What is the function of the GlobalProtect Portal?
A. To maintain the list of Global Protect Gateways and specify HIP data that the agent should report.
B. To loadbalance
C. GlobalProtect client connections to GlobalProtect Gateways.
D. To maintain the list of remote GlobalProtect Portals and the list of categories for checking the client machine.
E. To provide redundancy for tunneled connections through the GlobalProtect Gateways.
Which of the following is True of an application filter?
A. An application filter automatically adapts when an application moves from one IP address to another.
B. An application filter automatically includes a new application when one of the new application's characteristics are included in the filter.
C. An application filter specifies the users allowed to access an application.
D. An application filter is used by malware to evade detection by firewalls and anti-virus software.
When configuring Admin Roles for Web UI access, what are the available access levels?
A. Enable and Disable only
B. None, Superuser, Device Administrator
C. Allow and Deny only
D. Enable, Read-Only and Disable
When adding an application in a Policy-based Forwarding rule, only a subset of the entire App-ID database is represented. Why would this be?
A. Policy-based forwarding can only indentify certain applications at this stage of the packet flow, as the majority of applications are only identified once the session is created.
B. Policy-based forwarding rules require that a companion Security policy rule, allowing the needed Application traffic, must first be created.
C. The license for the Application ID database is no longer valid.
D. A custom application must first be defined before it can be added to a Policy-based forwarding rule.
When creating a Security Policy to allow Facebook in PAN-OS 5.0, how can you be sure that no other web-browsing traffic is permitted?
A. Ensure that the Service column is defined as "application-default" for this security rule. This will automatically include the implicit web-browsing application dependency.
B. Create a subsequent rule which blocks all other traffic
C.
D. When creating the rule, ensure that web-browsing is added to the same rule. Both applications will be processed by the Security policy, allowing only Facebook to be accessed. Any other applications can be permitted in subsequent rules.
E. No other configuration is required on the part of the administrator, since implicit application dependencies will be added automaticaly.
A local/enterprise PKI system is required to deploy outbound forward proxy SSL decryption capabilities.
A. True
B. False
In a Destination NAT configuration, the Translated Address field may be populated with either an IP address or an Address Object.
A. True
B. False
Which of the Dynamic Updates listed below are issued on a daily basis?
A. Global Protect
B. URL Filtering
C. Antivirus
D. Applications and Threats
When employing the BrightCloud URL filtering database in a Palo Alto Networks firewall, the order of evaluation within a profile is:
A. Block list, Custom Categories, Predefined categories, Dynamic URL filtering, Allow list, Cache files.
B. Block list, Allow list, Custom Categories, Cache files, Local URL DB file.
C. Block list, Custom Categories, Cache files, Predefined categories, Dynamic URL filtering, Allow list.
D. Dynamic URL filtering, Block list, Allow list, Cache files, Custom categories, Predefined categories.
With PAN-OS 5.0, how can a common NTP value be pushed to a cluster of firewalls?
A. Via a Panorama Template
B. Via a shared object in Panorama
C. Via a Panorama Device Group
D. Via a Device Group object in Panorama
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Palo Alto Networks exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your ACE exam preparations and Palo Alto Networks certification application, do not hesitate to visit our Vcedump.com to find your solutions here.