Palo Alto

Objectives: Describe the benefits of decrypting traffic Define the three decryption types that can be configured at the firewall Describe how a certificate chain of trust is used to authenticate a device, service, or person Configure an SSL Forward Proxy Review Traffic logs to determine whether SSL sessions are being decrypted Why decrypt network traffic?…

Objectives: Describe how the firewall uses PAN-DB database to filter user access to websites Configure a custom URL filtering profile to mimimise the number of blocked websites between trusted zones Configure safe search and logging options Configure access to only enterprise versions of SaaS applications The URL Filtering Feature Palo Alto networks maintns a PAN-DB…

Objectives: Describe the seven different Security Policy Types Define the two predefined Vulnerability Protection Profiles Configure Security Profiles to rpevent virus and spyware infiltration Configure File Blocking Profiles to identify and control the flow of file types through the firewall Configure a DoS profile to help mitigate Layer 3 and Layer 4 protocol based attacks…

Objectives: Define application identification Describe four major technologies to help identify applications Configure application filters and application groups Detect unidentifeid applications that traverse the firewall Configure scheduling to Application ID What is an application? An application is a specific program or feature whose commuinications can be labeled, monitored and controlled Applications will include business tools…

Objectives: Display and manage security policy rules Describe the difference between implicit and explicit rules Create a security policy Describe the difference between source and destination NAT Configure source NAT Configure destination NAT port forwarding Controlling Network Traffic All traffic flowing through the data plane of the Palo Alto firewall is checked against a security…

Objectives: Describe flow logic of the next generation firewall Create a security zone Describe the differences between Tap, Virtual Wire, Layer 2 and Layer 3 Create and configure a virtual router Define a static default route Configure a VLAN interface Configure a loopback interface The flow logic of a next generation firewall The diagram above…

Objectives Connect to the firewall and login as admin Configure the network settings for the management interface port Describe the difference between the running configuration and the candidate configuration Configure dynamic firewall updates to update the applications and threats database Create a local firewall administrative account Access the firewall logs Access to the firewall The…

Objectives: Describe the characteristics of the Security Operating Platform Describe the differences between single-pass architecture and parallel processing Describe the Zero Trust security model and how it relates to traffic moving through the network Cyber Attack Lifecycle Reconnaissance Attackers carefully plan their attacks: They identify and select targets, research them. Using phishing tatics or data…

Objectives: Describe authentication and authorization methods supported by the firewall Configure user accounts for firewall administrators and end users Define multi-factor authentication implementation methods Configure the firewall to connect to an MFA server Configure anti-phishing and user credential submission protections Summarize the three methods used to break the credential threat attack life cycle User Authentication…

Objectives: Block known malware attacks by configuring Security Profiles according to best practices Detect unknown malware attacks by configuring WildFire according to best practices Overview of Inspecting Allowed Traffic When network traffic passes between zones on the firewall, it matches against rules on the security policy. Even if the security policy gets a match and…