitor NAT on Junos security platforms.
  • Explain the purpose and mechanics of IP Security (IPsec) virtual private networks (VPNs).
  • Implement and monitor policy-based and route-based IPsec VPNs.
  • Utilize and update the IDP signature database.
  • Configure and monitor IDP policy with policy templates.
  • Describe, configure, and monitor high availability chassis clusters.
  • Describe the challenges that branch offices present to network managers.
  • List the major features that UTM offers.
  • Explain how each major feature addresses the challenges of the branch office.
  • List the SRX Series Services Gateways hardware devices on which UTM is available.
  • Describe the UTM features that require specific licenses.
  • Define terms used in the creation of effective antispam UTM policies.
  • Describe the process by which UTM examines traffic for spam.
  • Describe the overall process of configuring an antispam UTM policy.
  • Describe the kinds of information available from the device when it has detected spam.
  • Describe how the AV process examines traffic.
  • Describe the differences between full file-based AV versus express AV.
  • Describe the settings that are required for configuring AV protection.
  • Explain how these settings affect scanning performance and effectiveness.
  • Describe options available for scanning supported protocols.
  • List the general steps required to configure AV.
  • Describe the statistical information available to verify AV functionality.
  • Describe content and Web filtering and their purpose.
  • List and describe each of the parameters used when configuring Web and content filtering.
  • Describe in general terms the steps necessary to configure web and content filtering.
  • Monitor Web and content filtering.

Mokymo turinys

Introduction to Junos security platforms
  • Traditional Routing
  • Traditional Security
  • Breaking the Tradition
  • The Junos OS Architecture

Zones

  • The Definition of Zones
  • Zone Configuration
  • Monitoring Security Zones
  • Lab: Configuring and Monitoring Zones

Security Policies

  • Overview of Security Policy
  • Policy Components
  • Verifying Policy Operation
  • Policy Scheduling and Rematching
  • Policy Case Study
  • Lab: Security Policies

Firewall User Authentication

  • Firewall User Authentication Overview
  • Pass-Through Authentication
  • Web Authentication
  • Client Groups
  • Using External Authentication Servers
  • Verifying Firewall User Authentication
  • Lab: Configuring Firewall Authentication

SCREEN Options

  • Multilayer Network Protection
  • Stages and Types of Attacks
  • Using Junos SCREEN Options—Reconnaissance Attack Handling
  • Using Junos SCREEN Options—Denial of Service Attack Handling
  • Using Junos SCREEN Options—Suspicious Packets Attack Handling
  • Applying and Monitoring SCREEN Options
  • Lab: Implementing SCREEN Options

Network Address Translation

  • NAT Overview
  • Source NAT Operation and Configuration
  • Destination NAT Operation and Configuration
  • Static NAT Operation and Configuration
  • Proxy ARP
  • Monitoring and Verifying NAT Operation
  • Lab: Network Address Translation

IPsec VPNs

  • VPN Types
  • Secure VPN Requirements
  • IPsec Details
  • Configuration of IPsec VPNs
  • IPsec VPN Monitoring
  • Lab: Implementing IPsec VPNs

Introduction to Intrusion Detection and Prevention

  • Introduction to Junos IDP
  • IDP Policy Components and Configuration
  • Signature Database
  • Case Study: Applying the Recommended IDP Policy
  • Monitoring IDP Operation
  • Lab: Implementing IDP

High Availability Clustering

  • High Availability Overview
  • Chassis Cluster Components
  • Chassis Cluster Operation
  • Chassis Cluster Configuration
  • Chassis Cluster Monitoring
  • Lab: Implementing Chassis Clusters

UTM Overview

  • Branch Office Challenges
  • UTM Feature Overview
  • Design Basics
  • Hardware Support
  • Licensing of Features
  • Lab: Connecting to the Lab Equipment and Testing Connectivity

Antispam

  • Antispam Terminology
  • Overview of Antispam Process
  • UTM Policy Overview
  • Configuration Steps
  • Monitoring Antispam
  • Lab: Configuring an Antispam Policy

Full File-Based and Express Antivirus

  • Antivirus Terminology
  • Overview of Antivirus Process
  • AV Operation
  • Full File-based AV Configuration
  • Express AV Configuration
  • Monitoring AV
  • Lab: Antivirus Configuration and Testing

Content and Web Filtering

  • Overview and Terminology
  • Configuration
  • Verification and Monitoring
  • Lab: Configuring Content and Web Filtering

Šis mokymo kursas yra tokios sertifikacijos dalis:

Juniper Networks Certified Internet Specialist Security (JNCIS-SEC)

Produktų
gamintojai
ir partneriai

Cisco learning
HP
VMware