An intelligence-driven incident response, a piece of disseminated information may be the starting point for a security team to investigate the impact of a known piece of malware.

paloalto NAT-Policies questions answers

Security Policy Fundamental Concepts

Introduction - Firewall 10.0

Connecting Security Zones: Enhancing Network Segmentation

Network segmentation is a fundamental security practice that reduces the attack surface and improves traffic control. Security zones help define boundaries within a network, ensuring that sensitive data remains protected while allowing necessary communication.

Firewall Authentication and Authorisation

Administrator Accounts And Roles

Authenticate local or remote

Admin account assigned a role with privileges  

Administrator actions logged in config and system logs Monitor>Logs

Only the predefined admin account has access to the firewall. add administrator accounts for delegation and auditing purpose.

PAN-OS OS for local or ...supported Authentication/authorisation and accounting Services like active directory, LDAP, RADIUS, SAML.

XML config or database

Configuration Management

The purpose of the running and candidate firewall configurations

Running Configuration
• Configuration settings currently active on the firewall (maintained in a file on the firewall named running config.xml)

Candidate Configuration
•Configuration changes in progress but not active on the firewall (all of in progress edits are made to the candidate configuration)

Palo Alto Firewall: Initial Configuration Guide

Setting up a Palo Alto Firewall correctly is crucial for ensuring network security and optimal performance. The initial configuration involves accessing the firewall, configuring management settings and activating essential security features.

Portfolio Overview

Data Lake, XDR, AutoFocus,  XSOAR

Network endpoints and cloud

Three Pillars are Enterprise, Cloud and the Future

Strata, Prisma and Cortex

Key elements

• Complete Visibility
• Reduce attack surface
• Prevent know threats
• Prevent unknown threats (ML)

 

Secure the Enterprise

Portfolio of products Strata, VM and CN series, Subscription service, Panorama, Wildfire, GlobalProtect (VPN), Prisma (SaaS, cloud, Access)

Network Security PCNSA (EDU-210)

To know

1. Routing and switching (vlans)
2. IP addressing
3. Basic security concepts

Exam tests/quiz, labs and end of course exam

Palo Alto Network know as PAN

14 modules on the course