Scribd Logo
Upload

Welcome to Scribd!

  • Examen ACE 84%

    Uploaded by

    Maria Pastor
    183 views2 pages
    Examen ACE de Palo Alto con un 84% de aciertos.

    Copyright

    © © All Rights Reserved

    Available Formats

    ODT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Examen ACE de Palo Alto con un 84% de aciertos.

    Copyright:

    © All Rights Reserved
    Download as ODT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    183 views2 pages

    Examen ACE 84%

    Uploaded by

    Maria Pastor
    Examen ACE de Palo Alto con un 84% de aciertos.

    Copyright:

    © All Rights Reserved
    Download as ODT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 2

    ID

    6781
    7947
    7948
    7941
    6791
    7942
    7943
    7979

    7984

    7989
    7994
    8097
    8067
    8767
    8756
    8751
    8746
    7944
    7945
    7959

    ID
    8077

    8072
    8706
    8082
    8696
    8686
    8581
    8656
    8646
    7949

    Question
    Correct
    A "Continue" action can be configured on which of the following Security Profiles?
    Correct
    After the installation of a new version of PAN-OS, the firewall must be rebooted.
    Correct
    After the installation of the Threat Prevention license, the firewall must be rebooted.
    Correct
    All of the interfaces on a Palo Alto Networks device must be of the same interface type. Correct
    An enterprise PKI system is required to deploy SSL Forward Proxy decryption
    Correct
    capabilities.
    An interface in tap mode can transmit packets on the wire.
    Correct
    An interface in Virtual Wire mode must be assigned an IP address.
    Correct
    As the Palo Alto Networks Administrator responsible for User-ID, you need to enable
    mapping of network users that do not sign-in using LDAP. Which information source Correct
    would allow for reliable User-ID mapping while requiring the least effort to configure?
    As the Palo Alto Networks Administrator you have enabled Application Block pages.
    Afterwards, not knowing they are attempting to access a blocked web-based
    Correct
    application, users call the Help Desk to complain about network connectivity issues.
    What is the cause of the increased number of help desk calls?
    Besides selecting the Heartbeat Backup option when creating an Active-Passive HA
    Correct
    Pair, which of the following also prevents "Split-Brain"?
    Can multiple administrator accounts be configured on a single firewall?
    Correct
    Considering the information in the screenshot above, what is the order of evaluation
    Correct
    for this URL Filtering Profile?
    Enabling "Highlight Unused Rules" in the Security Policy window will:
    Correct
    How do you reduce the amount of information recorded in the URL Content Filtering
    Correct
    Logs?
    In order to route traffic between Layer 3 interfaces on the Palo Alto Networks firewall,
    Correct
    you need a:
    In Palo Alto Networks terms, an application is:
    Incorrect
    In PAN-OS 6.0, rule numbers are:
    Correct
    Palo Alto Networks firewalls support the use of both Dynamic (built-in user roles) and
    Correct
    Role-Based (customized user roles) for Administrator Accounts.
    Security policies specify a source interface and a destination interface.
    Incorrect
    Select the implicit rules that are applied to traffic that fails to match any administratorCorrect
    defined Security Policies. (Choose all rules that are correct.)
    Question
    Correct
    Taking into account only the information in the screenshot above, answer the following
    question. An administrator is pinging 4.4.4.4 and fails to receive a response. What is
    Correct
    the most likely reason for the lack of response?
    Taking into account only the information in the screenshot above, answer the following
    question: A span port or a switch is connected to e1/4, but there are no traffic logs.
    Correct
    Which of the following conditions most likely explains this behavior?
    The following can be configured as a next hop in a static route:
    Correct
    The screenshot above shows part of a firewalls configuration. If ping traffic can
    traverse this device from e1/2 to e1/1, which of the following statements must be True Correct
    about this firewalls configuration? (Select all correct answers.)
    Users may be authenticated sequentially to multiple authentication servers by
    Correct
    configuring:
    What are two sources of information for determining whether the firewall has been
    Correct
    successful in communicating with an external User-ID Agent?
    What general practice best describes how Palo Alto Networks firewall policies are
    Correct
    applied to a session?
    What is the maximum file size of .EXE files uploaded from the firewall to WildFire?
    Correct
    What will be the user experience when the safe search option is NOT enabled for
    Correct
    Google search but the firewall has "Safe Search Enforcement" Enabled?
    When an interface is in Tap mode and a Policys action is set to block, the interface
    Correct
    will send a TCP reset.

    ID
    8630
    8636
    8621
    8616
    8591
    7964
    8576
    8561
    8541
    8490

    8531
    8526
    8471
    8495
    8466
    8461
    8420
    8449
    8438
    7951

    Question
    Correct
    When configuring a Decryption Policy Rule, which of the following are available as
    Incorrect
    matching criteria in the rule? (Choose 3 answers.)
    When configuring a Decryption Policy rule, which option allows a firewall administrator
    Correct
    to control SSHv2 tunneling in policies by specifying the SSH-tunnel App-ID?
    When configuring a Security Policy Rule based on FQDN Address Objects, which of
    Correct
    the following statements is True?
    When configuring the firewall for User-ID, what is the maximum number of Domain
    Correct
    Controllers that can be configured?
    When Destination Network Address Translation is being performed, the destination in
    Correct
    the corresponding Security Policy Rule should use:
    When using Config Audit, the color yellow indicates which of the following?
    Correct
    Which feature can be configured to block sessions that the firewall cannot decrypt?
    Correct
    Which of the Dynamic Updates listed below are issued on a daily basis? (Select all
    Correct
    correct answers.)
    Which of the following can provide information to a Palo Alto Networks firewall for the
    Incorrect
    purposes of User-ID? (Select all correct answers.)
    Which of the following facts about dynamic updates is correct?
    Correct

    Which of the following interface types can have an IP address assigned to it?
    Correct
    Which of the following is NOT a valid option for built-in CLI Admin roles?
    Incorrect
    Which of the following search engines are supported by the "Safe Search Enforcement" option?
    Correct
    (Select all correct answers.)
    Which of the following services are enabled on the MGT interface by default? (Select all correct
    Correct
    answers.)
    Which pre-defined Admin Role has all rights except the rights to create administrative accounts
    Correct
    and virtual systems?
    Which routing protocol is supported on the Palo Alto Networks platform?
    Correct
    Which statement below is True?
    Incorrect
    Which type of license is required to perform Decryption Port Mirroring?
    Incorrect
    Without a WildFire subscription, which of the following files can be submitted by the Firewall to the
    Correct
    hosted WildFire virtualized sandbox?
    You can assign an IP address to an interface in Virtual Wire mode.
    Incorrect

    You might also like