Juniper Networks Certified Professional Security Bootcamp, AJSEC and JIPS (JNCIP-SEC BC)

Similar documents
Junos Security Bundle, JSEC & AJSEC

Advanced Junos Enterprise Routing (AJER)

Advanced Junos Service Provider Routing (AJSPR)

Network Automation using Contrail Cloud (NACC)

Juniper Networks Certified Specialist Service Provider Routing and Switching Bootcamp, JIR, JSPX, JMF (JNCIS-SP BC)

IMPLEMENTING CISCO MPLS (MPLS)

Network Automation in the WAN (NA-WAN)

Interconnecting Cisco Networking Devices Part 2 v2.0 (ICND 2)

Junos Security (JSEC)

F5 Networks Configuring BIG-IP AFM v13: Advanced Firewall Manager

Interconnecting Cisco Network Devices Part 1 v2.0 (ICND 1)

Deploying and Administering Cisco s Digital Network Architecture (DNA) and Intelligent WAN (IWAN) (DNADDC)

Certified Ethical Hacker (CEH)

Implementing Cisco IP Routing (ROUTE)

Citrix NetScaler 10.5 Essentials for ACE Migration (CNS-208)

Implementing and Configuring Cisco SDWAN (ICSDWAN-CT)

CMB-310 Citrix Virtual Apps, Desktops and Provisioning 7.1x Administration (Fast Track)

Deploying App and Desktop Solutions with Citrix XenApp and XenDesktop (CXD-300)

Citrix NetScaler 10.5 Essentials and Networking (CNS-205)

Managing App and Desktop Solutions with Citrix XenApp and XenDesktop 7.6 (CXD-203)

IMPLEMENTING CISCO VOICE COMMUNICATIONS AND QOS

Implementing and Configuring Meraki Technologies (ICMT-CT)

Implementing Cisco Video Network Devices Part 2, v1.0 (CIVND2)

SD-WAN Advanced Operations & Troubleshooting Bootcamp (SDWOTS)

VMware vsphere: Install, Configure, Manage (vsphere ICM 6.7)

Deploying Cisco Unified Contact Center Express (UCCXD)

Integrating Cisco Enterprise Chat & with UCCE (ICCE)

Exam Questions JN0-633

Implementing Cisco Quality of Service 2.5 (QOS)

Implementing Cisco Data Center Infrastructure v6.0 (DCII)

Implementing Cisco IP Switched Networks (SWITCH)

Implementing Cisco Collaboration Devices 1.0 (CICD)

SAN Implementation (SANIW)

Data ONTAP 7-Mode Administration (D7ADM)

Administering Cisco Unified Communication Manager and Unity Connection (ACUCM+AUC)

Clustered Data ONTAP Administration and Data Protection

This course is designed for anyone who needs to learn how to write programs in Python.

ONTAP 9.3 Cluster Administration and Data Protection Bundle (CDOTDP9)

Developing Microsoft Azure Solutions (MS 20532)

Clustered Data ONTAP Administration (DCADM)

VMware vsphere on NetApp (VVNA)

Accelerated NCDA Boot Camp Data ONTAP 7-Mode (ANCDABC87)

Deploying Unified Contact Center Enterprise (DUCCE)

Specialist Level Certification JNCIS-ENT; 5 Days; Instructor-led

Certified SonicWALL Security Administrator (CSSA) Instructor-led Training

"Charting the Course...

Administering Unified Contact Center Enterprise Part 2 (AUCCE 2)

Administering Unified Contact Center Enterprise Part 1 (AUCCE 1)

Junos MPLS and VPNs. Day(s): 5. Course Code: Overview

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

EZY Intellect Pte. Ltd.,

F5 Networks F5LTM12: F5 Networks Configuring BIG-IP LTM: Local Traffic Manager. Upcoming Dates. Course Description. Course Outline

Course 20741B: Networking with Windows Server 2016

COURSE 20741B: NETWORKING WITH WINDOWS SERVER 2016

INTEGRATING CISCO UNIFIED COMMUNICATIONS APPLICATIONS

Networking with Windows Server 2016

SRX als NGFW. Michel Tepper Consultant

Juniper Security Update. Karel Hendrych Juniper Networks

Junos Security. Rob Cameron, Brad Woodberg, Patricio Giecco, O'REILLY. Tim Eberhard, andjames Quinn INFORMATIQNSBIBLIOTHEK UNIVERSITATSBIBLIOTHEK

