palo alto networks ace practice test

Accredited Configuration Engineer

Last exam update: May 12 ,2024
Page 1 out of 15. Viewing questions 1-15 out of 222

Question 1 Topic 2, Exam Pool A

Users may be authenticated sequentially to multiple authentication servers by configuring:

  • A. An Authentication Profile.
  • B. An Authentication Sequence.
  • C. A custom Administrator Profile.
  • D. Multiple RADIUS servers sharing a VSA configuration.
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 2 Topic 2, Exam Pool A

Traffic going to a public IP address is being translated by a Palo Alto Networks firewall to an internal servers private IP
address. Which IP address should the Security Policy use as the "Destination IP" in order to allow traffic to the server?

  • A. The firewall’s gateway IP
  • B. The server’s public IP
  • C. The server’s private IP
  • D. The firewall’s MGT IP
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 3 Topic 2, Exam Pool A

An interface in Virtual Wire mode must be assigned an IP address.

  • A. True
  • B. False
Answer:

B

User Votes:
A
50%
B
50%
Discussions
vote your answer:
A
B
0 / 1000

Question 4 Topic 2, Exam Pool A

Which of the following services are enabled on the MGT interface by default? (Select all correct answers.)

  • A. HTTPS
  • B. SSH
  • C. Telnet
  • D. HTTP
Answer:

A B

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 5 Topic 2, Exam Pool A

Using the API in PAN-OS 6.1, WildFire subscribers can upload up to how many samples per day?

  • A. 500
  • B. 50
  • C. 1000
  • D. 10
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 6 Topic 2, Exam Pool A

Without a WildFire subscription, which of the following files can be submitted by the Firewall to the hosted WildFire
virtualized sandbox?

  • A. PE files only
  • B. PDF files only
  • C. MS Office doc/docx, xls/xlsx, and ppt/pptx files only
  • D. PE and Java Applet (jar and class) only
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 7 Topic 2, Exam Pool A

Select the implicit rules that are applied to traffic that fails to match any administrator-defined Security Policies. (Choose all
rules that are correct.)

  • A. Intra-zone traffic is allowed
  • B. Inter-zone traffic is denied
  • C. Intra-zone traffic is denied
  • D. Inter-zone traffic is allowed
Answer:

A B

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 8 Topic 2, Exam Pool A

WildFire analyzes files to determine whether or not they are malicious. When doing so, WildFire will classify the file with an
official verdict. This verdict is known as the WildFire Analysis verdict. Choose the three correct classifications as a result of
this analysis and classification?

  • A. Benign
  • B. Adware
  • C. Spyware
  • D. Malware detection
  • E. Safeware
  • F. Grayware
Answer:

A D F

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
F
50%
Discussions
vote your answer:
A
B
C
D
E
F
0 / 1000

Question 9 Topic 2, Exam Pool A

Which of the following is a routing protocol supported in a Palo Alto Networks firewall?

  • A. RIPv2
  • B. ISIS
  • C. IGRP
  • D. EIGRP
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 10 Topic 2, Exam Pool A

In PANOS 6.0, rule numbers are:

  • A. Numbers that specify the order in which security policies are evaluated.
  • B. Numbers created to be unique identifiers in each firewall’s policy database.
  • C. Numbers on a scale of 0 to 99 that specify priorities when two or more rules are in conflict.
  • D. Numbers created to make it easier for users to discuss a complicated or difficult sequence of rules.
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 11 Topic 2, Exam Pool A

Which of the following must be enabled in order for UserID to function?

  • A. Captive Portal Policies must be enabled.
  • B. UserID must be enabled for the source zone of the traffic that is to be identified.
  • C. Captive Portal must be enabled.
  • D. Security Policies must have the UserID option enabled.
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 12 Topic 2, Exam Pool A

Can multiple administrator accounts be configured on a single firewall?

  • A. Yes
  • B. No
Answer:

A

User Votes:
A
50%
B
50%
Discussions
vote your answer:
A
B
0 / 1000

Question 13 Topic 2, Exam Pool A

What are the benefits gained when the "Enable Passive DNS Monitoring" checkbox is chosen on the firewall? (Select all
correct answers.)

  • A. Improved DNSbased C&C signatures.
  • B. Improved PANDB malware detection.
  • C. Improved BrightCloud malware detection.
  • D. Improved malware detection in WildFire.
Answer:

A B D

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 14 Topic 2, Exam Pool A

Both SSL decryption and SSH decryption are disabled by default.

  • A. True
  • B. False
Answer:

A

User Votes:
A
50%
B
50%
Discussions
vote your answer:
A
B
0 / 1000

Question 15 Topic 2, Exam Pool A

What will the user experience when attempting to access a blocked hacking website through a translation service such as
Google Translate or Bing Translator?

  • A. A “Blocked” page response when the URL filtering policy to block is enforced.
  • B. A “Success” page response when the site is successfully translated.
  • C. The browser will be redirected to the original website address.
  • D. An "HTTP Error 503 Service unavailable" message.
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000
To page 2