Training and Certification

 View Only
last person joined: 16 hours ago 

How to get the most from Juniper's education services and get advice on your certification journey.
  • 1.  JNCIA-FWV JN0-522 Exam Question Philosophy

    Posted 07-11-2009 08:48

    Hey Guys,


    I know the title is a bit strange, but I was looking for some peoples input on the following type of question.  I recently wrote my JNCIA-FWV (JN0-522) and managed to only get 70%, when the new requirement is 80%.  Needless to say I am going to write the test again soon, as I went over a few of the items I was unclear on when I got home and feel I have cleared a number of things up.  However I am still not sure how I should go about answering some of the questions I know the answer to, but the question is missing key information.


    For example I received a question like this, which I hope isn't breaking any rules here, but I thought it was a perfect example of what I am talking about.


    Client A is in the trust zone behind a SSG550 trying to access a Server in the Untrust zone, the SSG550 has NAT mode enable on the trust interface, but a new DIP was added to the Untrust interface with IP, what will the source IP of the packet be when it arrives at the Server.


    This question was presented with a diagram showing the topology of the nodes and IP's, however there is no mention of a policy being created to make reference to the DIP ID in question.  When I am given the options of what to choose I elected to go with the interface based IP of the untrust and not the DIP IP, because the question never said anything about a policy calling the DIP.  


    So what I am wondering is on this type of question how does one go about answering this?  Am I supposed to assume things the question didn't detail?  Or is that the trick question itself and I was correct in selecting the interface's IP.


    I just hate these types of questions since I know the answer and can explain both scenarios, but I am now essentially having to guess between two answers depending on what the question writer was thinking at the time.


    Does anyone have any insight into what the best approach is, into these types of questions?


    If this post breaks any rules please delete it, but I thought I would throw this out there since I'm sure it would trip up other people writing the exam.



  • 2.  RE: JNCIA-FWV JN0-522 Exam Question Philosophy
    Best Answer

    Posted 07-13-2009 11:30

    Jerrad - I of course do work for and can't speak for Juniper. But I will say this about the questions that are on the tests as I have come to understand them. There are, in my opinion some assumptions made that fall under "best practices" - In the example you show they refer to a DIP being created but don't come out and explicitly state that there was an associated policy.


    However - in the Juniper training classes it is emphatically stated that policy based NAT is prefered over I/F. So in reading that question I would always make the assumption that there was a policy that was in place and base my answer on that.


    So, for open ended questions look at them through the "best practice" prism - Hope that my comments help.

  • 3.  RE: JNCIA-FWV JN0-522 Exam Question Philosophy

    Posted 07-13-2009 12:08

    Hi Kevin,


    Thanks for the reply, your comments make sense and I will keep that in mind when I write my exam again next week.


    Thanks Again!

  • 4.  RE: JNCIA-FWV JN0-522 Exam Question Philosophy

    Posted 10-27-2009 18:54

    Hi Kevin,


    I stumbled upon this post while trying to find a good book to reference while preparing for my JN0-522.
    I am fairly new to Juniper world, but have configured some firewalls from scratch with help of Juniper Cookbook recently. The issue I have is that I haven't been able to find any recommendations on what book/material I should read if I wanted to self-study for my JN0-522. 


    Do you have any recommendations?




  • 5.  RE: JNCIA-FWV JN0-522 Exam Question Philosophy

    Posted 10-30-2009 08:45

    Hello Kunaall - I am assuming that you are referring to the "ScreenOS Cookbook" by O'Reilly" when you said you configured firewalls.


    That is a great book and it sits in my bookshelf and I use it frequently. It is very good for studying but it does not cover the GUI at all. The GUI is part of the test and so you would need to familiarize yourself with it independently.


    Juniper does not offer "Fast Track" for ScreenOS so you can't get hold of the Juniper study guides for the JNCIA_FW class. That is unfortunate as they really map well to the test. If you knew someone who had them I would see if you could go through them and map the training material shown in there to your firewall.


    I would also recommend the older book from syngress "Juniper Networks Netscreen & SSG Firewalls"


    The online training that Juniper offers is good for "getting started" type knowledge but you sound like you are already past that stage.


    Hope that is of some help.



  • 6.  RE: JNCIA-FWV JN0-522 Exam Question Philosophy

    Posted 01-12-2010 12:12

    Hi Kevin,


    Thanks for your prompt response. Somehow I never got a notification for the update on this thread earlier and hence didn't come across it until today.  Your response is greatly appreciated, especially the emphasis on learning the GUI for the exam, as I was not aware of the fact that I would need to be familiar with the GUI portion. I am also planning to buy the book you recommended.


    I don't see a way to tag your post as 'accepted solution'. Please help me with that.


    Thanks a lot.


  • 7.  RE: JNCIA-FWV JN0-522 Exam Question Philosophy

    Posted 03-23-2011 01:32



  • 8.  RE: JNCIA-FWV JN0-522 Exam Question Philosophy

    Posted 03-23-2011 06:27

    Dear Siyadh,


    Are you aware that use of, or request for, "dumps" on Juniper exams is considered a violation of our exam security policies?  Juniper is committed to protecting the integrity and reputation of our certifications.  Candidates using "dumps" of actual exam questions impact the entire population of JNCP certified professionals by damaging the reputation of the credential earned.  You can find our detailed exam security policies listed here


    You can also find all the information you need to know on how to prepare for that exam at this web site.  I encourage you to do the hard work most JNCP certified professionals follow to learn the subject matter required and pass the exam legitimately.


    Finally - this is not a forum for requesting "dumps".  However, it is an excellent place to connect with other JNCP certified individuals to explore and learn.




  • 9.  RE: JNCIA-FWV JN0-522 Exam Question Philosophy

    Posted 04-20-2011 01:07

    Dear Liz,


    Thank you for your valuable information.

  • 10.  RE: JNCIA-FWV JN0-522 Exam Question Philosophy

    Posted 07-15-2009 21:44

     Jerrad it is very nice of you to tell us your experience with the 522 exam I really asked a lot if there will be any change from 521 to 522 But no one answered me  , only you  just did now .


    Many thanks again and hope the best for you in your next try by the way I'll take 521 instead of 522 .