没有合适的资源?快使用搜索试试~ 我知道了~
pcnse-study-guide-201903培训文档手册.pdf
1.该资源内容由用户上传,如若侵权请联系客服进行举报
2.虚拟产品一经售出概不退款(资源遇到问题,请及时私信上传者)
2.虚拟产品一经售出概不退款(资源遇到问题,请及时私信上传者)
版权申诉
0 下载量 174 浏览量
2022-10-16
14:43:47
上传
评论
收藏 16.6MB PDF 举报
温馨提示
试读
308页
pcnse-study-guide-201903培训文档手册.pdf
资源推荐
资源详情
资源评论
©2016-2019, Palo Alto Networks, Inc.
1
PALO ALTO
NETWORKS
PCNSE
STUDY GUIDE
May 2019
©2016-2019, Palo Alto Networks, Inc.
2
Palo Alto Networks, Inc. www.paloaltonetworks.com
©2016-2019 Palo Alto Networks – all rights reserved. Aperture, AutoFocus, Demisto, GlobalProtect, Palo
Alto Networks, PAN-OS, Panorama, RedLock, Traps, and WildFire are trademarks of Palo Alto Networks, Inc.
All other trademarks are the property of their respective owners.
©2016-2019, Palo Alto Networks, Inc.
3
Contents
Palo Alto Networks PCNSE Study Guide ............................................................................................................ 16
Overview ........................................................................................................................................................... 16
Exam Details ...................................................................................................................................................... 16
Intended Audience ............................................................................................................................................ 16
Qualifications .................................................................................................................................................... 16
Skills Required ................................................................................................................................................... 17
Recommended Training .................................................................................................................................... 17
About This Document ........................................................................................................................................ 17
Disclaimer .......................................................................................................................................................... 17
Preliminary Score Report ................................................................................................................................... 18
Exam Domain 1 – Plan ....................................................................................................................................... 19
1.1 Identify how the Palo Alto Networks products work together to detect and prevent threats ................... 19
Securing the Enterprise ................................................................................................................................. 20
Securing the Cloud ........................................................................................................................................ 21
Sample Questions ......................................................................................................................................... 22
1.2 Given a scenario, identify how to design an implementation of the firewall to meet business
requirements that leverage the Palo Alto Networks Security Operating Platform .......................................... 24
Choosing the Appropriate Firewall ............................................................................................................... 24
Security Policy ............................................................................................................................................... 25
Security Zones ............................................................................................................................................... 26
Traffic Processing Sequence ......................................................................................................................... 27
Enterprise Firewall Management ................................................................................................................. 27
Virtual Firewalls in Clouds ............................................................................................................................. 28
Sample Questions ......................................................................................................................................... 28
1.3 Given a scenario, identify how to design an implementation of firewalls in High Availability to meet
business requirements that leverage the Palo Alto Networks Security Operating Platform ........................... 29
High Availability ............................................................................................................................................ 29
HA Modes ...................................................................................................................................................... 29
Active/Passive Clusters ................................................................................................................................. 29
Active/Active Clusters ................................................................................................................................... 30
Choosing an HA Cluster Type ........................................................................................................................ 31
Sample Questions .............................................................................................................
............................ 33
1.4 Identify the appropriate interface type and configuration for a specified network deployment .............. 35
Types of Interfaces ........................................................................................................................................ 35
©2016-2019, Palo Alto Networks, Inc.
