Palo Alto Networks ACE - Accredited Configuration Engineer Exam

Page:    1 / 35   
Total 172 questions

In a Destination NAT configuration, the Translated Address field may be populated with either an IP address or an Address Object.

  • A. True
  • B. False


Answer : A

Color-coded tags can be used on all of the items listed below EXCEPT:

  • A. Address Objects
  • B. Zones
  • C. Service Groups
  • D. Vulnerability Profiles


Answer : D

Which of the following can provide information to a Palo Alto Networks firewall for the purposes of UserID?

  • A. Domain Controller
  • B. SSL Certificates
  • C. RIPv2
  • D. Network Access Control (NAC) device


Answer : ABD

When you have created a Security Policy Rule that allows Facebook, what must you do to block all other web browsing traffic?

  • A. Create an additional rule that blocks all other traffic.
  • B. When creating the policy, ensure that webbrowsing is included in the same rule.
  • C. Ensure that the Service column is defined as "applicationdefault" for this Security policy. Doing this will automatically include the implicit webbrowsing application dependency.
  • D. Nothing. You can depend on PANOS to block the webbrowsing traffic that is not needed for Facebook use.


Answer : D

As the Palo Alto Networks Administrator responsible for UserID, you need to enable mapping of network users that do not sign in using LDAP. Which information source would allow for reliable UserID mapping while requiring the least effort to configure?

  • A. Active Directory Security Logs
  • B. WMI Query
  • C. Captive Portal
  • D. Exchange CAS Security logs


Answer : A

Page:    1 / 35   
Total 172 questions