Palo Alto Firewall 9.0 - Arabic بالو التو فايروول - عربي
PCNSE وإمتحان PCNSA والإعداد لإمتحان - Palo Alto Firewalls 9.0 الكورس الكامل لتعلم
4.85 (14 reviews)
1,026
students
19.5 hours
content
Aug 2022
last update
$24.99
regular price
What you will learn
How to design, deploy, configure and troubleshoot Palo alto firewalls. (PAN OS 9.0)
Core course required for PCNSA and PCNSE certifications
Real-Life scenarios and examples that can be used and applied on a day-to-day basis
Prepare for your PCNSA and PCNSE Exams
Description
This Palo Alto Networks Firewall course is will help you to:
Configure and manage the essential features of Palo Alto Networks next-generation firewalls.
Configure and manage Security and NAT policies to enable approved traffic to and from zones.
Configure and manage Threat Prevention strategies to block traffic from known and unknown IP addresses, domains, and URLs.
Monitor network traffic using the interactive web interface and firewall reports.
Prevent use of stolen credentials
Course Outline
Palo Alto Network portfolio & architecture
Connect to the Management Network
Manage Firewall configuration
Manage firewall administrator account
Connect to production network
The cyber-attack Lifecycle
Block threats using security & NAC Policies
Block Packet & protocol based attacks
Block threats from known bad sources
Block threats by identifying applications
Maintain application based policies
Block threats using custom applications
Block threats by identifying users
Block threats by identifying devices
Block unknown threats
Block threats in encrypted traffic
Block threats by identifying applications
Prevent use of stolen credentials
Block threats using security profiles
View threat & traffic information
Cloud deployments and offering
Building Home Lab
Practice multiple lab scenarios
Exam Preparation
Related Certifications
PCNSA - Palo Alto Networks Certified Network Security Administrator
PCNSE - Palo Alto Networks Certified Network Security Engineer
Course Overview
Next-Generation Security Platform and Architecture
Virtual and Cloud Deployment
Initial Configuration
Interface Configuration
Security and NAT Policies
App-ID™
Content-ID™
URL Filtering
Decryption
WildFire®
User-ID™
GlobalProtect™
Site-to-Site VPNs
Active/Passive High Availability
Security Practices
Successful completion of this course should enhance the student’s understanding of how to configure and manage Palo Alto Networks Next-Generation Firewalls. The course includes real-life examples on configuring, managing, and monitoring a firewall in a lab environment.
Screenshots
Content
Module 1 - Introduction & General Configuration
MOD1-01 Life Cycle of Cyber Attack
MOD1-02 Security Platform Overview and Services
MOD1-03 SP3 Architecture (Management and Control)
MOD1-04 Zero Trust - Integrated Approach
MOD1-05 Firewall offering (Physical/Virtual)
MOD1-06 Virtual Systems
MOD1-07 Subscription and License Expiry
MOD1-08 Lab - Download OVA, Deploy
MOD1-09 Lab - VM Edit and Interface Mapping
MOD1-10 Lab - VM Boot Process, Defaults, Dashboard
MOD1-11 Administrative Access (Management Services) - Part 1
MOD1-12 Administrative Access (Management Services) - Part 2
MOD1-13 Lab - Configure (MGT, General, DNS, NTP)
MOD1-14 Lab - Service Routes (Definition and Configuration)
MOD1-15 Configuration MGMT - Part 1
MOD1-16 Configuration MGMT - Part 2
MOD1-17 Admin Roles, Authentication Profile
MOD1-18 Password Complexity & Authentication Sequence
