Which two options can be changed in the run.properties file? (Choose 2 answers.)
Answer(s): C,E
The run.properties file in PingAccess is the primary configuration file that defines system-level runtime behavior. According to PingAccess documentation:Exact Extract:"The run.properties file contains configuration properties for PingAccess, including operational mode, logging levels, admin authentication fallback, cluster settings, and system defaults." (PingAccess Administrator's Guide run.properties Reference) From this, we can determine:C . Operational mode for PingAccess CorrectThe property pa.operational.mode in run.properties defines whether the node operates as STANDALONE, CLUSTERED_CONSOLE, CLUSTERED_CONSOLE_REPLICA, or CLUSTERED_ENGINE. This is one of the core configurable options.E . Logging levels CorrectProperties such as log.level and other logging configurations are explicitly defined in run.properties, allowing administrators to adjust the verbosity of logs (DEBUG, INFO, WARN, ERROR).Why the others are incorrect:A . Default logs location IncorrectThe log file path is not controlled via run.properties. It is defined in log4j2.xml, not in run.properties.B . URL for heartbeat endpoint IncorrectThe heartbeat endpoint (/pa/heartbeat.ping) is a fixed system endpoint and is not configurable in run.properties.D . X-Frame-Options header IncorrectSecurity headers like X-Frame-Options are managed under application security policies or global response headers, not in run.properties.
PingAccess Administrator's Guide run.properties Reference (section describing pa.operational.mode and logging configuration properties).
An administrator needs to support SLO (Single Logout) for a protected web application. What must be configured in a PingAccess Web Session in this situation?
Answer(s): A
To enable Single Logout (SLO), the SLO scope must be defined in the PingAccess Web Session configuration. This determines which sessions are ended when a logout request occurs.Exact Extract:"The SLO scope option in a web session specifies which applications are included in a logout event when Single Logout is triggered."Option A (SLO scope) is correct; it explicitly enables SLO support by linking session termination across apps.Option B (Idle timeout) is unrelated; this controls session expiration, not SLO. Option C (Validate Session) ensures session state is synchronized but does not configure SLO. Option D (Refresh User Attributes) is unrelated; it only controls whether attributes are reloaded.
PingAccess Administration Guide Configuring Web Sessions
According to a new business requirement, critical applications require dual-factor authentication when specific resources are accessed in those applications. Which configuration object should the administrator use in the applications?
Answer(s): C
PingAccess enforces step-up or multi-factor authentication using Authentication Requirements, which can be applied to specific resources within an application.Exact Extract:"Authentication requirements allow administrators to configure additional authentication (for example, MFA) when accessing sensitive application resources." Option A (UI Authentication) applies to access to the admin console, not application resources. Option B (Auth Token Management) relates to OAuth token lifetimes and refresh, not MFA enforcement.Option C (Authentication Requirements) is correct -- these rules enforce MFA or step-up auth for specific URLs/resources.Option D (Authentication Challenge Policy) governs how failed auth challenges are presented but does not enforce MFA.
PingAccess Administration Guide Authentication Requirements
During a business review of an application, the administrator needs to change the Resource Authentication to anonymous. What are the two effects of making this change to the resource? (Choose 2 answers.)
Answer(s): B,C
When a resource is configured as anonymous, PingAccess does not challenge the user for authentication. However, certain processing and identity propagation still occur.Exact Extract:"Anonymous resources do not require authentication. Identity mappings and request/response processing rules still apply."Option A is incorrect because rules such as identity mappings and processing still apply. Option B is correct -- Identity Mappings can still forward attributes, even for anonymous access. Option C is correct -- Processing rules (e.g., request/response modifications) still apply. Option D is incorrect -- requests are logged; anonymous does not disable logging. Option E is incorrect -- access control rules (authorization) are not evaluated for anonymous resources.
PingAccess Administration Guide Resource Authentication
An administrator is integrating a new PingAccess Proxied Application. The application will use an SSL certificate issued by a publicly trusted Certificate Authority. PingAccess is terminating SSL and is responsible for loading the SSL certificate for that application. What initial action must the administrator take in PingAccess in this situation?
Answer(s): D
For PingAccess to terminate SSL for a proxied application, it requires access to the private key and certificate chain. These are stored as Key Pairs.Exact Extract:"For SSL termination, you must import the server certificate and its private key as a PKCS#12 file into Key Pairs."Option A is incorrect -- a public key alone cannot terminate SSL. Option B is incorrect -- PKCS#12 files must go into Key Pairs, not Certificates. Option C is incorrect -- public keys alone are insufficient; PingAccess must have the private key.Option D is correct -- the PKCS#12 file with full chain and private key is imported into Key Pairs.
PingAccess Administration Guide Managing Certificates and Key Pairs
An administrator needs to prevent PingAccess from automatically starting on a Windows Server.Which command would accomplish this task?
