Ping Identity PAP-001 Exam With Confidence Using Practice Dumps

Therun.propertiesfile in PingAccess is the primary configuration file that defines system-level runtime behavior. According to PingAccess documentation:

Exact Extract:

“Therun.propertiesfile contains configuration properties for PingAccess, including operational mode, logging levels, admin authentication fallback, cluster settings, and system defaults.”

(PingAccess Administrator’s Guide –run.properties Reference)

From this, we can determine:

C. Operational mode for PingAccess→CorrectThe propertypa.operational.modeinrun.propertiesdefines whether the node operates asSTANDALONE,CLUSTERED_CONSOLE,CLUSTERED_CONSOLE_REPLICA, orCLUSTERED_ENGINE. This is one of the core configurable options.

E. Logging levels→CorrectProperties such aslog.leveland other logging configurations are explicitly defined inrun.properties, allowing administrators to adjust the verbosity of logs (DEBUG, INFO, WARN, ERROR).

Why the others are incorrect:

A. Default logs location→IncorrectThe log file path is not controlled viarun.properties. It is defined inlog4j2.xml, not inrun.properties.

B. URL for heartbeat endpoint→IncorrectThe heartbeat endpoint (/pa/heartbeat.ping) is a fixed system endpoint and is not configurable inrun.properties.

D. X-Frame-Options header→IncorrectSecurity headers likeX-Frame-Optionsare managed under application security policies or global response headers, not inrun.properties.

PingAccess supports logging directly to a relational database usingLog4j database appenders. To enable this:

Configurelog4j2.xmlto use a JDBC Appender.

Configurelog4j2.db.propertieswith the database connection information.

Provide the appropriate database driver in thePA_HOME/libdirectory.

Exact Extract:

“To log to a database, configure log4j2.xml and log4j2.db.properties, and place the JDBC driver JAR file in PA_HOME/lib.”

Option Ais correct — both files must be configured.

Option Bis incorrect — existing logs do not need removal.

Option Cis incorrect — enabling audit is unrelated to database logging.

Option Dis correct — the Oracle JDBC driver must be installed in PA_HOME/lib.

Option Eis incorrect unless TLS is used to connect to the DB, but it is not required for standard DB logging setup.

Identity Mapping in PingAccess relies on attributes provided by thetoken provider(e.g., PingFederate, OIDC provider). If the desired attributes are not present in the dropdown, it means they are not being provided in the token or userinfo response.

Exact Extract:

“Attributes available in identity mappings are those provided in the web session by the token provider. If attributes are missing, they must be added to the token by the identity provider.”

Option Ais correct — the token provider administrator must configure the IdP to include the additional attributes.

Option Bis incorrect — rewrite rules modify content but do not supply new identity attributes.

Option Cis incorrect — developers cannot directly add identity attributes; they must come from the IdP.

Option Dis incorrect — Web Session Attribute rules only evaluate available attributes; they don’t create new ones.