Which link is used by an Active-Passive cluster to synchronize session information?
A. The Data Link
B. The Control Link
C. The Uplink
D. The Management Link
What will the user experience when browsing a Blocked hacking website such as www.2600.com via Google Translator?
A. The URL filtering policy to Block is enforced
B. It will be translated successfully
C. It will be redirected to www.2600.com
D. User will get "HTTP Error 503 - Service unavailable" message
Which feature can be configured to block sessions that the firewall cannot decrypt?
A. Decryption Profile in Decryption Policy
B. Decryption Profile in Security Profile
C. Decryption Profile in PBF
D. Decryption Profile in Security Policy
A user complains that they are no longer able to access a needed work application after you have implemented vulnerability and anti-spyware profiles. The user's application uses a unique port. What is the most efficient way to allow the user access to this application?
A. Utilize an Application Override Rule, referencing the custom port utilzed by this application. Application Override rules bypass all Layer 7 inspection, thereby allowing access to this application.
B. In the Threat log, locate the event which is blocking access to the user's application and create a IP-based exemption for this user.
C. In the vulnerability and anti-spyware profiles, create an application exemption for the user's application.
D. Create a custom Security rule for this user to access the required application. Do not apply vulnerability and anti-spyware profiles to this rule.
With IKE Phase 1, each device is identified to the other by a Peer ID. In most cases, the Peer ID is just the public IP address of the device. In situations where the public IP address is not static, the Peer ID can be a text value.
A. True
B. False
Which of the following are methods HA clusters use to identify network outages?
A. Path and Link Monitoring
B. VR and VSys Monitors
C. Heartbeat and Session Monitors
D. Link and Session Monitors
An Outbound SSL forward-proxy decryption rule cannot be created using which type of zone?
A. Virtual Wire
B. Tap
C. L3
D. L2
A "Continue" action can be configured on the following Security Profiles:
A. URL Filtering, File Blocking, and Data Filtering
B. URL Filteringn
C. URL Filtering and Antivirus
D. URL Filtering and File Blocking
Subsequent to the installation of new licenses, the firewall must be rebooted
A. True
B. False
All of the interfaces on a Palo Alto Networks device must be of the same interface type.
A. True
B. False
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Palo Alto Networks exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your ACE exam preparations and Palo Alto Networks certification application, do not hesitate to visit our Vcedump.com to find your solutions here.