Skip to main Content

Exam: Palo Alto Networks: Security Service EDGE Engineer (PAN-S-SSEE)

  • Price: eur270.00
  • Code: PAN-S-SSEE

eur270.00

excl. VAT

Add to Cart Add to Cart

Jump to:

Description

Top

The Palo Alto Networks Certified Security Service Edge (SSE) Engineer certification validates the knowledge and skill of experienced SSE engineers in the areas of deployment configuration and post-deployment management, configuration, and troubleshooting. The certification also validates pre-deployment planning of Palo Alto Networks SSE component solutions and an understanding of their architecture to achieve network transformation outcomes.

The purpose of this document is to help you prepare for the exam and attain the certification. Please note that this document is intended to help identify the topics covered and to provide resources and references for understanding those topics. It is not intended to be used as the sole document to prepare for the SSE Engineer exam.

Exam Details:

- Duration: 90 minutes

 - Format: Multiple-choice questions

- Language: English

Target Audience

This exam is designed for individuals with the following job roles:

- SSE engineers

- Prisma Access engineers

- Security engineers

- Network engineers

- SSE professional services consultants

- SSE technical support engineers

Objectives

Top

Skills Required

  • Working knowledge of network security
  • Working knowledge of TCP/IP and how traffic is directed within a network, including routing protocols
  • Working knowledge of networking infrastructure, protocols, and topology
  • Basic understanding of endpoint OS fundamentals and security hardening methods
  • Working knowledge of SSE and security automation technology
  • Basic knowledge of current and emergent trends in information security
  • Ability to use security models / architectures (e.g., Defense in Depth, Zero Trust)
  • Engineering-level knowledge of Prisma Access
  • Basic knowledge of programming and scripting languages (e.g., Python, Powershell, SQL)

Content

Top

1. Prisma Access Planning and Deployment 28%

1.1 Identify and describe Prisma Access architecture and components

1.1.1 Security processing nodes

1.1.2 IP addressing

1.1.3 Compute locations

1.1.4 DNS

1.2 Explain Prisma Access routing

1.2.1 Routing preference

1.2.2 Backbone routing

1.2.3 Traffic steering

1.3 Configure and deploy Prisma Access service infrastructure

1.4 Configure and deploy Prisma Access for mobile users

1.4.1 VPN client

1.4.2 Explicit proxy

1.5 Configure, implement, and deploy Prisma Access for remote networks

1.6 Configure and manage private application access

1.6.1 Service connections

1.6.2 Colo-Connect

1.6.3 Zero Trust Network Access (ZTNA) Connector

1.7 Configure and implement identity authentication within Prisma Access

1.7.1 Cloud Identity Engine

1.7.2 SAML, Kerberos, Certificate, LDAP, RADIUS

1.8 Configure, deploy, and implement Prisma Access Browser (PAB)

2. Prisma Access Services 30%

2.1 Configure and implement advanced Prisma Access features and services

2.1.1 App Acceleration

2.1.2 Traffic replication

2.1.3 IoT Security

2.1.4 Privileged remote access

2.2 Configure and implement Prisma Access data security services

2.2.1 SaaS Security

2.2.2 Enterprise DLP

2.2.3 AI Access Security

2.3 Configure and implement Prisma Access for web-based threats

2.3.1 Web security policies

2.3.2 Remote Browser Isolation (RBI)

2.4 Configure and implement policies for Prisma Access

2.4.1 Security

2.4.2 Decryption

2.4.3 QoS

2.5 Configure and implement security profiles for Prisma Access

2.6 Configure and implement user-based policies within Prisma Access

2.6.1 Cloud Identity Engine

2.6.2 User-ID (group mapping, redistribution, authentication)

3. Prisma Access Administration and Operation 22%

3.1 Manage and operate Prisma Access with Panorama

3.1.1 Tenant management and multitenancy

3.1.2 User- and role-based access control

3.1.3 Configuration management and version control

3.1.4 Reporting and log management

3.1.5 Release and upgrades

3.2 Manage and operate Prisma Access with Strata Cloud Manager (SCM)

3.2.1 Tenant management and multitenancy

3.2.2 User- and role-based access control

3.2.3 Configuration management and version control

3.2.4 Reporting and log management

3.2.5 Copilot

3.3 Configure and deploy Strata Logging Service

3.3.1 SCM and Panorama

3.3.2 Log forwarding

3.4 Maintain security posture in Prisma Access

3.4.1 Best Practice Assessment (BPA)

3.4.2 Compliance

4. Prisma Access Troubleshooting 20%

4.1 Monitor Prisma Access

4.1.1 Prisma Access Activity Insights

4.1.2 Command Center

4.1.3 Real-time monitoring and alerting

4.1.4 User experience monitoring

4.2 Troubleshoot Prisma Access connectivity

4.2.1 Mobile users

4.2.2 Remote networks

4.2.3 Service connections

4.2.4 ZTNA connectors

4.2.5 Performance and latency

4.3 Troubleshoot Prisma Access traffic enforcement issues

4.3.1 Security policy

4.3.2 HIP enforcement

4.3.3 User-ID mismatch

4.3.4 Split tunneling

Pre-requisites

Top

Cybersecurity Practitioner Network Security Generalist