CNSE 4.1 Exam Preparation GuideV3.pptx - Palo Alto Networks

More documents

Recommendations

Info

Disable Server Response Inspection • The vulnerability protection profile by default scans traffic going in both directions (from client to server, and from server to client) • Most IPSs only examine the traffic from the client to server. • The way to examine traffic from only client to server on the <strong>Palo</strong> <strong>Alto</strong> firewall is to check the box to “disable server response inspection” on the security policy (options column). Page 36 |
URL Filtering Profile • Actions can be defined for each category • Notification page for user can be customized • Allow List and Block List accept wild cards - To specify all servers in a domain called xyz.org, two entries must be created: Ø xyz.org Ø *.xyz.org • Upon URL license expiration, URL database is no longer used; traffic is allowed or blocked based upon the “action on license expiration” field shown here. Page 37 |
Page 1 and 2: Palo Alto Networks CNSE 4.1 Exam Pr
Page 3 and 4: General Advice • 100 multiple-cho
Page 5 and 6: PA appliances as of PAN-OS 4.1: 400
Page 7 and 8: PA Appliances as of PAN-OS 4.1: 200
Page 9 and 10: Logical Interfaces Supported • Su
Page 11 and 12: Available Features in Different Int
Page 13 and 14: Device Management • Managing the
Page 15 and 16: Application Selection Window Within
Page 17 and 18: Application Groups and Application
Page 19 and 20: Scheduling Security Policies • Po
Page 21 and 22: Monitoring Traffic • The default
Page 23 and 24: Log Forwarding • The logs on the
Page 25 and 26: Steps to Define a New Application 1
Page 27 and 28: Source Address Translation • NAT
Page 29 and 30: Security Profiles • Security Prof
Page 31 and 32: Anti-Virus Profiles Page 31 | • A
Page 33 and 34: Email Protocols and AV/Spyware Prot
Page 35: Custom Response Pages • Response
Page 39 and 40: Default Block Pages Page 39 |
Page 41 and 42: Data Filtering Overview • Scan tr
Page 43 and 44: Data Filtering Password Setup • P
Page 45 and 46: WildFire • WildFire relies upon t
Page 47 and 48: Packet Flow • Refer to this docum
Page 49 and 50: User-ID: Enterprise Directory Integ
Page 51 and 52: User-ID Agent Setup and Upgrade Pro
Page 53 and 54: Terminal Server Agent • Runs on t
Page 55 and 56: Captive Portal (2) • How to confi
Page 57 and 58: Steps to Configure an IPSec site-to
Page 59 and 60: GlobalProtect - SSL VPN • PAN-OS
Page 61 and 62: SSL Decryption • The Palo Alto fi
Page 63 and 64: Configuring SSL Outbound Decryption
Page 65 and 66: Misc. SSL Decryption • When SSL i
Page 67 and 68: HA Failure States • Link Failure
Page 69 and 70: Active/Active | HA3 interface • A
Page 71 and 72: Panorama • Central source to view
Page 73 and 74: Adding Devices to Panorama Page 73
Page 75 and 76: View and Commit You can view a comb
Page 77: Topics that have minimal or no ques

CNSE 4.1 Exam Preparation GuideV3.pptx - Palo Alto Networks

Create successful ePaper yourself

Delete template?

Save as template?