Security Design, Specialist (JNCDS-SEC)

Register Now

The Design track enables you to demonstrate competence with Juniper Networks design principles and associated technologies. JNCDS-SEC, one of the specialist-level certifications in this track, is designed for networking professionals and designers with an intermediate knowledge of network security, theory, and best practices. The written exam verifies your understanding of designing secure networks.

This track includes four certifications:

  • JNCDA: Design, Associate. For details, see JNCDA.
  • JNCDS-DC: Data Center Design, Specialist. For details, see JNCDS-DC.
  • JNCDS-SP: Service Provider Design, Specialist. For details, see JNCDS-SP.
  • JNCDS-SEC: Security Design, Specialist. For details, see the sections below.

Exam Preparation

We recommend the following resources to help you prepare for your exam. However, these resources aren't required, and using them doesn't guarantee you'll pass the exam.

Exam Resources

Additional Preparation

Exam Objectives

Here’s a high-level view of the skillset required to successfully complete the JNCDS-SEC certification exam. 

Exam Objective


Fundamental Security Concepts

Describe the various tenets of common security features

  • Access control lists
  • Stateful security policies
  • ALG’s
  • IPS
  • UTM
  • NAT
  • IPsec
  • Next-generation firewall
  • Screen

Advanced Security Concepts

Describe advanced security features

  • Security intelligence (e.g., cloud security, Sky ATP, JATP)
  • Advanced anti-malware
  • Defense in-depth

Securing the Campus and Branch

Describe the security design considerations within a campus or branch network

  • Network segmentation (e.g., SDSN)
  • Network access
  • Wireless
  • 802.1X
  • Remote access VPNs
  • NAT
  • End-to-end security
  • BYOD

Securing the Enterprise WAN

Describe the security design considerations for an enterprise WAN

  • Internet edge security design principles
  • WAN aggregation
  • Private WAN
  • VPNs

Securing the Service Provider WAN

Describe the security design considerations for a service provider WAN

  • DoS/DDos attacks
  • Securing the control plane
  • Internet security
  • CG-NAT

Securing the Data Center

Describe the security design considerations in a data center

  • Securing data center interconnects
  • Securing North-South flows
  • Securing East-West flows
  • Virtual routers

Security Automation and Management

Describe the design considerations for security management

  • Securing the individual devices
  • Centralized security
  • Junos Space management platform
  • Junos Space Security Director and Log Director
  • Juniper Secure Analytics

Describe the design considerations for automating security.

  • Simplifying deployment
  • On-box automation
  • Off-box automation

Security Virtualization

Describe the security design considerations for a virtualized environment

  • NFV
  • Service chaining
  • Micro-segmentation
  • vSRX

High Availability

Describe the design considerations of high availability in a secure networks

  • Physical high availability
  • Virtual high availability
  • Asymmetrical traffic handling
  • Chassis clustering

Exam Details

Exam questions are derived from the recommended training and the exam resources listed above. Pass/fail status is available immediately after taking the exam. The exam is only provided in English.

Exam Code


Prerequisite Certification

Delivered by

Exam Length

90 minutes

Exam Type

Written exam, plus 65 multiple-choice questions


Juniper certifications are valid for three years. For more information, see Recertification.