{"id":1308,"date":"2021-02-19T10:00:00","date_gmt":"2021-02-19T16:00:00","guid":{"rendered":"https:\/\/packitforwarding.com\/?p=1308"},"modified":"2021-02-09T20:24:19","modified_gmt":"2021-02-10T02:24:19","slug":"pcnsa-1-4","status":"publish","type":"post","link":"https:\/\/packitforwarding.com\/index.php\/2021\/02\/19\/pcnsa-1-4\/","title":{"rendered":"PCNSA &#8211; 1.4"},"content":{"rendered":"\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\"><p>Identify stages in the cyberattack lifecycle and firewall mitigations that can prevent attacks.<\/p><cite>Palo Alto PCNSA Study Guide v10<\/cite><\/blockquote>\n\n\n\n<figure class=\"wp-block-image size-large\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" width=\"640\" height=\"480\" data-attachment-id=\"896\" data-permalink=\"https:\/\/packitforwarding.com\/index.php\/2019\/08\/29\/ccna-cyberops-secops-objective-5-1-cyber-kill-chain\/cyber-kill-chain\/\" data-orig-file=\"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/08\/Cyber-Kill-Chain.png?fit=800%2C600&amp;ssl=1\" data-orig-size=\"800,600\" data-comments-opened=\"1\" data-image-meta=\"{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}\" data-image-title=\"Cyber Kill Chain\" data-image-description=\"\" data-image-caption=\"\" data-large-file=\"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/08\/Cyber-Kill-Chain.png?fit=640%2C480&amp;ssl=1\" src=\"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/08\/Cyber-Kill-Chain.png?resize=640%2C480&#038;ssl=1\" alt=\"A graphical depiction of the cyber kill chain model.\" class=\"wp-image-896\" srcset=\"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/08\/Cyber-Kill-Chain.png?w=800&amp;ssl=1 800w, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/08\/Cyber-Kill-Chain.png?resize=300%2C225&amp;ssl=1 300w, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/08\/Cyber-Kill-Chain.png?resize=768%2C576&amp;ssl=1 768w\" sizes=\"auto, (max-width: 640px) 100vw, 640px\" \/><figcaption>Cyberattack Lifecycle Stages<\/figcaption><\/figure>\n\n\n\n<p>The cyberattack lifecycle, or cyber kill chain, is a model to show the stages of an attack and how it can be prevented. If any one stage is stopped, the entire attack is stopped. Generally the earlier in the chain, the easier it is to stop.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Reconnaissance<\/h2>\n\n\n\n<p>This stage is when the attacker gains information about the target. Information can come from open source intelligence like Twitter, LinkedIn and the corporate website. Attackers will also scan publicly facing services for vulnerabilities.<\/p>\n\n\n\n<p>Prevention:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Traffic inspection to detect and prevent port scans and host sweeps.<\/li><li>Implement security awareness training to limit information of a sensitive nature from being posted publically. <\/li><\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Weaponization<\/h2>\n\n\n\n<p>Weaponization is the process where the attacker determines how to deliver malicious payloads to take advantage of weaknesses that were found. <\/p>\n\n\n\n<p>Prevention: <\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Because this takes place outside of the organization, there is no prevention of this step.<\/li><\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Delivery<\/h2>\n\n\n\n<p>This phase is when the payload is delivered into the victim organization. This could be via files, e-mail messages or malicious websites.<\/p>\n\n\n\n<p>Prevention:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Gain visibility into all traffic, even encrypted traffic<\/li><li>Block high-risk applications<\/li><li>Extend protections outside of the perimeter to remote and mobile devices.<\/li><li>Protect against perimeter breaches using URL filtering to block malicious or risky websites<\/li><li>Block known bad traffic, malware and C2 using IPS, anti-malware, DNS monitoring, sinkholing and file\/content blocking.<\/li><li>Detect unknown malware to stop Day-0<\/li><li>Provide user education about potential attacks such as phishing, watering hole attacks, email links, and other attacks<\/li><\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Exploitation<\/h2>\n\n\n\n<p>This is the stage where the attacker deploys an exploit against a vulnerability to gain entry to the organization.