Professional Documents
Culture Documents
PCNSC
STUDY GUIDE
Overview
The PCNSC program is a formal, third-party-proctored certification for security consultants of
Palo Alto Networks and partners of Palo Alto Networks. Success on the PCNSC exam shows
that you possess the in-depth skills and knowledge to migrate data, deliver professional services,
and demonstrate the highest standard of deployment methodology and operational best practices
associated with the Palo Alto Networks Next-Generation Firewall. The exam is not intended to
trick you with its questions or test obscure detail. However, a nuanced understanding, and the
ability gained through significant experience to make subtle technical distinctions, will help you
make better answer choices.
Prerequisites
§ You have passed the Palo Alto Networks Certified Network Security Engineer (PCNSE) exam.
§ You have completed the Palo Alto Networks Transformation Level Services (TLS) workshop or
the Palo Alto Networks Professional Services Academy.
Exam Format
The test format is 50 multiple-choice items. Candidates will have five minutes to complete the
non-disclosure agreement (NDA), 70 minutes (1 hour, 10 minutes) to complete the questions,
and five minutes to complete a survey at the end of the exam.
The approximate distribution of items by topic (Exam Domain) and topic weightings are as
follows:
This exam is based on PAN-OS® 10.0.
Weight
Exam Domain
(%)
Design and Architecture of Advanced Panorama and
24%
Firewalls
Migration Techniques 18%
Total 100%
Preparation Resources
The document is a compilation of key resources to guide exam preparation. These resources
cover the material designated by the exam objectives. To study efficiently, focus on the
suggested topics listed for each resource. Be sure that you have a clear and complete
understanding of these topics before taking the exam.
CPSP Program
The PCNSC certification is one of the requirements for partners participating in the Certified
Professional Services Partner (CPSP) Program. For more detailed information about this
program, visit our program page: CPSP Program. This link takes you to a page that displays this
banner.
Authentication:
• https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/authentication
1.4 Identify the best practices that allow for functionality and scalability
2 Migration Techniques
2.1 Install, maintain, and upgrade Expedition
Using Expedition for services to App-ID conversions (see the “Replace Services by App-ID”
section):
• https://live.paloaltonetworks.com/t5/Expedition-Articles/Expedition-User-Guide-v1-2/ta-
p/285157
2.4 Use the appropriate tools to convert a security policy to an advanced policy
Expedition export:
• https://live.paloaltonetworks.com/t5/expedition-discussions/expedition-panorama-config-
export/m-p/321935#M2479
Bidirectional NAT:
• https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClWBCA0
5 Advanced Troubleshooting
5.1 Given a scenario, troubleshoot issues with dynamic routing
Capturing protocol independent multicast (PIM) and internet group management protocol
(IGMP) traffic using the CLI:
• https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClsFCAS
Ports on firewall:
• https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/high-availability/ha-
concepts/ha-links-and-backup-links/ha-ports-on-the-pa-7000-series-firewall.html
Other troubleshooting information and approaches are listed in the remainder of this section
and are not repeated here.