4
Tap ................................................................................................................................................................ 35
Virtual Wire ................................................................................................................................................... 36
Layer 2 ........................................................................................................................................................... 36
Layer 3 ........................................................................................................................................................... 37
Decrypt Mirror .............................................................................................................................................. 37
Aggregate Interfaces ..................................................................................................................................... 37
Virtual Interfaces ........................................................................................................................................... 38
VLAN Interfaces ............................................................................................................................................. 38
Loopback Interfaces ...................................................................................................................................... 38
Tunnel Interfaces .......................................................................................................................................... 39
Traffic Forwarding ......................................................................................................................................... 39
Virtual Routers .............................................................................................................................................. 41
Administrative Distance ................................................................................................................................ 42
Route Redistribution ..................................................................................................................................... 42
GRE Tunnels .................................................................................................................................................. 43
Routing Troubleshooting .............................................................................................................................. 44
Sample Questions ......................................................................................................................................... 45
1.5 Identify strategies for retaining logs using Distributed Log Collection ....................................................... 47
Event Logging on NGFWs .............................................................................................................................. 47
Distributed Log Collection ............................................................................................................................. 47
Sample Questions ......................................................................................................................................... 49
1.6 Given a scenario, identify the strategy that should be implemented for Distributed Log Collection ........ 50
Log Collection Platform Choices ................................................................................................................... 50
On-Premises Log Collection .......................................................................................................................... 50
Cortex Data Lake ........................................................................................................................................... 51
Sample Questions ......................................................................................................................................... 51
1.7 Identify how to use template stacks for administering Palo Alto Networks firewalls as a scalable solution
using Panorama ................................................................................................................................................. 52
Panorama Overview ...................................................................................................................................... 52
Templates and Template Stacks ................................................................................................................... 53
Sample Questions ......................................................................................................................................... 54
1.8 Identify how to use device group hierarchy for administering Palo Alto Networks firewalls as a scalable
solution using Panorama ......................................................................................................
............................. 55
Device Groups ............................................................................................................................................... 55
©2016-2019, Palo Alto Networks, Inc.
5
Committing Changes with Panorama ........................................................................................................... 57
Sample Questions ......................................................................................................................................... 60
1.9 Identify planning considerations unique to deploying Palo Alto Networks firewalls in a public cloud ...... 61
Virtual Firewalls ............................................................................................................................................ 61
Public Clouds ................................................................................................................................................. 62
Sample Questions ......................................................................................................................................... 62
1.10 Identify planning considerations unique to deploying Palo Alto Networks firewalls in a hybrid cloud ... 64
Hybrid Cloud ................................................................................................................................................. 64
Connectivity Considerations ......................................................................................................................... 64
Sample Question ........................................................................................................................................... 64
1.11 Identify planning considerations unique to deploying Palo Alto Networks firewalls in a private cloud .. 65
Private Clouds ............................................................................................................................................... 65
Sample Questions ......................................................................................................................................... 65
1.12 Identify methods for authorization, authentication, and device administration ..................................... 66
Administrative Accounts and Roles .............................................................................................................. 66
Authentication .............................................................................................................................................. 66
Special Note About Multi-Factor Authentication ......................................................................................... 68
Panorama Access Domains ........................................................................................................................... 69
Sample Questions ......................................................................................................................................... 69
1.13 Identify the methods of certificate creation on the firewall ..................................................................... 71
Certificate Background ................................................................................................................................. 71
Certificates on the Firewall ........................................................................................................................... 72
Certificate Creation and Import .................................................................................................................... 73
Sample Questions ......................................................................................................................................... 75
1.14 Identify options available in the firewall to support dynamic routing ...................................................... 76
Overview ....................................................................................................................................................... 76
Administrative Distance ................................................................................................................................ 77
Sample Questions ......................................................................................................................................... 78
1.15 Given a scenario, identify ways to mitigate resource exhaustion (because of denial-of-service) in
application servers ............................................................................................................................................ 79
Resource Exhaustion ..................................................................................................................................... 79
Zone Protection Profiles ............................................................................................................................... 79
DoS Protection Profile ................................................................................................................................... 80
Differences Between DoS Protection and Zone Protection .......................................................................... 81
Sample Questions ......................................................................................................................................... 82
剩余307页未读,继续阅读
资源评论
优质网络系统领域创作者
- 粉丝: 2978
- 资源: 2416
下载权益
C知道特权
VIP文章
课程特权
开通VIP
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
最新资源
- mysql修改密码.md
- 微信浏览器网页版打开插件 支持 Edge / Chrome / Chromium 内核:Wechat-need-web
- 国家开放大学电大化工制图形考任务答案
- 基于python+sqlite实现知识图谱的农作物病虫害防治智能问答平台
- 移动通信系统ofdm的STO和CFO matlab
- 2024年全国职业院校技能大赛集成电路应用开发赛项竞赛试题(03卷)
- 基于CRT(远程访问终端)+ARM(GEC)+Linux+C语言的视频监控系统源码+文档说明.zip
- 用vue.js开发微信app
- CentOS-7-x86-64-Minimal-2009-迷你版系统镜像
- wireshark抓包软件
资源上传下载、课程学习等过程中有任何疑问或建议,欢迎提出宝贵意见哦~我们会及时处理!
点击此处反馈
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功