Palo Alto Networks (PCNSA) Certification Practice Exam :2023

Course details

The PCNSA certification validates the knowledge and skills required for network security administrators responsible for deploying and operating Palo Alto NetworksNext-Generation Firewalls (NGFWs). PCNSA certified individuals have demonstrated knowledge of the Palo Alto Networks NGFW feature set and in the Palo Alto Networks product portfolio core components.

Palo Alto Networks (PCNSA) Certification Exam details;

• Exam Title: Palo Alto Networks Certified Cybersecurit

• Exam Code: PCCSA

• Number of Questions: 50 Questions

• Duration: 60 min.

• Availability: Pearson VUE Testing Center

• Test Format: Multiple choice

• Passing score: 70% ( they didn't announce it anymore but is used to be 70% )

• Language Exam: English

Palo Alto Networks (PCNSA) Certification Exam Topics

## Cybersecurity Foundation

• Cybersecurity Landscape
  Modern computing trends
  New application framework and threat vectors
  Turbulence in the cloud
  SaaS application risks
  Compliance and security are not the same
  Recent high-profile cyber-attack examples

• Cyberthreats
  Attacker profiles and motivations
  Modern cyber-attack strategy

• Endpoint security basics

• Cyber-attack Techniques and Types
  Malware
  Vulnerabilities and exploits
  Spamming and phishing
  Bots and botnets
  Spamming botnets
  DDoS botnets
  Financial botnets

• Wi-Fi and Advanced Persistent Threats
  Wi-Fi vulnerabilities
  Wired equivalent privacy
  Wi-Fi Protected Access (WPA/WPA2/WPA3)
  Wi-Fi man-in-the-middle attacks
  Evil Twin
  Jasager
  SSLstrip
  Advanced Persistent Threats

## Cybersecurity Gateway

• The Connected Globe
  The NET: How things connect
  Introduction to networking devices
  Routed and routing protocols
  Area networks and topologies
  Domain Name System (DNS)

• Physical, Logical, and Virtual Addressing
  IP addressing basics
  Introduction to subnetting

• Packet Encapsulation and Lifecycle
  The OSI and TCP/IP models
  Data encapsulation

• Network Security Models
  Perimeter-based network security strategy
  Zero Trust security
  Core Zero Trust design principles
  Zero Trust conceptual architecture
  Key Zero Trust criteria and capabilities
  Implementing a Zero Trust design

• Cloud and Data Center Security
  Cloud computing depends on virtualization
  Cloud computing security considerations and requirements
  Traditional data security solution weaknesses
  East-west traffic protection
  Implementing security in virtualized data centers

• Network Security Technologies
  Firewalls
  Packet filtering firewalls
  Stateful packet inspection (SPI) firewalls
  Application firewalls
  Intrusion detection and prevention systems
  Web content filters
  Virtual private networks
  Point-to-point tunneling protocol)
  Layer 2 tunneling protocol
  Secure socket tunneling protocol
  Microsoft Point-to-Point Encryption
  OpenVPN
  Internet Protocol Security
  Secure Sockets Layer (SSL)
  Data loss prevention
  Unified Threat Management
  Security information and event management

• Endpoint security
  Anti-malware
  Signature-based
  Container-based
  Application whitelisting
  Anomaly detection
  Anti-spyware
  Personal firewalls
  Host-based Intrusion Prevention Systems (HIPS)
  Mobile device management

• Cloud, Virtualization, and Storage Security
  Cloud computing
  Virtualization
  Local and remote storage

• Networking Concepts
  Server and system administration
  Patch management
  Configuration management
  Directory services
  Structured host and network troubleshooting
  ITIL fundamentals
  Help desk and technical support

## Cybersecurity Essentials

• Security Operating Platform

• Network Security
  Next-generation firewalls
  Application identification
  User Identification
  Content identification
  Log correlation and reporting
  Palo Alto Networks Expedition (Migration Tool)
  Network security management (Panorama)

• Endpoint Protection
  Advanced endpoint protection (Traps)
  Malware prevention
  Exploit prevention
  Traps deployment architecture
  Traps in action
  Mobile security and VPN management (GlobalProtect)

• Cloud Security
  Cloud monitoring and compliance (Evident)
  SaaS security (Aperture)
  SaaS threat prevention
  Data exposure visibility
  Contextual data exposure control
  Advanced document classification
  Retroactive policy

• Application Framework and Logging Service
  Behavioral analytics (Magnifier)
  Log management (Logging Service)
  Threat intelligence (AutoFocus)
  Priority alerts and tags
  Threat correlation
  Actionable intelligence
  Threat indicator sharing (MineMeld)
  Malware analysis (WildFire)
  Behavior-based cyberthreat discovery
  Threat prevention with global intelligence sharing
  Integrated logging, reporting, and forensics