Palo Alto PCCSE Certification Exam Syllabus

PCCSE Syllabus, PCCSE Exam Questions PDF, Palo Alto PCCSE Dumps Free, PCCSE PDF, PCCSE Dumps, PCCSE PDF, PCCSE VCE, PCCSE Questions PDF, Palo Alto PCCSE Questions PDF, Palo Alto PCCSE VCEA great way to start the Prisma Certified Cloud Security Engineer (PCCSE) preparation is to begin by properly appreciating the role that syllabus and study guide play in the Palo Alto PCCSE certification exam. This study guide is an instrument to get you on the same page with Palo Alto and understand the nature of the Palo Alto PCCSE exam.

Our team of experts has composed this Palo Alto PCCSE exam preparation guide to provide the overview about Palo Alto Cloud Security Engineer exam, study material, sample questions, practice exam and ways to interpret the exam objectives to help you assess your readiness for the Palo Alto PCCSE exam by identifying prerequisite areas of knowledge. We recommend you to refer the simulation questions and practice test listed in this guide to determine what type of questions will be asked and the level of difficulty that could be tested in the Palo Alto PCCSE certification exam.

Palo Alto PCCSE Exam Overview:

Exam Name Cloud Security Engineer
Exam Number PCCSE
Exam Price $175 USD
Duration 90 minutes
Number of Questions 75-85
Passing Score Variable (70-80 / 100 Approx.)
Recommended Training Prisma Cloud - Monitoring and Securing (EDU-150)
Prisma Cloud - Onboarding and Operationalizing (EDU-152)
Exam Registration PEARSON VUE
Sample Questions Palo Alto PCCSE Sample Questions
Practice Exam Prisma Certified Cloud Security Engineer Practice Test

Palo Alto PCCSE Exam Topics:

Section Weight Objectives
Install and Upgrade 8% - Deploy and manage Console for the Compute Edition
  • Locate and download Prisma Cloud release software.
  • Install Console in onebox configuration.
  • Install Console in Kubernetes.
  • Perform upgrade on Console.

- Deploy and manage Defenders

  • Deploy Container Defenders.
  • Deploy Host Defenders.
  • Deploy Serverless Defenders.
  • Deploy App-embedded Defenders.
  • Configure networking for Defender to Console connectivity.
  • Perform upgrade on Defenders.
Visibility, Security, Compliance and Data Security 33% - Configure policies
  • Understand policies related to compliance standards.
  • Build custom policies.
  • Identify policy types.

- Configure alerting and notifications

  • Understand alert states.
  • Build alert rules.
  • Create alert notifications.
  • Investigate alerts.

- Understand third-party integrations

  • Understand inbound and outbound notifications.

- Perform ad hoc investigations

  • Investigate resource configuration with RQL.
  • Investigate user activity using RQL.
  • Investigate network activity using RQL.
  • Investigate anomalous user event(s).

- Identify assets in a Cloud account

  • Identify inventory of resources in a cloud account.
  • Identify how to check resource configuration history.

- Use Prisma Cloud APIs

  • Use APIs for automation of tasks.
  • Use APIs for custom queries.

- Remediation

  • Identify the requirements to use auto-remediation.
  • Differentiate between when to use manual versus automated remediation.

- Onboarding

  • Identify the process for onboarding cloud accounts with data protection
  • Configure CloudTrail and SNS.
  • Configure Scan options.

- Use Data Dashboard Features

  • Classify Objects.
  • List object permissions for visibility.
  • View Data Inventory.
  • View Resource Explore.
  • List Object Identifiers.
  • Understand Object exposure rates.

- Assess Data Policies and Alerts

  • Differentiate between malware and regular policies.
  • Understand the scope of alert notifications.
Cloud Workload Protection Platform 18% - Monitor and Protect Against Image Vulnerabilities
  • Understand how to Investigate Image Vulnerabilities.
  • Configure Image Vulnerability Policy.

- Monitor and Protect Host Vulnerabilities

  • Understand how to Investigate Host Vulnerabilities.
  • Configure Host Vulnerability Policy.

- Monitor and Enforce Image/Container Compliance

  • Understand how to Investigate Image and Container Compliance.
  • Configure Image and Container Compliance Policy.

- Monitor and Enforce Host Compliance

  • Understand how to Investigate Host Compliance.
  • Configure Host Compliance Policy.

- Monitor and Enforce Container Runtime

  • Understand container models.
  • Configure container runtime policies.
  • Understand container runtime audits.
  • Investigate incidents using Incident Explorer.

- Configure WAAS policies

  • Configure WAAS policies to create a relevant WAAS rule.

- Monitor and Protect Against Serverless Vulnerabilities

  • Understand how to Investigate Serverless Vulnerabilities.
  • Configure Serverless Vulnerability Policy.
  • Configure Serverless Auto-Protect functionality.
Web Application and API Security (WAAS) 8% - Create a WAAS policy and an App rule
  • Define the application specifications.
  • Define or import API methods.
  • Limit access to different REST API endpoints.

- Configure application firewall settings and exceptions

  • Configure DoS protection.
  • Configure access controls to limit inbound sources.
  • Manage network lists
  • Configure access controls to enforce HTTP headers and file uploads.
  • Configure bot protection.

- Investigate WAAS runtime audit

  • Determine the reasons for a WAAS runtime audit.
Dev SecOps Security (Shift Left) 13% - Implement scanning for IAC templates
  • Differentiate between Terraform and Cloudformation scanning configurations.
  • List OOTB IAC scanning integrations.
  • Configure API scanning for IAC templates.

- Configure policies in Console for IAC scanning

  • Review OOTB policies for IAC scanning.
  • Configure custom build policies for IAC scanning.

- Integrate Compute scans into CI/CD pipeline.

  • Integrate image scans into CI/CD pipeline.
  • Integrate serverless scans into CI/CD pipeline.
  • Identify different options for scanning: Twistclip and plugins.

- Configure CI policies for Compute scanning.

  • Review default CI policies for Compute scanning.
  • Configure custom CI policies for Compute scanning.
Prisma Cloud Administration 20% - Onboard accounts
  • Onboard cloud accounts.
  • Configure account groups.

- Configure RBAC

  • Differentiate between Prisma Cloud and Compute roles.
  • Configure Prisma Cloud and Compute roles.

- Configure admission controller

  • Configure defender as an admission controller.
  • Create OPA policies

- Configure logging

  • Familiarize with audit logging.
  • Enable defender logging.

- Manage enterprise settings

  • Differentiate Anomaly settings.
  • Configure idle timeout.
  • Set autoenable policies.
  • Set mandatory dismissal reason.
  • Enable user attribution.

- Understand third-party integrations

  • Understand inbound and outbound notifications.
  • Configure third-party integration for alerts.

- Leverage Cloud and Compute APIs

  • Authenticate with APIs.
  • Locate API documentation.
  • List policies by API.
  • Manage alerts using APIs.
  • Create reports using APIs.
  • Download vulnerability results via API.
  • Configure Single Sign On.
  • Use the access key.

Palo Alto PCCSE Exam Description:

The PCCSE program is a formal, third-party proctored certification. Success on the PCCSE exam shows that you possess the in-depth skills and knowledge about administering cloud solutions, visibility, data loss prevention, security and compliance, web application and API security, and Dev SecOps Security, and demonstrate the highest standard of deployment methodology and operational best practices associated with the Palo Alto Networks Prisma Cloud. The exam is not intended to trick you with its questions or to test obscure detail. However, a nuanced understanding, and the ability gained through significant experience to make subtle technical distinctions, will help you make better answer choices.

Rating: 5 / 5 (67 votes)