• Understand how to configure APP-ID.
• Understand the purpose and usage of Content-ID.
• Understand the purpose and usage of User-ID.
• Understand the purpose and usage of captive
• Understand the purpose and usage of Device-ID.
• Understand security
• Understand form factors of the
• Understand the management implications of the form factors of the
• Understand use of Authentication Policy.
• Understand uses for Prisma
• Understand uses for Panorama.
• Understand the uses for CN-Series and VM-Series.
• Understand GlobalProtect.

Task 1.2   Identify the order of operations of Single-Pass Parallel Processing architecture.

• Describe signature processing
• Describe the security processing
• Describe network processing
• Understand the impact of traffic flow.

• Understand the use of management user
• Understand the methods of
• Understand the access
• Understand identity management traffic flow.

Task 2.2  Provisioning local administrators and assigning role-based authentication

• Assign role-based access control to
• Assign authentication for
• Assign the authentication sequence for

Task 2.3  Define firewall configurations

• Manage running configuration.
• Manage candidate configuration.
• Understand when to use load, save, import and

Task 2.4  Understand how to push policy updates to Panorama managed FWs

• Understand device groups and
• Understand where to place
• Understand implications of Panorama
• Understand how to backup Panorama configurations and NGFW from Panorama.

Task 2.5  Identify the types of dynamic updates and their purpose

• Understand the impact of dynamic updates to existing security policies.

Task 2.6  Identify what a security zone is and how to use it

• Identify zone
• Identify which zones to apply for security

Task 2.7    Identify and configure firewall interfaces

• Identify and understand the different types of
• Identify how interface types affect security
• Identify how interface types affect security

Task 2.8  Configure a virtual router

• Identify steps to create a static
• Understand how to use the routing
• Identify steps to configure a virtual
• Identify what interface types can be added to a virtual
• Understand how to configure route

• Apply address objects to
• Create address
• Identify how to tag
• Differentiate between the address

Task 3.2  Identify how to create services.

• Apply services to
• Create service

Task 3.3  Identify how to use pre-defined Palo Alto Networks external dynamic lists

• Identify how to implement an exception to a predefined
• Identify how to apply in security

Task 3.4  Configure application filters and application groups

• Differentiate between application filters and groups and when to use
• Include an application filter in
• Include an application group in
• Identify the purpose of application characteristics as defined in the App-ID

• Identify an appropriate APP-ID
• Understand rule
• Group rules by
• Identify the potential impact of App-ID updates to existing security policy

Task 4.2  Identify the purpose of specific security rule types

• Identify when to use interzone
• Identify when to use intrazone
• Identify when to use universal

Task 4.3  Identify and configure Security policy match conditions, actions, and logging options

• Identify and configure Security policy match conditions, and
• Understand how to use Application Filters and
• Understand how to use logging

Task 4.4  Identify and implement proper NAT policies

• Implement a destination
• Implement a source
• Differentiate various NAT
• Create a NAT in the proper order based on pre-existing

Task 4.5  Identify the tools available to optimize Security policies

• Identify the policy test match
• Identify the policy
• Identify

• Differentiate between different types of security profiles.
• Identify how to create and modify a Security Profile.
• Identify how to add a Security Profile to
• Identify how to create a profile
• Identify how to add a security profile group to

Task 5.2  Identify the difference between Security policy actions and Security Profile actions

• Differentiate between traffic logs, threat logs and data
• Differentiate between security profile

Task 5.3  Identify how the firewall can use the cloud DNS Security to control traffic based on domains

• Identify where to configure DNS
• Identify how to apply DNS security in

Task 5.4  Identify how the firewall can use the PAN-DB database to control traffic based on websites

• Identify how to apply a URL profile in a security
• Identify how to create a URL filtering profile.

Task 5.5  Identify how to control access to specific URLs using custom URL filtering categories

• Identify why a URL was
• Identify how to allow a blocked
• Identify how to request a URL

Task 5.6  Differentiate between group mapping and IP to user mapping within policies and logs

• Identify how to control access to specific
• Identify how to apply to specific
• Identify users within the ACC and the monitor