ACE Practice Test

What option should be configured when using User Identification?

A.

Enable User Identification per Zone

B.

Enable User Identification per Security Rule

C.

Enable User Identification per interface

D.

None of the above

Which of the following are accurate statements describing the HA3 link in an Active-Active
HA deployment?

A.

HA3 is used for session synchronization

B.

The HA3 link is used to transfer Layer 7 information

C.

HA3 is used to handle asymmetric routing

D.

HA3 is the control link

Which of the following fields is not available in DoS policy?

A.

Destination Zone

B.

Source Zone

C.

Application

D.

Service

When configuring Admin Roles for Web UI access, what are the available access levels?

A.

Enable and Disable only

B.

None, Superuser, Device Administrator

C.

Allow and Deny only

D.

Enable, Read-Only and Disable

When adding an application in a Policy-based Forwarding rule, only a subset of the entire
App-ID database is represented. Why would this be?

A.

Policy-based forwarding can only indentify certain applications at this stage of the
packet flow, as the majority of applications are only identified once the session is created.

B.

Policy-based forwarding rules require that a companion Security policy rule, allowing the
needed Application traffic, must first be created.

C.

The license for the Application ID database is no longer valid.

D.

A custom application must first be defined before it can be added to a Policy-based
forwarding rule.