MOD1-19 Lab - Admin roles, admins, locks
MOD1-20 Lab - Config Audit-Revert-Export-Import(Backup/restore)
MOD1-21 Lab - Password Recover/Factory Reset/Restore
MOD1-22 View and Construct Filters
MOD1-23 Lab - View,Save,Export and Packet Capture
MOD1-24 Activate Licenses/subscription - Part 1
MOD1-25 Activate Licenses/subscription - Part 2
MOD1-26 PAN OS, Content-ID & Application Updates
MOD1-27 Lab - PAN OS, Content-ID & Application Updates
Module 2 - Interface Definition & Configuration
MOD2-01 Security Zones and interfaces
MOD2-02 TAP, Virtual Wire, Layer 2 interfaces (Concept and Configuration)
MOD2-03 Layer 3 interfaces & Management Profile (Concept and Configuration)
MOD2-04 Layer 3 sub-Interfaces (Concept and Configuration)
MOD2-05 Virtual Router - Concept
MOD2-06 Path Monitoring - Concept
MOD2-07 Vlan Interface, Loopback interface
MOD2-08 Policy-Based Forwarding
MOD2-09 Lab configuration (Zones, interfaces, Virtual router) - Part 1
MOD2-10 Lab configuration (Zones, interfaces, Virtual router) - Part 2
Module 3 - Security & NAT Policies
MOD3-01 Security Policy Concept & Type , C2S/S2C
MOD3-02 Security Policy Rule Match
MOD3-03 Rule shadowing & Explicit/Implicit rules
MOD3-04 Security Policy Administration
MOD3-05 Rule set (Managing, Schedule, Unused)
MOD3-06 Objects (Address, Service, Tags, Global) - Part 1
MOD3-07 Objects (Address, Service, Tags, Global) - Part 2
MOD3-08 Lab - Configuration of Port/Services-Based Security rules
MOD3-09 Source NAT (Concept, Types, Oversubscription, Config) - Part 1
MOD3-10 Source NAT (Concept, Types, Oversubscription, Config) - Part 2
MOD3-11 Destination NAT (Concept, Types, Config) - Part 1
MOD3-12 Destination NAT (Concept, Types, Config) - Part 2
MOD3-13 Lab - Source NAT Configuration and Testing
MOD3-14 Lab - Destination NAT Configuration and Testing
Module 4 - Application ID (App-ID)
MOD4-01 App-ID Definition, Port Based vs NGFW APP-ID, Zero-day malware
MOD4-02 App-ID Operation (UDP and TCP application identification)
MOD4-03 Application shifting and dependencies (implicit/explicit)
MOD4-04 Application filters, Application Groups and Nesting
MOD4-05 Aapplications and custom services
MOD4-06 Lab - Application Block (Concept, Config)
MOD4-07 Identify unknown applications, Application override (Concept, Config)
MOD4-08 App-ID updates (updates Absorption, Policy interaction)
MOD4-09 Lab - App-ID Rule Migration
Module 5 - Content ID
MOD5-01 Content-ID (Security profiles types and operation)
MOD5-02 Vulnerability Protection Security Profile (Definition, Concept)
MOD5-03 Lab - Vulnerability Attack (Vulnerability profile Config
MOD5-04 Antivirus Security Profile (Definition, Concept)
MOD5-05 Lab - Virus/Malware Download (Security profile Config)
MOD5-06 Anti-Spyware Security Profile and Sinkhole Operation
MOD5-07 External Dynamic List (Concept, Lab Configuration)
MOD5-08 Lab - Spyware and Malicious DNS (Anti-Spyware, Sinkhole Config)
MOD5-09 File Blocking Security Profile (Definition, Concept)
MOD5-10 Blocking Multip-Level Encoded Files (Definition, Concept)
MOD5-11 Lab - File Blocking and Multi-Level encoded files (File blocking config)
MOD5-12 Security Profile Groups (Definition, Config)
MOD5-13 Denial-Of-Service Protection (DDOS attack definition)
MOD5-14 Denial-Of-Service Protection (Zone Protection)
MOD5-15 DOS Protection profiles and Policy (Concept, Config)
MOD5-16 Lab - ICMP Flood Attack (Zone Protection Config)
Module 6 - URL Filtering
MOD6-01 URL Filtering Feature (PAN-DB and Categories Definition)
