Cisco®
CompTIA
Checkpoint
ISC
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk®
Scrum
All Vendors
  2. Home
  3. Exams
  4. Palo Alto Networks
  5. ACE

Free ACE Exam Braindumps (page: 17)

Page 16 of 56
PDF with 222 Questions

When configuring a Security Policy Rule based on FQDN Address Objects, which of the following statements is True?

  1. The firewall resolves the FQDN first when the policy is committed, and resolves the FQDN again each time Security Profiles are evaluated.
  2. The firewall resolves the FQDN first when the policy is committed, and resolves the FQDN again at DNS TTL expiration.
  3. In order to create FQDN-based objects, you need to manually define a list of associated IP addresses.

Answer(s): B



With PAN-OS 5.0, how can a common NTP value be pushed to a cluster of firewalls?

  1. Via a Panorama Template
  2. Via a shared object in Panorama
  3. Via a Panorama Device Group
  4. Via a Device Group object in Panorama

Answer(s): B



Color-coded tags can be used on all of the items listed below EXCEPT:

  1. Address Objects
  2. Zones
  3. Service Groups
  4. Vulnerability Profiles

Answer(s): D



What are two sources of information for determining whether the firewall has been successful in communicating with an external UserID Agent?

  1. System Logs and the indicator light under the UserID Agent settings in the firewall.
  2. Traffic Logs and Authentication Logs.
  3. System Logs and an indicator light on the chassis.
  4. System Logs and Authentication Logs.

Answer(s): A






Post your Comments and Discuss Palo Alto Networks ACE exam with other Community members:

Exam Discussions & Posts