<\/p>\n\n\n\n<p>Prevention:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Patch systems continuously<\/li><li>User education against phishing<\/li><li>Block vulnerability exploits on endpoints<\/li><li>Deliver new protections automatically<\/li><\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Installation<\/h2>\n\n\n\n<p>After the attackers have gotten access to the network, they will install additional tools to maintain access, persistence and escalate their privileges. <\/p>\n\n\n\n<p>Prevention:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Prevent malware installation on endpoints, networks and cloud servers<\/li><li>Establish security zones that provide monitoring and inspection of all traffic (Zero Trust)<\/li><li>Limit local administrator access<\/li><li>User education on recognizing malware infection<\/li><\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Command and Control (C2)<\/h2>\n\n\n\n<p>With malware installed, the attackers can control the system. They will establish a channel for control and for sending data back to them.<\/p>\n\n\n\n<p>Prevention:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Block outbound C2 communication (beaconing)<\/li><li>Block file uploads that match patterns like Social Security Numbers<\/li><li>Redirect malicious C2 to internal sinkholes<\/li><li>Block outbound communication to known bad URLs<\/li><li>Create a database of malicious domains for prevention through DNS monitoring<\/li><li>Limit the attacker&#8217;s ability to move laterally. Zero Trust<\/li><\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Actions on the Objective<\/h2>\n\n\n\n<p>The actions completed by the attacker to achieve their goal. This could be data exfiltration, destruction, defacing a website, or to extort the victim organization.<\/p>\n\n\n\n<p>Prevention:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Threat hunting using threat intelligence tools<\/li><li>Monitor and inspect all interzone traffic<\/li><li>Enforce user access between secure zones<\/li><li>Block outbound C2 traffic<\/li><li>Block outbound malicious URL traffic<\/li><li>Implement granular controls on applications and user file transfers<\/li><li>Eliminate known archiving and transfers<\/li><li>Limit lateral movement.<\/li><\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Identify stages in the cyberattack lifecycle and firewall mitigations that can prevent attacks. Palo Alto PCNSA Study Guide v10 The cyberattack lifecycle, or cyber kill chain, is a model to show the stages of an attack and how it can be prevented. If any one stage is stopped, the entire attack is stopped. Generally the [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":896,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"PCNSA - 1.4 Study Notes #pcnsa #paloalto","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[88,31,189,188],"tags":[90,191,190],"class_list":["post-1308","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog","category-certification","category-palo-alto","category-pcnsa","tag-certification","tag-palo-alto","tag-pcnsa"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>PCNSA - 1.4 -<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/packitforwarding.com\/index.php\/2021\/02\/19\/pcnsa-1-4\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"PCNSA - 1.4 -\" \/>\n<meta property=\"og:description\" content=\"Identify stages in the cyberattack lifecycle and firewall mitigations that can prevent attacks. Palo Alto PCNSA Study Guide v10 The cyberattack lifecycle, or cyber kill chain, is a model to show the stages of an attack and how it can be prevented. If any one stage is stopped, the entire attack is stopped. Generally the [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/packitforwarding.com\/index.php\/2021\/02\/19\/pcnsa-1-4\/\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/packitforwarding\" \/>\n<meta property=\"article:author\" content=\"https:\/\/www.facebook.com\/packitforwarding\" \/>\n<meta property=\"article:published_time\" content=\"2021-02-19T16:00:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/08\/Cyber-Kill-Chain.png?fit=800%2C600&ssl=1\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"600\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Ben Story\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@https:\/\/www.twitter.com\/ntwrk80\" \/>\n<meta name=\"twitter:site\" content=\"@ntwrk80\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ben Story\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2021\\\/02\\\/19\\\/pcnsa-1-4\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2021\\\/02\\\/19\\\/pcnsa-1-4\\\/\"},\"author\":{\"name\":\"Ben