MOD6-02 URL Cateogry (Policy vs Profile) - URL Filtering log
MOD6-03 URL Filtering (Order of URL Cateogry matching)
MOD6-04 URL Filtering (Wildcards usage)
MOD6-05 URL Admin Settings (Response Pages)
MOD6-06 URL Filtering Settings, Credential Detection and HTTP Insertion
MOD6-07 Handling unknown and Not-Resolved URLs
MOD6-08 Seed DB Operation (Pan OS 9.X and Earlier versions)
MOD6-09 URL Re-Categorization (Concept, Config)
MOD6-10 Lab-URL Filtering (Custom Objects - URL Category)
MOD6-11 Lab-URL Filtering (External Dynamic List)
MOD6-12 Lab - Configuring Custom Response Pages
Module 7 - Decryption
MOD7-01 Decryption Overview
MOD7-02 Overview of SSL/TLS Session
MOD7-03 Cryptography - Symmetric Encryption
MOD7-04 Cryptography - Asymmetric Encryption
MOD7-05 Public Key Infrastructure (PKI) and Certificate Authority (Part 1)
MOD7-06 Public Key Infrastructure (PKI) and Certificate Authority (Part 2)
MOD7-07 Chain of Trust (Internal CAs)
MOD7-08 Certificate and Revocation Checking (CRL and OCSP)
MOD7-09 Certificate Validation (Features Certificates)
MOD7-10 Decryption Types - Concept
MOD7-11 Certificate Management (CA Deployment Options)
MOD7-12 Import CA Certificate (Internal CA)
MOD7-13 Certificate Signing Request (CSR)
MOD7-14 Self-signed CA Certificate (Certificate Hierarchy)
MOD7-15 Forward Proxy Decryption (Trust and untrust Certificates)
MOD7-16 SSL Forward Proxy Policy and Decryption Profile
MOD7-17 Security Rules requirement (Decryptin Ruleset)
MOD7-18 Lab - SSL Forward Proxy (Malicious File inspection)
MOD7-19 Lab - Allowing users to use SSL Opt-Out page
MOD7-20 SSL inbound inspection (Concept, Config)
MOD7-21 Unsupported Applications and Decryption Exclusions
MOD7-22 No Decryption (Concept)
MOD7-23 Decryption Port Mirroring and Decryption Broker
MOD7-24 Hardware Security Modules (HSMs)
MOD7-25 SSL Session Termination (Troubleshooting)
MOD7-26 Lab - A Certificate For Secure Web-GUI Access
Module 8 - Wildfire
MOD8-01 Wildfire Threat Intelligence Cloud - Overview
MOD8-02 Wildfire Operations (Sandboxing)
MOD8-03 Wildfire Analysis Methods and Verdicts
MOD8-04 Wildfire Email Protection (Content Updates)
MOD8-05 Wildfire Licensing Scheme and Features
MOD8-06 Wildfire Private Cloud and Hybrid Cloud (WF-500 Clustering)
MOD8-07 Wildfire Configuration and Submission info
MOD8-08 Wildfire Analysis Profile and Updates scheduling
MOD8-09 Wildfire Reporting (Incorrect Verdicts)
MOD8-10 Lab - Wildfire Settings and Automatic Updates
MOD8-11 Lab - Wildfire Analysis config and unknown files submission
MOD8-12 Lab - URL and File submission to Wildfire Portal
Module 9 - User ID
MOD9-01 User-ID Overview
MOD9-02 User-ID components (Main Functions)
MOD9-03 User-ID Considerations (Windows-based vs Integrated Agent)
MOD9-04 Overview of User Mapping Methods
MOD9-05 User-ID Operations (Domain Controllers)
MOD9-06 Domain Controller Monitoring and Session Monitoring
MOD9-07 Windows Client Probing
MOD9-08 GlobalProtect mappings and Syslog Monitoring
MOD9-09 User-ID Mapping Design Recommendations
MOD9-10 User-ID Config (Integrated Agent) - Part 1
MOD9-11 User-ID Config (Integrated Agent) - Part 2
MOD9-12 Lab - User-ID Integrated Agent Configuration
MOD9-13 User-ID Config (Windows-Based Agent) - Part 1
MOD9-14 User-ID Config (Windows-Based Agent) - Part 2
MOD9-15 Lab - Windows based Agent
MOD9-16 Group Mapping - LDAP Server Profile
MOD9-17 Group Mapping - Users and Groups Attributes
