PSE Software Firewall Study Guide

pse-software-pro.png
This is a non-comprehensive, personal reference for the Palo Alto PSE Software Firewall Professional certification exam.

The exam is broken into multiple domains:

Domain 1:

Technical Business Value

  1. Describe the requirements and components of auto scaling
  2. Explain the value and operational efficiency of dynamic address groups (DAGs)
  3. Describe various plugin options and deployment methods
  4. Describe the process of segmentation
  5. Describe centralized visibility and deployment models
  6. Explain how to realize return on investment (ROI) by leveraging Palo Alto Networks software next-generation firewall (NGFW)
  7. Identity the benefits of Palo Alto Networks solutions to address customer concerns or resistance

Domain 2:

Competitive Differentiators

  1. Compare and contrast the capabilities of cloud delivered NGFW, VM-Series, and CN-Series
  2. Create and apply flex credits to both VM-Series and CN-Series
  3. Describe the importance of third-party integrations
  4. Descibre the benefits of Cloud-Delivered Security Services (CDSS) and Advanced URL Filtering (AURLF)
  5. Decibe the benefits of automation as applied by Palo Alto Networks
  6. Terraform provider
  7. Ansible
  8. Dynamic responses to threats

Domain 3:

Architecture and Planning

  1. Describe CN-Series deployment tool options.
  2. YAML Ain’t Markup Language (YAML)
  3. Helm charts
  4. Terraform templates
  5. Differentiation
  6. Compare and contrast VM-Series deployment options
  7. Describe CN-Series sizing, capabilities, and features
  8. Describe various segmentation models, includeing East-West and North-South segmentation design per CNet, VNet, and pod
  9. Describe the concept of growth planning
  10. Describe placement considerations of Layer 2 and Layer 3 deployments

Domain 4:

Demonstration and Evaluation

  1. Create, apply, and upgrade licenses
  2. Execute a successful proof of concept (POC)
  3. Apply the appropriate deployment / configuration tools for various environments
  4. Use, deploy, and tag Panorama plugins
  5. Deploy CN-Series
  6. Spin up, locate, and demonstrate demon, lab, or Ultimate Test Drive (UTD) instances

Domain 5:

Network Security Best Practices

  1. Explain why intrazone policies in cloud are a best practice
  2. Describe the use of object tagging and DAGs
  3. Explain how Zero Trust relates to VM-Series and CN-Series cloud deployments
  4. Apply automation and automation tools to deploy Palo Alto Network solutions
  5. Compare and contrast Prisma Cloud Compute (PCC) and CN-Series

DavisSystem

Consolidated Notes From the Desk of Sean Davis.

Palo Alto PSE Software Study Guide Reference Information

By Sean, 2024-05-30