Scribd Logo
Upload

Welcome to Scribd!

  • Paloalto Networks - Ace Accredited Configuration Engineer (ACE)

    Uploaded by

    Jaishan Kashyap
    1 views3 pages
    ACE update

    Original Title

    Ace

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    ACE update

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    1 views3 pages

    Paloalto Networks - Ace Accredited Configuration Engineer (ACE)

    Uploaded by

    Jaishan Kashyap
    ACE update

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 3

    ACE

    Paloalto Networks ACE


    Accredited Configuration
    Engineer (ACE)
    Version: 6.0

    http://Xcerts.com

    ACE

    QUESTION: 1
    What is the default setting for 'Action' in a Decryption Policy's rule?
    A. No-decrypt
    B. Decrypt
    C. Any
    D. None
    Answer(s): D

    QUESTION: 2
    With IKE, each device is identified to the other by a Peer ID. In most cases, this is just the public
    IP address of the device. In situations where the public ID is notstatic, this value can be
    replaced with a domain name or other text value
    A. True
    B. False
    Answer(s): A

    QUESTION: 3
    The "Disable Server Return Inspection" option on a security profile:
    A. Can only be configured in Tap Mode
    B. Should only be enabled on security policies allowing traffic to a trusted server.
    C. Does not perform higher-level inspection of traffic from the side that originated the TCP SYN
    packet
    D. Only performs inspection of traffic from the side that originated the TCP SYN-ACK packet
    Answer(s): B

    QUESTION: 4
    Which of the following objects cannot use User-ID as a match criteria?
    A. Security Policies
    B. QoS
    C. Policy Based Forwarding
    D. DoS Protection
    E. None of the above
    Answer(s): E

    QUESTION: 5
    Enabling "Highlight Unsused Rules" in the Security policy window will:
    A. Hightlight all rules that did not immmediately match traffic.
    B. Hightlight all rules that did not match traffic since the rule was created or since last reboot of

    http://Xcerts.com

    ACE

    the firewall
    C. Allows the administrator to troubleshoot rules when a validation error occurs at the time of
    commit.
    D. Allow the administrator to temporarily disable rules that do not match traffic, for testing
    purposes
    Answer(s): B

    QUESTION: 6
    Administrative Alarms can be enabled for which of the following except?
    A. Certificate Expirations
    B. Security Violation Thresholds
    C. Security Policy Tags
    D. Traffic Log capacity
    Answer(s): A

    QUESTION: 7
    When configuring Admin Roles for Web UI access, what are the available access levels?
    A. Enable and Disable only
    B. None, Superuser, Device Administrator
    C. Allow and Deny only
    D. Enable, Read-Only and Disable
    E. Answer not available, please select the apropriate answer.
    Answer(s): E

    QUESTION: 8
    In PAN-OS 5.0, how is Wildfire enabled?
    A. Via the URL-Filtering "Continue" Action
    B. Wildfire is automaticaly enabled with a valid URL-Filtering license
    C. A custom file blocking action must be enabled for all PDF and PE type files
    D. Via the "Forward" and "Continue and Forward" File-Blocking actions
    Answer(s): A

    QUESTION: 9
    Which of the following is NOT a valid option for built-in CLI access roles?
    A. read/write
    B. superusers
    C. vsysadmin
    D. deviceadmin

    http://Xcerts.com

    You might also like