Story\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#\\\/schema\\\/person\\\/441c2562293c45fbcf483f246430e6c8\"},\"headline\":\"PCNSA &#8211; 1.4\",\"datePublished\":\"2021-02-19T16:00:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2021\\\/02\\\/19\\\/pcnsa-1-4\\\/\"},\"wordCount\":512,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#\\\/schema\\\/person\\\/441c2562293c45fbcf483f246430e6c8\"},\"image\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2021\\\/02\\\/19\\\/pcnsa-1-4\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2019\\\/08\\\/Cyber-Kill-Chain.png?fit=800%2C600&ssl=1\",\"keywords\":[\"certification\",\"Palo Alto\",\"PCNSA\"],\"articleSection\":[\"Blog\",\"Certification\",\"Palo Alto\",\"PCNSA\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2021\\\/02\\\/19\\\/pcnsa-1-4\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2021\\\/02\\\/19\\\/pcnsa-1-4\\\/\",\"url\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2021\\\/02\\\/19\\\/pcnsa-1-4\\\/\",\"name\":\"PCNSA - 1.4 -\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2021\\\/02\\\/19\\\/pcnsa-1-4\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2021\\\/02\\\/19\\\/pcnsa-1-4\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2019\\\/08\\\/Cyber-Kill-Chain.png?fit=800%2C600&ssl=1\",\"datePublished\":\"2021-02-19T16:00:00+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2021\\\/02\\\/19\\\/pcnsa-1-4\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2021\\\/02\\\/19\\\/pcnsa-1-4\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2021\\\/02\\\/19\\\/pcnsa-1-4\\\/#primaryimage\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2019\\\/08\\\/Cyber-Kill-Chain.png?fit=800%2C600&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2019\\\/08\\\/Cyber-Kill-Chain.png?fit=800%2C600&ssl=1\",\"width\":800,\"height\":600,\"caption\":\"A graphical depiction of the cyber kill chain model.\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/index.php\\\/2021\\\/02\\\/19\\\/pcnsa-1-4\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/packitforwarding.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"PCNSA &#8211; 1.4\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#website\",\"url\":\"https:\\\/\\\/packitforwarding.com\\\/\",\"name\":\"\",\"description\":\"Paying it forward to the next generation of IT.\",\"publisher\":{\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#\\\/schema\\\/person\\\/441c2562293c45fbcf483f246430e6c8\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/packitforwarding.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\\\/\\\/packitforwarding.com\\\/#\\\/schema\\\/person\\\/441c2562293c45fbcf483f246430e6c8\",\"name\":\"Ben Story\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2026\\\/02\\\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2026\\\/02\\\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2026\\\/02\\\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1\",\"width\":489,\"height\":250,\"caption\":\"Ben Story\"},\"logo\":{\"@id\":\"https:\\\/\\\/i0.wp.com\\\/packitforwarding.com\\\/wp-content\\\/uploads\\\/2026\\\/02\\\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1\"},\"description\":\"In the course of my career, I have had the pleasure of working in multiple verticals including Education, Logistics and Healthcare. Although I started as a systems administrator (aka server jockey), I am now firmly in the network engineering arena. Currently I am working for a multi-state hospital system.\",\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/packitforwarding\",\"https:\\\/\\\/www.linkedin.com\\\/in\\\/benstory\",\"https:\\\/\\\/x.com\\\/https:\\\/\\\/www.twitter.com\\\/ntwrk80\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"PCNSA - 1.4 -","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/packitforwarding.com\/index.php\/2021\/02\/19\/pcnsa-1-4\/","og_locale":"en_US","og_type":"article","og_title":"PCNSA - 1.4 -","og_description":"Identify stages in the cyberattack lifecycle and firewall mitigations that can prevent attacks. Palo Alto PCNSA Study Guide v10 The cyberattack lifecycle, or cyber kill chain, is a model to show the stages of an attack and how it can be prevented. If any one stage is stopped, the entire attack is stopped. Generally the [&hellip;]","og_url":"https:\/\/packitforwarding.com\/index.php\/2021\/02\/19\/pcnsa-1-4\/","article_publisher":"https:\/\/www.facebook.com\/packitforwarding","article_author":"https:\/\/www.facebook.com\/packitforwarding","article_published_time":"2021-02-19T16:00:00+00:00","og_image":[{"width":800,"height":600,"url":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/08\/Cyber-Kill-Chain.png?fit=800%2C600&ssl=1","type":"image\/png"}],"author":"Ben Story","twitter_card":"summary_large_image","twitter_creator":"@https:\/\/www.twitter.com\/ntwrk80","twitter_site":"@ntwrk80","twitter_misc":{"Written by":"Ben Story","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/packitforwarding.com\/index.php\/2021\/02\/19\/pcnsa-1-4\/#article","isPartOf":{"@id":"https:\/\/packitforwarding.com\/index.php\/2021\/02\/19\/pcnsa-1-4\/"},"author":{"name":"Ben Story","@id":"https:\/\/packitforwarding.com\/#\/schema\/person\/441c2562293c45fbcf483f246430e6c8"},"headline":"PCNSA &#8211; 1.4","datePublished":"2021-02-19T16:00:00+00:00","mainEntityOfPage":{"@id":"https:\/\/packitforwarding.com\/index.php\/2021\/02\/19\/pcnsa-1-4\/"},"wordCount":512,"commentCount":0,"publisher":{"@id":"https:\/\/packitforwarding.com\/#\/schema\/person\/441c2562293c45fbcf483f246430e6c8"},"image":{"@id":"https:\/\/packitforwarding.com\/index.php\/2021\/02\/19\/pcnsa-1-4\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/08\/Cyber-Kill-Chain.png?fit=800%2C600&ssl=1","keywords":["certification","Palo Alto","PCNSA"],"articleSection":["Blog","Certification","Palo Alto","PCNSA"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/packitforwarding.com\/index.php\/2021\/02\/19\/pcnsa-1-4\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/packitforwarding.com\/index.php\/2021\/02\/19\/pcnsa-1-4\/","url":"https:\/\/packitforwarding.com\/index.php\/2021\/02\/19\/pcnsa-1-4\/","name":"PCNSA - 1.4 -","isPartOf":{"@id":"https:\/\/packitforwarding.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/packitforwarding.com\/index.php\/2021\/02\/19\/pcnsa-1-4\/#primaryimage"},"image":{"@id":"https:\/\/packitforwarding.com\/index.php\/2021\/02\/19\/pcnsa-1-4\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/08\/Cyber-Kill-Chain.png?fit=800%2C600&ssl=1","datePublished":"2021-02-19T16:00:00+00:00","breadcrumb":{"@id":"https:\/\/packitforwarding.com\/index.php\/2021\/02\/19\/pcnsa-1-4\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/packitforwarding.com\/index.php\/2021\/02\/19\/pcnsa-1-4\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/packitforwarding.com\/index.php\/2021\/02\/19\/pcnsa-1-4\/#primaryimage","url":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/08\/Cyber-Kill-Chain.png?fit=800%2C600&ssl=1","contentUrl":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/08\/Cyber-Kill-Chain.png?fit=800%2C600&ssl=1","width":800,"height":600,"caption":"A graphical depiction of the cyber kill chain model."},{"@type":"BreadcrumbList","@id":"https:\/\/packitforwarding.com\/index.php\/2021\/02\/19\/pcnsa-1-4\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/packitforwarding.com\/"},{"@type":"ListItem","position":2,"name":"PCNSA &#8211; 1.4"}]},{"@type":"WebSite","@id":"https:\/\/packitforwarding.com\/#website","url":"https:\/\/packitforwarding.com\/","name":"","description":"Paying it forward to the next generation of IT.","publisher":{"@id":"https:\/\/packitforwarding.com\/#\/schema\/person\/441c2562293c45fbcf483f246430e6c8"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/packitforwarding.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":["Person","Organization"],"@id":"https:\/\/packitforwarding.com\/#\/schema\/person\/441c2562293c45fbcf483f246430e6c8","name":"Ben Story","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2026\/02\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1","url":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2026\/02\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1","contentUrl":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2026\/02\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1","width":489,"height":250,"caption":"Ben Story"},"logo":{"@id":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2026\/02\/cropped-PIF_Logo-Color-Horizontal-Rounded-1.png?fit=489%2C250&ssl=1"},"description":"In the course of my career, I have had the pleasure of working in multiple verticals including Education, Logistics and Healthcare. Although I started as a systems administrator (aka server jockey), I am now firmly in the network engineering arena. Currently I am working for a multi-state hospital system.","sameAs":["https:\/\/www.facebook.com\/packitforwarding","https:\/\/www.linkedin.com\/in\/benstory","https:\/\/x.com\/https:\/\/www.twitter.com\/ntwrk80"]}]}},"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2019\/08\/Cyber-Kill-Chain.png?fit=800%2C600&ssl=1","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pay9MD-l6","jetpack-related-posts":[{"id":1352,"url":"https:\/\/packitforwarding.com\/index.php\/2021\/04\/16\/pcnsa-3-2\/","url_meta":{"origin":1308,"position":0},"title":"PCNSA 3.2","author":"Ben Story","date":"April 16, 2021","format":false,"excerpt":"Given a scenario, configure application filters or application groups.Palo Alto Networks PCNSA v10 Application Filters Application filters allow multiple applications to be dynamically assigned to a security rule based on an attribute. For example you could create a streaming-media filter based on the category audio-streaming in App-ID. Application Groups An\u2026","rel":"","context":"In &quot;Certification&quot;","block_context":{"text":"Certification","link":"https:\/\/packitforwarding.com\/index.php\/category\/certification\/"},"img":{"alt_text":"facebook application icon","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2021\/02\/twitter-facebook-together-exchange-of-information-147413.jpeg?fit=1200%2C800&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2021\/02\/twitter-facebook-together-exchange-of-information-147413.jpeg?fit=1200%2C800&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2021\/02\/twitter-facebook-together-exchange-of-information-147413.jpeg?fit=1200%2C800&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2021\/02\/twitter-facebook-together-exchange-of-information-147413.jpeg?fit=1200%2C800&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2021\/02\/twitter-facebook-together-exchange-of-information-147413.jpeg?fit=1200%2C800&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":1349,"url":"https:\/\/packitforwarding.com\/index.php\/2021\/04\/12\/pcnsa-3-1\/","url_meta":{"origin":1308,"position":1},"title":"PCNSA 3.1","author":"Ben Story","date":"April 12, 2021","format":false,"excerpt":"Given a scenario, select the appropriate application-based Security policy rules.Palo Alto Networks PCNSA Study Guide v10 Application Shifts An application can change during a session's duration. This is known as \"application shift\". For example when a flow starts as a request to www.google.com it is recognized as web-browsing, but once\u2026","rel":"","context":"In &quot;Certification&quot;","block_context":{"text":"Certification","link":"https:\/\/packitforwarding.com\/index.php\/category\/certification\/"},"img":{"alt_text":"person using a smartphone","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2021\/04\/pexels-photo-5053841.jpeg?fit=800%2C1200&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2021\/04\/pexels-photo-5053841.jpeg?fit=800%2C1200&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2021\/04\/pexels-photo-5053841.jpeg?fit=800%2C1200&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2021\/04\/pexels-photo-5053841.jpeg?fit=800%2C1200&ssl=1&resize=700%2C400 2x"},"classes":[]},{"id":1300,"url":"https:\/\/packitforwarding.com\/index.php\/2021\/02\/12\/pcnsa-1-2\/","url_meta":{"origin":1308,"position":2},"title":"PCNSA &#8211; 1.2","author":"Ben Story","date":"February 12, 2021","format":false,"excerpt":"Identify the components and operation of Single-Pass ParallelProcessing architecture.Palo Alto PCNSA Study Guide v10 Single-Pass Parallel Processing The Palo Alto firewalls use a single-pass parallel processing architecture. It combines single-pass software with parallel processing hardware. The goal is to \"scan it all, scan it once.\" The software uses stream processing.\u2026","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"Security","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/07\/security-protection-anti-virus-software-60504.jpeg?fit=1200%2C800&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/07\/security-protection-anti-virus-software-60504.jpeg?fit=1200%2C800&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/07\/security-protection-anti-virus-software-60504.jpeg?fit=1200%2C800&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/07\/security-protection-anti-virus-software-60504.jpeg?fit=1200%2C800&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2018\/07\/security-protection-anti-virus-software-60504.jpeg?fit=1200%2C800&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":1339,"url":"https:\/\/packitforwarding.com\/index.php\/2021\/04\/02\/pcnsa-2-8\/","url_meta":{"origin":1308,"position":3},"title":"PCNSA 2.8","author":"Ben Story","date":"April 2, 2021","format":false,"excerpt":"Identify the purpose of specific security rule types.Palo Alto Networks PCNSA Study Guide v10 Security Rule Types Security policies allow enforcement and action. They are evaluated top down and the first one matched is applied. There are two pre-defined rules that are read-only by default but have some limited properties\u2026","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"woman with text projected on her face","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2021\/04\/pexels-photo-5473957.jpeg?fit=800%2C1200&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2021\/04\/pexels-photo-5473957.jpeg?fit=800%2C1200&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2021\/04\/pexels-photo-5473957.jpeg?fit=800%2C1200&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2021\/04\/pexels-photo-5473957.jpeg?fit=800%2C1200&ssl=1&resize=700%2C400 2x"},"classes":[]},{"id":1358,"url":"https:\/\/packitforwarding.com\/index.php\/2021\/06\/21\/pcnsa-3-4\/","url_meta":{"origin":1308,"position":4},"title":"PCNSA 3.4","author":"Ben Story","date":"June 21, 2021","format":false,"excerpt":"Identify the potential impact of App-ID updates to existing Security policy rules.Palo Alto Networks PCNSA Study Guide v10 App-ID Updates and Impact New App-ID updates can change how an application is categorized which can lead to rules no longer working correctly. You can either manage these updates and review them\u2026","rel":"","context":"In &quot;Certification&quot;","block_context":{"text":"Certification","link":"https:\/\/packitforwarding.com\/index.php\/category\/certification\/"},"img":{"alt_text":"update lettering text on black background","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2021\/06\/pexels-photo-5697254.jpeg?fit=1200%2C800&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2021\/06\/pexels-photo-5697254.jpeg?fit=1200%2C800&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2021\/06\/pexels-photo-5697254.jpeg?fit=1200%2C800&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2021\/06\/pexels-photo-5697254.jpeg?fit=1200%2C800&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2021\/06\/pexels-photo-5697254.jpeg?fit=1200%2C800&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":1342,"url":"https:\/\/packitforwarding.com\/index.php\/2021\/04\/05\/pcnsa-2-9\/","url_meta":{"origin":1308,"position":5},"title":"PCNSA 2.9","author":"Ben Story","date":"April 5, 2021","format":false,"excerpt":"Identify and configure Security policy match conditions, actions, and logging options.Palo Alto Networks PCNSA Study Guide v10 Implicit vs Explicit The two predefined interzone and intrazone rules are the only implicit rules on a Palo Alto firewall. Explicit rules are defined by an administrator and always are before the implicit\u2026","rel":"","context":"In &quot;Blog&quot;","block_context":{"text":"Blog","link":"https:\/\/packitforwarding.com\/index.php\/category\/blog\/"},"img":{"alt_text":"adult american football athlete audience","src":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2021\/03\/pexels-photo-209954.jpeg?fit=1200%2C800&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2021\/03\/pexels-photo-209954.jpeg?fit=1200%2C800&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2021\/03\/pexels-photo-209954.jpeg?fit=1200%2C800&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2021\/03\/pexels-photo-209954.jpeg?fit=1200%2C800&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/packitforwarding.com\/wp-content\/uploads\/2021\/03\/pexels-photo-209954.jpeg?fit=1200%2C800&ssl=1&resize=1050%2C600 3x"},"classes":[]}],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/posts\/1308","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/comments?post=1308"}],"version-history":[{"count":4,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/posts\/1308\/revisions"}],"predecessor-version":[{"id":1313,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/posts\/1308\/revisions\/1313"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/media\/896"}],"wp:attachment":[{"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/media?parent=1308"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/categories?post=1308"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/packitforwarding.com\/index.php\/wp-json\/wp\/v2\/tags?post=1308"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}