Deep Dive: JNCIP-SEC Exam Preparation

It all started on August 20 2021 when I received an email from Juniper education services reminding me that my JNCIP-SEC certification was due to expire in six months.

  #Juniper Networks   #Network as a Service   #Deep Dive  
Felipe Muraska

felipe.muraska@umb.ch

My heart started beating fast because I was not sure if I would have enough time and bandwidth to study and prepare for the exam as I was super busy with other tasks and certs, however, I did not want to lose my certification status, otherwise I would need to start from scratch all over again, so I decided to pick up studies again in October.

The first time I passed my JNCIP-SEC was back in November 2015 (WOW I am getting old ;-) ) and it was exam number JN0-633, then I renewed in February 2019 and yet another exam number JN0-634, and now that is time to renew and if you guessed, yes there is a new exam number with new topics which makes sense as the technology is always evolving. The new shine exam number is JN0-635. Before we dig deeper into how I prepared for my exam, let`s take a look first at some basics about the certification tracks.

There are a lot of different Juniper certification tracks, but we are focused on the Security track today and there are 4 levels within the track (Associate, Specialist, Professional, Expert) see below to have an idea.

Network as a Service

See how we help businesses with our network consultancy services.


Ok, that was the theoretical part (boring ) and if you are like me and like to get your hands dirty, let`s take a look at how I practised, practised and practised a little more.

Remember the exam is multiple choice only, and there is no need to login to a device and enter any configurations or troubleshoot via CLI or J-WEB, but still, having hands-on experience will come a long way during the exam.

  • Juniper vLABs – I can’t tell you enough how much I like Juniper vLABS and how quick it is to deploy your environment and start practising. I also love that you have many different technologies available to play around with (Security, Routing, Switching, Automation and so on) and remember the vLABS are FREEto use it
    • The vLABS can be accessed at https://jlabs.juniper.net/vlabs/ (You will need to have a username/password to access it)
    • Here are the labs I used to practice and prepare for the exam
    • The vLABS comes pre-configured for that scenario but the fun thing is to remove the configurations and configure in any way you desire and practice / troubleshoot as you wish.
    • One important thing to mention is that if there are any specific features like Logical Systems that require a license you will NOT be able to emulate that on vLABS without the appropriate license
  • EVE-NG – Another FREE tool that can be used to emulate devices on a server like vSRX, vMX and vQFX for example, however, to be able to use those images your Juniper account must be eligible to download the images needed to use on EVE-NG. You could use EVE-NG on your own machine if you have enough resources or rent externally. In my case, I had to rent it externally to practice.
    • Here is an example of practising ADVPN on EVE-NG as this was not available on Juniper vLABS
    • The possibilities are endless on EVE-NG as well, but the same rule applies if you need to use a feature that requires a license you will need to apply for the license before you can use it.
  • Juniper Practice test – As the name implies is just a practice test and not REAL exam questions. There are about 40 questions without any time limit to answer them (passing grade is 70%), which I found really good because I could read the question and if I did not know the answer I could try to search it and understand it before answering. Keep in mind the questions never change and you have unlimited attempts, so really try to answer them or even if you see the right answer after you finish, review them and make sure you understand. Remember you are being evaluated here, so don’t cheat as you would be failing yourself only

Awesome, we covered a lot in such a short time, but in reality, it took me 3 months to cover it all and study (October, November, December).

When I was about to finish my studies in late December, I was feeling good about my preparation and thought that it was time to book the exam. I booked for January 7th 2022.

One thing that I always think is that even if I do not pass I am still successful because I learned a lot during my preparation and that can not be taken away from me.

I really like this phrase – “I have not failed, I’ve just found 10,000 ways that won’t work.” -Thomas Alva Edison

I know you want to know if I passed or not right? ;-) So here it comes the moment of truth (dramatic drum roll) 3, 2, 1

YAY I PASSED 

I was really happy to have re-certified and the exam was really nice and had some tough questions as I anticipated for being a Professional level exam.

Maybe the next certification will be JNCIE-SEC

Stay tuned for the updates and thank you for taking the time to read my content.

Regardless of the track, you choose you will always start at the Associate level and work your way up. You may read more on JNCIA Certification Journey in Diana’s blog from 2020. For me to be able to take the JNCIP-SEC, I had to first pass the JNCIA-SEC, then JNCIS-SEC to become eligible for JNCIP-SEC. As you progress along your certification journey the exams approach advanced topics and technologies as expected. Now we are at the Professional level so I expect the exam to be more challenging than the previous exam at the Specialist level.

Enough about the certification track as I am sure you already know all this, but wanted to give a brief overview. Now let`s take a look at the exam objectives and how I prepared and took the exam (Did I pass or fail? follow along and you will find out )

The exam objectives can be found at – https://www.juniper.net/us/en/training/certification/tracks/security/jncip-sec.html

I usually take the same approach for all my certifications, I take the exam objectives and create an excel spreadsheet and start adding links to begin studying for each topic (see screenshot below, I am not posting the entire spreadsheet, this is just an idea)

As shown in the screenshot I have broken down the exam topics and also added a few more columns (Resources, Progress, Covers all modules)

  • Covers All Modules – Official Juniper material (FREE) that can be used to watch videos, practice tests, and hands-on (I will get back to those links later)
    • Certification Preparation Videos – These are the free videos that go over all modules, but not in full detail as you would need to but the all-access pass to have access to the full course, but still I found it very good and helpful during my preparation
    • Advanced Juniper Security (AJSEC) – 4 modules available to help during preparation (same as Cert prep videos)
  • Resources – I added any useful links related to the topic of that domain, it could be either Juniper official Documentation, unofficial blog, really it can be anything you can find useful that could help your studies.
  • Progress – I had no time set for each module or how many hours I would study for each topic, but wanted to track my progress to make sure I had covered all modules

EXTRA – I am not a huge fan of reading books, but I would like to recommend a book that I have read called Juniper SRX Series. (https://www.oreilly.com/library/view/juniper-srx-series/9781449339029/) and I have had this book with me for some time now and it has been really helpful.

*** DISCLAIMER *** I am not in any way affiliated with O`Reilly or the book owners and just sharing a useful book that is worth reading.