After successfully completing this course, you should be able to:
- Explain the terms and concepts related to intrusion prevention.
- Describe general types of intrusions and network penetration steps.
- Explain how scanning can be used to gather information about target networks.
- Define and describe the terminology that comprises Juniper Networks IPS functionality.
- Describe the basic functions and features available on the SRX Series platform that provide IPS functionality.
- Describe how to access the SRX Series Services Gateways with IPS functionality for configuration and management.
- Describe the steps that the IPS engine takes when inspecting packets.
- Configure the SRX Series Services Gateways for IPS functionality.
- Describe the components of IPS rules and rulebases.
- Configure an IPS exempt rule.
- Explain the types of signature-based attacks.
- Configure a custom signature attack object.
- Describe the uses of custom signatures and how to configure them.
- Describe commonly used evasion techniques and how to block them.
- Explain the mechanisms available on the SRX Series Services Gateway to detect and block DoS and DDoS attacks.
- Configure screens to block IP spoofing and SYN flooding.
- Describe additional security flow protection mechanisms.
- Demonstrate how the SRX Series device performs TCP SYN checking.
- Explain the STRM capabilities for capturing, logging, and reporting network traffic.
- Describe the logging and reporting capabilities available for SRX IP functionality within STRM.