PAP-001 Exam Dumps - Certified Professional - PingAccess

The propertyengine.ssl.protocolsinrun.propertiesspecifies the TLS protocol versions that PingAccess engines will support for incoming HTTPS traffic.

Exact Extract:

“Theengine.ssl.protocolsproperty configures which TLS versions are enabled for HTTPS listeners.”

Option A (ciphers)is incorrect — cipher suites are defined separately, not in this property.

Option B (HTTPS port)is incorrect — the port is defined in the engine listener, not here.

Option C (TLS versions)is correct — this property controls TLS version support (e.g., TLSv1.2, TLSv1.3).

Option D (clustering)is incorrect — clustering does not depend on this property.

When PingAccess is first installed, theAdministrative Console(the web-based UI for managing configuration) is bound to adefault port of 9000. This is documented in the installation and configuration guides:

Exact Extract from documentation:

“By default, the administrative console is available athttps:// :9000.”

(PingAccess Installation Guide – Default Ports)

This means that unless the administrator has explicitly changed the port inrun.propertiesor during installation, the console will always be available onport 9000.

Option Analysis:

A. 9000✅Correct. Default administrative console port.

B. 3000❌Incorrect. This is not a PingAccess default port.

C. 9090❌Incorrect. Sometimes used by other Ping products for APIs, but not the PingAccess admin console.

D. 3030❌Incorrect. Not a default PingAccess port.

PingAccess installs as a Windows service. To remove or prevent automatic startup, theuninstall-service.batscript is used.

Exact Extract:

“On Windows, useinstall-service.batto install PingAccess as a service anduninstall-service.batto remove the service.”

Option A (init.bat)initializes environment variables but does not manage services.

Option B (uninstall-service.bat)is correct — it removes the Windows service, preventing auto-start.

Option C (remove-install.bat)is not a valid PingAccess script.

Option D (wrapper-service.bat)configures wrapper options, not service removal.

PingAccess terminates SSL at theVirtual Hostlevel. To configure an existing certificate, the administrator must assign the appropriateKey Pair(which contains the certificate and private key) to the Virtual Host.

Exact Extract:

“SSL termination occurs on the engine listener through virtual hosts. Assign the certificate’s key pair to the virtual host to secure proxied applications.”

Option Ais correct — assign the key pair to the Virtual Host for SSL termination.

Option Bis incorrect — Require HTTPS enforces secure access but does not configure SSL termination.

Option Cis incorrect — Agent Listener is for PingAccess Agents, not proxied apps.

Option Dis incorrect — secure flag affects cookie settings, not SSL certificates.

The requirement is:

Allow access ifuser is in sales

OR ifuser is in marketing AND is a manager

This is logically represented as:

(A) OR (B AND C)

To configure this in PingAccess:

Rule Set (D) = ANY (A)

Rule Set (E) = ALL (B, C)

Rule Set Group (F) = ANY (D, E)

Assign Group (F) to the resource

This exactly matchesOption D.

Option Ais incorrect — requires both A and (B AND C), which is stricter than the requirement.

Option Bis incorrect — ANY(A, B, C) would allow users in marketing or managers without requiring both.

Option Cis incorrect — it uses ALL(D, E), which would require both conditions instead of OR.

Option Dis correct — it models (A OR (B AND C)).

When usingHTTP Basic Authentication(admin.auth=native), PingAccess only supports asingle administrative account(the default admin user). For multiple administrators, SSO integration (e.g., OIDC) is required.

Exact Extract:

“When admin authentication is set to native (HTTP Basic), only one administrative user is supported. For multiple admins, configure UI authentication with an OIDC provider.”

Option A (1000)is incorrect.

Option B (1)is correct — only one basic auth admin account.

Option C (10)andOption D (100)are incorrect.

All onboarding in PingAccess begins with defining anApplication. Once the application exists, the administrator can defineResourceswithin it and assign different rules to those resources.

Exact Extract:

“Before you can configure resources and rules, you must first create an application in PingAccess.”

Option A (Identity Mapping)may be required later but not the first step.

Option B (Web Session)can be shared but is not the first onboarding step.

Option C (Application)is correct — the starting point for onboarding.

Option D (Resource)comes after creating the application.

PingAccess service scripts depend on knowing:

Where the Java runtime is installed (JAVA_HOME)

Where PingAccess itself is installed (PA_HOME)

Exact Extract:

“The PingAccess startup scripts require theJAVA_HOMEenvironment variable to locate the JDK/JRE and thePA_HOMEvariable to locate the PingAccess installation directory.”

Option A (J2EE_HOME)is irrelevant to PingAccess.

Option B (JAVA_HOME)is correct — needed for Java execution.

Option C (PA_PATH)is not a standard variable.

Option D (PA_HOME)is correct — required to point to the PingAccess installation root.

Option E (JAVA_PATH)is not valid;PATHcan include Java, butJAVA_HOMEis the correct environment variable.