MOD9-18 Group Mapping - Custom groups, Include lists and Security Policy
MOD9-19 Lab - Group Mapping (LDAP server and Security Rules)
Module 10 - GlobalProtect
MOD10-01 GlobalProtect Overview and Components
MOD10-02 GlobalProtect Connection Sequence
MOD10-03 Topologies of GlobalProtect
MOD10-04 GlobalProtect - Types of Gateways
MOD10-05 Prior to GlobalProtect Deployment
MOD10-06 Portal Configuration (Autehntication and Certificates)
MOD10-07 Portal Configuration (Internal and External Gateways)
MOD10-08 Portal Configuration (App Conenction Methods)
MOD10-09 Clientless VPN
MOD10-10 Gateway Configuration (Split Tunneling)
MOD10-11 Gateway Configuration (General, Tunnel Settings)
MOD10-12 Gateway Configuration (IP Pools, Network services, Split tunneling)
MOD10-13 GlobalProtect Agent Configuration
MOD10-14 GlobalProtect Cloud Services
MOD10-15 Lab - GlobalPrtoect Deployment Walk Through
MOD10-16 Lab - GlobalProtect Configuration and Testing - Part 1
MOD10-17 Lab - GlobalProtect Configuration and Testing - Part 2
MOD10-18 Lab - Split tunneling and User Identification
Module 11 - Site-to-Site VPNs
MOD11-01 Overview of Site-to-Site VPNs (Design Coniderations)
MOD11-02 Policy-Based versus Route-Based VPNs
MOD11-03 Internet Key Exchange (IKE Phase 1 and IKE Phase 2)
MOD11-04 Route-Based VPN Deployment (Hub-and-spoke)
MOD11-05 VPN Component Interaction/Dependencies
MOD11-06 Phase 1 Objects (IKE Gateways & Crypto Profiles)
MOD11-07 Phase 2 Objects (IPSec Tunnels and VPN Tunnels)
MOD11-08 Static/Dynamic Routing for VPN and Failover Options
MOD11-09 Connectivity check and VPN troubleshooting
MOD11-10 Lab - IPSec VPN Tunnel Configuration and Testing
MOD11-11 Lab - Configuration of Tunnel Monitoring and Dead Peer Detection
MOD11-12 Lab - Configurtion of Dynamic Routing Over IPSec VPN Tunnel
Module 12 - High Availability 2
MOD12-01 Overview of High Availability and HA-Lite
MOD12-02 High Availability Deployments (Active/Passive and Active/Active)
MOD12-03 Prerequisites to High Availability Deployments
MOD12-04 High Availability Components and Operation
MOD12-05 High Availability Links and Split-Brain Scenario
MOD12-06 Designating an Active Firewall (Preemption)
MOD12-07 Failure Detection and Failure-Triggering Mechanisms
MOD12-08 HA Timer Profiles
MOD12-09 Monitoring High Availability State (Startup of HA Pair)
MOD12-10 Firewall States and Configuration Sync
MOD12-11 Active/Passive HA Config - Setup
MOD12-12 Control Links and Data Links Configuration (HA Encryption Keys)
MOD12-13 Active/Passive HA Config - Election Settings
MOD12-14 Link Monitoring and Path Monitoring
MOD12-15 Lab - High Availability Deployment and Failover Scenario
MOD12-16 Lab - Path Monitoring (ISP Failure)
Module 13 - Monitoring and Reporting
MOD13-01 Application Command Center and Dashboard
MOD13-02 Session Browser and Filters
MOD13-03 Reporting Overview (Predefined)
MOD13-04 Custom Reports (Overview & Configuration)
MOD13-05 User/Group Activity and Summary Report
MOD13-06 SaaS Applications
MOD13-07 Email, Groups and Logging Settings
Reviews
Bassem
January 20, 2022
ربنا يبارك فيك يا باشمهندس .. حضرتك بتشرح بالتفصيل والمحتوى والجودة ممتازه .. أرجو الاستمرار بنفس الجودة
Charts
Price
Rating
Enrollment distribution
Coupons
| Submit by | Date | Coupon Code | Discount | Emitted/Used | Status |
|---|---|---|---|---|---|
| - | 2/18/2022 | 9163002A88F91E210E79 | 100% OFF | 1000/943 | expired |
4242282
udemy ID
8/15/2021
course created date
2/18/2022
course indexed date
Bot
course submited by