Which three types of buckets exposure are available in the Data Security module? (Choose three.)
An administrator needs to detect and alert on any activities performed by a root account.
Which policy type should be used?
What will happen when a Prisma Cloud Administrator has configured agentless scanning in an environment that also has Host and Container Defenders deployed?
Which two CI/CD plugins are supported by Prisma Cloud as part of its DevOps Security? (Choose two.).
Which two bot types are part of Web Application and API Security (WAAS) bot protection? (Choose two.)
A Prisma Cloud Administrator onboarded an AWS cloud account with agentless scanning enabled successfully to Prisma Cloud. Which item requires deploying defenders to be able to inspect the risk on the onboarded AWS account?
Which method should be used to authenticate to Prisma Cloud Enterprise programmatically?
A customer does not want alerts to be generated from network traffic that originates from trusted internal networks.
Which setting should you use to meet this customer’s request?
Which component(s), if any, will Palo Alto Networks host and run when a customer purchases Prisma Cloud Enterprise Edition?
An administrator for Prisma Cloud needs to obtain a graphical view to monitor all connections, including connections across hosts and connections to any configured network objects.
Which setting does the administrator enable or configure to accomplish this task?
What is the most reliable and extensive source for documentation on Prisma Cloud APIs?
An administrator needs to write a script that automatically deactivates access keys that have not been used for 30 days.
In which order should the API calls be used to accomplish this task? (Drag the steps into the correct order from the first step to the last.) Select and Place:
Which “kind” of Kubernetes object is configured to ensure that Defender is acting as the admission controller?
What is the purpose of Incident Explorer in Prisma Cloud Compute under the "Monitor" section?
An administrator sees that a runtime audit has been generated for a container.
The audit message is:
“/bin/ls launched and is explicitly blocked in the runtime rule. Full command: ls -latr”
Which protection in the runtime rule would cause this audit?
Which command should be used in the Prisma Cloud twistcli tool to scan the nginx:latest image for vulnerabilities and compliance issues?
A)
B)
C)
D)
Which three steps are involved in onboarding an account for Data Security? (Choose three.)
Given a default deployment of Console, a customer needs to identify the alerted compliance checks that are set by default.
Where should the customer navigate in Console?
Which step should a SecOps engineer implement in order to create a network exposure policy that identifies instances accessible from any untrusted internet sources?
Which three public cloud providers are supported for VM image scanning? (Choose three.)
Which two options may be used to upgrade the Defenders with a Console v20.04 and Kubernetes deployment? (Choose two.)
A security team has a requirement to ensure the environment is scanned for vulnerabilities. What are three options for configuring vulnerability policies? (Choose three.)
An administrator has been tasked with a requirement by your DevSecOps team to write a script to continuously query programmatically the existing users, and the user’s associated permission levels, in a Prisma Cloud Enterprise tenant.
Which public documentation location should be reviewed to help determine the required attributes to carry out this step?
Web-Application and API Security (WAAS) provides protection for which two protocols? (Choose two.)
Which two elements are included in the audit trail section of the asset detail view? (Choose two).
Which two integrated development environment (IDE) plugins are supported by Prisma Cloud as part of its Code Security? (Choose two.)
The InfoSec team wants to be notified via email each time a Security Group is misconfigured. Which Prisma Cloud tab should you choose to complete this request?
A DevOps lead reviewed some system logs and notices some odd behavior that could be a data exfiltration attempt. The DevOps lead only has access to vulnerability data in Prisma Cloud Compute, so the DevOps lead passes this information to SecOps.
Which pages in Prisma Cloud Compute can the SecOps lead use to investigate the runtime aspects of this attack?
Which two frequency options are available to create a compliance report within the console? (Choose two.)
If you are required to run in an air-gapped environment, which product should you install?
A security team notices a number of anomalies under Monitor > Events. The incident response team works with the developers to determine that these anomalies are false positives.
What will be the effect if the security team chooses to Relearn on this image?
Which two statements are true about the differences between build and run config policies? (Choose two.)
Given the following audit event activity snippet:
Which RQL will be triggered by the audit event?
A)
B)
C)
D)
A customer has a large environment that needs to upgrade Console without upgrading all Defenders at one time.
What are two prerequisites prior to performing a rolling upgrade of Defenders? (Choose two.)
What are two alarm types that are registered after alarms are enabled? (Choose two.)
The Compute Console has recently been upgraded, and the administrator plans to delay upgrading the Defenders and the Twistcli tool until some of the team’s resources have been rescaled. The Console is currently one major release ahead.
What will happen as a result of the Console upgrade?
A customer has Prisma Cloud Enterprise and host Defenders deployed.
What are two options that allow an administrator to upgrade Defenders? (Choose two.)
A container and image compliance rule has been configured by enabling all checks; however, upon review, the container's compliance view reveals only the entries in the image below.
What is the appropriate action to take next?
Which two IDE plugins are supported by Prisma Cloud as part of its DevOps Security? (Choose two.)
The administrator wants to review the Console audit logs from within the Console.
Which page in the Console should the administrator use to review this data, if it can be reviewed at all?
An administrator has deployed Console into a Kubernetes cluster running in AWS. The administrator also has configured a load balancer in TCP passthrough mode to listen on the same ports as the default Prisma Compute Console configuration.
In the build pipeline, the administrator wants twistcli to talk to Console over HTTPS. Which port will twistcli need to use to access the Prisma Compute APIs?
What is the function of the external ID when onboarding a new Amazon Web Services (AWS) account in Prisma Cloud?
Which two variables must be modified to achieve automatic remediation for identity and access management (IAM) alerts in Azure cloud? (Choose two.)
What is the order of steps in a Jenkins pipeline scan?
(Drag the steps into the correct order of occurrence, from the first step to the last.)
A customer wants to be notified about port scanning network activities in their environment. Which policy type detects this behavior?
An administrator wants to retrieve the compliance policies for images scanned in a continuous integration (CI) pipeline.
Which endpoint will successfully execute to enable access to the images via API?
When an alert notification from the alarm center is deleted, how many hours will a similar alarm be suppressed by default?
A customer has a requirement to automatically protect all Lambda functions with runtime protection. What is the process to automatically protect all the Lambda functions?
Which IAM Azure RQL query would correctly generate an output to view users who have sufficient permissions to create security groups within Azure AD and create applications?
Which ROL query is used to detect certain high-risk activities executed by a root user in AWS?
The development team wants to block Cross Site Scripting attacks from pods in its environment. How should the team construct the CNAF policy to protect against this attack?
Which three actions are required in order to use the automated method within Azure Cloud to streamline the process of using remediation in the identity and access management (IAM) module? (Choose three.)
What should be used to associate Prisma Cloud policies with compliance frameworks?
Which intensity setting for anomaly alerts is used for the measurement of 100 events over 30 days?
Prisma Cloud Compute has been installed on Onebox. After Prisma Cloud Console has been accessed. Defender is disconnected and keeps returning the error "No console connectivity" in the logs.
What could be causing the disconnection between Console and Defender in this scenario?
When configuring SSO how many IdP providers can be enabled for all the cloud accounts monitored by Prisma Cloud?
Cloud Security Engineer | PCCSE Questions Answers | PCCSE Test Prep | Prisma Certified Cloud Security Engineer Questions PDF | PCCSE Online Exam | PCCSE Practice Test | PCCSE PDF | PCCSE Test Questions | PCCSE Study Material | PCCSE Exam Preparation | PCCSE Valid Dumps | PCCSE Real Questions | Cloud Security Engineer PCCSE Exam Questions