Beruflich Dokumente
Kultur Dokumente
RealizeYourPotential:paloaltonetworks
TestAccreditedConfigurationEngineer(ACE)ExamPANOS7.0Version
ACEExam
Question1of50.
WhatgeneralpracticebestdescribeshowPaloAltoNetworksfirewallpoliciesareappliedtoasession?
Mostspecificmatchapplied.
Firstmatchapplied.
Therulewiththehighestrulenumberisapplied.
Lastmatchapplied.
Markforfollowup
Question2of50.
Thescreenshotaboveshowspartofafirewallsconfiguration.Ifpingtrafficcantraversethisdevicefrome1/2toe1/1,whichofthefollowingstatementsmustbeTrueaboutthis
firewallsconfiguration?(Selectallcorrectanswers.)
Theremustbeappropriateroutesinthedefaultvirtualrouter.
TheremustbeasecuritypolicyrulefromtrustzonetoInternetzonethatallowsping.
TheremustbeaManagementProfilethatallowsping.(ThenassignthatManagementProfiletoe1/1ande1/2.)
TheremustbeasecuritypolicyrulefromInternetzonetotrustzonethatallowsping.
Markforfollowup
Question3of50.
Consideringtheinformationinthescreenshotabove,whatistheorderofevaluationforthisURLFilteringProfile?
AllowList,BlockList,CustomCategories,URLCategories(BrightCloudorPANDB).
BlockList,AllowList,CustomCategories,URLCategories(BrightCloudorPANDB).
BlockList,AllowList,URLCategories(BrightCloudorPANDB),CustomCategories.
URLCategories(BrightCloudorPANDB),CustomCategories,BlockList,AllowList.
Markforfollowup
Question4of50.
WhenconfiguringAdminRolesforWebUIaccess,whataretheavailableaccesslevels?
https://paloaltonetworks.csod.com/Evaluations/EvalLaunch.aspx?loid=e9d5a4eed00144d48d3a07d77495f928&evalLvl=5&redirect_url=%2fphnx%2fdriv
1/8
10/19/2016
RealizeYourPotential:paloaltonetworks
EnableandDisableonly
Enable,ReadOnly,andDisable
AllowandDenyonly
None,Superuser,DeviceAdministrator
Markforfollowup
Question5of50.
Choosethebestanswer:InPANOS,theWildFireSubscriptionServiceallowsupdatesformalwaresignaturestobedistributedasoftenas
Onceanhour
Onceevery15minutes
Onceaweek
Onceaday
Markforfollowup
Question6of50.
WhichofthefollowingmustbeenabledinorderforUserIDtofunction?
SecurityPoliciesmusthavetheUserIDoptionenabled.
CaptivePortalmustbeenabled.
UserIDmustbeenabledforthesourcezoneofthetrafficthatistobeidentified.
CaptivePortalPoliciesmustbeenabled.
Markforfollowup
Question7of50.
WhichoftheDynamicUpdateslistedbelowareissuedonadailybasis?(Selectallcorrectanswers.)
ApplicationsandThreats
BrightCloudURLFiltering
Antivirus
Applications
Markforfollowup
Question8of50.
WhentroubleshootingPhase1ofanIPsecVPNtunnel,whichlocationandlogwillbemostinformative?
Initiatingside,Trafficlog
Initiatingside,Systemlog
Respondingside,SystemLog
Respondingside,Trafficlog
Markforfollowup
Question9of50.
Whatisthedefaultsettingfor'Action'inaDecryptionPolicy'srule?
None
Decrypt
NoDecrypt
Any
Markforfollowup
Question10of50.
WhichofthefollowingmostaccuratelydescribesDynamicIPinaSourceNATconfiguration?
AsingleIPaddressisused,andthesourceportnumberischanged.
AsingleIPaddressisused,andthesourceportnumberisunchanged.
ThenextavailableIPaddressintheconfiguredpoolisused,butthesourceportnumberisunchanged.
Thenextavailableaddressintheconfiguredpoolisused,andthesourceportnumberischanged.
Markforfollowup
Question11of50.
WhichofthefollowingservicesareenabledontheMGTinterfacebydefault?(Selectallcorrectanswers.)
HTTPS
SSH
Telnet
HTTP
https://paloaltonetworks.csod.com/Evaluations/EvalLaunch.aspx?loid=e9d5a4eed00144d48d3a07d77495f928&evalLvl=5&redirect_url=%2fphnx%2fdriv
2/8