JNCIS Enterprise Routing and Switching Certification Boot Camp (JIR, JEX)

Authorized Juniper Networks Training 2013

SECURING THE NEXT GENERATION DATA CENTER. Leslie K. Lambert Juniper Networks VP & Chief Information Security Officer July 18, 2011

TestOut Network Pro - English 5.0.x COURSE OUTLINE. Modified

Hands-On TCP/IP Networking

NETLOGIC TRAINING CENTER

CCNA Boot Camp. Course Description

CISCO QUAD Cisco CCENT/CCNA/CCDA/CCNA Security (QUAD)

NE-2277 Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure: Network Services

TestOut Network Pro - English 4.1.x COURSE OUTLINE. Modified

MS20741: NETWORKING WITH WINDOWS SERVER 2016

20741: Networking with Windows Server Course Content. Course ID #: W Hours: 35. Course Description: At Course Completion:

Course Networking with Windows Server 2016

Networking with Windows Server 2016

CompTIA Network+ N ucertify Labs. Course Outline. CompTIA Network+ N ucertify Labs. 10 Oct

Juniper JN Number: JN0-633 Passing Score: 800 Time Limit: 120 min File Version: 1.0. Juniper JN0-633 Exam

20741: Networking with Windows Server 2016

CompTIA Network+ Lab V2.0. Course Outline. CompTIA Network+ Lab V Apr

ASACAMP - ASA Lab Camp (5316)

20741 Networking with Windows Server 2016

Configuring BIG-IP ASM v12.1 Application Security Manager

ENTERPRISE SECURITY MANAGEMENT. Frederick Verduyckt 20 September 2012

Authorized Juniper Networks Training 2012

Training 2011/

CompTIA Network+ N ucertify Course & Labs. Course Outline. CompTIA Network+ N ucertify Course & Labs.

"Charting the Course... Interconnecting Cisco Networking Devices Accelerated 3.0 (CCNAX) Course Summary

Midrange Routing Solutions

Course Outline. CompTIA Network+ N Pearson ucertify Course and Labs. CompTIA Network+ N Pearson ucertify Course and Labs

Implementing Cisco Network Security (IINS) 3.0

CompTIA Network+ N (Course & Labs) Course Outline. CompTIA Network+ N (Course & Labs) 14 Mar

Fundamentals of Network Security v1.1 Scope and Sequence

Network Configuration Example

MTA: Networking Fundamentals (Course & Labs) Course Outline. MTA: Networking Fundamentals (Course & Labs) 02 Oct

Course Outline. Interconnecting Cisco Networking Devices Part 1 and 2. Interconnecting Cisco Networking Devices Part 1 and 2

Deploying Cisco ASA VPN Solutions v2.0 (VPN)

Course Outline. Networking Essentials, Fifth Edition Pearson ucertify Labs.

Microsoft Networking with Windows Server 2016

Fundamentals of Windows Server 2008 Network and Applications Infrastructure

This course prepares candidates for the CompTIA Network+ examination (2018 Objectives) N

Pearson CompTIA: Network+ (Course & Lab) Course Outline. Pearson CompTIA: Network+ (Course & Lab) 15 Jul 2018

CompTIA Network+ Labs. Course Outline. CompTIA Network+ Labs. 25 Dec

Transcription:

Juniper Networks Certified Professional Security Bootcamp, AJSEC and JIPS (JNCIP-SEC BC) This course combines both Advanced Junos Security (AJSEC) and Junos Intrusion Prevention Systems (JIPS) into five consecutive days of training. Students can choose to attend the individual classes (AJSEC or JIPS) or attend the five-day course. ADVANCED JUNOS SECURITY (AJSEC) COURSE OVERVIEW This course which is designed to build off of the current Junos Security (JSEC) offering, delves deeper into Junos security. Through demonstrations and hands-on labs, students gain experience in configuring and monitoring the advanced Junos operating system security features with advanced coverage of IPsec deployments, virtualization, AppSecure, advanced Network Address Translation (NAT) deployments, and Layer 2 security. This course uses Juniper Networks SRX Series Services Gateways for the hands-on component, but the lab environment does not preclude the course from being applicable to other Juniper hardware platforms running the Junos OS. WHO WILL BENEFIT FROM THE AJSEC COURSE? This course benefits individuals responsible for implementing, monitoring, and troubleshooting Junos security components. Course Level: AJSEC is an advanced-level course. AJSEC PREREQUISITES: Students should have a strong level of TCP/IP networking and security knowledge. Students should also attend the Introduction to the Junos Operating System (IJOS), Junos Routing Essentials (JRE), and Junos Security (JSEC) courses prior to attending this class. COURSE OBJECTIVES: After successfully completing this course, you should be able to: Demonstrate understanding of concepts covered in the prerequisite Junos Security course. Describe the various forms of security supported by the Junos OS. Implement features of the AppSecure suite, including AppID, AppFW, and AppTrack. Configure custom application signatures. Describe Junos security handling at Layer 2 versus Layer 3. Implement Layer 2 transparent mode security features.

Demonstrate understanding of Logical Systems (LSYS). Implement address books with dynamic addressing. Compose security policies utilizing ALGs, custom applications, and dynamic addressing for various scenarios. Use Junos debugging tools to analyze traffic flows and identify traffic processing patterns and problems. Describe Junos routing instance types used for virtualization. Implement virtual routing instances. Describe and configure route sharing between routing instances using logical tunnel interfaces. Describe and implement static, source, destination, and dual NAT in complex LAN environments. Describe and implement variations of persistent NAT. Describe and implement Carrier Grade NAT (CGN) solutions for IPv6 NAT, such as NAT64, NAT46, and DS- Lite. Describe the interaction between NAT and security policy. Demonstrate understanding of DNS doctoring. Differentiate and configure standard point-to-point IP Security (IPsec) virtual private network (VPN) tunnels, hub-and-spoke VPNs, dynamic VPNs, and group VPNs. Implement IPsec tunnels using virtual routers. Implement OSPF over IPsec tunnels and utilize generic routing encapsulation (GRE) to interconnect to legacy firewalls. Monitor the operations of the various IPsec VPN implementations. Describe public key cryptography for certificates. Utilize Junos tools for troubleshooting Junos security implementations. Perform successful troubleshooting of some common Junos security issues. COURSE OUTLINE: Day 1 Module 1: Course Introduction Module 2: AppSecure AppSecure Overview AppID AppTrack AppFW AppDoS AppQoS Lab 1: Implementing AppSecure Module 3: Junos Layer 2 Packet Handling and Security Features Transparent Mode Security Layer 2 Ethernet Switching Lab 2: Implementing Layer 2 Security

Module 4: Virtualization Virtualization Overview Routing Instances Logical Systems Lab 3: Implementing Junos Virtual Routing Day 2 Module 5: Advanced NAT Concepts Operational Review NAT: Beyond Layer 3 and Layer 4 Headers DNS Doctoring IPv6 NAT Advanced NAT Scenarios Lab 4: Advanced NAT Implementations Module 6: IPsec Implementations Standard VPN Implementations Review Public Key Infrastructure Hub-and-Spoke VPNs Lab 5: Hub-and-Spoke IPsec VPNs Day 3 Module 7: Enterprise IPsec Technologies: Group and Dynamic VPNs Group VPN Overview GDOI Protocol Group VPN Configuration and Monitoring Dynamic VPN Overview Dynamic VPN Implementation Lab 6: Configuring Group VPNs Module 8: IPsec VPN Case Studies and Solutions Routing over VPNs IPsec with Overlapping Addresses Dynamic Gateway IP Addresses Enterprise VPN Deployment Tips and Tricks Lab 7: Implementing Advanced IPsec VPN Solutions Module 9: Troubleshooting Junos Security Troubleshooting Methodology Troubleshooting Tools Identifying IPsec Issues Lab 8: Performing Security Troubleshooting Techniques

Appendix A: SRX Series Hardware and Interfaces Branch SRX Platform Overview High End SRX Platform Overview SRX Traffic Flow and Distribution SRX Interfaces JUNOS INTRUSION PREVENTION SYSTEMS (JIPS) COURSE OVERVIEW This course is designed to provide an introduction to the Intrusion Prevention System (IPS) feature set (provided by Junos IPS Secure) available on the Juniper Networks SRX Series Services Gateway. The course covers concepts, ideas, and terminology relating to providing intrusion prevention using the SRX Series platform. Hands-on labs offer students the opportunity to configure various IPS features and to test and analyze those functions. WHO WILL BENEFIT FROM THE JIPS COURSE? This course benefits individuals responsible for configuring and monitoring the IPS aspects of SRX Series devices. Course Level: JIPS is an intermediate-level course. JIPS PREREQUISITES: Students should have basic networking knowledge, an understanding of the Open Systems Interconnection (OSI) reference model for layered communications and computer network protocol design, and an understanding of the TCP/IP protocol suite. Students should also attend the Introduction to the Junos Operating System (IJOS) course, the Junos Routing Essentials (JRE) course, and the Junos Security (JSEC) course, or they should have equivalent experience prior to attending this class. JIPS COURSE OBJECTIVES: After successfully completing this course, you should be able to: Explain the terms and concepts related to intrusion prevention. Describe general types of intrusions and network penetration steps. Explain how scanning can be used to gather information about target networks. Define and describe the terminology that comprises Juniper Networks IPS functionality. Describe the basic functions and features available on the SRX Series platform that provide IPS functionality. Describe how to access the SRX Series Services Gateways with IPS functionality for configuration and management. Describe the steps that the IPS engine takes when inspecting packets. Configure the SRX Series Services Gateways for IPS functionality. Describe the components of IPS rules and rulebases. Configure an IPS exempt rule. Explain the types of signature-based attacks. Configure a custom signature attack object.

Describe the uses of custom signatures and how to configure them. Describe commonly used evasion techniques and how to block them. Explain the mechanisms available on the SRX Series Services Gateway to detect and block DoS and DDoS attacks. Configure screens to block IP spoofing and SYN flooding. Describe additional security flow protection mechanisms. Demonstrate how the SRX Series device performs TCP SYN checking. Explain the STRM capabilities for capturing, logging, and reporting network traffic. Describe the logging and reporting capabilities available for SRX IP functionality within STRM. JIPS COURSE OUTLINE Day 1 Module 1: Course Introduction Module 2: Introduction to Intrusion Prevention Systems Network Asset Protection Intrusion Attack Methods Intrusion Prevention Systems IPS Traffic Inspection Walkthrough Module 3: IPS Policy and Initial Configuration SRX IPS Requirements IPS Operation Modes Basic IPS Policy Review Basic IPS Policy Lab Module 4: IPS Rulebase Operations Rulebase Operations IPS Rules Terminal Rules IP Actions Configuring IPS Rulebases Lab Day 2 Module 5: Custom Attack Objects Predefined Attack Objects Custom Attack Objects Fine-Tuning the IPS Policy Custom Signatures Lab

Module 6: Additional Attack Protection Mechanisms Scan Prevention Blocking Evasion and DoS Attacks Security Flow Protection Mechanisms Security Flow Protection Mechanisms Lab Module 7: IPS Logging and Reporting Junos Syslog and Operational Commands STRM IPS Logging IPS Logging Lab SUNSET LEARNING INSTITUTE (SLI) DIFFERENTIATORS: Sunset Learning Institute (SLI) has been an innovative leader in developing and delivering authorized technical training since 1996. Our goal is to help our customers optimize their cloud technology investments by providing convenient, high quality technical training that our customers can rely on. We empower students to master their desired technologies for their unique environments. What sets SLI apart is not only our immense selection of trainings options, but our convenient and consistent delivery system. No matter how complex your environment is or where you are located, SLI is sure to have a training solution that you can count on! Premiere World Class Instruction Team All SLI instructors have a four-year technical degree, instructor level certifications and field consulting work experience. Sunset Learning has won numerous Instructor Excellence and Instructor Quality Distinction awards since 2012 Enhanced Learning Experience The goal of our instructors during class is ensure students understand the material, guide them through our labs and encourage questions and interactive discussions. Convenient and Reliable Training Experience You have the option to attend classes at any of our established training facilities or from the convenience of your home or office with the use of our HD-ILT network (High Definition Instructor Led Training) All Sunset Learning Institute classes are guaranteed to run you can count on us to deliver the training you need when you need it! Outstanding Customer Service Dedicated account manager to suggest the optimal learning path for you and your team Enthusiastic Student Services team available to answer any questions and ensure a quality training experience

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback