David Vassallo's Blog

If at first you don't succeed; call it version 1.0

Nugget Post: Study Material Links for Palo Alto CNSE exam

The following links are useful for all those pursuing Palo Alto Network’s CNSE exam:

Give special attention to the preparation guide, trust me, just got my certification :)

12 responses to “Nugget Post: Study Material Links for Palo Alto CNSE exam

  1. Pingback: Palo Alto Networks: Ignite 2012 User Conference Notes « Dvas0004's Blog

  2. Sadat November 18, 2012 at 3:09 am

    Hi Dave, nice topic again mate. Any thing about Palo Alto is always interesting. Congrats on your new certification by the way. One more added in your list

    Take care dude

    • dvas0004 November 18, 2012 at 11:32 am

      Thank you Sadat!

  3. Noury November 21, 2012 at 5:11 pm

    Hi Dave, Congrats for your certif
    I would like to ask you if there is an example of QA for the exam preparation.

    • dvas0004 November 21, 2012 at 10:29 pm

      Hi Noury,

      No unfortunately I do not know of any sample Q&A that are available. From experience:

      – the questions are all multiple choice
      – no questions will be asked about where a particular option is within the GUI, the trainer had stressed this was not the sort of knowledge they wanted tested
      – i cannot recall any performance related questions, the trainer had stressed this was a technical exam, not a sales exam

      – you need some practical experience, especially:
      * different types of interfaces and their capabilities
      * ipsec
      * panorama
      * nat and security rules

      The above will be tested thoroughly…for example I dont have all that much experience in Panorama yet so thats where I lost the most marks…

      • Scott December 27, 2012 at 5:00 am

        Thanks for the knowledge share for the Palo Alto CNSE exam I’ve been studying for about a month and a 1/2 now and am playing around with a PA-200 device trying to get as much info as I can. I also have the CNSE preparation PowerPoint file that hits on areas to focus on in the exam and goes somewhat in depth as to what to configure for certain areas (application, ipsec/vpn, security policies…etc.) I don’t have that much experience in panorama either. If you can remember, can you give some examples of what was asked regarding to panorama? I’ve only done the basic import a device, pre and post rules, and pushing a config to a single device as well as a group. Any help would be greatly appreciated. Thanks!


  4. Roh January 21, 2013 at 7:40 pm

    Hi Dave,

    Congrats for your certification of PAN. I also get a certif of PAN like you :). Good!

  5. Scott February 5, 2013 at 3:15 am

    I’m following up on my comment I wrote back on Dec. 27. I took the Palo Alto CNSE exam this past Saturday, no luck passing. This blog is the only thing I was able to find to somewhat help me on the exam. I however must have gotten the other exam because my exam was filled with nothing but Global Protect, User-ID, SSL-Decryption, and some Panorama questions in there. Sprinkle in some Wildfire, NAT (Source and Destination)(1 of each), Security Policy, 1 or 2 Packet Flow questions, and some IPSEC/VPN (4 of those) questions and that was my exam. If there is anyone out there looking for something to study I would suggest reading the Tech Notes and making some questions out of what you study. Experience on the Palo device and Panorama is helpful for application of what you are doing. I plan on taking it again in a month. This time I’ll probably get the loaded version of IPSEC/VPN and NAT. There are 2 versions….or shall I say, 2 sets of test banks they pull from so you are either going to get the Global Protect version or the IPSEC/VPN version. You’ll know it is the Global Protect version because the 1st question on the test asks you about permissions regarding an account. It will have 4 pictures to look at. Good luck.

  6. Mackey April 9, 2013 at 1:54 am

    Hello Group. I just took the CNSE 4.1 test and passed. I would say it is a challenging test, and does make you think about how the FW gets configured. I am just trying to go from memory, but I seem to recall that you should be familiar with the CLI output, to help you troubleshoot. I think there were about 5 CLI type questions. Understand Panorama, beyond just configuration/shared groups and objects, but think about tshooting. What happens if you dont merge your PAN commit with the local FW config. What happens?

    Be familiar with unknown tcp/udp rules. Custom App and App Override.

    Here are topics to be tested on:

    Admin and Mgmt
    Network and Security Architecture
    User, Content, AppID
    PAN and GP.

    NO QoS questions.

    Understand what the relationship is between HIP objects and HIP Profiles.

    Understand what is required to configure Global Protect, certs, config, etc.

    Understand how to configure and read output of the PCaps.

    Understand Captive Portal and the ways that it gets configured, and how User authentication occurs.

    The other thing that I know will help you is to take the Essentials I and II classes. There are subtle topics that are discussed in the classes that are specifically asked.

  7. Dustin June 26, 2013 at 9:44 am

    THE CNSE 5.1 beta exam is available until Sunday July 7th 2013, at a cost of just $25

    You can register for the exam on Palo Alto networks education portal


    I have talked to someone who has sat the beta exam.
    He suggested looking at :

    * Capturing traffic of Management interface using tcpdump and how to view the pcap
    * APP-ID
    – Packets dropped because of a deny in security policy shows in log as “not-applicable”

    topics and knowledge of the CNSE v4.1 preparation guide still applies

    Pay special attention to Global Protect including HIP and Large Scale VPN

    Learn what IPv6 features are supported and when

  8. dennis February 11, 2014 at 12:25 am

    Today 10/12/2014, I passed my CNSE 5.1 after my 2nd attempt. I tried it last year in October and failed by 5 points. This exam is killer, one thing that makes it hard is the multiple choice questions. No partial marks if you fail any one of the choices. Luckily enough, I had free vouchers since I used to work part time for a PA partner but I have been off work for 2 months. I kept postponing for the last one month. I was totally rusted though did not have to strain much since I had worked on PA devices before. Same topics mentioned on this blog is what you should expect in the exam. It is a length exam and tiresome. Wish all of you luck..

  9. Darshan March 22, 2015 at 7:10 am

    I have scheduled my exam on 30th March, 2015. I have followed all the comments and feedback shared by ever individuals.

    I will share my experience once I finish the exam.
    Did anyone appear for CNSE 6.1 exam recently? Can anyone share his experience?

    Thank you

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


Get every new post delivered to your Inbox.

Join 186 other followers

%d bloggers like this: