Module 1 – Security Architecture Planning Resources

• Security platform overview
• Next-generation firewall architecture
• Zero Trust security model
• Firewall offerings

Module 2 – Infrastructure Device Configuration

• Security zones and interfaces
• Tap interfaces
• Virtual Wire interfaces
• Layer 2 interfaces
• Layer 3 interfaces
• Virtual routers
• Vlan interfaces
• Loopback interfaces
• Policy-based forwarding

Module 3 – Cybersecurity Policy

• Security policy fundamental concepts
• Security policy administration
• Network Address Translation
• Source NAT configuration
• Destination NAT configuration

Module 4 – Application Software Identification

• Application Identification (App-ID) overview
• Using App-ID in a Security policy
• Identifying unknown application traffic
• Updating App-ID

Module 5 – Anti-Virus, Anti-Spyware, and File-Blocking

• Content-ID overview
• Vulnerability Protection Security Profiles
• Antivirus Security Profiles
• Anti-Spyware Security Profiles
• File Blocking Profiles
• Attaching Security Profiles to Security policy rules
• Telemetry and threat intelligence
• Denial of service protection

Module 6 – Uniform Resource Locator Filtering

• • URL Filtering Security Profiles
  • Attaching URL Filtering Profiles

Module 1 – Decryption and Certificate Management

• Decryption concepts
• Certificate management
• SSL forward proxy decryption
• SSL inbound inspection
• Other decryption topics

Module 2 – Virus Analysis and Mitigation

• Wildfire Virus Analysis and Mitigation
• Wildfire: concepts, configuring, managing, and reporting

Module 3 – End User Identification

• User-ID overview
• User mapping methods overview
• Configuring User-ID
• PAN-OS® integrated agent configuration
• Windows-based agent configuration
• Configuring group mapping
• User-ID and security policy

Module 4 – Remote Access Security

• Preparing the firewall for GlobalProtect
• Configuring the GlobalProtect portal
• Configuring the GlobalProtect gateway
• Configuring GlobalProtect agents
• Site to Site VPN Overview
• Configuring Site to Site tunnels
• IPsec troubleshooting

Module 5 – Security Monitoring and Reporting

• Dashboard, ACC, and monitor
• Log forwarding
• Syslog
• Configuring SNMP

Module 6 – Security Device High Availability

• High Availability Components and Operation
• Active/Passive HA Configuration
• Monitoring HA State