Palo Alto Networks PCCSE Practice Test - Questions Answers, Page 10

Which API calls can scan an image named myimage: latest with twistcli and then retrieve the results from Console?

Given the following RQL:

event from cloud.audit_logs where operation IN ('CreateCryptoKey', 'DestroyCryptoKeyVersion', 'v1.compute.disks.createSnapshot')

Which audit event snippet is identified?

A)

B)

C)

D)

Which two of the following are required to be entered on the IdP side when setting up SSO in Prisma Cloud? (Choose two.)

An administrator sees that a runtime audit has been generated for a container.

The audit message is:

''/bin/ls launched and is explicitly blocked in the runtime rule. Full command: ls -latr''

Which protection in the runtime rule would cause this audit?

Which data security default policy is able to scan for vulnerabilities?

Which three fields are mandatory when authenticating the Prisma Cloud plugin in the IntelliJ application? (Choose three.)

Which of the following are correct statements regarding the use of access keys? (Choose two.)

The development team is building pods to host a web front end, and they want to protect these pods with an application firewall.

Which type of policy should be created to protect this pod from Layer7 attacks?

A manager informs the SOC that one or more RDS instances have been compromised and the SOC needs to make sure production RDS instances are NOT publicly accessible.

Which action should the SOC take to follow security best practices?