Answer(s): B
PingAccess installs as a Windows service. To remove or prevent automatic startup, the uninstall- service.bat script is used.Exact Extract:"On Windows, use install-service.bat to install PingAccess as a service and uninstall-service.bat to remove the service."Option A (init.bat) initializes environment variables but does not manage services. Option B (uninstall-service.bat) is correct -- it removes the Windows service, preventing auto-start. Option C (remove-install.bat) is not a valid PingAccess script. Option D (wrapper-service.bat) configures wrapper options, not service removal.
PingAccess Installation Guide Windows Service Scripts
A protected web application requires that additional attributes be provided once the user is authenticated. Which two steps must the administrator perform to meet this requirement? (Choose 2 answers.)
Answer(s): B,E
When applications require additional attributes:The Web Session must be configured to retrieve those attributes from the token provider (OIDC or PingFederate).The Identity Mapping must be updated to forward those attributes to the application (e.g., as headers).Exact Extract:"Web sessions define how user attributes are retrieved from the token provider. Identity mappings determine how those attributes are inserted into requests to applications." Option A is not necessarily required; attributes can be retrieved via userinfo endpoint or access token, not only ID tokens.Option B is correct -- Identity Mappings must be updated to pass attributes to the app. Option C is incorrect -- Site Authenticators define how PingAccess authenticates to apps, not attribute handling.Option D is incorrect unless the architecture specifically requires access token updates; PingAccess often uses the Web Session to fetch attributes.Option E is correct -- Web Session must be updated to retrieve additional attributes.
PingAccess Administration Guide Web Sessions and Identity Mapping
A modified application now requires additional attributes to be passed in the headers. What needs to be modified in order to pass the additional attributes?
To pass user attributes into HTTP headers for applications, PingAccess uses Identity Mappings. When attributes need to be passed specifically as headers, the administrator must update the Header Identity Mapping.Exact Extract:"Header identity mappings map attributes from a user's web session to HTTP headers that are then sent to the back-end application."Option A (HTTP Request Header Rule) is incorrect -- this adds or modifies static request headers, not user attributes.Option B (Header Identity Mapping) is correct -- this maps identity attributes into headers dynamically.Option C (JWT Identity Mapping) is incorrect -- that's used for passing attributes as claims in JWTs. Option D (Web Session Attribute Rule) is incorrect -- that is for access control evaluation, not propagation of attributes.
PingAccess Administration Guide Identity Mapping (Header Identity Mapping)
Share your comments for Ping Identity PAP-001 exam with other users:
please continue
this exam dumps just did the job. i donot want to ruffle your feathers but your exam dumps and mock test engine is amazing.
nice questions
the explanation are really helpful
just passed my exam yesterday on my first attempt. these dumps were extremely helpful in passing first time. the questions were very, very similar to these questions!
cosmos db is paas not saas
what is the percentage of common questions in gcp exam compared to 197 dump questions? are they 100% matching with real gcp exam?
not able to see questions
by far one of the best sites for free questions. i have pass 2 exams with the help of this website.
excellent question bank.
it really helped
excelent material
the new versoin of this exam which i downloaded has all the latest questions from the exam. i only saw 3 new questions in the exam which was not in this dump.
question 8 - can cloudtrail be used for storing jobs? based on aws - aws cloudtrail is used for governance, compliance and investigating api usage across all of our aws accounts. every action that is taken by a user or script is an api call so this is logged to [aws] cloudtrail. something seems incorrect here.
question 13 tda - c01 answer : quick table calculation -> percentage of total , compute using table down
pls share teh dump
question 44 answer is user risk
please post the questions for preparation
thanks for the questions
please reopen it now ..its really urgent
these practice exam questions were exactly what i needed. the variety of questions and the realistic exam-like environment they created helped me assess my strengths and weaknesses. i felt more confident and well-prepared on exam day, and i owe it to this exam dumps!
thank u it very instructuf
its helpful?
is this dump still valid???
question 205 answer is b
question 39, should be answer b, directions stated is being sudneted from /21 to a /23. a /23 has 512 ips so 510 hosts. and can make 4 subnets out of the /21
beautiful test engine software and very helpful. questions are same as in the real exam. i passed my paper.
the questions are exactly the same in real exam. just make sure not to answer all them correct or else they suspect you are cheating.
question: 78 the right answer i think is d not a
very helpful
i am writing this exam tomorrow and have dumps
can i have the icdl excel exam
please upload it
hye when will post again the past year question for this h13-311_v3 part since i have to for my test tommorow…thank you very much
Keeping this site free takes real effort. We constantly battle automated scraping and unauthorized content copying. A quick account helps us protect the community and keep the site free.
To continue studying for your PAP-001, please sign in or create a free account.