1. Home
  2. Palo Alto Networks
  3. ACE

Accredited Configuration Engineer (ACE) PAN-OS 8.0

Exam Details

  • Exam Code
    :ACE
  • Exam Name
    :Accredited Configuration Engineer (ACE) PAN-OS 8.0
  • Certification
    :ACE
  • Vendor
    :Palo Alto Networks
  • Total Questions
    :222 Q&As
  • Last Updated
    :May 05, 2025

Palo Alto Networks ACE ACE Questions & Answers

  • Question 191:

    Which mode will allow a user to choose when they wish to connect to the Global Protect Network?

    A. Always On mode

    B. Optional mode

    C. Single SignOn mode

    D. On Demand mode

  • Question 192:

    Which of the following are accurate statements describing the HA3 link in an Active-Active HA deployment?

    A. HA3 is used for session synchronization

    B. The HA3 link is used to transfer Layer 7 information

    C. HA3 is used to handle asymmetric routing

    D. HA3 is the control link

  • Question 193:

    The "Disable Server Return Inspection" option on a security profile:

    A. Can only be configured in Tap Mode

    B. Should only be enabled on security policies allowing traffic to a trusted server.

    C. Does not perform higher-level inspection of traffic from the side that originated the TCP SYN packet

    D. Only performs inspection of traffic from the side that originated the TCP SYN-ACK packet

  • Question 194:

    In PAN-OS 5.0, how is Wildfire enabled?

    A. Via the "Forward" and "Continue and Forward" File-Blocking actions

    B. A custom file blocking action must be enabled for all PDF and PE type files

    C. Wildfire is automatically enabled with a valid URL-Filtering license

    D. Via the URL-Filtering "Continue" Action.

  • Question 195:

    WildFire Analysis Reports are available for the following Operating Systems (select all that apply)

    A. Windows XP

    B. Windows 7

    C. Windows 8

    D. Mac OS-X

  • Question 196:

    Taking into account only the information in the screenshot above, answer the following question. In order for ping traffic to traverse this device from e1/2 to e1/1, what else needs to be configured? Select all that apply.

    A. Security policy from trust zone to Internet zone that allows ping

    B. Create the appropriate routes in the default virtual router

    C. Security policy from Internet zone to trust zone that allows ping

    D. Create a Management profile that allows ping. Assign that management profile to e1/1 and e1/2

  • Question 197:

    An interface in Virtual Wire mode must be assigned an IP address.

    A. True

    B. False

  • Question 198:

    Which of the following is NOT a valid option for built-in CLI access roles?

    A. read/write

    B. superusers

    C. vsysadmin

    D. deviceadmin

  • Question 199:

    Wildfire may be used for identifying which of the following types of traffic?

    A. URL content

    B. DHCP

    C. DNS

    D. Viruses

  • Question 200:

    Which of the following would be a reason to use the PAN-OS XML API to communicate with a Palo Alto Networks firewall?

    A. To allow the firewall to push User-ID information to a Network Access Control (NAC) device.

    B. To permit syslogging of User Identification events.

    C. To pull information from other network resources for User-ID.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Palo Alto Networks exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your ACE exam preparations and Palo Alto Networks certification application, do not hesitate to visit our Vcedump.com to find your solutions here.