PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

Transcription

1 PASS4TEST \ We offer free update service for one year

2 Exam : ACE Title : Accredited Configuration Engineer (ACE) PANOS 8.0 Version Vendor : Palo Alto Networks Version : DEMO Get Latest & Valid ACE Exam's Question and Answers from 1 Pass4test.com. 1

3 NO.1 Which of the following represents HTTP traffic events that can be used to identify potential Botnets? A. Traffic from users that browse to IP addresses instead of fully-qualified domain names, downloading W32.Welchia.Worm from a Windows share, traffic to domains that have been registered in the last 30 days, downloading executable files from unknown URL's B. Traffic from users that browse to IP addresses instead of fully-qualified domain names, traffic to domains that have been registered in the last 60 days, downloading executable files from unknown URL's C. Traffic from users that browse to IP addresses instead of fully-qualified domain names, traffic to domains that have been registered in the last 60 days, downloading executable files from unknown URL's, IRC-based Command and Control traffic D. Traffic from users that browse to IP addresses instead of fully-qualified domain names, traffic to domains that have been registered in the last 30 days. NO.2 How do you reduce the amount of information recorded in the URL Content Filtering Logs? A. Enable "Log container page only". B. Disable URL packet captures. C. Enable URL log caching. D. Enable DSRI. Answer: A NO.3 You can assign an IP address to an interface in Virtual Wire mode. A. True B. False NO.4 Get Latest & Valid ACE Exam's Question and Answers from 2 Pass4test.com. 2

4 Considering the information in the screenshot above, what is the order of evaluation for this URL Filtering Profile? A. URL Categories (BrightCloud or PANDB), B. Custom Categories, Block List, Allow List. C. Block List, Allow List, URL Categories (BrightCloud or PANDB), Custom Categories. D. Block List, Allow List, Custom Categories, URL Categories (BrightCloud or PANDB). E. Allow List, Block List, Custom Categories, URL Categories (BrightCloud or PANDB). NO.5 The WildFire Portal website supports which three operations? (Choose three.) A. report incorrect verdicts B. upload files to WildFire for analysis C. request firewall WildFire licenses D. view WildFire verdicts Answer: A,B,D NO.6 When Destination Network Address Translation is being performed, the destination in the corresponding Security Policy Rule should use: A. The PostNAT destination zone and PostNAT IP address. B. The PreNAT destination zone and PreNAT IP address. C. The PreNAT destination zone and PostNAT IP address. D. The PostNAT destination zone and PreNAT IP address. Get Latest & Valid ACE Exam's Question and Answers from 3 Pass4test.com. 3

5 NO.7 WildFire Analysis Reports are available for the following Operating Systems (select all that apply) A. Windows XP B. Windows 7 C. Windows 8 D. Mac OS-X Answer: A,B,C NO.8 Which of the following is NOT a valid option for builtin CLI Admin roles? A. deviceadmin B. superuser C. devicereader D. read/write NO.9 Can multiple administrator accounts be configured on a single firewall? A. Yes B. No Answer: A NO.10 In an HA configuration, which three components are synchronized between the pair of firewalls? (Choose three.) A. logs B. objects C. policies D. networks,c,d NO.11 Which condition must exist before a firewall's in*band interface can process traffic? A. The firewall must not be a loopback interface. B. The firewall must be assigned to a security zone. C. The firewall must be assigned an IP address. D. The firewall must be enabled. Answer: C NO.12 If a DNS sinkhole is configured, any sinkhole actions indicating a potentially infected host are recorded in which log type? A. Traffic B. WildFire Submissions C. Data Filtering D. Threat Get Latest & Valid ACE Exam's Question and Answers from 4 Pass4test.com. 4

6 NO.13 A user complains that they are no longer able to access a needed work application after you have implemented vulnerability and anti-spyware profiles. The user's application uses a unique port. What is the most efficient way to allow the user access to this application? A. Utilize an Application Override Rule, referencing the custom port utilzed by this application. Application Override rules bypass all Layer 7 inspection, thereby allowing access to this application. B. In the Threat log, locate the event which is blocking access to the user's application and create a IP-based exemption for this user. C. In the vulnerability and anti-spyware profiles, create an application exemption for the user's application. D. Create a custom Security rule for this user to access the required application. Do not apply vulnerability and anti-spyware profiles to this rule. NO.14 As the Palo Alto Networks Administrator you have enabled Application Block pages. Afterwards, not knowing they are attempting to access a blocked webbased application, users call the Help Desk to complain about network connectivity issues. What is the cause of the increased number of help desk calls? A. The File Blocking Block Page was disabled. B. Some AppID's are set with a Session Timeout value that is too low. C. The firewall admin did not create a custom response page to notify potential users that their attempt to access the webbased application is being blocked due to policy. D. Application Block Pages will only be displayed when Captive Portal is configured. NO.15 InPAN-OS 8.0which of the available choices serves as an alert warning by defining patterns of suspicious traffic and network anomalies that may indicate a host has been compromised? A. App-ID Signatures B. Correlation Objects C. Command & Control Signatures D. Correlation Events E. Custom Signatures Answer: E NO.16 Palo Alto Networks firewalls support the use of both Dynamic (built-in user roles) and Role- Based (customized user roles) A. True B. False Answer: A NO.17 Get Latest & Valid ACE Exam's Question and Answers from 5 Pass4test.com. 5

7 Taking into account only the information in the screenshot above, answer the following question. An administrator is pinging and fails to receive a response. What is the most likely reason for the lack of response? A. The interface is down. B. There is a Security Policy that prevents ping. C. There is no Management Profile. D. There is no route back to the machine originating the ping. Answer: C NO.18 In Active/Active HA environments, redundancy for the HA3 interface can be achieved by A. Configuring a corresponding HA4 interface B. Configuring HA3 as an Aggregate Ethernet bundle C. Configuring multiple HA3 interfaces D. Configuring HA3 in a redundant group Get Latest & Valid ACE Exam's Question and Answers from 6 Pass4test.com. 6