
Certificazione Palo Alto PCNSA – Network Security Administrator
PANORAMICA

Esame PCNSA – Palo Alto Networks Certified Network Security Administrator;
La certificazione Palo Alto Network Security Administrator (PCNSA) è ottenibile attraverso il superamento dell’esame PCNSA. Questa certificazione attesta le competenze chiave necessarie per lavorare con i sistemi di sicurezza Palo Alto Networks next-generation firewalls. In particolare chi ottiene la certificazione PCNSA dimostra la capacità di implementare efficacemente i firewall per abilitare in modo sicuro il traffico in base a chi (utenti), cosa (applicazioni), quando (politica basata sul tempo) e come (contenuto). Questo esame si focalizza sui seguenti concetti: Next-Generation Security Platform and Architecture, Firewall Configuration, Security and NAT Policies, App-ID, Content-ID, User-ID, URL Filtering, Monitoring and Reporting e Security Best Practices.
Per conseguire la Certificazione Paolo Alto Network Security Administrator (PCNSA) è necessario sostenere con successo il seguente esame:
Esame PCNSA;

Corso di Preparazione:
Corso Palo Alto PCNSA – Network Security Administrator (PCNSA)
Contattaci ora per ricevere tutti i dettagli e per richiedere, senza alcun impegno, di parlare direttamente con uno dei nostri Docenti CLICCA QUI.
Oppure chiamaci subito al nostro numero verde 800-177596.
SVOLGIMENTO E DURATA
Esame PCNSA Durata 90 minuti 50 quesiti;
Negli esami sono presenti quesiti formulati in lingua inglese in forme differenti: Risposta Multipla; completamento di testo, collegamenti concettuali Drag and Drop; vere e proprie simulazioni laboratoriali.
PREREQUISITI
Frequentare il Corso Palo Alto PCNSA.
ARGOMENTI D’ESAME
Esame PCNSA
- Understand the components of the Palo Alto Networks Strata Portfolio
- Understand how to configure APP-ID.
- Understand the purpose and usage of Content-ID.
- Understand the purpose and usage of User-ID.
- Understand the purpose and usage of captive portal.
- Understand the purpose and usage of Device-ID.
- Understand security processes.
- Understand form factors of the NGFW.
- Understand the management implications of the form factors of the NGFW.
- Understand use of Authentication Policy.
- Understand uses for Prisma Access.
- Understand uses for Panorama.
- Understand the uses for CN-Series and VM-Series.
- Understand GlobalProtect.
- Identify the order of operations of Single-Pass Parallel Processing architecture.
- Describe signature processing engine.
- Describe the security processing engine.
- Describe network processing engine.
- Understand the impact of traffic flow.
- Identify and use firewall management interfaces
- Understand the use of management user interfaces.
- Understand the methods of access.
- Understand the access restrictions.
- Understand identity management traffic flow.
- Provisioning local administrators and assigning role-based authentication
- Assign role-based access control to administrators.
- Assign authentication for administrators.
- Assign the authentication sequence for administrators.
- Define firewall configurations
- Manage running configuration.
- Manage candidate configuration.
- Understand when to use load, save, import and export.
- Understand how to push policy updates to Panorama managed FWs
- Understand device groups and hierarchy.
- Understand where to place policies.
- Understand implications of Panorama management.
- Understand how to backup Panorama configurations and NGFW
- from Panorama.
- Identify the types of dynamic updates and their purpose
- Understand the impact of dynamic updates to existing security policies.
- Identify what a security zone is and how to use it
- Identify zone types.
- Identify which zones to apply for security policies.
- Identify and configure firewall interfaces
- Identify and understand the different types of interfaces.
- Identify how interface types affect security policies.
- Identify how interface types affect security policies.
- Configure a virtual router
- Identify steps to create a static route.
- Understand how to use the routing table.
- Identify steps to configure a virtual router.
- Identify what interface types can be added to a virtual router.
- Understand how to configure route monitoring.
- Identify how to create address objects
- Apply address objects to policy.
- Create address groups.
- Identify how to tag objects.
- Differentiate between the address objects.
- Identify how to create services.
- Apply services to policy.
- Create service groups.
- Identify how to use pre-defined Palo Alto Networks external dynamic lists
- Identify how to implement an exception to a predefined EDL.
- Identify how to apply in security policy.
- Configure application filters and application groups
- Differentiate between application filters and groups and when to use them.
- Include an application filter in policy.
- Include an application group in policy.
- Identify the purpose of application characteristics as defined in the App-ID database.
- Identify the appropriate application-based security policy
- Identify an appropriate APP-ID rule.
- Understand rule shadowing.
- Group rules by tag.
- Identify the potential impact of App-ID updates to existing security policy rules.
- Identify the purpose of specific security rule types
- Identify when to use interzone rules.
- Identify when to use intrazone rules.
- Identify when to use universal rules.
- Identify and configure Security policy match conditions, actions,
- and logging options
- Identify and configure Security policy match conditions, and actions.
- Understand how to use Application Filters and Groups.
- Understand how to use logging options.
- Identify and implement proper NAT policies
- Implement a destination NAT.
- Implement a source NAT.
- Differentiate various NAT options.
- Create a NAT in the proper order based on pre-existing NATs.
- Identify the tools available to optimize Security policies
- Identify the policy test match tool.
- Identify the policy optimizer.
- Identify Expedition.
- Identify and apply the appropriate Security Profile
- Differentiate between different types of security profiles.
- Identify how to create and modify a Security Profile.
- Identify how to add a Security Profile to policy.
- Identify how to create a profile group.
- Identify how to add a security profile group to policy.
- Identify the difference between Security policy actions and Security Profile actions
- Differentiate between traffic logs, threat logs and data logs.
- Differentiate between security profile actions.
- Identify how the firewall can use the cloud DNS Security to control traffic based on domains
- Identify where to configure DNS security.
- Identify how to apply DNS security in policy
- Identify how the firewall can use the PAN-DB database to control traffic based on websites
- Identify how to apply a URL profile in a security policy.
- Identify how to create a URL filtering profile.
- Identify how to control access to specific URLs using custom URL
- filtering categories
- Identify why a URL was blocked.
- Identify how to allow a blocked URL.
- Identify how to request a URL recategorization.
- Differentiate between group mapping and IP to user mapping within policies and logs
- Identify how to control access to specific locations.
- Identify how to apply to specific policies.
- Identify users within the ACC and the monitor tab.