PCCSA: Palo Alto Networks Certified Cybersecurity Associate

A Palo Alto Networks Certified Cybersecurity Associate (PCCSA) possesses knowledge of cutting-edge technology available today to manage the cyber threats of tomorrow.

A Palo Alto Networks Certified Cybersecurity Associate (PCCSA) possesses knowledge of cutting-edge technology available today to manage the cyber threats of tomorrow.

Palo Alto PCCSA Exam Overview:

Exam Name Cybersecurity Associate
Exam Number   PCCSA
Exam Price   $100 USD
Duration  60 minutes
Number of Questions   50 
Passing Score   70% 
Recommended Training  Introduction to Cybersecurity (EDU-010)
Sample Questions   Palo Alto PCCSA Sample Questions
Practice Exam   Palo Alto Networks Certified Cybersecurity Associate Practice Test

Palo Alto PCCSA Exam Topics:

Section Objectives 
Cybersecurity Foundation

1. Cybersecurity Landscape

– Modern computing trends
– New application framework and threat vectors
– Turbulence in the cloud
– SaaS application risks
– Compliance and security are not the same
– Recent high-profile cyber-attack examples

2. Cyberthreats

– Attacker profiles and motivations
– Modern cyber-attack strategy

3. Endpoint security basics

4. Cyber-attack Techniques and Types

– Malware
– Vulnerabilities and exploits
– Spamming and phishing
– Bots and botnets
Spamming botnets
DDoS botnets
Financial botnets

5. Wi-Fi and Advanced Persistent Threats

– Wi-Fi vulnerabilities
Wired equivalent privacy
Wi-Fi Protected Access (WPA/WPA2/WPA3)
– Wi-Fi man-in-the-middle attacks
Evil Twin
– Advanced Persistent Threats

Cybersecurity Gateway

1. The Connected Globe

– The NET: How things connect
– Introduction to networking devices
– Routed and routing protocols
– Area networks and topologies
– Domain Name System (DNS)

2. Physical, Logical, and Virtual Addressing

– IP addressing basics
– Introduction to subnetting

3. Packet Encapsulation and Lifecycle

– The OSI and TCP/IP models
– Data encapsulation

4. Network Security Models

– Perimeter-based network security strategy
– Zero Trust security
Core Zero Trust design principles
Zero Trust conceptual architecture
Key Zero Trust criteria and capabilities
Implementing a Zero Trust design

5. Cloud and Data Center Security

– Cloud computing depends on virtualization
– Cloud computing security considerations and requirements
– Traditional data security solution weaknesses
– East-west traffic protection
– Implementing security in virtualized data centers

6. Network Security Technologies

– Firewalls
Packet filtering firewalls
Stateful packet inspection (SPI) firewalls
Application firewalls
– Intrusion detection and prevention systems
– Web content filters
– Virtual private networks
Point-to-point tunneling protocol)
Layer 2 tunneling protocol
Secure socket tunneling protocol
Microsoft Point-to-Point Encryption
Internet Protocol Security
Secure Sockets Layer (SSL)
– Data loss prevention
– Unified Threat Management
– Security information and event management

7. Endpoint security

– Anti-malware
Application whitelisting
Anomaly detection
– Anti-spyware
– Personal firewalls
– Host-based Intrusion Prevention Systems (HIPS)
– Mobile device management

8. Cloud, Virtualization, and Storage Security

– Cloud computing
– Virtualization
– Local and remote storage

9. Networking Concepts

– Server and system administration
Patch management
Configuration management
– Directory services
– Structured host and network troubleshooting
– ITIL fundamentals
– Help desk and technical support

Cybersecurity Essentials

1. Security Operating Platform

2. Network Security

– Next-generation firewalls
Application identification
User Identification
Content identification
Log correlation and reporting
– Palo Alto Networks Expedition (Migration Tool)
– Network security management (Panorama)

3. Endpoint Protection

– Advanced endpoint protection (Traps)
Malware prevention
Exploit prevention
Traps deployment architecture
Traps in action
– Mobile security and VPN management (GlobalProtect)

4. Cloud Security

– Cloud monitoring and compliance (Evident)
– SaaS security (Aperture)
SaaS threat prevention
Data exposure visibility
Contextual data exposure control
Advanced document classification
Retroactive policy

5. Application Framework and Logging Service

– Behavioral analytics (Magnifier)
– Log management (Logging Service)
– Threat intelligence (AutoFocus)
Priority alerts and tags
Threat correlation
Actionable intelligence
– Threat indicator sharing (MineMeld)
– Malware analysis (WildFire)
Behavior-based cyberthreat discovery
Threat prevention with global intelligence sharing
Integrated logging, reporting, and forensics