| Topic | Details |
| Topic 1 | - Secure Access: This part of the exam measures skills of a Secure Access Engineer and focuses on defining and differentiating Secure Access Service Edge (SASE) and Secure Service Edge (SSE). It covers challenges related to confidentiality, integrity, and availability of data and applications across data, private apps, SaaS, and AI tools. It examines security technologies including secure web gateways, enterprise browsers, remote browser isolation, data loss prevention (DLP), and cloud access security brokers (CASB). The section also describes Software-Defined Wide Area Network (SD-WAN) and Prisma SASE solutions such as Prisma Access, SD-WAN, AI Access, and enterprise DLP.
|
| Topic 2 | - Cybersecurity:This section of the exam measures skills of a Cybersecurity Practitioner and covers fundamental concepts of cybersecurity, including the components of the authentication, authorization, and accounting (AAA) framework, attacker techniques as defined by the MITRE ATT&CK framework, and key principles of Zero Trust such as continuous monitoring and least privilege access. It also addresses understanding advanced persistent threats (APT) and common security technologies like identity and access management (IAM), multi-factor authentication (MFA), mobile device and application management, and email security.
|
| Topic 3 | - Cloud Security: This section targets a Cloud Security Specialist and addresses major cloud architectures and topologies. It discusses security challenges like application security, cloud posture, and runtime security. Candidates will learn about technologies securing cloud environments such as Cloud Security Posture Management (CSPM) and Cloud Workload Protection Platforms (CWPP), as well as the functions of a Cloud Native Application Protection Platform (CNAPP) and features of Cortex Cloud.
|
| Topic 4 | - Network Security: This domain targets a Network Security Specialist and includes knowledge of Zero Trust Network Access (ZTNA) characteristics, functions of stateless and next-generation firewalls (NGFWs), and the purpose of microsegmentation. It also covers common network security technologies such as intrusion prevention systems (IPS), URL filtering, DNS security, VPNs, and SSL
- TLS decryption. Candidates must understand the limitations of signature-based protection, deployment options for NGFWs, cybersecurity concerns in operational technology (OT) and IoT, cloud-delivered security services, and AI-powered security functions like Precision AI.
|
| Topic 5 | - Security Operations: This final section measures skills of a Security Operations Analyst and covers key characteristics and practices of threat hunting and incident response processes. It explains functions and benefits of security information and event management (SIEM) platforms, security orchestration, automation, and response (SOAR) tools, and attack surface management (ASM) platforms. It also highlights the functionalities of Cortex solutions, including XSOAR, Xpanse, and XSIAM, and describes services offered by Palo Alto Networks¡¯ Unit 42.
|
CCP Practice Test[/url]