Users may be authenticated sequentially to multiple authentication servers by configuring:
A. An Authentication Profile.
B. An Authentication Sequence.
C. A custom Administrator Profile.
D. Multiple RADIUS servers sharing a VSA configuration.
In PAN-OS 5.0, how is Wildfire enabled?
A. Via the URL-Filtering "Continue" Action
B. Wildfire is automaticaly enabled with a valid URL-Filtering license
C. A custom file blocking action must be enabled for all PDF and PE type files
D. Via the "Forward" and "Continue and Forward" File-Blocking actions
Which of the following are necessary components of a GlobalProtect solution?
A. GlobalProtect Gateway, GlobalProtect Agent, GlobalProtect Portal
B. GlobalProtect Gateway, GlobalProtect Agent, GlobalProtect Server
C. GlobalProtect Gateway, GlobalProtect NetConnect, GlobalProtect Agent, GlobalProtect Portal, GlobalProtect Server
D. GlobalProtect NetConnect, GlobalProtect Agent, GlobalProtect Portal, GlobalProtect Server
Which of the following statements is NOT True about Palo Alto Networks firewalls?
A. The Admin account may be disabled.
B. System defaults may be restored by performing a factory reset in Maintenance Mode.
C. The Admin account may not be disabled.
D. Initial configuration may be accomplished thru the MGT interface or the Console port.
When configuring the firewall for UserID, what is the maximum number of Domain Controllers that can be configured?
A. 100
B. 50
C. 10
D. 150
When Network Address Translation has been performed on traffic, Destination Zones in Security rules should be based on:
A. Post-NAT addresses
B. The same zones used in the NAT rules
C. Pre-NAT addresses
D. None of the above
How do you reduce the amount of information recorded in the URL Content Filtering Logs?
A. Enable "Log container page only".
B. Disable URL packet captures.
C. Enable URL log caching.
D. Enable DSRI.
As the Palo Alto Networks administrator responsible for User Identification, you are looking for the simplest method of mapping network users that do not sign into LDAP. Which information source would allow reliable User ID mapping for these users, requiring the least amount of configuration?
A. WMI Query
B. Exchange CAS Security Logs
C. Captive Portal
D. Active Directory Security Logs
The "Drive-By Download" protection feature, under File Blocking profiles in Content-ID, provides:
A. Password-protected access to specific file downloads, for authorized users increased speed on the downloads of the allowed file types
B. Protection against unwanted downloads, by alerting the user with a response page indicating that file is going to be downloaded
C. The Administrator the ability to leverage Authentication Profiles in order to protect against unwanted downloads
Traffic going to a public IP address is being translated by a Palo Alto Networks firewall to an internal server's private IP address. Which IP address should the Security Policy use as the "Destination IP" in order to allow traffic to the server?
A. The firewall's gateway IP
B. The server's public IP
C. The server's private IP
D. The firewall's MGT IP
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Palo Alto Networks exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your ACE exam preparations and Palo Alto Networks certification application, do not hesitate to visit our Vcedump.com to find your solutions here.